[SmartcardServices-Changes] [150] releases/Apple
source_changes at macosforge.org
source_changes at macosforge.org
Fri Aug 24 15:12:19 PDT 2012
Revision: 150
http://trac.macosforge.org/projects/smartcardservices/changeset/150
Author: geddis at apple.com
Date: 2012-08-24 15:12:18 -0700 (Fri, 24 Aug 2012)
Log Message:
-----------
importing
Added Paths:
-----------
releases/Apple/OSX-10.6.7/
releases/Apple/OSX-10.6.7/SmartCardServices-36160/
releases/Apple/OSX-10.6.7/SmartCardServices-36160/APPLE_LICENSE
releases/Apple/OSX-10.6.7/SmartCardServices-36160/Info-PCSC.plist
releases/Apple/OSX-10.6.7/SmartCardServices-36160/Makefile.installPhase
releases/Apple/OSX-10.6.7/SmartCardServices-36160/SmartCardServices.xcodeproj/
releases/Apple/OSX-10.6.7/SmartCardServices-36160/SmartCardServices.xcodeproj/project.pbxproj
releases/Apple/OSX-10.6.7/SmartCardServices-36160/installPhase/
releases/Apple/OSX-10.6.7/SmartCardServices-36160/installPhase/Extensions/
releases/Apple/OSX-10.6.7/SmartCardServices-36160/installPhase/drivers/
releases/Apple/OSX-10.6.7/SmartCardServices-36160/installPhase/drivers/ifd-ASEIIIeUSB.bundle/
releases/Apple/OSX-10.6.7/SmartCardServices-36160/installPhase/drivers/ifd-ASEIIIeUSB.bundle/Contents/
releases/Apple/OSX-10.6.7/SmartCardServices-36160/installPhase/drivers/ifd-ASEIIIeUSB.bundle/Contents/Info.plist
releases/Apple/OSX-10.6.7/SmartCardServices-36160/installPhase/drivers/ifd-ASEIIIeUSB.bundle/Contents/MacOS/
releases/Apple/OSX-10.6.7/SmartCardServices-36160/installPhase/drivers/ifd-ASEIIIeUSB.bundle/Contents/MacOS/ifd-ASEIIIeUSB
releases/Apple/OSX-10.6.7/SmartCardServices-36160/installPhase/man/
releases/Apple/OSX-10.6.7/SmartCardServices-36160/installPhase/man/pcscd.8
releases/Apple/OSX-10.6.7/SmartCardServices-36160/installPhase/man/pcsctest.8
releases/Apple/OSX-10.6.7/SmartCardServices-36160/installPhase/man/pcsctool.8
releases/Apple/OSX-10.6.7/SmartCardServices-36160/installPhase/man/sc_auth.8
releases/Apple/OSX-10.6.7/SmartCardServices-36160/installPhase/scripts/
releases/Apple/OSX-10.6.7/SmartCardServices-36160/installPhase/scripts/sc_auth
releases/Apple/OSX-10.6.7/SmartCardServices-36160/pbx/
releases/Apple/OSX-10.6.7/SmartCardServices-36160/pbx/config.h
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/PCSC.exp
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/PCSCDevice.cpp
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/PCSCDevice.h
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/PCSCDriverBundle.cpp
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/PCSCDriverBundle.h
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/PCSCDriverBundles.cpp
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/PCSCDriverBundles.h
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/atrhandler.c
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/atrhandler.h
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/config.h
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/configfile.c
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/configfile.h
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/configfile.l
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/debug.c
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/debug.h
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/debuglog.c
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/debuglog.h
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/driverparser.c
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/driverparser.l
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/dyn_generic.h
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/dyn_macosx.c
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/eventhandler.c
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/eventhandler.cpp
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/eventhandler.h
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/hotplug.h
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/hotplug_macosx.c
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/hotplug_macosx.cpp
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/ifdhandler.h
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/ifdwrapper.c
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/ifdwrapper.h
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/mscdefines.h
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/musclecard.c
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/musclecard.h
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/muscletest.c
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/pcscdaemon.c
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/pcscdmonitor.cpp
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/pcscdmonitor.h
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/pcscdserver.cpp
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/pcscdserver.h
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/pcscexport.h
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/pcsclite.h
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/powermgt_generic.h
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/powermgt_macosx.c
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/prothandler.c
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/prothandler.h
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/reader.cpp
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/reader.h
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/readerfactory.c
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/readerfactory.h
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/readerstate.cpp
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/readerstate.h
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/sys_generic.h
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/sys_macosx.cpp
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/sys_unix.c
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/testpcsc.c
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/thread_generic.h
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/thread_macosx.c
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/tokenfactory.c
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/tokenfactory.h
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/tokenparser.c
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/tokenparser.l
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/utils/
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/utils/bundleTool.c
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/winscard.c
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/winscard.h
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/winscard_clnt.c
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/winscard_msg.c
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/winscard_msg.cpp
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/winscard_msg.h
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/winscard_msg_srv.c
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/winscard_svc.c
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/winscard_svc.h
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/wintypes.h
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/xiodevices.cpp
releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/xiodevices.h
releases/Apple/OSX-10.6.7/SmartcardCCID-35253/
releases/Apple/OSX-10.6.7/SmartcardCCID-35253/Makefile
releases/Apple/OSX-10.6.7/SmartcardCCID-35253/ccid/
releases/Apple/OSX-10.6.7/SmartcardCCID-35253/ccid/Makefile
releases/Apple/OSX-10.6.7/SmartcardCCID-35253/ccid/ccid-1.3.8.tar.bz2
releases/Apple/OSX-10.6.7/SmartcardCCID-35253/ccid/ccid.plist
releases/Apple/OSX-10.6.7/SmartcardCCID-35253/ccid/files/
releases/Apple/OSX-10.6.7/SmartcardCCID-35253/ccid/files/ForceWithoutPcsc.patch
releases/Apple/OSX-10.6.7/SmartcardCCID-35253/ccid/files/ccid-info-plist.patch
releases/Apple/OSX-10.6.7/SmartcardCCID-35253/ccid/files/destDirFix.patch
releases/Apple/OSX-10.6.7/SmartcardCCID-35253/ccid/files/osxConfigure.patch
releases/Apple/OSX-10.6.7/SmartcardCCID-35253/libusb/
releases/Apple/OSX-10.6.7/SmartcardCCID-35253/libusb/Makefile
releases/Apple/OSX-10.6.7/SmartcardCCID-35253/libusb/files/
releases/Apple/OSX-10.6.7/SmartcardCCID-35253/libusb/files/FixConfigureAddCPP.patch
releases/Apple/OSX-10.6.7/SmartcardCCID-35253/libusb/files/remove_config_libdir.patch
releases/Apple/OSX-10.6.7/SmartcardCCID-35253/libusb/files/skipConfigure.patch
releases/Apple/OSX-10.6.7/SmartcardCCID-35253/libusb/libusb-0.1.13b.tar.gz
releases/Apple/OSX-10.6.7/SmartcardCCID-35253/libusb/libusb.plist
releases/Apple/OSX-10.6.7/Tokend-40596/
releases/Apple/OSX-10.6.7/Tokend-40596/APPLE_LICENSE
releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/
releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/BELPICAttributeCoder.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/BELPICAttributeCoder.h
releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/BELPICError.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/BELPICError.h
releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/BELPICKeyHandle.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/BELPICKeyHandle.h
releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/BELPICRecord.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/BELPICRecord.h
releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/BELPICSchema.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/BELPICSchema.h
releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/BELPICToken.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/BELPICToken.h
releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/Info.plist
releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/belpic.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/mds/
releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/mds/belpic_csp_capabilities.mdsinfo
releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/mds/belpic_csp_capabilities_common.mds
releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/mds/belpic_csp_primary.mdsinfo
releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/mds/belpic_dl_primary.mdsinfo
releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/mds/belpic_smartcard.mdsinfo
releases/Apple/OSX-10.6.7/Tokend-40596/CAC/
releases/Apple/OSX-10.6.7/Tokend-40596/CAC/CACAttributeCoder.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/CAC/CACAttributeCoder.h
releases/Apple/OSX-10.6.7/Tokend-40596/CAC/CACError.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/CAC/CACError.h
releases/Apple/OSX-10.6.7/Tokend-40596/CAC/CACKeyHandle.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/CAC/CACKeyHandle.h
releases/Apple/OSX-10.6.7/Tokend-40596/CAC/CACRecord.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/CAC/CACRecord.h
releases/Apple/OSX-10.6.7/Tokend-40596/CAC/CACSchema.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/CAC/CACSchema.h
releases/Apple/OSX-10.6.7/Tokend-40596/CAC/CACToken.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/CAC/CACToken.h
releases/Apple/OSX-10.6.7/Tokend-40596/CAC/Info.plist
releases/Apple/OSX-10.6.7/Tokend-40596/CAC/cac.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/CAC/mds/
releases/Apple/OSX-10.6.7/Tokend-40596/CAC/mds/cac_csp_capabilities.mdsinfo
releases/Apple/OSX-10.6.7/Tokend-40596/CAC/mds/cac_csp_capabilities_common.mds
releases/Apple/OSX-10.6.7/Tokend-40596/CAC/mds/cac_csp_primary.mdsinfo
releases/Apple/OSX-10.6.7/Tokend-40596/CAC/mds/cac_dl_primary.mdsinfo
releases/Apple/OSX-10.6.7/Tokend-40596/CAC/mds/cac_smartcard.mdsinfo
releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/
releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGApplet.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGApplet.h
releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGAttributeCoder.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGAttributeCoder.h
releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGError.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGError.h
releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGKeyHandle.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGKeyHandle.h
releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGRecord.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGRecord.h
releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGSchema.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGSchema.h
releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGToken.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGToken.h
releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CompressionTool.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CompressionTool.h
releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/Info.plist
releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/Padding.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/Padding.h
releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/TLV.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/TLV.h
releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/TLVTemplates.h
releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/byte_string.h
releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/cacng.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/mds/
releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/mds/cacng_csp_capabilities.mdsinfo
releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/mds/cacng_csp_capabilities_common.mds
releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/mds/cacng_csp_primary.mdsinfo
releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/mds/cacng_dl_primary.mdsinfo
releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/mds/cacng_smartcard.mdsinfo
releases/Apple/OSX-10.6.7/Tokend-40596/ChangeLog
releases/Apple/OSX-10.6.7/Tokend-40596/Info-tokend__Upgraded_.plist
releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/
releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Info.plist
releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/KeyRecord.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/KeyRecord.h
releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/
releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscACL.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscACL.h
releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscError.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscError.h
releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscKey.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscKey.h
releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscObject.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscObject.h
releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscPIN.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscPIN.h
releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscToken.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscToken.h
releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscTokenConnection.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscTokenConnection.h
releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscWrappers.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscWrappers.h
releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/MuscleCardAttributeCoder.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/MuscleCardAttributeCoder.h
releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/MuscleCardKeyHandle.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/MuscleCardKeyHandle.h
releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/MuscleCardSchema.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/MuscleCardSchema.h
releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/MuscleCardToken.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/MuscleCardToken.h
releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/TokenRecord.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/TokenRecord.h
releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/mds/
releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/mds/musclecard_csp_capabilities.mdsinfo
releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/mds/musclecard_csp_capabilities_common.mds
releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/mds/musclecard_csp_primary.mdsinfo
releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/mds/musclecard_dl_primary.mdsinfo
releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/mds/musclecard_smartcard.mdsinfo
releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/musclecard.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/PIV/
releases/Apple/OSX-10.6.7/Tokend-40596/PIV/Info.plist
releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVAttributeCoder.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVAttributeCoder.h
releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVCCC.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVCCC.h
releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVDefines.h
releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVError.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVError.h
releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVKeyHandle.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVKeyHandle.h
releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVRecord.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVRecord.h
releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVSchema.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVSchema.h
releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVToken.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVToken.h
releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVUtilities.h
releases/Apple/OSX-10.6.7/Tokend-40596/PIV/Padding.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/PIV/Padding.h
releases/Apple/OSX-10.6.7/Tokend-40596/PIV/SecureBufferAllocator.h
releases/Apple/OSX-10.6.7/Tokend-40596/PIV/SecureBufferAllocator.inc
releases/Apple/OSX-10.6.7/Tokend-40596/PIV/TLV.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/PIV/TLV.h
releases/Apple/OSX-10.6.7/Tokend-40596/PIV/TLV.inc
releases/Apple/OSX-10.6.7/Tokend-40596/PIV/byte_string.h
releases/Apple/OSX-10.6.7/Tokend-40596/PIV/mds/
releases/Apple/OSX-10.6.7/Tokend-40596/PIV/mds/piv_csp_capabilities.mdsinfo
releases/Apple/OSX-10.6.7/Tokend-40596/PIV/mds/piv_csp_capabilities_common.mds
releases/Apple/OSX-10.6.7/Tokend-40596/PIV/mds/piv_csp_primary.mdsinfo
releases/Apple/OSX-10.6.7/Tokend-40596/PIV/mds/piv_dl_primary.mdsinfo
releases/Apple/OSX-10.6.7/Tokend-40596/PIV/mds/piv_smartcard.mdsinfo
releases/Apple/OSX-10.6.7/Tokend-40596/PIV/piv.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Adornment.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Adornment.h
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Attribute.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Attribute.h
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/AttributeCoder.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/AttributeCoder.h
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Cursor.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Cursor.h
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/DbValue.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/DbValue.h
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/KeyHandle.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/KeyHandle.h
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/MetaAttribute.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/MetaAttribute.h
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/MetaRecord.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/MetaRecord.h
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/PKCS11Object.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/PKCS11Object.h
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Record.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Record.h
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/RecordHandle.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/RecordHandle.h
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Relation.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Relation.h
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/SCardError.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/SCardError.h
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Schema.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Schema.h
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/SelectionPredicate.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/SelectionPredicate.h
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Token.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Token.h
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/TokenContext.cpp
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/TokenContext.h
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/project.pbxproj
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/project.xcworkspace/
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/project.xcworkspace/contents.xcworkspacedata
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/project.xcworkspace/xcuserdata/
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/project.xcworkspace/xcuserdata/geddis.xcuserdatad/
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/project.xcworkspace/xcuserdata/geddis.xcuserdatad/UserInterfaceState.xcuserstate
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/xcuserdata/
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/xcuserdata/geddis.xcuserdatad/
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/xcuserdata/geddis.xcuserdatad/xcschemes/
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/xcuserdata/geddis.xcuserdatad/xcschemes/BELPIC.xcscheme
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/xcuserdata/geddis.xcuserdatad/xcschemes/CAC.xcscheme
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/xcuserdata/geddis.xcuserdatad/xcschemes/CACNG.xcscheme
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/xcuserdata/geddis.xcuserdatad/xcschemes/MuscleCard.xcscheme
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/xcuserdata/geddis.xcuserdatad/xcschemes/PIV.xcscheme
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/xcuserdata/geddis.xcuserdatad/xcschemes/libtokend.xcscheme
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/xcuserdata/geddis.xcuserdatad/xcschemes/tokend.xcscheme
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/xcuserdata/geddis.xcuserdatad/xcschemes/world.xcscheme
releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/xcuserdata/geddis.xcuserdatad/xcschemes/xcschememanagement.plist
releases/Apple/OSX-10.6.7/Tokend-40596/testcms.sh
releases/Apple/OSX-10.6.7/Tokend-40596/testssl.sh
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/APPLE_LICENSE
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/APPLE_LICENSE (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/APPLE_LICENSE 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,372 @@
+APPLE PUBLIC SOURCE LICENSE
+Version 1.1 - April 19,1999
+
+Please read this License carefully before downloading this software.
+By downloading and using this software, you are agreeing to be bound
+by the terms of this License. If you do not or cannot agree to the
+terms of this License, please do not download or use the software.
+
+1. General; Definitions. This License applies to any program or other
+work which Apple Computer, Inc. ("Apple") publicly announces as
+subject to this Apple Public Source License and which contains a
+notice placed by Apple identifying such program or work as "Original
+Code" and stating that it is subject to the terms of this Apple Public
+Source License version 1.1 (or subsequent version thereof), as it may
+be revised from time to time by Apple ("License"). As used in this
+License:
+
+1.1 "Affected Original Code" means only those specific portions of
+Original Code that allegedly infringe upon any party's intellectual
+property rights or are otherwise the subject of a claim of
+infringement.
+
+1.2 "Applicable Patent Rights" mean: (a) in the case where Apple is
+the grantor of rights, (i) claims of patents that are now or hereafter
+acquired, owned by or assigned to Apple and (ii) that cover subject
+matter contained in the Original Code, but only to the extent
+necessary to use, reproduce and/or distribute the Original Code
+without infringement; and (b) in the case where You are the grantor of
+rights, (i) claims of patents that are now or hereafter acquired,
+owned by or assigned to You and (ii) that cover subject matter in Your
+Modifications, taken alone or in combination with Original Code.
+
+1.3 "Covered Code" means the Original Code, Modifications, the
+combination of Original Code and any Modifications, and/or any
+respective portions thereof.
+
+1.4 "Deploy" means to use, sublicense or distribute Covered Code other
+than for Your internal research and development (R&D), and includes
+without limitation, any and all internal use or distribution of
+Covered Code within Your business or organization except for R&D use,
+as well as direct or indirect sublicensing or distribution of Covered
+Code by You to any third party in any form or manner.
+
+1.5 "Larger Work" means a work which combines Covered Code or portions
+thereof with code not governed by the terms of this License.
+
+1.6 "Modifications" mean any addition to, deletion from, and/or change
+to, the substance and/or structure of Covered Code. When code is
+released as a series of files, a Modification is: (a) any addition to
+or deletion from the contents of a file containing Covered Code;
+and/or (b) any new file or other representation of computer program
+statements that contains any part of Covered Code.
+
+1.7 "Original Code" means (a) the Source Code of a program or other
+work as originally made available by Apple under this License,
+including the Source Code of any updates or upgrades to such programs
+or works made available by Apple under this License, and that has been
+expressly identified by Apple as such in the header file(s) of such
+work; and (b) the object code compiled from such Source Code and
+originally made available by Apple under this License.
+
+1.8 "Source Code" means the human readable form of a program or other
+work that is suitable for making modifications to it, including all
+modules it contains, plus any associated interface definition files,
+scripts used to control compilation and installation of an executable
+(object code).
+
+1.9 "You" or "Your" means an individual or a legal entity exercising
+rights under this License. For legal entities, "You" or "Your"
+includes any entity which controls, is controlled by, or is under
+common control with, You, where "control" means (a) the power, direct
+or indirect, to cause the direction or management of such entity,
+whether by contract or otherwise, or (b) ownership of fifty percent
+(50%) or more of the outstanding shares or beneficial ownership of
+such entity.
+
+2. Permitted Uses; Conditions & Restrictions. Subject to the terms
+and conditions of this License, Apple hereby grants You, effective on
+the date You accept this License and download the Original Code, a
+world-wide, royalty-free, non- exclusive license, to the extent of
+Apple's Applicable Patent Rights and copyrights covering the Original
+Code, to do the following:
+
+2.1 You may use, copy, modify and distribute Original Code, with or
+without Modifications, solely for Your internal research and
+development, provided that You must in each instance:
+
+(a) retain and reproduce in all copies of Original Code the copyright
+and other proprietary notices and disclaimers of Apple as they appear
+in the Original Code, and keep intact all notices in the Original Code
+that refer to this License;
+
+(b) include a copy of this License with every copy of Source Code of
+Covered Code and documentation You distribute, and You may not offer
+or impose any terms on such Source Code that alter or restrict this
+License or the recipients' rights hereunder, except as permitted under
+Section 6; and
+
+(c) completely and accurately document all Modifications that you have
+made and the date of each such Modification, designate the version of
+the Original Code you used, prominently include a file carrying such
+information with the Modifications, and duplicate the notice in
+Exhibit A in each file of the Source Code of all such Modifications.
+
+2.2 You may Deploy Covered Code, provided that You must in each
+ instance:
+
+(a) satisfy all the conditions of Section 2.1 with respect to the
+Source Code of the Covered Code;
+
+(b) make all Your Deployed Modifications publicly available in Source
+Code form via electronic distribution (e.g. download from a web site)
+under the terms of this License and subject to the license grants set
+forth in Section 3 below, and any additional terms You may choose to
+offer under Section 6. You must continue to make the Source Code of
+Your Deployed Modifications available for as long as you Deploy the
+Covered Code or twelve (12) months from the date of initial
+Deployment, whichever is longer;
+
+(c) if You Deploy Covered Code containing Modifications made by You,
+inform others of how to obtain those Modifications by filling out and
+submitting the information found at
+http://www.apple.com/publicsource/modifications.html, if available;
+and
+
+(d) if You Deploy Covered Code in object code, executable form only,
+include a prominent notice, in the code itself as well as in related
+documentation, stating that Source Code of the Covered Code is
+available under the terms of this License with information on how and
+where to obtain such Source Code.
+
+3. Your Grants. In consideration of, and as a condition to, the
+licenses granted to You under this License:
+
+(a) You hereby grant to Apple and all third parties a non-exclusive,
+royalty-free license, under Your Applicable Patent Rights and other
+intellectual property rights owned or controlled by You, to use,
+reproduce, modify, distribute and Deploy Your Modifications of the
+same scope and extent as Apple's licenses under Sections 2.1 and 2.2;
+and
+
+(b) You hereby grant to Apple and its subsidiaries a non-exclusive,
+worldwide, royalty-free, perpetual and irrevocable license, under Your
+Applicable Patent Rights and other intellectual property rights owned
+or controlled by You, to use, reproduce, execute, compile, display,
+perform, modify or have modified (for Apple and/or its subsidiaries),
+sublicense and distribute Your Modifications, in any form, through
+multiple tiers of distribution.
+
+4. Larger Works. You may create a Larger Work by combining Covered
+Code with other code not governed by the terms of this License and
+distribute the Larger Work as a single product. In each such
+instance, You must make sure the requirements of this License are
+fulfilled for the Covered Code or any portion thereof.
+
+5. Limitations on Patent License. Except as expressly stated in
+Section 2, no other patent rights, express or implied, are granted by
+Apple herein. Modifications and/or Larger Works may require
+additional patent licenses from Apple which Apple may grant in its
+sole discretion.
+
+6. Additional Terms. You may choose to offer, and to charge a fee
+for, warranty, support, indemnity or liability obligations and/or
+other rights consistent with the scope of the license granted herein
+("Additional Terms") to one or more recipients of Covered
+Code. However, You may do so only on Your own behalf and as Your sole
+responsibility, and not on behalf of Apple. You must obtain the
+recipient's agreement that any such Additional Terms are offered by
+You alone, and You hereby agree to indemnify, defend and hold Apple
+harmless for any liability incurred by or claims asserted against
+Apple by reason of any such Additional Terms.
+
+7. Versions of the License. Apple may publish revised and/or new
+versions of this License from time to time. Each version will be
+given a distinguishing version number. Once Original Code has been
+published under a particular version of this License, You may continue
+to use it under the terms of that version. You may also choose to use
+such Original Code under the terms of any subsequent version of this
+License published by Apple. No one other than Apple has the right to
+modify the terms applicable to Covered Code created under this
+License.
+
+8. NO WARRANTY OR SUPPORT. The Original Code may contain in whole or
+in part pre-release, untested, or not fully tested works. The
+Original Code may contain errors that could cause failures or loss of
+data, and may be incomplete or contain inaccuracies. You expressly
+acknowledge and agree that use of the Original Code, or any portion
+thereof, is at Your sole and entire risk. THE ORIGINAL CODE IS
+PROVIDED "AS IS" AND WITHOUT WARRANTY, UPGRADES OR SUPPORT OF ANY KIND
+AND APPLE AND APPLE'S LICENSOR(S) (FOR THE PURPOSES OF SECTIONS 8 AND
+9, APPLE AND APPLE'S LICENSOR(S) ARE COLLECTIVELY REFERRED TO AS
+"APPLE") EXPRESSLY DISCLAIM ALL WARRANTIES AND/OR CONDITIONS, EXPRESS
+OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+AND/OR CONDITIONS OF MERCHANTABILITY OR SATISFACTORY QUALITY AND
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY
+RIGHTS. APPLE DOES NOT WARRANT THAT THE FUNCTIONS CONTAINED IN THE
+ORIGINAL CODE WILL MEET YOUR REQUIREMENTS, OR THAT THE OPERATION OF
+THE ORIGINAL CODE WILL BE UNINTERRUPTED OR ERROR- FREE, OR THAT
+DEFECTS IN THE ORIGINAL CODE WILL BE CORRECTED. NO ORAL OR WRITTEN
+INFORMATION OR ADVICE GIVEN BY APPLE OR AN APPLE AUTHORIZED
+REPRESENTATIVE SHALL CREATE A WARRANTY OR IN ANY WAY INCREASE THE
+SCOPE OF THIS WARRANTY. You acknowledge that the Original Code is not
+intended for use in the operation of nuclear facilities, aircraft
+navigation, communication systems, or air traffic control machines in
+which case the failure of the Original Code could lead to death,
+personal injury, or severe physical or environmental damage.
+
+9. Liability.
+
+9.1 Infringement. If any portion of, or functionality implemented by,
+the Original Code becomes the subject of a claim of infringement,
+Apple may, at its option: (a) attempt to procure the rights necessary
+for Apple and You to continue using the Affected Original Code; (b)
+modify the Affected Original Code so that it is no longer infringing;
+or (c) suspend Your rights to use, reproduce, modify, sublicense and
+distribute the Affected Original Code until a final determination of
+the claim is made by a court or governmental administrative agency of
+competent jurisdiction and Apple lifts the suspension as set forth
+below. Such suspension of rights will be effective immediately upon
+Apple's posting of a notice to such effect on the Apple web site that
+is used for implementation of this License. Upon such final
+determination being made, if Apple is legally able, without the
+payment of a fee or royalty, to resume use, reproduction,
+modification, sublicensing and distribution of the Affected Original
+Code, Apple will lift the suspension of rights to the Affected
+Original Code by posting a notice to such effect on the Apple web site
+that is used for implementation of this License. If Apple suspends
+Your rights to Affected Original Code, nothing in this License shall
+be construed to restrict You, at Your option and subject to applicable
+law, from replacing the Affected Original Code with non-infringing
+code or independently negotiating for necessary rights from such third
+party.
+
+9.2 LIMITATION OF LIABILITY. UNDER NO CIRCUMSTANCES SHALL APPLE BE
+LIABLE FOR ANY INCIDENTAL, SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES
+ARISING OUT OF OR RELATING TO THIS LICENSE OR YOUR USE OR INABILITY TO
+USE THE ORIGINAL CODE, OR ANY PORTION THEREOF, WHETHER UNDER A THEORY
+OF CONTRACT, WARRANTY, TORT (INCLUDING NEGLIGENCE), PRODUCTS LIABILITY
+OR OTHERWISE, EVEN IF APPLE HAS BEEN ADVISED OF THE POSSIBILITY OF
+SUCH DAMAGES AND NOTWITHSTANDING THE FAILURE OF ESSENTIAL PURPOSE OF
+ANY REMEDY. In no event shall Apple's total liability to You for all
+damages under this License exceed the amount of fifty dollars
+($50.00).
+
+10. Trademarks. This License does not grant any rights to use the
+trademarks or trade names "Apple", "Apple Computer", "Mac OS X", "Mac
+OS X Server" or any other trademarks or trade names belonging to Apple
+(collectively "Apple Marks") and no Apple Marks may be used to endorse
+or promote products derived from the Original Code other than as
+permitted by and in strict compliance at all times with Apple's third
+party trademark usage guidelines which are posted at
+http://www.apple.com/legal/guidelinesfor3rdparties.html.
+
+11. Ownership. Apple retains all rights, title and interest in and to
+the Original Code and any Modifications made by or on behalf of Apple
+("Apple Modifications"), and such Apple Modifications will not be
+automatically subject to this License. Apple may, at its sole
+discretion, choose to license such Apple Modifications under this
+License, or on different terms from those contained in this License or
+may choose not to license them at all. Apple's development, use,
+reproduction, modification, sublicensing and distribution of Covered
+Code will not be subject to this License.
+
+12. Termination.
+
+12.1 Termination. This License and the rights granted hereunder will
+ terminate:
+
+(a) automatically without notice from Apple if You fail to comply with
+any term(s) of this License and fail to cure such breach within 30
+days of becoming aware of such breach; (b) immediately in the event of
+the circumstances described in Section 13.5(b); or (c) automatically
+without notice from Apple if You, at any time during the term of this
+License, commence an action for patent infringement against Apple.
+
+12.2 Effect of Termination. Upon termination, You agree to
+immediately stop any further use, reproduction, modification,
+sublicensing and distribution of the Covered Code and to destroy all
+copies of the Covered Code that are in your possession or control.
+All sublicenses to the Covered Code which have been properly granted
+prior to termination shall survive any termination of this License.
+Provisions which, by their nature, should remain in effect beyond the
+termination of this License shall survive, including but not limited
+to Sections 3, 5, 8, 9, 10, 11, 12.2 and 13. Neither party will be
+liable to the other for compensation, indemnity or damages of any sort
+solely as a result of terminating this License in accordance with its
+terms, and termination of this License will be without prejudice to
+any other right or remedy of either party.
+
+13. Miscellaneous.
+
+13.1 Government End Users. The Covered Code is a "commercial item" as
+defined in FAR 2.101. Government software and technical data rights
+in the Covered Code include only those rights customarily provided to
+the public as defined in this License. This customary commercial
+license in technical data and software is provided in accordance with
+FAR 12.211 (Technical Data) and 12.212 (Computer Software) and, for
+Department of Defense purchases, DFAR 252.227-7015 (Technical Data --
+Commercial Items) and 227.7202-3 (Rights in Commercial Computer
+Software or Computer Software Documentation). Accordingly, all U.S.
+Government End Users acquire Covered Code with only those rights set
+forth herein.
+
+13.2 Relationship of Parties. This License will not be construed as
+creating an agency, partnership, joint venture or any other form of
+legal association between You and Apple, and You will not represent to
+the contrary, whether expressly, by implication, appearance or
+otherwise.
+
+13.3 Independent Development. Nothing in this License will impair
+Apple's right to acquire, license, develop, have others develop for
+it, market and/or distribute technology or products that perform the
+same or similar functions as, or otherwise compete with,
+Modifications, Larger Works, technology or products that You may
+develop, produce, market or distribute.
+
+13.4 Waiver; Construction. Failure by Apple to enforce any provision
+of this License will not be deemed a waiver of future enforcement of
+that or any other provision. Any law or regulation which provides
+that the language of a contract shall be construed against the drafter
+will not apply to this License.
+
+13.5 Severability. (a) If for any reason a court of competent
+jurisdiction finds any provision of this License, or portion thereof,
+to be unenforceable, that provision of the License will be enforced to
+the maximum extent permissible so as to effect the economic benefits
+and intent of the parties, and the remainder of this License will
+continue in full force and effect. (b) Notwithstanding the foregoing,
+if applicable law prohibits or restricts You from fully and/or
+specifically complying with Sections 2 and/or 3 or prevents the
+enforceability of either of those Sections, this License will
+immediately terminate and You must immediately discontinue any use of
+the Covered Code and destroy all copies of it that are in your
+possession or control.
+
+13.6 Dispute Resolution. Any litigation or other dispute resolution
+between You and Apple relating to this License shall take place in the
+Northern District of California, and You and Apple hereby consent to
+the personal jurisdiction of, and venue in, the state and federal
+courts within that District with respect to this License. The
+application of the United Nations Convention on Contracts for the
+International Sale of Goods is expressly excluded.
+
+13.7 Entire Agreement; Governing Law. This License constitutes the
+entire agreement between the parties with respect to the subject
+matter hereof. This License shall be governed by the laws of the
+United States and the State of California, except that body of
+California law concerning conflicts of law.
+
+Where You are located in the province of Quebec, Canada, the following
+clause applies: The parties hereby confirm that they have requested
+that this License and all related documents be drafted in English. Les
+parties ont exige que le present contrat et tous les documents
+connexes soient rediges en anglais.
+
+EXHIBIT A.
+
+"Portions Copyright (c) 1999-2000 Apple Computer, Inc. All Rights
+Reserved. This file contains Original Code and/or Modifications of
+Original Code as defined in and that are subject to the Apple Public
+Source License Version 1.1 (the "License"). You may not use this file
+except in compliance with the License. Please obtain a copy of the
+License at http://www.apple.com/publicsource and read it before using
+this file.
+
+The Original Code and all software distributed under the License are
+distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE OR NON- INFRINGEMENT. Please see the
+License for the specific language governing rights and limitations
+under the License."
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/Info-PCSC.plist
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/Info-PCSC.plist (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/Info-PCSC.plist 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,26 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+ <key>CFBundleDevelopmentRegion</key>
+ <string>English</string>
+ <key>CFBundleExecutable</key>
+ <string>PCSC</string>
+ <key>CFBundleIconFile</key>
+ <string></string>
+ <key>CFBundleIdentifier</key>
+ <string>com.apple.pcsc</string>
+ <key>CFBundleInfoDictionaryVersion</key>
+ <string>7.0</string>
+ <key>CFBundleName</key>
+ <string>PCSC</string>
+ <key>CFBundlePackageType</key>
+ <string>FMWK</string>
+ <key>CFBundleShortVersionString</key>
+ <string>7.0</string>
+ <key>CFBundleSignature</key>
+ <string>????</string>
+ <key>CFBundleVersion</key>
+ <string>36160</string>
+</dict>
+</plist>
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/Makefile.installPhase
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/Makefile.installPhase (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/Makefile.installPhase 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,81 @@
+# The other phases do nothing
+
+MAN_DIR=$(DSTROOT)/usr/share/man/man8
+PCSCDIR=$(DSTROOT)/usr/libexec/SmartCardServices
+PKCS11_DIR=$(DSTROOT)/Library/Application\ Support/Mozilla/
+EXTENSIONS_DIR=$(DSTROOT)/System/Library/Extensions
+SCRIPTS_LOCATION=$(DSTROOT)/usr/sbin
+
+build:
+ @echo null build.
+
+debug:
+ @echo null debug.
+
+profile:
+ @echo null profile.
+
+install:
+ mkdir -p $(PCSCDIR)
+ mkdir -p $(PCSCDIR)/drivers
+ mkdir -p $(PCSCDIR)/services
+ chmod 755 $(PCSCDIR)
+ cp -r installPhase/drivers/*.bundle $(PCSCDIR)/drivers/
+ -rm -rf $(PCSCDIR)/drivers/*.bundle/CVS
+ -rm -rf $(PCSCDIR)/drivers/*.bundle/Contents/CVS
+ -rm -rf $(PCSCDIR)/drivers/*.bundle/Contents/MacOS/CVS
+ chmod 755 $(PCSCDIR)/drivers/*.bundle
+ chmod 755 $(PCSCDIR)/drivers/*.bundle/Contents
+ chmod 755 $(PCSCDIR)/drivers/*.bundle/Contents/MacOS
+ chmod 644 $(PCSCDIR)/drivers/*.bundle/Contents/*.*
+ chmod 644 $(PCSCDIR)/drivers/*.bundle/Contents/MacOS/*
+ /usr/bin/strip -S $(PCSCDIR)/drivers/*.bundle/Contents/MacOS/*
+ifdef haveExtensions
+ mkdir -p $(EXTENSIONS_DIR)
+ chmod 755 $(DSTROOT)/System
+ chmod 755 $(DSTROOT)/System/Library
+ chmod 755 $(EXTENSIONS_DIR)
+ cp -r installPhase/Extensions/*.kext $(EXTENSIONS_DIR)/
+ -rm -rf $(EXTENSIONS_DIR)/*.kext/CVS
+ -rm -rf $(EXTENSIONS_DIR)/*.kext/Contents/CVS
+ -rm -rf $(EXTENSIONS_DIR)/*.kext/Contents/MacOS/CVS
+ -rm -rf $(EXTENSIONS_DIR)/*.kext/Contents/Resources/CVS
+ -rm -rf $(EXTENSIONS_DIR)/*.kext/Contents/Resources/*.lproj/CVS
+ chmod 755 $(EXTENSIONS_DIR)/*.kext
+ chmod 755 $(EXTENSIONS_DIR)/*.kext/Contents
+ chmod 755 $(EXTENSIONS_DIR)/*.kext/Contents/MacOS
+ -chmod 755 $(EXTENSIONS_DIR)/*.kext/Contents/Resources
+ -chmod 755 $(EXTENSIONS_DIR)/*.kext/Contents/Resources/*.lproj
+ chmod 644 $(EXTENSIONS_DIR)/*.kext/Contents/*.*
+ chmod 644 $(EXTENSIONS_DIR)/*.kext/Contents/MacOS/*
+ -chmod 644 $(EXTENSIONS_DIR)/*.kext/Contents/Resources/*.lproj/*.*
+ /usr/bin/strip -S $(EXTENSIONS_DIR)/*.kext/Contents/MacOS/*
+endif
+
+ mkdir -p $(SCRIPTS_LOCATION)
+
+ cp installPhase/scripts/sc_auth $(SCRIPTS_LOCATION)
+ chown root:wheel $(SCRIPTS_LOCATION)/sc_auth
+ chmod 755 $(SCRIPTS_LOCATION)/sc_auth
+
+# Copy over man pages
+
+ mkdir -p $(MAN_DIR)
+ cp installPhase/man/pcscd.8 $(MAN_DIR)
+ cp installPhase/man/pcsctool.8 $(MAN_DIR)
+ cp installPhase/man/pcsctest.8 $(MAN_DIR)
+ cp installPhase/man/sc_auth.8 $(MAN_DIR)
+ chown root:wheel $(MAN_DIR)/sc_auth.8
+
+# Deleting CVS subdirectories from the copy phase
+
+ rm -rf `find $(PCSCDIR)/drivers -name CVS`
+
+installhdrs:
+ @echo null installhdrs.
+
+installsrc:
+ @echo null installsrc.
+
+clean:
+ @echo null clean.
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/SmartCardServices.xcodeproj/project.pbxproj
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/SmartCardServices.xcodeproj/project.pbxproj (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/SmartCardServices.xcodeproj/project.pbxproj 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,1560 @@
+// !$*UTF8*$!
+{
+ archiveVersion = 1;
+ classes = {
+ };
+ objectVersion = 42;
+ objects = {
+
+/* Begin PBXAggregateTarget section */
+ 5234B66B0E78286000F02D95 /* World */ = {
+ isa = PBXAggregateTarget;
+ buildConfigurationList = 5234B6780E78286000F02D95 /* Build configuration list for PBXAggregateTarget "World" */;
+ buildPhases = (
+ );
+ dependencies = (
+ 5234B72F0E78286000F02D95 /* PBXTargetDependency */,
+ 5234B7310E78286000F02D95 /* PBXTargetDependency */,
+ 5234B7330E78286000F02D95 /* PBXTargetDependency */,
+ 5234B7350E78286000F02D95 /* PBXTargetDependency */,
+ 5234B7390E78286000F02D95 /* PBXTargetDependency */,
+ );
+ name = World;
+ productName = World;
+ };
+/* End PBXAggregateTarget section */
+
+/* Begin PBXBuildFile section */
+ 5234B67F0E78286000F02D95 /* atrhandler.h in Headers */ = {isa = PBXBuildFile; fileRef = F52A948F0254242101B94B21 /* atrhandler.h */; };
+ 5234B6800E78286000F02D95 /* configfile.h in Headers */ = {isa = PBXBuildFile; fileRef = F52A94910254242101B94B21 /* configfile.h */; };
+ 5234B6810E78286000F02D95 /* debuglog.h in Headers */ = {isa = PBXBuildFile; fileRef = F52A94930254242101B94B21 /* debuglog.h */; };
+ 5234B6820E78286000F02D95 /* dyn_generic.h in Headers */ = {isa = PBXBuildFile; fileRef = F52A94940254242101B94B21 /* dyn_generic.h */; };
+ 5234B6830E78286000F02D95 /* eventhandler.h in Headers */ = {isa = PBXBuildFile; fileRef = F52A94970254242101B94B21 /* eventhandler.h */; };
+ 5234B6840E78286000F02D95 /* hotplug.h in Headers */ = {isa = PBXBuildFile; fileRef = F52A94990254242101B94B21 /* hotplug.h */; };
+ 5234B6850E78286000F02D95 /* ifdhandler.h in Headers */ = {isa = PBXBuildFile; fileRef = F52A949A0254242101B94B21 /* ifdhandler.h */; };
+ 5234B6860E78286000F02D95 /* ifdwrapper.h in Headers */ = {isa = PBXBuildFile; fileRef = F52A949C0254242101B94B21 /* ifdwrapper.h */; };
+ 5234B6870E78286000F02D95 /* pcsclite.h in Headers */ = {isa = PBXBuildFile; fileRef = F52A949E0254242101B94B21 /* pcsclite.h */; };
+ 5234B6880E78286000F02D95 /* prothandler.h in Headers */ = {isa = PBXBuildFile; fileRef = F52A94A00254242101B94B21 /* prothandler.h */; };
+ 5234B6890E78286000F02D95 /* readerfactory.h in Headers */ = {isa = PBXBuildFile; fileRef = F52A94A20254242101B94B21 /* readerfactory.h */; };
+ 5234B68A0E78286000F02D95 /* sys_generic.h in Headers */ = {isa = PBXBuildFile; fileRef = F52A94A30254242101B94B21 /* sys_generic.h */; };
+ 5234B68B0E78286000F02D95 /* thread_generic.h in Headers */ = {isa = PBXBuildFile; fileRef = F52A94A50254242101B94B21 /* thread_generic.h */; };
+ 5234B68C0E78286000F02D95 /* winscard_msg.h in Headers */ = {isa = PBXBuildFile; fileRef = F52A94A80254242101B94B21 /* winscard_msg.h */; };
+ 5234B68D0E78286000F02D95 /* winscard_svc.h in Headers */ = {isa = PBXBuildFile; fileRef = F52A94AA0254242101B94B21 /* winscard_svc.h */; };
+ 5234B68E0E78286000F02D95 /* winscard.h in Headers */ = {isa = PBXBuildFile; fileRef = F52A94AC0254242101B94B21 /* winscard.h */; };
+ 5234B68F0E78286000F02D95 /* wintypes.h in Headers */ = {isa = PBXBuildFile; fileRef = F52A94AD0254242101B94B21 /* wintypes.h */; };
+ 5234B6900E78286000F02D95 /* powermgt_generic.h in Headers */ = {isa = PBXBuildFile; fileRef = F555DF370274968F01D2E99F /* powermgt_generic.h */; };
+ 5234B6910E78286000F02D95 /* PCSCDevice.h in Headers */ = {isa = PBXBuildFile; fileRef = 5286293E0A87EA8E004FE8DC /* PCSCDevice.h */; };
+ 5234B6920E78286000F02D95 /* PCSCDriverBundle.h in Headers */ = {isa = PBXBuildFile; fileRef = 528629400A87EA8E004FE8DC /* PCSCDriverBundle.h */; };
+ 5234B6930E78286000F02D95 /* PCSCDriverBundles.h in Headers */ = {isa = PBXBuildFile; fileRef = 528629420A87EA8E004FE8DC /* PCSCDriverBundles.h */; };
+ 5234B6940E78286000F02D95 /* reader.h in Headers */ = {isa = PBXBuildFile; fileRef = 52D00D1A0A9252350093277A /* reader.h */; };
+ 5234B6950E78286000F02D95 /* pcscdmonitor.h in Headers */ = {isa = PBXBuildFile; fileRef = 527CF60B0AA5192B007589FF /* pcscdmonitor.h */; };
+ 5234B6960E78286000F02D95 /* pcscdserver.h in Headers */ = {isa = PBXBuildFile; fileRef = 527CF60D0AA5192B007589FF /* pcscdserver.h */; };
+ 5234B6970E78286000F02D95 /* readerstate.h in Headers */ = {isa = PBXBuildFile; fileRef = 5236DD1D0B9DDBD7007CEF56 /* readerstate.h */; };
+ 5234B6990E78286000F02D95 /* atrhandler.c in Sources */ = {isa = PBXBuildFile; fileRef = F52A94510254232701B94B21 /* atrhandler.c */; };
+ 5234B69A0E78286000F02D95 /* readerstate.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 5236DD1C0B9DDBD7007CEF56 /* readerstate.cpp */; };
+ 5234B69B0E78286000F02D95 /* configfile.c in Sources */ = {isa = PBXBuildFile; fileRef = F52A94900254242101B94B21 /* configfile.c */; settings = {COMPILER_FLAGS = "-DYY_NO_UNPUT"; }; };
+ 5234B69C0E78286000F02D95 /* debuglog.c in Sources */ = {isa = PBXBuildFile; fileRef = F52A94920254242101B94B21 /* debuglog.c */; };
+ 5234B69D0E78286000F02D95 /* dyn_macosx.c in Sources */ = {isa = PBXBuildFile; fileRef = F52A94950254242101B94B21 /* dyn_macosx.c */; };
+ 5234B69E0E78286000F02D95 /* eventhandler.cpp in Sources */ = {isa = PBXBuildFile; fileRef = F52A94960254242101B94B21 /* eventhandler.cpp */; };
+ 5234B69F0E78286000F02D95 /* ifdwrapper.c in Sources */ = {isa = PBXBuildFile; fileRef = F52A949B0254242101B94B21 /* ifdwrapper.c */; };
+ 5234B6A00E78286000F02D95 /* pcscdaemon.c in Sources */ = {isa = PBXBuildFile; fileRef = F52A949D0254242101B94B21 /* pcscdaemon.c */; };
+ 5234B6A10E78286000F02D95 /* prothandler.c in Sources */ = {isa = PBXBuildFile; fileRef = F52A949F0254242101B94B21 /* prothandler.c */; };
+ 5234B6A20E78286000F02D95 /* readerfactory.c in Sources */ = {isa = PBXBuildFile; fileRef = F52A94A10254242101B94B21 /* readerfactory.c */; };
+ 5234B6A30E78286000F02D95 /* thread_macosx.c in Sources */ = {isa = PBXBuildFile; fileRef = F52A94A60254242101B94B21 /* thread_macosx.c */; };
+ 5234B6A40E78286000F02D95 /* winscard_msg.cpp in Sources */ = {isa = PBXBuildFile; fileRef = F52A94A70254242101B94B21 /* winscard_msg.cpp */; };
+ 5234B6A50E78286000F02D95 /* winscard_svc.c in Sources */ = {isa = PBXBuildFile; fileRef = F52A94A90254242101B94B21 /* winscard_svc.c */; };
+ 5234B6A60E78286000F02D95 /* powermgt_macosx.c in Sources */ = {isa = PBXBuildFile; fileRef = F555DF350274962801D2E99F /* powermgt_macosx.c */; };
+ 5234B6A70E78286000F02D95 /* sys_macosx.cpp in Sources */ = {isa = PBXBuildFile; fileRef = C2F2094A0662B851001DFD06 /* sys_macosx.cpp */; };
+ 5234B6A80E78286000F02D95 /* hotplug_macosx.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 5286293C0A87EA8E004FE8DC /* hotplug_macosx.cpp */; };
+ 5234B6A90E78286000F02D95 /* PCSCDevice.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 5286293D0A87EA8E004FE8DC /* PCSCDevice.cpp */; };
+ 5234B6AA0E78286000F02D95 /* PCSCDriverBundle.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 5286293F0A87EA8E004FE8DC /* PCSCDriverBundle.cpp */; };
+ 5234B6AB0E78286000F02D95 /* PCSCDriverBundles.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 528629410A87EA8E004FE8DC /* PCSCDriverBundles.cpp */; };
+ 5234B6AC0E78286000F02D95 /* reader.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 52D00D1B0A9252350093277A /* reader.cpp */; };
+ 5234B6AD0E78286000F02D95 /* pcscdmonitor.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 527CF60A0AA5192B007589FF /* pcscdmonitor.cpp */; };
+ 5234B6AE0E78286000F02D95 /* pcscdserver.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 527CF60C0AA5192B007589FF /* pcscdserver.cpp */; };
+ 5234B6AF0E78286000F02D95 /* winscard_msg_srv.c in Sources */ = {isa = PBXBuildFile; fileRef = 52D2492C0BA07E1100F9827A /* winscard_msg_srv.c */; };
+ 5234B6B00E78286000F02D95 /* winscard.c in Sources */ = {isa = PBXBuildFile; fileRef = 52E0D59D0BA7006D008DFDDF /* winscard.c */; };
+ 5234B6B20E78286000F02D95 /* CoreFoundation.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = F503CADB025428F601B94B21 /* CoreFoundation.framework */; };
+ 5234B6B30E78286000F02D95 /* IOKit.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = F503CADC025428F601B94B21 /* IOKit.framework */; };
+ 5234B6B40E78286000F02D95 /* libl.a in Frameworks */ = {isa = PBXBuildFile; fileRef = F503CADF0254294101B94B21 /* libl.a */; };
+ 5234B6B50E78286000F02D95 /* security_utilities.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 52D58C080A87FEA000DC3F19 /* security_utilities.framework */; };
+ 5234B6BF0E78286000F02D95 /* thread_generic.h in Headers */ = {isa = PBXBuildFile; fileRef = F52A94A50254242101B94B21 /* thread_generic.h */; };
+ 5234B6C00E78286000F02D95 /* pcsclite.h in Headers */ = {isa = PBXBuildFile; fileRef = F52A949E0254242101B94B21 /* pcsclite.h */; settings = {ATTRIBUTES = (Public, ); }; };
+ 5234B6C10E78286000F02D95 /* mscdefines.h in Headers */ = {isa = PBXBuildFile; fileRef = F52A94CD025424AC01B94B21 /* mscdefines.h */; settings = {ATTRIBUTES = (Public, ); }; };
+ 5234B6C20E78286000F02D95 /* musclecard.h in Headers */ = {isa = PBXBuildFile; fileRef = F52A94CF025424AC01B94B21 /* musclecard.h */; settings = {ATTRIBUTES = (Public, ); }; };
+ 5234B6C30E78286000F02D95 /* winscard_msg.h in Headers */ = {isa = PBXBuildFile; fileRef = F52A94A80254242101B94B21 /* winscard_msg.h */; };
+ 5234B6C40E78286000F02D95 /* tokenfactory.h in Headers */ = {isa = PBXBuildFile; fileRef = F52A94D1025424AC01B94B21 /* tokenfactory.h */; };
+ 5234B6C50E78286000F02D95 /* winscard.h in Headers */ = {isa = PBXBuildFile; fileRef = F52A94AC0254242101B94B21 /* winscard.h */; settings = {ATTRIBUTES = (Public, ); }; };
+ 5234B6C60E78286000F02D95 /* dyn_generic.h in Headers */ = {isa = PBXBuildFile; fileRef = F52A94940254242101B94B21 /* dyn_generic.h */; };
+ 5234B6C70E78286000F02D95 /* wintypes.h in Headers */ = {isa = PBXBuildFile; fileRef = F52A94AD0254242101B94B21 /* wintypes.h */; settings = {ATTRIBUTES = (Public, ); }; };
+ 5234B6C80E78286000F02D95 /* debuglog.h in Headers */ = {isa = PBXBuildFile; fileRef = F52A94930254242101B94B21 /* debuglog.h */; settings = {ATTRIBUTES = (); }; };
+ 5234B6C90E78286000F02D95 /* config.h in Headers */ = {isa = PBXBuildFile; fileRef = F537A7B30379EB7B01B94948 /* config.h */; };
+ 5234B6CC0E78286000F02D95 /* readerstate.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 5236DD1C0B9DDBD7007CEF56 /* readerstate.cpp */; };
+ 5234B6CD0E78286000F02D95 /* thread_macosx.c in Sources */ = {isa = PBXBuildFile; fileRef = F52A94A60254242101B94B21 /* thread_macosx.c */; };
+ 5234B6CE0E78286000F02D95 /* musclecard.c in Sources */ = {isa = PBXBuildFile; fileRef = F52A94CE025424AC01B94B21 /* musclecard.c */; };
+ 5234B6CF0E78286000F02D95 /* dyn_macosx.c in Sources */ = {isa = PBXBuildFile; fileRef = F52A94950254242101B94B21 /* dyn_macosx.c */; };
+ 5234B6D00E78286000F02D95 /* winscard_msg.cpp in Sources */ = {isa = PBXBuildFile; fileRef = F52A94A70254242101B94B21 /* winscard_msg.cpp */; };
+ 5234B6D10E78286000F02D95 /* tokenfactory.c in Sources */ = {isa = PBXBuildFile; fileRef = F52A94D0025424AC01B94B21 /* tokenfactory.c */; };
+ 5234B6D20E78286000F02D95 /* sys_unix.c in Sources */ = {isa = PBXBuildFile; fileRef = F52A94A40254242101B94B21 /* sys_unix.c */; };
+ 5234B6D30E78286000F02D95 /* tokenparser.c in Sources */ = {isa = PBXBuildFile; fileRef = F52A94D2025424AC01B94B21 /* tokenparser.c */; settings = {COMPILER_FLAGS = "-DYY_NO_UNPUT"; }; };
+ 5234B6D40E78286000F02D95 /* debuglog.c in Sources */ = {isa = PBXBuildFile; fileRef = F52A94920254242101B94B21 /* debuglog.c */; };
+ 5234B6D50E78286000F02D95 /* winscard_clnt.c in Sources */ = {isa = PBXBuildFile; fileRef = F52A94D4025424AC01B94B21 /* winscard_clnt.c */; };
+ 5234B6D80E78286000F02D95 /* security_utilities.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 52D58C080A87FEA000DC3F19 /* security_utilities.framework */; };
+ 5234B6D90E78286000F02D95 /* CoreFoundation.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = F503CADB025428F601B94B21 /* CoreFoundation.framework */; };
+ 5234B6E40E78286000F02D95 /* testpcsc.c in Sources */ = {isa = PBXBuildFile; fileRef = F503CACD025425E601B94B21 /* testpcsc.c */; };
+ 5234B6E60E78286000F02D95 /* PCSC.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = F5448E630379F08001B94948 /* PCSC.framework */; };
+ 5234B6F10E78286000F02D95 /* bundleTool.c in Sources */ = {isa = PBXBuildFile; fileRef = F511212C0272F8D9017BB957 /* bundleTool.c */; };
+ 5234B6F30E78286000F02D95 /* PCSC.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = F5448E630379F08001B94948 /* PCSC.framework */; };
+/* End PBXBuildFile section */
+
+/* Begin PBXContainerItemProxy section */
+ 5234B72E0E78286000F02D95 /* PBXContainerItemProxy */ = {
+ isa = PBXContainerItemProxy;
+ containerPortal = F5294A4F0090C4CA01CD285A /* Project object */;
+ proxyType = 1;
+ remoteGlobalIDString = 5234B6BD0E78286000F02D95;
+ remoteInfo = "PCSC (Upgraded)";
+ };
+ 5234B7300E78286000F02D95 /* PBXContainerItemProxy */ = {
+ isa = PBXContainerItemProxy;
+ containerPortal = F5294A4F0090C4CA01CD285A /* Project object */;
+ proxyType = 1;
+ remoteGlobalIDString = 5234B67D0E78286000F02D95;
+ remoteInfo = "pcscd (Upgraded)";
+ };
+ 5234B7320E78286000F02D95 /* PBXContainerItemProxy */ = {
+ isa = PBXContainerItemProxy;
+ containerPortal = F5294A4F0090C4CA01CD285A /* Project object */;
+ proxyType = 1;
+ remoteGlobalIDString = 5234B6E10E78286000F02D95;
+ remoteInfo = "pcsctest (Upgraded)";
+ };
+ 5234B7340E78286000F02D95 /* PBXContainerItemProxy */ = {
+ isa = PBXContainerItemProxy;
+ containerPortal = F5294A4F0090C4CA01CD285A /* Project object */;
+ proxyType = 1;
+ remoteGlobalIDString = 5234B6EE0E78286000F02D95;
+ remoteInfo = "pcsctool (Upgraded)";
+ };
+ 5234B7380E78286000F02D95 /* PBXContainerItemProxy */ = {
+ isa = PBXContainerItemProxy;
+ containerPortal = F5294A4F0090C4CA01CD285A /* Project object */;
+ proxyType = 1;
+ remoteGlobalIDString = 5234B7280E78286000F02D95;
+ remoteInfo = "InstallPhase (Copied)";
+ };
+/* End PBXContainerItemProxy section */
+
+/* Begin PBXFileReference section */
+ 2CC9AB9A06CC036D0048A811 /* CoreFoundation.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = CoreFoundation.framework; path = /System/Library/Frameworks/CoreFoundation.framework; sourceTree = "<absolute>"; };
+ 2CC9ABC806CC03A10048A811 /* IOKit.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = IOKit.framework; path = /System/Library/Frameworks/IOKit.framework; sourceTree = "<absolute>"; };
+ 4CB55A760592598500B25B27 /* Makefile.installPhase */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text; path = Makefile.installPhase; sourceTree = "<group>"; };
+ 5234B6BB0E78286000F02D95 /* pcscd */ = {isa = PBXFileReference; explicitFileType = "compiled.mach-o.executable"; includeInIndex = 0; path = pcscd; sourceTree = BUILT_PRODUCTS_DIR; };
+ 5234B6DF0E78286000F02D95 /* Info-PCSC.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; path = "Info-PCSC.plist"; sourceTree = "<group>"; };
+ 5234B6E00E78286000F02D95 /* PCSC.framework */ = {isa = PBXFileReference; explicitFileType = wrapper.framework; includeInIndex = 0; path = PCSC.framework; sourceTree = BUILT_PRODUCTS_DIR; };
+ 5234B6EC0E78286000F02D95 /* pcsctest */ = {isa = PBXFileReference; explicitFileType = "compiled.mach-o.executable"; includeInIndex = 0; path = pcsctest; sourceTree = BUILT_PRODUCTS_DIR; };
+ 5234B6F90E78286000F02D95 /* pcsctool */ = {isa = PBXFileReference; explicitFileType = "compiled.mach-o.executable"; includeInIndex = 0; path = pcsctool; sourceTree = BUILT_PRODUCTS_DIR; };
+ 5236DD1C0B9DDBD7007CEF56 /* readerstate.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; name = readerstate.cpp; path = src/PCSC/readerstate.cpp; sourceTree = "<group>"; };
+ 5236DD1D0B9DDBD7007CEF56 /* readerstate.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; name = readerstate.h; path = src/PCSC/readerstate.h; sourceTree = "<group>"; };
+ 527CF60A0AA5192B007589FF /* pcscdmonitor.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; name = pcscdmonitor.cpp; path = src/PCSC/pcscdmonitor.cpp; sourceTree = "<group>"; };
+ 527CF60B0AA5192B007589FF /* pcscdmonitor.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; name = pcscdmonitor.h; path = src/PCSC/pcscdmonitor.h; sourceTree = "<group>"; };
+ 527CF60C0AA5192B007589FF /* pcscdserver.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; name = pcscdserver.cpp; path = src/PCSC/pcscdserver.cpp; sourceTree = "<group>"; };
+ 527CF60D0AA5192B007589FF /* pcscdserver.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; name = pcscdserver.h; path = src/PCSC/pcscdserver.h; sourceTree = "<group>"; };
+ 5286293C0A87EA8E004FE8DC /* hotplug_macosx.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; name = hotplug_macosx.cpp; path = src/PCSC/hotplug_macosx.cpp; sourceTree = "<group>"; };
+ 5286293D0A87EA8E004FE8DC /* PCSCDevice.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; name = PCSCDevice.cpp; path = src/PCSC/PCSCDevice.cpp; sourceTree = "<group>"; };
+ 5286293E0A87EA8E004FE8DC /* PCSCDevice.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; name = PCSCDevice.h; path = src/PCSC/PCSCDevice.h; sourceTree = "<group>"; };
+ 5286293F0A87EA8E004FE8DC /* PCSCDriverBundle.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; name = PCSCDriverBundle.cpp; path = src/PCSC/PCSCDriverBundle.cpp; sourceTree = "<group>"; };
+ 528629400A87EA8E004FE8DC /* PCSCDriverBundle.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; name = PCSCDriverBundle.h; path = src/PCSC/PCSCDriverBundle.h; sourceTree = "<group>"; };
+ 528629410A87EA8E004FE8DC /* PCSCDriverBundles.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; name = PCSCDriverBundles.cpp; path = src/PCSC/PCSCDriverBundles.cpp; sourceTree = "<group>"; };
+ 528629420A87EA8E004FE8DC /* PCSCDriverBundles.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; name = PCSCDriverBundles.h; path = src/PCSC/PCSCDriverBundles.h; sourceTree = "<group>"; };
+ 52D00D1A0A9252350093277A /* reader.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = reader.h; path = src/PCSC/reader.h; sourceTree = "<group>"; };
+ 52D00D1B0A9252350093277A /* reader.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = reader.cpp; path = src/PCSC/reader.cpp; sourceTree = "<group>"; };
+ 52D2492C0BA07E1100F9827A /* winscard_msg_srv.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; name = winscard_msg_srv.c; path = src/PCSC/winscard_msg_srv.c; sourceTree = "<group>"; };
+ 52D58C080A87FEA000DC3F19 /* security_utilities.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = security_utilities.framework; path = /usr/local/SecurityPieces/Frameworks/security_utilities.framework; sourceTree = "<absolute>"; };
+ 52DBCAAE0BB851C8007D06A5 /* PCSC.exp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.exports; name = PCSC.exp; path = src/PCSC/PCSC.exp; sourceTree = "<group>"; };
+ 52E0D59D0BA7006D008DFDDF /* winscard.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; name = winscard.c; path = src/PCSC/winscard.c; sourceTree = "<group>"; };
+ C2F2094A0662B851001DFD06 /* sys_macosx.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; name = sys_macosx.cpp; path = src/PCSC/sys_macosx.cpp; sourceTree = "<group>"; };
+ F503CACD025425E601B94B21 /* testpcsc.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; name = testpcsc.c; path = src/PCSC/testpcsc.c; sourceTree = "<group>"; };
+ F503CACE025425E601B94B21 /* muscletest.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; name = muscletest.c; path = src/PCSC/muscletest.c; sourceTree = "<group>"; };
+ F503CADB025428F601B94B21 /* CoreFoundation.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = CoreFoundation.framework; path = /System/Library/Frameworks/CoreFoundation.framework; sourceTree = "<absolute>"; };
+ F503CADC025428F601B94B21 /* IOKit.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = IOKit.framework; path = /System/Library/Frameworks/IOKit.framework; sourceTree = "<absolute>"; };
+ F503CADF0254294101B94B21 /* libl.a */ = {isa = PBXFileReference; lastKnownFileType = archive.ar; name = libl.a; path = /usr/lib/libl.a; sourceTree = "<absolute>"; };
+ F511212C0272F8D9017BB957 /* bundleTool.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; name = bundleTool.c; path = src/PCSC/utils/bundleTool.c; sourceTree = "<group>"; };
+ F52A94510254232701B94B21 /* atrhandler.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; name = atrhandler.c; path = src/PCSC/atrhandler.c; sourceTree = SOURCE_ROOT; };
+ F52A948F0254242101B94B21 /* atrhandler.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; name = atrhandler.h; path = src/PCSC/atrhandler.h; sourceTree = SOURCE_ROOT; };
+ F52A94900254242101B94B21 /* configfile.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; name = configfile.c; path = src/PCSC/configfile.c; sourceTree = SOURCE_ROOT; };
+ F52A94910254242101B94B21 /* configfile.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; name = configfile.h; path = src/PCSC/configfile.h; sourceTree = SOURCE_ROOT; };
+ F52A94920254242101B94B21 /* debuglog.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; name = debuglog.c; path = src/PCSC/debuglog.c; sourceTree = SOURCE_ROOT; };
+ F52A94930254242101B94B21 /* debuglog.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; name = debuglog.h; path = src/PCSC/debuglog.h; sourceTree = SOURCE_ROOT; };
+ F52A94940254242101B94B21 /* dyn_generic.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; name = dyn_generic.h; path = src/PCSC/dyn_generic.h; sourceTree = SOURCE_ROOT; };
+ F52A94950254242101B94B21 /* dyn_macosx.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; name = dyn_macosx.c; path = src/PCSC/dyn_macosx.c; sourceTree = SOURCE_ROOT; };
+ F52A94960254242101B94B21 /* eventhandler.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; name = eventhandler.cpp; path = src/PCSC/eventhandler.cpp; sourceTree = "<group>"; };
+ F52A94970254242101B94B21 /* eventhandler.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; name = eventhandler.h; path = src/PCSC/eventhandler.h; sourceTree = SOURCE_ROOT; };
+ F52A94990254242101B94B21 /* hotplug.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; name = hotplug.h; path = src/PCSC/hotplug.h; sourceTree = SOURCE_ROOT; };
+ F52A949A0254242101B94B21 /* ifdhandler.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; name = ifdhandler.h; path = src/PCSC/ifdhandler.h; sourceTree = SOURCE_ROOT; };
+ F52A949B0254242101B94B21 /* ifdwrapper.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; name = ifdwrapper.c; path = src/PCSC/ifdwrapper.c; sourceTree = SOURCE_ROOT; };
+ F52A949C0254242101B94B21 /* ifdwrapper.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; name = ifdwrapper.h; path = src/PCSC/ifdwrapper.h; sourceTree = SOURCE_ROOT; };
+ F52A949D0254242101B94B21 /* pcscdaemon.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; name = pcscdaemon.c; path = src/PCSC/pcscdaemon.c; sourceTree = "<group>"; };
+ F52A949E0254242101B94B21 /* pcsclite.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; name = pcsclite.h; path = src/PCSC/pcsclite.h; sourceTree = SOURCE_ROOT; };
+ F52A949F0254242101B94B21 /* prothandler.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; name = prothandler.c; path = src/PCSC/prothandler.c; sourceTree = SOURCE_ROOT; };
+ F52A94A00254242101B94B21 /* prothandler.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; name = prothandler.h; path = src/PCSC/prothandler.h; sourceTree = SOURCE_ROOT; };
+ F52A94A10254242101B94B21 /* readerfactory.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; name = readerfactory.c; path = src/PCSC/readerfactory.c; sourceTree = "<group>"; };
+ F52A94A20254242101B94B21 /* readerfactory.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; name = readerfactory.h; path = src/PCSC/readerfactory.h; sourceTree = "<group>"; };
+ F52A94A30254242101B94B21 /* sys_generic.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; name = sys_generic.h; path = src/PCSC/sys_generic.h; sourceTree = SOURCE_ROOT; };
+ F52A94A40254242101B94B21 /* sys_unix.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; name = sys_unix.c; path = src/PCSC/sys_unix.c; sourceTree = SOURCE_ROOT; };
+ F52A94A50254242101B94B21 /* thread_generic.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; name = thread_generic.h; path = src/PCSC/thread_generic.h; sourceTree = SOURCE_ROOT; };
+ F52A94A60254242101B94B21 /* thread_macosx.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; name = thread_macosx.c; path = src/PCSC/thread_macosx.c; sourceTree = SOURCE_ROOT; };
+ F52A94A70254242101B94B21 /* winscard_msg.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; name = winscard_msg.cpp; path = src/PCSC/winscard_msg.cpp; sourceTree = "<group>"; };
+ F52A94A80254242101B94B21 /* winscard_msg.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; name = winscard_msg.h; path = src/PCSC/winscard_msg.h; sourceTree = SOURCE_ROOT; };
+ F52A94A90254242101B94B21 /* winscard_svc.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; name = winscard_svc.c; path = src/PCSC/winscard_svc.c; sourceTree = SOURCE_ROOT; };
+ F52A94AA0254242101B94B21 /* winscard_svc.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; name = winscard_svc.h; path = src/PCSC/winscard_svc.h; sourceTree = SOURCE_ROOT; };
+ F52A94AC0254242101B94B21 /* winscard.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; name = winscard.h; path = src/PCSC/winscard.h; sourceTree = SOURCE_ROOT; };
+ F52A94AD0254242101B94B21 /* wintypes.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; name = wintypes.h; path = src/PCSC/wintypes.h; sourceTree = SOURCE_ROOT; };
+ F52A94CD025424AC01B94B21 /* mscdefines.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; name = mscdefines.h; path = src/PCSC/mscdefines.h; sourceTree = SOURCE_ROOT; };
+ F52A94CE025424AC01B94B21 /* musclecard.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; name = musclecard.c; path = src/PCSC/musclecard.c; sourceTree = SOURCE_ROOT; };
+ F52A94CF025424AC01B94B21 /* musclecard.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; name = musclecard.h; path = src/PCSC/musclecard.h; sourceTree = SOURCE_ROOT; };
+ F52A94D0025424AC01B94B21 /* tokenfactory.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; name = tokenfactory.c; path = src/PCSC/tokenfactory.c; sourceTree = SOURCE_ROOT; };
+ F52A94D1025424AC01B94B21 /* tokenfactory.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; name = tokenfactory.h; path = src/PCSC/tokenfactory.h; sourceTree = SOURCE_ROOT; };
+ F52A94D2025424AC01B94B21 /* tokenparser.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; name = tokenparser.c; path = src/PCSC/tokenparser.c; sourceTree = SOURCE_ROOT; };
+ F52A94D4025424AC01B94B21 /* winscard_clnt.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; name = winscard_clnt.c; path = src/PCSC/winscard_clnt.c; sourceTree = SOURCE_ROOT; };
+ F537A7B30379EB7B01B94948 /* config.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; name = config.h; path = src/PCSC/config.h; sourceTree = SOURCE_ROOT; };
+ F5448E630379F08001B94948 /* PCSC.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = PCSC.framework; path = /System/Library/Frameworks/PCSC.framework; sourceTree = "<absolute>"; };
+ F555DF350274962801D2E99F /* powermgt_macosx.c */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.c; name = powermgt_macosx.c; path = src/PCSC/powermgt_macosx.c; sourceTree = SOURCE_ROOT; };
+ F555DF370274968F01D2E99F /* powermgt_generic.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; name = powermgt_generic.h; path = src/PCSC/powermgt_generic.h; sourceTree = SOURCE_ROOT; };
+/* End PBXFileReference section */
+
+/* Begin PBXFrameworksBuildPhase section */
+ 5234B6B10E78286000F02D95 /* Frameworks */ = {
+ isa = PBXFrameworksBuildPhase;
+ buildActionMask = 2147483647;
+ files = (
+ 5234B6B20E78286000F02D95 /* CoreFoundation.framework in Frameworks */,
+ 5234B6B30E78286000F02D95 /* IOKit.framework in Frameworks */,
+ 5234B6B40E78286000F02D95 /* libl.a in Frameworks */,
+ 5234B6B50E78286000F02D95 /* security_utilities.framework in Frameworks */,
+ );
+ runOnlyForDeploymentPostprocessing = 0;
+ };
+ 5234B6D70E78286000F02D95 /* Frameworks */ = {
+ isa = PBXFrameworksBuildPhase;
+ buildActionMask = 2147483647;
+ files = (
+ 5234B6D80E78286000F02D95 /* security_utilities.framework in Frameworks */,
+ 5234B6D90E78286000F02D95 /* CoreFoundation.framework in Frameworks */,
+ );
+ runOnlyForDeploymentPostprocessing = 0;
+ };
+ 5234B6E50E78286000F02D95 /* Frameworks */ = {
+ isa = PBXFrameworksBuildPhase;
+ buildActionMask = 2147483647;
+ files = (
+ 5234B6E60E78286000F02D95 /* PCSC.framework in Frameworks */,
+ );
+ runOnlyForDeploymentPostprocessing = 0;
+ };
+ 5234B6F20E78286000F02D95 /* Frameworks */ = {
+ isa = PBXFrameworksBuildPhase;
+ buildActionMask = 2147483647;
+ files = (
+ 5234B6F30E78286000F02D95 /* PCSC.framework in Frameworks */,
+ );
+ runOnlyForDeploymentPostprocessing = 0;
+ };
+/* End PBXFrameworksBuildPhase section */
+
+/* Begin PBXGroup section */
+ 5234B4EF0E7826E200F02D95 /* Linked Frameworks */ = {
+ isa = PBXGroup;
+ children = (
+ 52D58C080A87FEA000DC3F19 /* security_utilities.framework */,
+ F5448E630379F08001B94948 /* PCSC.framework */,
+ 2CC9AB9A06CC036D0048A811 /* CoreFoundation.framework */,
+ 2CC9ABC806CC03A10048A811 /* IOKit.framework */,
+ );
+ name = "Linked Frameworks";
+ sourceTree = "<group>";
+ };
+ 527CF6040AA51879007589FF /* pcscd */ = {
+ isa = PBXGroup;
+ children = (
+ 5236DD1C0B9DDBD7007CEF56 /* readerstate.cpp */,
+ 5236DD1D0B9DDBD7007CEF56 /* readerstate.h */,
+ F52A949D0254242101B94B21 /* pcscdaemon.c */,
+ 527CF60A0AA5192B007589FF /* pcscdmonitor.cpp */,
+ 527CF60B0AA5192B007589FF /* pcscdmonitor.h */,
+ 527CF60C0AA5192B007589FF /* pcscdserver.cpp */,
+ 527CF60D0AA5192B007589FF /* pcscdserver.h */,
+ 5286293C0A87EA8E004FE8DC /* hotplug_macosx.cpp */,
+ 5286293D0A87EA8E004FE8DC /* PCSCDevice.cpp */,
+ 5286293E0A87EA8E004FE8DC /* PCSCDevice.h */,
+ 5286293F0A87EA8E004FE8DC /* PCSCDriverBundle.cpp */,
+ 528629400A87EA8E004FE8DC /* PCSCDriverBundle.h */,
+ 528629410A87EA8E004FE8DC /* PCSCDriverBundles.cpp */,
+ 528629420A87EA8E004FE8DC /* PCSCDriverBundles.h */,
+ F52A94A10254242101B94B21 /* readerfactory.c */,
+ F52A94A20254242101B94B21 /* readerfactory.h */,
+ 52D00D1A0A9252350093277A /* reader.h */,
+ 52D00D1B0A9252350093277A /* reader.cpp */,
+ );
+ name = pcscd;
+ sourceTree = "<group>";
+ };
+ 527CF6070AA51881007589FF /* framework */ = {
+ isa = PBXGroup;
+ children = (
+ 52DBCAAE0BB851C8007D06A5 /* PCSC.exp */,
+ );
+ name = framework;
+ sourceTree = "<group>";
+ };
+ 527CF6240AA51B07007589FF /* tools */ = {
+ isa = PBXGroup;
+ children = (
+ F503CACD025425E601B94B21 /* testpcsc.c */,
+ F503CACE025425E601B94B21 /* muscletest.c */,
+ F511212C0272F8D9017BB957 /* bundleTool.c */,
+ );
+ name = tools;
+ sourceTree = "<group>";
+ };
+ F5294A500090C4CA01CD285A = {
+ isa = PBXGroup;
+ children = (
+ F538896A0397E93B012F6BBF /* InstallPhase */,
+ 527CF6040AA51879007589FF /* pcscd */,
+ 527CF6240AA51B07007589FF /* tools */,
+ F537A7B50379EB8B01B94948 /* PCSC */,
+ 5234B4EF0E7826E200F02D95 /* Linked Frameworks */,
+ F5294A520090C5DF01CD285A /* Products */,
+ 5234B6DF0E78286000F02D95 /* Info-PCSC.plist */,
+ );
+ sourceTree = "<group>";
+ };
+ F5294A520090C5DF01CD285A /* Products */ = {
+ isa = PBXGroup;
+ children = (
+ 5234B6BB0E78286000F02D95 /* pcscd */,
+ 5234B6E00E78286000F02D95 /* PCSC.framework */,
+ 5234B6EC0E78286000F02D95 /* pcsctest */,
+ 5234B6F90E78286000F02D95 /* pcsctool */,
+ );
+ name = Products;
+ sourceTree = "<group>";
+ };
+ F537A7B50379EB8B01B94948 /* PCSC */ = {
+ isa = PBXGroup;
+ children = (
+ 527CF6070AA51881007589FF /* framework */,
+ F52A94510254232701B94B21 /* atrhandler.c */,
+ F52A948F0254242101B94B21 /* atrhandler.h */,
+ F52A94900254242101B94B21 /* configfile.c */,
+ F52A94910254242101B94B21 /* configfile.h */,
+ F52A94920254242101B94B21 /* debuglog.c */,
+ F52A94930254242101B94B21 /* debuglog.h */,
+ F52A94940254242101B94B21 /* dyn_generic.h */,
+ F52A94950254242101B94B21 /* dyn_macosx.c */,
+ F52A94960254242101B94B21 /* eventhandler.cpp */,
+ F52A94970254242101B94B21 /* eventhandler.h */,
+ F52A94990254242101B94B21 /* hotplug.h */,
+ F52A949A0254242101B94B21 /* ifdhandler.h */,
+ F52A949B0254242101B94B21 /* ifdwrapper.c */,
+ F52A949C0254242101B94B21 /* ifdwrapper.h */,
+ F52A949E0254242101B94B21 /* pcsclite.h */,
+ F52A949F0254242101B94B21 /* prothandler.c */,
+ F52A94A00254242101B94B21 /* prothandler.h */,
+ F52A94A30254242101B94B21 /* sys_generic.h */,
+ F52A94A40254242101B94B21 /* sys_unix.c */,
+ C2F2094A0662B851001DFD06 /* sys_macosx.cpp */,
+ F52A94A50254242101B94B21 /* thread_generic.h */,
+ F52A94A60254242101B94B21 /* thread_macosx.c */,
+ 52E0D59D0BA7006D008DFDDF /* winscard.c */,
+ F52A94A70254242101B94B21 /* winscard_msg.cpp */,
+ F52A94A80254242101B94B21 /* winscard_msg.h */,
+ F52A94A90254242101B94B21 /* winscard_svc.c */,
+ 52D2492C0BA07E1100F9827A /* winscard_msg_srv.c */,
+ F52A94AA0254242101B94B21 /* winscard_svc.h */,
+ F52A94CD025424AC01B94B21 /* mscdefines.h */,
+ F52A94AC0254242101B94B21 /* winscard.h */,
+ F52A94CF025424AC01B94B21 /* musclecard.h */,
+ F52A94AD0254242101B94B21 /* wintypes.h */,
+ F52A94CE025424AC01B94B21 /* musclecard.c */,
+ F555DF370274968F01D2E99F /* powermgt_generic.h */,
+ F555DF350274962801D2E99F /* powermgt_macosx.c */,
+ F52A94D0025424AC01B94B21 /* tokenfactory.c */,
+ F52A94D1025424AC01B94B21 /* tokenfactory.h */,
+ F52A94D2025424AC01B94B21 /* tokenparser.c */,
+ F52A94D4025424AC01B94B21 /* winscard_clnt.c */,
+ F537A7B30379EB7B01B94948 /* config.h */,
+ F503CADF0254294101B94B21 /* libl.a */,
+ F503CADC025428F601B94B21 /* IOKit.framework */,
+ F503CADB025428F601B94B21 /* CoreFoundation.framework */,
+ );
+ name = PCSC;
+ sourceTree = "<group>";
+ };
+ F538896A0397E93B012F6BBF /* InstallPhase */ = {
+ isa = PBXGroup;
+ children = (
+ 4CB55A760592598500B25B27 /* Makefile.installPhase */,
+ );
+ name = InstallPhase;
+ sourceTree = "<group>";
+ };
+/* End PBXGroup section */
+
+/* Begin PBXHeadersBuildPhase section */
+ 5234B67E0E78286000F02D95 /* Headers */ = {
+ isa = PBXHeadersBuildPhase;
+ buildActionMask = 2147483647;
+ files = (
+ 5234B67F0E78286000F02D95 /* atrhandler.h in Headers */,
+ 5234B6800E78286000F02D95 /* configfile.h in Headers */,
+ 5234B6810E78286000F02D95 /* debuglog.h in Headers */,
+ 5234B6820E78286000F02D95 /* dyn_generic.h in Headers */,
+ 5234B6830E78286000F02D95 /* eventhandler.h in Headers */,
+ 5234B6840E78286000F02D95 /* hotplug.h in Headers */,
+ 5234B6850E78286000F02D95 /* ifdhandler.h in Headers */,
+ 5234B6860E78286000F02D95 /* ifdwrapper.h in Headers */,
+ 5234B6870E78286000F02D95 /* pcsclite.h in Headers */,
+ 5234B6880E78286000F02D95 /* prothandler.h in Headers */,
+ 5234B6890E78286000F02D95 /* readerfactory.h in Headers */,
+ 5234B68A0E78286000F02D95 /* sys_generic.h in Headers */,
+ 5234B68B0E78286000F02D95 /* thread_generic.h in Headers */,
+ 5234B68C0E78286000F02D95 /* winscard_msg.h in Headers */,
+ 5234B68D0E78286000F02D95 /* winscard_svc.h in Headers */,
+ 5234B68E0E78286000F02D95 /* winscard.h in Headers */,
+ 5234B68F0E78286000F02D95 /* wintypes.h in Headers */,
+ 5234B6900E78286000F02D95 /* powermgt_generic.h in Headers */,
+ 5234B6910E78286000F02D95 /* PCSCDevice.h in Headers */,
+ 5234B6920E78286000F02D95 /* PCSCDriverBundle.h in Headers */,
+ 5234B6930E78286000F02D95 /* PCSCDriverBundles.h in Headers */,
+ 5234B6940E78286000F02D95 /* reader.h in Headers */,
+ 5234B6950E78286000F02D95 /* pcscdmonitor.h in Headers */,
+ 5234B6960E78286000F02D95 /* pcscdserver.h in Headers */,
+ 5234B6970E78286000F02D95 /* readerstate.h in Headers */,
+ );
+ runOnlyForDeploymentPostprocessing = 0;
+ };
+ 5234B6BE0E78286000F02D95 /* Headers */ = {
+ isa = PBXHeadersBuildPhase;
+ buildActionMask = 2147483647;
+ files = (
+ 5234B6BF0E78286000F02D95 /* thread_generic.h in Headers */,
+ 5234B6C00E78286000F02D95 /* pcsclite.h in Headers */,
+ 5234B6C10E78286000F02D95 /* mscdefines.h in Headers */,
+ 5234B6C20E78286000F02D95 /* musclecard.h in Headers */,
+ 5234B6C30E78286000F02D95 /* winscard_msg.h in Headers */,
+ 5234B6C40E78286000F02D95 /* tokenfactory.h in Headers */,
+ 5234B6C50E78286000F02D95 /* winscard.h in Headers */,
+ 5234B6C60E78286000F02D95 /* dyn_generic.h in Headers */,
+ 5234B6C70E78286000F02D95 /* wintypes.h in Headers */,
+ 5234B6C80E78286000F02D95 /* debuglog.h in Headers */,
+ 5234B6C90E78286000F02D95 /* config.h in Headers */,
+ );
+ runOnlyForDeploymentPostprocessing = 0;
+ };
+ 5234B6E20E78286000F02D95 /* Headers */ = {
+ isa = PBXHeadersBuildPhase;
+ buildActionMask = 2147483647;
+ files = (
+ );
+ runOnlyForDeploymentPostprocessing = 0;
+ };
+ 5234B6EF0E78286000F02D95 /* Headers */ = {
+ isa = PBXHeadersBuildPhase;
+ buildActionMask = 2147483647;
+ files = (
+ );
+ runOnlyForDeploymentPostprocessing = 0;
+ };
+/* End PBXHeadersBuildPhase section */
+
+/* Begin PBXLegacyTarget section */
+ 5234B7280E78286000F02D95 /* InstallPhase */ = {
+ isa = PBXLegacyTarget;
+ buildArgumentsString = "-f Makefile.installPhase $ALL_SETTINGS $ACTION";
+ buildConfigurationList = 5234B7290E78286000F02D95 /* Build configuration list for PBXLegacyTarget "InstallPhase" */;
+ buildPhases = (
+ );
+ buildToolPath = /usr/bin/gnumake;
+ buildWorkingDirectory = "";
+ dependencies = (
+ );
+ name = InstallPhase;
+ passBuildSettingsInEnvironment = 1;
+ productName = InstallPhase;
+ };
+/* End PBXLegacyTarget section */
+
+/* Begin PBXNativeTarget section */
+ 5234B67D0E78286000F02D95 /* pcscd */ = {
+ isa = PBXNativeTarget;
+ buildConfigurationList = 5234B6B60E78286000F02D95 /* Build configuration list for PBXNativeTarget "pcscd" */;
+ buildPhases = (
+ 5234B67E0E78286000F02D95 /* Headers */,
+ 5234B6980E78286000F02D95 /* Sources */,
+ 5234B6B10E78286000F02D95 /* Frameworks */,
+ );
+ buildRules = (
+ );
+ dependencies = (
+ );
+ name = pcscd;
+ productInstallPath = /usr/sbin;
+ productName = pcscd;
+ productReference = 5234B6BB0E78286000F02D95 /* pcscd */;
+ productType = "com.apple.product-type.tool";
+ };
+ 5234B6BD0E78286000F02D95 /* PCSC */ = {
+ isa = PBXNativeTarget;
+ buildConfigurationList = 5234B6DA0E78286000F02D95 /* Build configuration list for PBXNativeTarget "PCSC" */;
+ buildPhases = (
+ 5234B6BE0E78286000F02D95 /* Headers */,
+ 5234B6CA0E78286000F02D95 /* Resources */,
+ 5234B6CB0E78286000F02D95 /* Sources */,
+ 5234B6D70E78286000F02D95 /* Frameworks */,
+ );
+ buildRules = (
+ );
+ dependencies = (
+ );
+ name = PCSC;
+ productInstallPath = /System/Library/Frameworks;
+ productName = PCSC;
+ productReference = 5234B6E00E78286000F02D95 /* PCSC.framework */;
+ productType = "com.apple.product-type.framework";
+ };
+ 5234B6E10E78286000F02D95 /* pcsctest */ = {
+ isa = PBXNativeTarget;
+ buildConfigurationList = 5234B6E70E78286000F02D95 /* Build configuration list for PBXNativeTarget "pcsctest" */;
+ buildPhases = (
+ 5234B6E20E78286000F02D95 /* Headers */,
+ 5234B6E30E78286000F02D95 /* Sources */,
+ 5234B6E50E78286000F02D95 /* Frameworks */,
+ );
+ buildRules = (
+ );
+ dependencies = (
+ );
+ name = pcsctest;
+ productInstallPath = /usr/bin;
+ productName = testpcsc;
+ productReference = 5234B6EC0E78286000F02D95 /* pcsctest */;
+ productType = "com.apple.product-type.tool";
+ };
+ 5234B6EE0E78286000F02D95 /* pcsctool */ = {
+ isa = PBXNativeTarget;
+ buildConfigurationList = 5234B6F40E78286000F02D95 /* Build configuration list for PBXNativeTarget "pcsctool" */;
+ buildPhases = (
+ 5234B6EF0E78286000F02D95 /* Headers */,
+ 5234B6F00E78286000F02D95 /* Sources */,
+ 5234B6F20E78286000F02D95 /* Frameworks */,
+ );
+ buildRules = (
+ );
+ dependencies = (
+ );
+ name = pcsctool;
+ productInstallPath = /usr/bin/;
+ productName = pcsctool;
+ productReference = 5234B6F90E78286000F02D95 /* pcsctool */;
+ productType = "com.apple.product-type.tool";
+ };
+/* End PBXNativeTarget section */
+
+/* Begin PBXProject section */
+ F5294A4F0090C4CA01CD285A /* Project object */ = {
+ isa = PBXProject;
+ buildConfigurationList = C27AD1FD0987FCDC001272E0 /* Build configuration list for PBXProject "SmartCardServices" */;
+ compatibilityVersion = "Xcode 2.4";
+ hasScannedForEncodings = 1;
+ mainGroup = F5294A500090C4CA01CD285A;
+ productRefGroup = F5294A520090C5DF01CD285A /* Products */;
+ projectDirPath = "";
+ projectRoot = "";
+ targets = (
+ 5234B66B0E78286000F02D95 /* World */,
+ 5234B67D0E78286000F02D95 /* pcscd */,
+ 5234B6BD0E78286000F02D95 /* PCSC */,
+ 5234B6E10E78286000F02D95 /* pcsctest */,
+ 5234B6EE0E78286000F02D95 /* pcsctool */,
+ 5234B7280E78286000F02D95 /* InstallPhase */,
+ );
+ };
+/* End PBXProject section */
+
+/* Begin PBXResourcesBuildPhase section */
+ 5234B6CA0E78286000F02D95 /* Resources */ = {
+ isa = PBXResourcesBuildPhase;
+ buildActionMask = 2147483647;
+ files = (
+ );
+ runOnlyForDeploymentPostprocessing = 0;
+ };
+/* End PBXResourcesBuildPhase section */
+
+/* Begin PBXSourcesBuildPhase section */
+ 5234B6980E78286000F02D95 /* Sources */ = {
+ isa = PBXSourcesBuildPhase;
+ buildActionMask = 2147483647;
+ files = (
+ 5234B6990E78286000F02D95 /* atrhandler.c in Sources */,
+ 5234B69A0E78286000F02D95 /* readerstate.cpp in Sources */,
+ 5234B69B0E78286000F02D95 /* configfile.c in Sources */,
+ 5234B69C0E78286000F02D95 /* debuglog.c in Sources */,
+ 5234B69D0E78286000F02D95 /* dyn_macosx.c in Sources */,
+ 5234B69E0E78286000F02D95 /* eventhandler.cpp in Sources */,
+ 5234B69F0E78286000F02D95 /* ifdwrapper.c in Sources */,
+ 5234B6A00E78286000F02D95 /* pcscdaemon.c in Sources */,
+ 5234B6A10E78286000F02D95 /* prothandler.c in Sources */,
+ 5234B6A20E78286000F02D95 /* readerfactory.c in Sources */,
+ 5234B6A30E78286000F02D95 /* thread_macosx.c in Sources */,
+ 5234B6A40E78286000F02D95 /* winscard_msg.cpp in Sources */,
+ 5234B6A50E78286000F02D95 /* winscard_svc.c in Sources */,
+ 5234B6A60E78286000F02D95 /* powermgt_macosx.c in Sources */,
+ 5234B6A70E78286000F02D95 /* sys_macosx.cpp in Sources */,
+ 5234B6A80E78286000F02D95 /* hotplug_macosx.cpp in Sources */,
+ 5234B6A90E78286000F02D95 /* PCSCDevice.cpp in Sources */,
+ 5234B6AA0E78286000F02D95 /* PCSCDriverBundle.cpp in Sources */,
+ 5234B6AB0E78286000F02D95 /* PCSCDriverBundles.cpp in Sources */,
+ 5234B6AC0E78286000F02D95 /* reader.cpp in Sources */,
+ 5234B6AD0E78286000F02D95 /* pcscdmonitor.cpp in Sources */,
+ 5234B6AE0E78286000F02D95 /* pcscdserver.cpp in Sources */,
+ 5234B6AF0E78286000F02D95 /* winscard_msg_srv.c in Sources */,
+ 5234B6B00E78286000F02D95 /* winscard.c in Sources */,
+ );
+ runOnlyForDeploymentPostprocessing = 0;
+ };
+ 5234B6CB0E78286000F02D95 /* Sources */ = {
+ isa = PBXSourcesBuildPhase;
+ buildActionMask = 2147483647;
+ files = (
+ 5234B6CC0E78286000F02D95 /* readerstate.cpp in Sources */,
+ 5234B6CD0E78286000F02D95 /* thread_macosx.c in Sources */,
+ 5234B6CE0E78286000F02D95 /* musclecard.c in Sources */,
+ 5234B6CF0E78286000F02D95 /* dyn_macosx.c in Sources */,
+ 5234B6D00E78286000F02D95 /* winscard_msg.cpp in Sources */,
+ 5234B6D10E78286000F02D95 /* tokenfactory.c in Sources */,
+ 5234B6D20E78286000F02D95 /* sys_unix.c in Sources */,
+ 5234B6D30E78286000F02D95 /* tokenparser.c in Sources */,
+ 5234B6D40E78286000F02D95 /* debuglog.c in Sources */,
+ 5234B6D50E78286000F02D95 /* winscard_clnt.c in Sources */,
+ );
+ runOnlyForDeploymentPostprocessing = 0;
+ };
+ 5234B6E30E78286000F02D95 /* Sources */ = {
+ isa = PBXSourcesBuildPhase;
+ buildActionMask = 2147483647;
+ files = (
+ 5234B6E40E78286000F02D95 /* testpcsc.c in Sources */,
+ );
+ runOnlyForDeploymentPostprocessing = 0;
+ };
+ 5234B6F00E78286000F02D95 /* Sources */ = {
+ isa = PBXSourcesBuildPhase;
+ buildActionMask = 2147483647;
+ files = (
+ 5234B6F10E78286000F02D95 /* bundleTool.c in Sources */,
+ );
+ runOnlyForDeploymentPostprocessing = 0;
+ };
+/* End PBXSourcesBuildPhase section */
+
+/* Begin PBXTargetDependency section */
+ 5234B72F0E78286000F02D95 /* PBXTargetDependency */ = {
+ isa = PBXTargetDependency;
+ target = 5234B6BD0E78286000F02D95 /* PCSC */;
+ targetProxy = 5234B72E0E78286000F02D95 /* PBXContainerItemProxy */;
+ };
+ 5234B7310E78286000F02D95 /* PBXTargetDependency */ = {
+ isa = PBXTargetDependency;
+ target = 5234B67D0E78286000F02D95 /* pcscd */;
+ targetProxy = 5234B7300E78286000F02D95 /* PBXContainerItemProxy */;
+ };
+ 5234B7330E78286000F02D95 /* PBXTargetDependency */ = {
+ isa = PBXTargetDependency;
+ target = 5234B6E10E78286000F02D95 /* pcsctest */;
+ targetProxy = 5234B7320E78286000F02D95 /* PBXContainerItemProxy */;
+ };
+ 5234B7350E78286000F02D95 /* PBXTargetDependency */ = {
+ isa = PBXTargetDependency;
+ target = 5234B6EE0E78286000F02D95 /* pcsctool */;
+ targetProxy = 5234B7340E78286000F02D95 /* PBXContainerItemProxy */;
+ };
+ 5234B7390E78286000F02D95 /* PBXTargetDependency */ = {
+ isa = PBXTargetDependency;
+ target = 5234B7280E78286000F02D95 /* InstallPhase */;
+ targetProxy = 5234B7380E78286000F02D95 /* PBXContainerItemProxy */;
+ };
+/* End PBXTargetDependency section */
+
+/* Begin XCBuildConfiguration section */
+ 5234B6790E78286000F02D95 /* Development */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ BUILD_VARIANTS = debug;
+ GCC_DYNAMIC_NO_PIC = NO;
+ GCC_GENERATE_DEBUGGING_SYMBOLS = YES;
+ GCC_OPTIMIZATION_LEVEL = 0;
+ OTHER_CFLAGS = "";
+ OTHER_LDFLAGS = "";
+ OTHER_REZFLAGS = "";
+ PRODUCT_NAME = World;
+ SECTORDER_FLAGS = "";
+ WARNING_CFLAGS = (
+ "-Wmost",
+ "-Wno-four-char-constants",
+ "-Wno-unknown-pragmas",
+ );
+ ZERO_LINK = YES;
+ };
+ name = Development;
+ };
+ 5234B67A0E78286000F02D95 /* Deployment */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ OTHER_CFLAGS = "";
+ OTHER_LDFLAGS = "";
+ OTHER_REZFLAGS = "";
+ PRODUCT_NAME = World;
+ SECTORDER_FLAGS = "";
+ WARNING_CFLAGS = (
+ "-Wmost",
+ "-Wno-four-char-constants",
+ "-Wno-unknown-pragmas",
+ );
+ ZERO_LINK = NO;
+ };
+ name = Deployment;
+ };
+ 5234B67B0E78286000F02D95 /* normal with debug */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ BUILD_VARIANTS = normal;
+ OPT_LDFLAGS = "";
+ OPT_LDXFLAGS = "";
+ OPT_LDXNOPIC = "";
+ OTHER_ASFLAGS_normal = "$(OTHER_CFLAGS) -UNDEBUG";
+ OTHER_CFLAGS = "";
+ OTHER_CFLAGS_normal = "$(OTHER_CFLAGS) -UNDEBUG -fno-inline";
+ OTHER_CPLUSPLUSFLAGS_normal = "$(OTHER_CFLAGS) -UNDEBUG -fno-inline";
+ OTHER_LDFLAGS = "";
+ OTHER_REZFLAGS = "";
+ PREBINDING = NO;
+ PRODUCT_NAME = World;
+ SECTORDER_FLAGS = "";
+ WARNING_CFLAGS = (
+ "-Wmost",
+ "-Wno-four-char-constants",
+ "-Wno-unknown-pragmas",
+ );
+ };
+ name = "normal with debug";
+ };
+ 5234B67C0E78286000F02D95 /* Default */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ OTHER_CFLAGS = "";
+ OTHER_LDFLAGS = "";
+ OTHER_REZFLAGS = "";
+ PRODUCT_NAME = World;
+ SECTORDER_FLAGS = "";
+ WARNING_CFLAGS = (
+ "-Wmost",
+ "-Wno-four-char-constants",
+ "-Wno-unknown-pragmas",
+ );
+ };
+ name = Default;
+ };
+ 5234B6B70E78286000F02D95 /* Development */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ ARCHS = "$(NATIVE_ARCH)";
+ BUILD_VARIANTS = debug;
+ CURRENT_PROJECT_VERSION = 36160;
+ FRAMEWORK_SEARCH_PATHS = (
+ "${BUILT_PRODUCTS_DIR}",
+ /usr/local/SecurityPieces/Components/Security,
+ /usr/local/SecurityPieces/Frameworks,
+ );
+ GCC_DYNAMIC_NO_PIC = NO;
+ GCC_GENERATE_DEBUGGING_SYMBOLS = YES;
+ GCC_OPTIMIZATION_LEVEL = 0;
+ GCC_PREPROCESSOR_DEFINITIONS = (
+ "PCSC_DEBUG=1",
+ "USE_SYSLOG=1",
+ "USE_DAEMON=1",
+ );
+ HEADER_SEARCH_PATHS = (
+ /System/Library/Frameworks/CoreFoundation.framework/Headers,
+ /System/Library/Frameworks/IOKit.framework/Headers/usb,
+ /System/Library/Frameworks/IOKit.framework/Headers,
+ );
+ INSTALL_PATH = /usr/sbin;
+ ONLY_ACTIVE_ARCH = NO;
+ OPT_CPPXFLAGS = "$(OPT_CXFLAGS)";
+ OPT_CXFLAGS = "-DNDEBUG $(OPT_INLINEXFLAGS)";
+ OPT_INLINEXFLAGS = "-finline-functions";
+ OPT_LDXFLAGS = "-dead_strip";
+ OPT_LDXNOPIC = ",_nopic";
+ OTHER_ASFLAGS_debug = "$(OTHER_CFLAGS)";
+ OTHER_ASFLAGS_normal = "-DNDEBUG $(OTHER_CFLAGS)";
+ OTHER_ASFLAGS_profile = "-DNDEBUG $(OTHER_CFLAGS) -pg";
+ OTHER_CFLAGS = "";
+ OTHER_CFLAGS_debug = "$(OTHER_CFLAGS) -fno-inline";
+ OTHER_CFLAGS_normal = "$(OPT_CXFLAGS) $(OTHER_CFLAGS)";
+ OTHER_CFLAGS_profile = "$(OPT_CXFLAGS) $(OTHER_CFLAGS) -pg";
+ OTHER_CPLUSPLUSFLAGS_debug = "$(OTHER_CPLUSPLUSFLAGS) -fno-inline";
+ OTHER_CPLUSPLUSFLAGS_normal = "$(OPT_CPPXFLAGS) $(OTHER_CPLUSPLUSFLAGS)";
+ OTHER_CPLUSPLUSFLAGS_profile = "$(OPT_CPPXFLAGS) $(OTHER_CPLUSPLUSFLAGS) -pg";
+ OTHER_LDFLAGS_debug = "$(OTHER_LDFLAGS) -framework Security,_debug -framework securityd_client,_debug -framework security_cdsa_client,_debug -framework security_cdsa_utilities,_debug -framework security_utilities,_debug";
+ OTHER_LDFLAGS_normal = "$(OPT_LDXFLAGS) $(OTHER_LDFLAGS) -framework Security -framework securityd_client$(OPT_LDXNOPIC) -framework security_cdsa_client$(OPT_LDXNOPIC) -framework security_cdsa_utilities$(OPT_LDXNOPIC) -framework security_utilities$(OPT_LDXNOPIC)";
+ OTHER_LDFLAGS_profile = "$(OPT_LDXFLAGS) $(OTHER_LDFLAGS) -pg -framework Security,_profile -framework securityd_client,_profile -framework security_cdsa_client,_profile -framework security_cdsa_utilities,_profile -framework security_utilities,_profile";
+ PRODUCT_NAME = pcscd;
+ SECTORDER_FLAGS = "";
+ VALID_ARCHS = "i386 ppc ppc64 ppc7400 ppc970 x86_64";
+ VERSIONING_SYSTEM = "apple-generic";
+ WARNING_CFLAGS = (
+ "-Wmost",
+ "-Wno-four-char-constants",
+ "-Wno-unknown-pragmas",
+ );
+ ZERO_LINK = YES;
+ };
+ name = Development;
+ };
+ 5234B6B80E78286000F02D95 /* Deployment */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ ARCHS = "$(NATIVE_ARCH)";
+ BUILD_VARIANTS = (
+ normal,
+ debug,
+ );
+ CURRENT_PROJECT_VERSION = 36160;
+ FRAMEWORK_SEARCH_PATHS = (
+ "${BUILT_PRODUCTS_DIR}",
+ /usr/local/SecurityPieces/Components/Security,
+ /usr/local/SecurityPieces/Frameworks,
+ );
+ GCC_PREPROCESSOR_DEFINITIONS = (
+ "PCSC_DEBUG=1",
+ "USE_SYSLOG=1",
+ "USE_DAEMON=1",
+ );
+ HEADER_SEARCH_PATHS = (
+ /System/Library/Frameworks/CoreFoundation.framework/Headers,
+ /System/Library/Frameworks/IOKit.framework/Headers/usb,
+ /System/Library/Frameworks/IOKit.framework/Headers,
+ );
+ INSTALL_PATH = /usr/sbin;
+ ONLY_ACTIVE_ARCH = NO;
+ OPT_CPPXFLAGS = "$(OPT_CXFLAGS)";
+ OPT_CXFLAGS = "-DNDEBUG $(OPT_INLINEXFLAGS)";
+ OPT_INLINEXFLAGS = "-finline-functions";
+ OPT_LDXFLAGS = "-dead_strip";
+ OPT_LDXNOPIC = ",_nopic";
+ OTHER_ASFLAGS_debug = "$(OTHER_CFLAGS)";
+ OTHER_ASFLAGS_normal = "-DNDEBUG $(OTHER_CFLAGS)";
+ OTHER_ASFLAGS_profile = "-DNDEBUG $(OTHER_CFLAGS) -pg";
+ OTHER_CFLAGS = "";
+ OTHER_CFLAGS_debug = "$(OTHER_CFLAGS) -fno-inline";
+ OTHER_CFLAGS_normal = "$(OPT_CXFLAGS) $(OTHER_CFLAGS)";
+ OTHER_CFLAGS_profile = "$(OPT_CXFLAGS) $(OTHER_CFLAGS) -pg";
+ OTHER_CPLUSPLUSFLAGS_debug = "$(OTHER_CPLUSPLUSFLAGS) -fno-inline";
+ OTHER_CPLUSPLUSFLAGS_normal = "$(OPT_CPPXFLAGS) $(OTHER_CPLUSPLUSFLAGS)";
+ OTHER_CPLUSPLUSFLAGS_profile = "$(OPT_CPPXFLAGS) $(OTHER_CPLUSPLUSFLAGS) -pg";
+ OTHER_LDFLAGS_debug = "$(OTHER_LDFLAGS) -framework Security,_debug -framework securityd_client,_debug -framework security_cdsa_client,_debug -framework security_cdsa_utilities,_debug -framework security_utilities,_debug";
+ OTHER_LDFLAGS_normal = "$(OPT_LDXFLAGS) $(OTHER_LDFLAGS) -framework Security -framework securityd_client$(OPT_LDXNOPIC) -framework security_cdsa_client$(OPT_LDXNOPIC) -framework security_cdsa_utilities$(OPT_LDXNOPIC) -framework security_utilities$(OPT_LDXNOPIC)";
+ OTHER_LDFLAGS_profile = "$(OPT_LDXFLAGS) $(OTHER_LDFLAGS) -pg -framework Security,_profile -framework securityd_client,_profile -framework security_cdsa_client,_profile -framework security_cdsa_utilities,_profile -framework security_utilities,_profile";
+ PRODUCT_NAME = pcscd;
+ SECTORDER_FLAGS = "";
+ VALID_ARCHS = "i386 ppc ppc64 ppc7400 ppc970 x86_64";
+ VERSIONING_SYSTEM = "apple-generic";
+ WARNING_CFLAGS = (
+ "-Wmost",
+ "-Wno-four-char-constants",
+ "-Wno-unknown-pragmas",
+ );
+ ZERO_LINK = NO;
+ };
+ name = Deployment;
+ };
+ 5234B6B90E78286000F02D95 /* normal with debug */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ ARCHS = "$(NATIVE_ARCH)";
+ BUILD_VARIANTS = normal;
+ CURRENT_PROJECT_VERSION = 36160;
+ FRAMEWORK_SEARCH_PATHS = (
+ "${BUILT_PRODUCTS_DIR}",
+ /usr/local/SecurityPieces/Components/Security,
+ /usr/local/SecurityPieces/Frameworks,
+ );
+ GCC_PREPROCESSOR_DEFINITIONS = (
+ "PCSC_DEBUG=1",
+ "USE_SYSLOG=1",
+ "USE_DAEMON=1",
+ );
+ HEADER_SEARCH_PATHS = (
+ /System/Library/Frameworks/CoreFoundation.framework/Headers,
+ /System/Library/Frameworks/IOKit.framework/Headers/usb,
+ /System/Library/Frameworks/IOKit.framework/Headers,
+ );
+ INSTALL_PATH = /usr/sbin;
+ ONLY_ACTIVE_ARCH = NO;
+ OPT_CPPXFLAGS = "$(OPT_CXFLAGS)";
+ OPT_CXFLAGS = "-DNDEBUG $(OPT_INLINEXFLAGS)";
+ OPT_INLINEXFLAGS = "-finline-functions";
+ OPT_LDFLAGS = "";
+ OPT_LDXFLAGS = "";
+ OPT_LDXNOPIC = "";
+ OTHER_ASFLAGS_debug = "$(OTHER_CFLAGS)";
+ OTHER_ASFLAGS_normal = "$(OTHER_CFLAGS) -UNDEBUG";
+ OTHER_ASFLAGS_profile = "-DNDEBUG $(OTHER_CFLAGS) -pg";
+ OTHER_CFLAGS = "";
+ OTHER_CFLAGS_debug = "$(OTHER_CFLAGS) -fno-inline";
+ OTHER_CFLAGS_normal = "$(OTHER_CFLAGS) -UNDEBUG -fno-inline";
+ OTHER_CFLAGS_profile = "$(OPT_CXFLAGS) $(OTHER_CFLAGS) -pg";
+ OTHER_CPLUSPLUSFLAGS_debug = "$(OTHER_CPLUSPLUSFLAGS) -fno-inline";
+ OTHER_CPLUSPLUSFLAGS_normal = "$(OTHER_CFLAGS) -UNDEBUG -fno-inline";
+ OTHER_CPLUSPLUSFLAGS_profile = "$(OPT_CPPXFLAGS) $(OTHER_CPLUSPLUSFLAGS) -pg";
+ OTHER_LDFLAGS_debug = "$(OTHER_LDFLAGS) -framework Security,_debug -framework securityd_client,_debug -framework security_cdsa_client,_debug -framework security_cdsa_utilities,_debug -framework security_utilities,_debug";
+ OTHER_LDFLAGS_normal = "$(OPT_LDXFLAGS) $(OTHER_LDFLAGS) -framework Security -framework securityd_client$(OPT_LDXNOPIC) -framework security_cdsa_client$(OPT_LDXNOPIC) -framework security_cdsa_utilities$(OPT_LDXNOPIC) -framework security_utilities$(OPT_LDXNOPIC)";
+ OTHER_LDFLAGS_profile = "$(OPT_LDXFLAGS) $(OTHER_LDFLAGS) -pg -framework Security,_profile -framework securityd_client,_profile -framework security_cdsa_client,_profile -framework security_cdsa_utilities,_profile -framework security_utilities,_profile";
+ PREBINDING = NO;
+ PRODUCT_NAME = pcscd;
+ SECTORDER_FLAGS = "";
+ VALID_ARCHS = "i386 ppc ppc64 ppc7400 ppc970 x86_64";
+ VERSIONING_SYSTEM = "apple-generic";
+ WARNING_CFLAGS = (
+ "-Wmost",
+ "-Wno-four-char-constants",
+ "-Wno-unknown-pragmas",
+ );
+ };
+ name = "normal with debug";
+ };
+ 5234B6BA0E78286000F02D95 /* Default */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ ARCHS = "$(NATIVE_ARCH)";
+ BUILD_VARIANTS = (
+ normal,
+ debug,
+ );
+ CURRENT_PROJECT_VERSION = 36160;
+ FRAMEWORK_SEARCH_PATHS = (
+ "${BUILT_PRODUCTS_DIR}",
+ /usr/local/SecurityPieces/Components/Security,
+ /usr/local/SecurityPieces/Frameworks,
+ );
+ GCC_PREPROCESSOR_DEFINITIONS = (
+ "PCSC_DEBUG=1",
+ "USE_SYSLOG=1",
+ "USE_DAEMON=1",
+ );
+ HEADER_SEARCH_PATHS = (
+ /System/Library/Frameworks/CoreFoundation.framework/Headers,
+ /System/Library/Frameworks/IOKit.framework/Headers/usb,
+ /System/Library/Frameworks/IOKit.framework/Headers,
+ );
+ INSTALL_PATH = /usr/sbin;
+ ONLY_ACTIVE_ARCH = NO;
+ OPT_CPPXFLAGS = "$(OPT_CXFLAGS)";
+ OPT_CXFLAGS = "-DNDEBUG $(OPT_INLINEXFLAGS)";
+ OPT_INLINEXFLAGS = "-finline-functions";
+ OPT_LDXFLAGS = "-dead_strip";
+ OPT_LDXNOPIC = ",_nopic";
+ OTHER_ASFLAGS_debug = "$(OTHER_CFLAGS)";
+ OTHER_ASFLAGS_normal = "-DNDEBUG $(OTHER_CFLAGS)";
+ OTHER_ASFLAGS_profile = "-DNDEBUG $(OTHER_CFLAGS) -pg";
+ OTHER_CFLAGS = "";
+ OTHER_CFLAGS_debug = "$(OTHER_CFLAGS) -fno-inline";
+ OTHER_CFLAGS_normal = "$(OPT_CXFLAGS) $(OTHER_CFLAGS)";
+ OTHER_CFLAGS_profile = "$(OPT_CXFLAGS) $(OTHER_CFLAGS) -pg";
+ OTHER_CPLUSPLUSFLAGS_debug = "$(OTHER_CPLUSPLUSFLAGS) -fno-inline";
+ OTHER_CPLUSPLUSFLAGS_normal = "$(OPT_CPPXFLAGS) $(OTHER_CPLUSPLUSFLAGS)";
+ OTHER_CPLUSPLUSFLAGS_profile = "$(OPT_CPPXFLAGS) $(OTHER_CPLUSPLUSFLAGS) -pg";
+ OTHER_LDFLAGS_debug = "$(OTHER_LDFLAGS) -framework Security,_debug -framework securityd_client,_debug -framework security_cdsa_client,_debug -framework security_cdsa_utilities,_debug -framework security_utilities,_debug";
+ OTHER_LDFLAGS_normal = "$(OPT_LDXFLAGS) $(OTHER_LDFLAGS) -framework Security -framework securityd_client$(OPT_LDXNOPIC) -framework security_cdsa_client$(OPT_LDXNOPIC) -framework security_cdsa_utilities$(OPT_LDXNOPIC) -framework security_utilities$(OPT_LDXNOPIC)";
+ OTHER_LDFLAGS_profile = "$(OPT_LDXFLAGS) $(OTHER_LDFLAGS) -pg -framework Security,_profile -framework securityd_client,_profile -framework security_cdsa_client,_profile -framework security_cdsa_utilities,_profile -framework security_utilities,_profile";
+ PRODUCT_NAME = pcscd;
+ SECTORDER_FLAGS = "";
+ VALID_ARCHS = "i386 ppc ppc64 ppc7400 ppc970 x86_64";
+ VERSIONING_SYSTEM = "apple-generic";
+ WARNING_CFLAGS = (
+ "-Wmost",
+ "-Wno-four-char-constants",
+ "-Wno-unknown-pragmas",
+ );
+ };
+ name = Default;
+ };
+ 5234B6DB0E78286000F02D95 /* Development */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ BUILD_VARIANTS = debug;
+ CURRENT_PROJECT_VERSION = 36160;
+ DYLIB_COMPATIBILITY_VERSION = 1;
+ DYLIB_CURRENT_VERSION = 36160;
+ EXPORTED_SYMBOLS_FILE = "$(SRCROOT)/src/PCSC/PCSC.exp";
+ FRAMEWORK_SEARCH_PATHS = (
+ "$(inherited)",
+ /usr/local/SecurityPieces/Frameworks,
+ );
+ FRAMEWORK_VERSION = A;
+ GCC_DYNAMIC_NO_PIC = NO;
+ GCC_GENERATE_DEBUGGING_SYMBOLS = YES;
+ GCC_OPTIMIZATION_LEVEL = 0;
+ GCC_PREPROCESSOR_DEFINITIONS = (
+ "PCSC_DEBUG=1",
+ "USE_SYSLOG=1",
+ "USE_DAEMON=1",
+ );
+ GCC_SYMBOLS_PRIVATE_EXTERN = NO;
+ INFOPLIST_FILE = "Info-PCSC.plist";
+ INSTALL_PATH = "$(SYSTEM_LIBRARY_DIR)/Frameworks";
+ OPT_CFLAGS = "-DNDEBUG $(OPT_INLINEFLAGS)";
+ OPT_CPPFLAGS = "$(OPT_CFLAGS)";
+ OPT_INLINEFLAGS = "-finline-functions";
+ OPT_LDFLAGS = "-dead_strip";
+ OTHER_ASFLAGS_debug = "$(OTHER_CFLAGS)";
+ OTHER_ASFLAGS_normal = "-DNDEBUG $(OTHER_CFLAGS)";
+ OTHER_ASFLAGS_profile = "-DNDEBUG $(OTHER_CFLAGS) -pg";
+ OTHER_CFLAGS = "";
+ OTHER_CFLAGS_debug = "$(OTHER_CFLAGS) -fno-inline";
+ OTHER_CFLAGS_normal = "$(OPT_CFLAGS) $(OTHER_CFLAGS)";
+ OTHER_CFLAGS_profile = "$(OPT_CFLAGS) $(OTHER_CFLAGS) -pg";
+ OTHER_CPLUSPLUSFLAGS_debug = "$(OTHER_CFLAGS) -fno-inline";
+ OTHER_CPLUSPLUSFLAGS_normal = "$(OPT_CPPFLAGS) $(OTHER_CFLAGS)";
+ OTHER_CPLUSPLUSFLAGS_profile = "$(OPT_CPPFLAGS) $(OTHER_CFLAGS) -pg";
+ OTHER_LDFLAGS_debug = "$(OTHER_LDFLAGS)";
+ OTHER_LDFLAGS_normal = "$(OPT_LDFLAGS) $(OTHER_LDFLAGS)";
+ OTHER_LDFLAGS_profile = "$(OPT_LDFLAGS) $(OTHER_LDFLAGS) -pg";
+ PRODUCT_NAME = PCSC;
+ VERSIONING_SYSTEM = "apple-generic";
+ WARNING_CFLAGS = (
+ "-Wmost",
+ "-Wno-four-char-constants",
+ "-Wno-unknown-pragmas",
+ );
+ WRAPPER_EXTENSION = framework;
+ ZERO_LINK = YES;
+ };
+ name = Development;
+ };
+ 5234B6DC0E78286000F02D95 /* Deployment */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ BUILD_VARIANTS = (
+ normal,
+ debug,
+ );
+ CURRENT_PROJECT_VERSION = 36160;
+ DYLIB_COMPATIBILITY_VERSION = 1;
+ DYLIB_CURRENT_VERSION = 36160;
+ EXPORTED_SYMBOLS_FILE = "$(SRCROOT)/src/PCSC/PCSC.exp";
+ FRAMEWORK_SEARCH_PATHS = (
+ "$(inherited)",
+ /usr/local/SecurityPieces/Frameworks,
+ );
+ FRAMEWORK_VERSION = A;
+ GCC_PREPROCESSOR_DEFINITIONS = (
+ "PCSC_DEBUG=1",
+ "USE_SYSLOG=1",
+ "USE_DAEMON=1",
+ );
+ GCC_SYMBOLS_PRIVATE_EXTERN = NO;
+ INFOPLIST_FILE = "Info-PCSC.plist";
+ INSTALL_PATH = "$(SYSTEM_LIBRARY_DIR)/Frameworks";
+ OPT_CFLAGS = "-DNDEBUG $(OPT_INLINEFLAGS)";
+ OPT_CPPFLAGS = "$(OPT_CFLAGS)";
+ OPT_INLINEFLAGS = "-finline-functions";
+ OPT_LDFLAGS = "-dead_strip";
+ OTHER_ASFLAGS_debug = "$(OTHER_CFLAGS)";
+ OTHER_ASFLAGS_normal = "-DNDEBUG $(OTHER_CFLAGS)";
+ OTHER_ASFLAGS_profile = "-DNDEBUG $(OTHER_CFLAGS) -pg";
+ OTHER_CFLAGS = "";
+ OTHER_CFLAGS_debug = "$(OTHER_CFLAGS) -fno-inline";
+ OTHER_CFLAGS_normal = "$(OPT_CFLAGS) $(OTHER_CFLAGS)";
+ OTHER_CFLAGS_profile = "$(OPT_CFLAGS) $(OTHER_CFLAGS) -pg";
+ OTHER_CPLUSPLUSFLAGS_debug = "$(OTHER_CFLAGS) -fno-inline";
+ OTHER_CPLUSPLUSFLAGS_normal = "$(OPT_CPPFLAGS) $(OTHER_CFLAGS)";
+ OTHER_CPLUSPLUSFLAGS_profile = "$(OPT_CPPFLAGS) $(OTHER_CFLAGS) -pg";
+ OTHER_LDFLAGS_debug = "$(OTHER_LDFLAGS)";
+ OTHER_LDFLAGS_normal = "$(OPT_LDFLAGS) $(OTHER_LDFLAGS)";
+ OTHER_LDFLAGS_profile = "$(OPT_LDFLAGS) $(OTHER_LDFLAGS) -pg";
+ PRODUCT_NAME = PCSC;
+ VERSIONING_SYSTEM = "apple-generic";
+ WARNING_CFLAGS = (
+ "-Wmost",
+ "-Wno-four-char-constants",
+ "-Wno-unknown-pragmas",
+ );
+ WRAPPER_EXTENSION = framework;
+ ZERO_LINK = NO;
+ };
+ name = Deployment;
+ };
+ 5234B6DD0E78286000F02D95 /* normal with debug */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ BUILD_VARIANTS = normal;
+ CURRENT_PROJECT_VERSION = 36160;
+ DYLIB_COMPATIBILITY_VERSION = 1;
+ DYLIB_CURRENT_VERSION = 36160;
+ EXPORTED_SYMBOLS_FILE = "$(SRCROOT)/src/PCSC/PCSC.exp";
+ FRAMEWORK_SEARCH_PATHS = (
+ "$(inherited)",
+ /usr/local/SecurityPieces/Frameworks,
+ );
+ FRAMEWORK_VERSION = A;
+ GCC_PREPROCESSOR_DEFINITIONS = (
+ "PCSC_DEBUG=1",
+ "USE_SYSLOG=1",
+ "USE_DAEMON=1",
+ );
+ GCC_SYMBOLS_PRIVATE_EXTERN = NO;
+ INFOPLIST_FILE = "Info-PCSC.plist";
+ INSTALL_PATH = "$(SYSTEM_LIBRARY_DIR)/Frameworks";
+ OPT_CFLAGS = "-DNDEBUG $(OPT_INLINEFLAGS)";
+ OPT_CPPFLAGS = "$(OPT_CFLAGS)";
+ OPT_INLINEFLAGS = "-finline-functions";
+ OPT_LDFLAGS = "";
+ OPT_LDXFLAGS = "";
+ OPT_LDXNOPIC = "";
+ OTHER_ASFLAGS_debug = "$(OTHER_CFLAGS)";
+ OTHER_ASFLAGS_normal = "$(OTHER_CFLAGS) -UNDEBUG";
+ OTHER_ASFLAGS_profile = "-DNDEBUG $(OTHER_CFLAGS) -pg";
+ OTHER_CFLAGS = "";
+ OTHER_CFLAGS_debug = "$(OTHER_CFLAGS) -fno-inline";
+ OTHER_CFLAGS_normal = "$(OTHER_CFLAGS) -UNDEBUG -fno-inline";
+ OTHER_CFLAGS_profile = "$(OPT_CFLAGS) $(OTHER_CFLAGS) -pg";
+ OTHER_CPLUSPLUSFLAGS_debug = "$(OTHER_CFLAGS) -fno-inline";
+ OTHER_CPLUSPLUSFLAGS_normal = "$(OTHER_CFLAGS) -UNDEBUG -fno-inline";
+ OTHER_CPLUSPLUSFLAGS_profile = "$(OPT_CPPFLAGS) $(OTHER_CFLAGS) -pg";
+ OTHER_LDFLAGS_debug = "$(OTHER_LDFLAGS)";
+ OTHER_LDFLAGS_normal = "$(OPT_LDFLAGS) $(OTHER_LDFLAGS)";
+ OTHER_LDFLAGS_profile = "$(OPT_LDFLAGS) $(OTHER_LDFLAGS) -pg";
+ PREBINDING = NO;
+ PRODUCT_NAME = PCSC;
+ SECTORDER_FLAGS = "";
+ VERSIONING_SYSTEM = "apple-generic";
+ WARNING_CFLAGS = (
+ "-Wmost",
+ "-Wno-four-char-constants",
+ "-Wno-unknown-pragmas",
+ );
+ WRAPPER_EXTENSION = framework;
+ };
+ name = "normal with debug";
+ };
+ 5234B6DE0E78286000F02D95 /* Default */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ BUILD_VARIANTS = (
+ normal,
+ debug,
+ );
+ CURRENT_PROJECT_VERSION = 36160;
+ DYLIB_COMPATIBILITY_VERSION = 1;
+ DYLIB_CURRENT_VERSION = 36160;
+ EXPORTED_SYMBOLS_FILE = "$(SRCROOT)/src/PCSC/PCSC.exp";
+ FRAMEWORK_SEARCH_PATHS = (
+ "$(inherited)",
+ /usr/local/SecurityPieces/Frameworks,
+ );
+ FRAMEWORK_VERSION = A;
+ GCC_PREPROCESSOR_DEFINITIONS = (
+ "PCSC_DEBUG=1",
+ "USE_SYSLOG=1",
+ "USE_DAEMON=1",
+ );
+ GCC_SYMBOLS_PRIVATE_EXTERN = NO;
+ INFOPLIST_FILE = "Info-PCSC.plist";
+ INSTALL_PATH = "$(SYSTEM_LIBRARY_DIR)/Frameworks";
+ OPT_CFLAGS = "-DNDEBUG $(OPT_INLINEFLAGS)";
+ OPT_CPPFLAGS = "$(OPT_CFLAGS)";
+ OPT_INLINEFLAGS = "-finline-functions";
+ OPT_LDFLAGS = "-dead_strip";
+ OTHER_ASFLAGS_debug = "$(OTHER_CFLAGS)";
+ OTHER_ASFLAGS_normal = "-DNDEBUG $(OTHER_CFLAGS)";
+ OTHER_ASFLAGS_profile = "-DNDEBUG $(OTHER_CFLAGS) -pg";
+ OTHER_CFLAGS = "";
+ OTHER_CFLAGS_debug = "$(OTHER_CFLAGS) -fno-inline";
+ OTHER_CFLAGS_normal = "$(OPT_CFLAGS) $(OTHER_CFLAGS)";
+ OTHER_CFLAGS_profile = "$(OPT_CFLAGS) $(OTHER_CFLAGS) -pg";
+ OTHER_CPLUSPLUSFLAGS_debug = "$(OTHER_CFLAGS) -fno-inline";
+ OTHER_CPLUSPLUSFLAGS_normal = "$(OPT_CPPFLAGS) $(OTHER_CFLAGS)";
+ OTHER_CPLUSPLUSFLAGS_profile = "$(OPT_CPPFLAGS) $(OTHER_CFLAGS) -pg";
+ OTHER_LDFLAGS_debug = "$(OTHER_LDFLAGS)";
+ OTHER_LDFLAGS_normal = "$(OPT_LDFLAGS) $(OTHER_LDFLAGS)";
+ OTHER_LDFLAGS_profile = "$(OPT_LDFLAGS) $(OTHER_LDFLAGS) -pg";
+ PRODUCT_NAME = PCSC;
+ VERSIONING_SYSTEM = "apple-generic";
+ WARNING_CFLAGS = (
+ "-Wmost",
+ "-Wno-four-char-constants",
+ "-Wno-unknown-pragmas",
+ );
+ WRAPPER_EXTENSION = framework;
+ };
+ name = Default;
+ };
+ 5234B6E80E78286000F02D95 /* Development */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ BUILD_VARIANTS = debug;
+ CURRENT_PROJECT_VERSION = 36160;
+ FRAMEWORK_SEARCH_PATHS = "";
+ GCC_DYNAMIC_NO_PIC = NO;
+ GCC_GENERATE_DEBUGGING_SYMBOLS = YES;
+ GCC_OPTIMIZATION_LEVEL = 0;
+ INSTALL_PATH = /usr/bin;
+ OTHER_CFLAGS = "";
+ OTHER_LDFLAGS = "";
+ OTHER_REZFLAGS = "";
+ PRODUCT_NAME = pcsctest;
+ REZ_EXECUTABLE = YES;
+ SECTORDER_FLAGS = "";
+ VERSIONING_SYSTEM = "apple-generic";
+ WARNING_CFLAGS = (
+ "-Wmost",
+ "-Wno-four-char-constants",
+ "-Wno-unknown-pragmas",
+ );
+ ZERO_LINK = YES;
+ };
+ name = Development;
+ };
+ 5234B6E90E78286000F02D95 /* Deployment */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ CURRENT_PROJECT_VERSION = 36160;
+ FRAMEWORK_SEARCH_PATHS = "";
+ INSTALL_PATH = /usr/bin;
+ OTHER_CFLAGS = "";
+ OTHER_LDFLAGS = "";
+ OTHER_REZFLAGS = "";
+ PRODUCT_NAME = pcsctest;
+ REZ_EXECUTABLE = YES;
+ SECTORDER_FLAGS = "";
+ VERSIONING_SYSTEM = "apple-generic";
+ WARNING_CFLAGS = (
+ "-Wmost",
+ "-Wno-four-char-constants",
+ "-Wno-unknown-pragmas",
+ );
+ ZERO_LINK = NO;
+ };
+ name = Deployment;
+ };
+ 5234B6EA0E78286000F02D95 /* normal with debug */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ BUILD_VARIANTS = normal;
+ CURRENT_PROJECT_VERSION = 36160;
+ FRAMEWORK_SEARCH_PATHS = "";
+ INSTALL_PATH = /usr/bin;
+ OPT_LDFLAGS = "";
+ OPT_LDXFLAGS = "";
+ OPT_LDXNOPIC = "";
+ OTHER_ASFLAGS_normal = "$(OTHER_CFLAGS) -UNDEBUG";
+ OTHER_CFLAGS = "";
+ OTHER_CFLAGS_normal = "$(OTHER_CFLAGS) -UNDEBUG -fno-inline";
+ OTHER_CPLUSPLUSFLAGS_normal = "$(OTHER_CFLAGS) -UNDEBUG -fno-inline";
+ OTHER_LDFLAGS = "";
+ OTHER_REZFLAGS = "";
+ PREBINDING = NO;
+ PRODUCT_NAME = pcsctest;
+ REZ_EXECUTABLE = YES;
+ SECTORDER_FLAGS = "";
+ VERSIONING_SYSTEM = "apple-generic";
+ WARNING_CFLAGS = (
+ "-Wmost",
+ "-Wno-four-char-constants",
+ "-Wno-unknown-pragmas",
+ );
+ };
+ name = "normal with debug";
+ };
+ 5234B6EB0E78286000F02D95 /* Default */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ CURRENT_PROJECT_VERSION = 36160;
+ FRAMEWORK_SEARCH_PATHS = "";
+ INSTALL_PATH = /usr/bin;
+ OTHER_CFLAGS = "";
+ OTHER_LDFLAGS = "";
+ OTHER_REZFLAGS = "";
+ PRODUCT_NAME = pcsctest;
+ REZ_EXECUTABLE = YES;
+ SECTORDER_FLAGS = "";
+ VERSIONING_SYSTEM = "apple-generic";
+ WARNING_CFLAGS = (
+ "-Wmost",
+ "-Wno-four-char-constants",
+ "-Wno-unknown-pragmas",
+ );
+ };
+ name = Default;
+ };
+ 5234B6F50E78286000F02D95 /* Development */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ BUILD_VARIANTS = debug;
+ CURRENT_PROJECT_VERSION = 36160;
+ FRAMEWORK_SEARCH_PATHS = "";
+ GCC_DYNAMIC_NO_PIC = NO;
+ GCC_GENERATE_DEBUGGING_SYMBOLS = YES;
+ GCC_OPTIMIZATION_LEVEL = 0;
+ INSTALL_PATH = /usr/bin;
+ OTHER_CFLAGS = "";
+ OTHER_LDFLAGS = "";
+ OTHER_REZFLAGS = "";
+ PRODUCT_NAME = pcsctool;
+ REZ_EXECUTABLE = YES;
+ SECTORDER_FLAGS = "";
+ VERSIONING_SYSTEM = "apple-generic";
+ WARNING_CFLAGS = (
+ "-Wmost",
+ "-Wno-four-char-constants",
+ "-Wno-unknown-pragmas",
+ );
+ ZERO_LINK = YES;
+ };
+ name = Development;
+ };
+ 5234B6F60E78286000F02D95 /* Deployment */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ CURRENT_PROJECT_VERSION = 36160;
+ FRAMEWORK_SEARCH_PATHS = "";
+ INSTALL_PATH = /usr/bin;
+ OTHER_CFLAGS = "";
+ OTHER_LDFLAGS = "";
+ OTHER_REZFLAGS = "";
+ PRODUCT_NAME = pcsctool;
+ REZ_EXECUTABLE = YES;
+ SECTORDER_FLAGS = "";
+ VERSIONING_SYSTEM = "apple-generic";
+ WARNING_CFLAGS = (
+ "-Wmost",
+ "-Wno-four-char-constants",
+ "-Wno-unknown-pragmas",
+ );
+ ZERO_LINK = NO;
+ };
+ name = Deployment;
+ };
+ 5234B6F70E78286000F02D95 /* normal with debug */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ BUILD_VARIANTS = normal;
+ CURRENT_PROJECT_VERSION = 36160;
+ FRAMEWORK_SEARCH_PATHS = "";
+ INSTALL_PATH = /usr/bin;
+ OPT_LDFLAGS = "";
+ OPT_LDXFLAGS = "";
+ OPT_LDXNOPIC = "";
+ OTHER_ASFLAGS_normal = "$(OTHER_CFLAGS) -UNDEBUG";
+ OTHER_CFLAGS = "";
+ OTHER_CFLAGS_normal = "$(OTHER_CFLAGS) -UNDEBUG -fno-inline";
+ OTHER_CPLUSPLUSFLAGS_normal = "$(OTHER_CFLAGS) -UNDEBUG -fno-inline";
+ OTHER_LDFLAGS = "";
+ OTHER_REZFLAGS = "";
+ PREBINDING = NO;
+ PRODUCT_NAME = pcsctool;
+ REZ_EXECUTABLE = YES;
+ SECTORDER_FLAGS = "";
+ VERSIONING_SYSTEM = "apple-generic";
+ WARNING_CFLAGS = (
+ "-Wmost",
+ "-Wno-four-char-constants",
+ "-Wno-unknown-pragmas",
+ );
+ };
+ name = "normal with debug";
+ };
+ 5234B6F80E78286000F02D95 /* Default */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ CURRENT_PROJECT_VERSION = 36160;
+ FRAMEWORK_SEARCH_PATHS = "";
+ INSTALL_PATH = /usr/bin;
+ OTHER_CFLAGS = "";
+ OTHER_LDFLAGS = "";
+ OTHER_REZFLAGS = "";
+ PRODUCT_NAME = pcsctool;
+ REZ_EXECUTABLE = YES;
+ SECTORDER_FLAGS = "";
+ VERSIONING_SYSTEM = "apple-generic";
+ WARNING_CFLAGS = (
+ "-Wmost",
+ "-Wno-four-char-constants",
+ "-Wno-unknown-pragmas",
+ );
+ };
+ name = Default;
+ };
+ 5234B72A0E78286000F02D95 /* Development */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ BUILD_VARIANTS = debug;
+ GCC_DYNAMIC_NO_PIC = NO;
+ GCC_GENERATE_DEBUGGING_SYMBOLS = YES;
+ GCC_OPTIMIZATION_LEVEL = 0;
+ PRODUCT_NAME = InstallPhase;
+ ZERO_LINK = YES;
+ };
+ name = Development;
+ };
+ 5234B72B0E78286000F02D95 /* Deployment */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ PRODUCT_NAME = InstallPhase;
+ ZERO_LINK = NO;
+ };
+ name = Deployment;
+ };
+ 5234B72C0E78286000F02D95 /* normal with debug */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ BUILD_VARIANTS = normal;
+ OPT_LDFLAGS = "";
+ OPT_LDXFLAGS = "";
+ OPT_LDXNOPIC = "";
+ OTHER_ASFLAGS_normal = "$(OTHER_CFLAGS) -UNDEBUG";
+ OTHER_CFLAGS_normal = "$(OTHER_CFLAGS) -UNDEBUG -fno-inline";
+ OTHER_CPLUSPLUSFLAGS_normal = "$(OTHER_CFLAGS) -UNDEBUG -fno-inline";
+ PREBINDING = NO;
+ PRODUCT_NAME = InstallPhase;
+ SECTORDER_FLAGS = "";
+ };
+ name = "normal with debug";
+ };
+ 5234B72D0E78286000F02D95 /* Default */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ PRODUCT_NAME = InstallPhase;
+ };
+ name = Default;
+ };
+ C27AD1FE0987FCDC001272E0 /* Development */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ CONFIGURATION_BUILD_DIR = "$(BUILD_DIR)";
+ CONFIGURATION_TEMP_DIR = "$(PROJECT_TEMP_DIR)";
+ };
+ name = Development;
+ };
+ C27AD1FF0987FCDC001272E0 /* Deployment */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ CONFIGURATION_BUILD_DIR = "$(BUILD_DIR)";
+ CONFIGURATION_TEMP_DIR = "$(PROJECT_TEMP_DIR)";
+ };
+ name = Deployment;
+ };
+ C27AD2000987FCDC001272E0 /* normal with debug */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ CONFIGURATION_BUILD_DIR = "$(BUILD_DIR)";
+ CONFIGURATION_TEMP_DIR = "$(PROJECT_TEMP_DIR)";
+ };
+ name = "normal with debug";
+ };
+ C27AD2010987FCDC001272E0 /* Default */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ CONFIGURATION_BUILD_DIR = "$(BUILD_DIR)";
+ CONFIGURATION_TEMP_DIR = "$(PROJECT_TEMP_DIR)";
+ };
+ name = Default;
+ };
+/* End XCBuildConfiguration section */
+
+/* Begin XCConfigurationList section */
+ 5234B6780E78286000F02D95 /* Build configuration list for PBXAggregateTarget "World" */ = {
+ isa = XCConfigurationList;
+ buildConfigurations = (
+ 5234B6790E78286000F02D95 /* Development */,
+ 5234B67A0E78286000F02D95 /* Deployment */,
+ 5234B67B0E78286000F02D95 /* normal with debug */,
+ 5234B67C0E78286000F02D95 /* Default */,
+ );
+ defaultConfigurationIsVisible = 0;
+ defaultConfigurationName = Default;
+ };
+ 5234B6B60E78286000F02D95 /* Build configuration list for PBXNativeTarget "pcscd" */ = {
+ isa = XCConfigurationList;
+ buildConfigurations = (
+ 5234B6B70E78286000F02D95 /* Development */,
+ 5234B6B80E78286000F02D95 /* Deployment */,
+ 5234B6B90E78286000F02D95 /* normal with debug */,
+ 5234B6BA0E78286000F02D95 /* Default */,
+ );
+ defaultConfigurationIsVisible = 0;
+ defaultConfigurationName = Default;
+ };
+ 5234B6DA0E78286000F02D95 /* Build configuration list for PBXNativeTarget "PCSC" */ = {
+ isa = XCConfigurationList;
+ buildConfigurations = (
+ 5234B6DB0E78286000F02D95 /* Development */,
+ 5234B6DC0E78286000F02D95 /* Deployment */,
+ 5234B6DD0E78286000F02D95 /* normal with debug */,
+ 5234B6DE0E78286000F02D95 /* Default */,
+ );
+ defaultConfigurationIsVisible = 0;
+ defaultConfigurationName = Default;
+ };
+ 5234B6E70E78286000F02D95 /* Build configuration list for PBXNativeTarget "pcsctest" */ = {
+ isa = XCConfigurationList;
+ buildConfigurations = (
+ 5234B6E80E78286000F02D95 /* Development */,
+ 5234B6E90E78286000F02D95 /* Deployment */,
+ 5234B6EA0E78286000F02D95 /* normal with debug */,
+ 5234B6EB0E78286000F02D95 /* Default */,
+ );
+ defaultConfigurationIsVisible = 0;
+ defaultConfigurationName = Default;
+ };
+ 5234B6F40E78286000F02D95 /* Build configuration list for PBXNativeTarget "pcsctool" */ = {
+ isa = XCConfigurationList;
+ buildConfigurations = (
+ 5234B6F50E78286000F02D95 /* Development */,
+ 5234B6F60E78286000F02D95 /* Deployment */,
+ 5234B6F70E78286000F02D95 /* normal with debug */,
+ 5234B6F80E78286000F02D95 /* Default */,
+ );
+ defaultConfigurationIsVisible = 0;
+ defaultConfigurationName = Default;
+ };
+ 5234B7290E78286000F02D95 /* Build configuration list for PBXLegacyTarget "InstallPhase" */ = {
+ isa = XCConfigurationList;
+ buildConfigurations = (
+ 5234B72A0E78286000F02D95 /* Development */,
+ 5234B72B0E78286000F02D95 /* Deployment */,
+ 5234B72C0E78286000F02D95 /* normal with debug */,
+ 5234B72D0E78286000F02D95 /* Default */,
+ );
+ defaultConfigurationIsVisible = 0;
+ defaultConfigurationName = Default;
+ };
+ C27AD1FD0987FCDC001272E0 /* Build configuration list for PBXProject "SmartCardServices" */ = {
+ isa = XCConfigurationList;
+ buildConfigurations = (
+ C27AD1FE0987FCDC001272E0 /* Development */,
+ C27AD1FF0987FCDC001272E0 /* Deployment */,
+ C27AD2000987FCDC001272E0 /* normal with debug */,
+ C27AD2010987FCDC001272E0 /* Default */,
+ );
+ defaultConfigurationIsVisible = 0;
+ defaultConfigurationName = Default;
+ };
+/* End XCConfigurationList section */
+ };
+ rootObject = F5294A4F0090C4CA01CD285A /* Project object */;
+}
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/installPhase/drivers/ifd-ASEIIIeUSB.bundle/Contents/Info.plist
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/installPhase/drivers/ifd-ASEIIIeUSB.bundle/Contents/Info.plist (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/installPhase/drivers/ifd-ASEIIIeUSB.bundle/Contents/Info.plist 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,62 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+ <key>CFBundleDevelopmentRegion</key>
+ <string>English</string>
+ <key>CFBundleExecutable</key>
+ <string>ifd-ASEIIIeUSB</string>
+ <key>CFBundleIdentifier</key>
+ <string>com.athena.AseIIIeUSB</string>
+ <key>CFBundleInfoDictionaryVersion</key>
+ <string>6.0</string>
+ <key>CFBundlePackageType</key>
+ <string>BNDL</string>
+ <key>CFBundleSignature</key>
+ <string>????</string>
+ <key>CFBundleVersion</key>
+ <string>1.0</string>
+ <key>CFPlugInDynamicRegisterFunction</key>
+ <string></string>
+ <key>CFPlugInDynamicRegistration</key>
+ <string>NO</string>
+ <key>CFPlugInFactories</key>
+ <dict>
+ <key>00000000-0000-0000-0000-000000000000</key>
+ <string>MyFactoryFunction</string>
+ </dict>
+ <key>CFPlugInTypes</key>
+ <dict>
+ <key>00000000-0000-0000-0000-000000000000</key>
+ <array>
+ <string>00000000-0000-0000-0000-000000000000</string>
+ </array>
+ </dict>
+ <key>CFPlugInUnloadFunction</key>
+ <string></string>
+ <key>NSPrincipalClass</key>
+ <string>0x60000</string>
+ <key>ifdCapabilities</key>
+ <string>0x00000000</string>
+ <key>ifdFriendlyName</key>
+ <string>AseIIIeUSB</string>
+ <key>ifdManufacturerString</key>
+ <string>Athena</string>
+ <key>ifdManufacturerURL</key>
+ <string>http://www.athena-scs.com/</string>
+ <key>ifdMaxSpeed</key>
+ <string>153600</string>
+ <key>ifdProductID</key>
+ <string>0x0802</string>
+ <key>ifdProductString</key>
+ <string>AseIIIeUSB</string>
+ <key>ifdProtocolSupport</key>
+ <string>0x00000001</string>
+ <key>ifdReadTimeOut</key>
+ <string>60000</string>
+ <key>ifdVendorID</key>
+ <string>0x0DC3</string>
+ <key>ifdVersionNumber</key>
+ <string>0x00000001</string>
+</dict>
+</plist>
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/installPhase/drivers/ifd-ASEIIIeUSB.bundle/Contents/MacOS/ifd-ASEIIIeUSB
===================================================================
(Binary files differ)
Property changes on: releases/Apple/OSX-10.6.7/SmartCardServices-36160/installPhase/drivers/ifd-ASEIIIeUSB.bundle/Contents/MacOS/ifd-ASEIIIeUSB
___________________________________________________________________
Added: svn:executable
+
Added: svn:mime-type
+ application/octet-stream
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/installPhase/man/pcscd.8
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/installPhase/man/pcscd.8 (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/installPhase/man/pcscd.8 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,149 @@
+.\" Process this file with
+.\" groff -man -Tascii pcscd.txt
+.\"
+.TH PCSCD 8 "March 2002" Linux "User Manual"
+.SH NAME
+pcscd \- PC/SC Smartcard Daemon
+.SH SYNOPSIS
+.BI "pcscd [" options "]"
+.SH OPTIONS
+.TP
+\fB\-a\fR, \fB\-\-apdu\fR
+log APDUs and SW using the debug method (see \fB\-d\fR)
+.TP
+\fB\-c\fR, \fB\-\-config\fR \fIfile\fR
+Specifies the file \fIfile\fR as an alternate location for
+\fIreader.conf\fR
+.TP
+\fB\-d\fR, \fB\-\-debug\fR \fIOUTPUT\fR
+display debug messages.
+
+\fIOUTPUT\fR may be:
+ \fBstdout\fR (imply \fB\-f\fR),
+ \fBstderr\fR (imply \fB\-f\fR),
+ or \fBsyslog\fR
+.TP
+\fB\-f\fR, \fB\-\-foreground\fR
+Runs pcscd in the foreground (no daemon)
+.TP
+\fB\-h\fR, \fB\-\-help\fR
+Displays information about the pcscd command line
+.TP
+\fB\-v\fR, \fB\-\-version\fR
+Displays the program version number
+.SH DESCRIPTION
+pcscd is the daemon program for pcsc-lite and musclecard framework. It is
+a resource manager that coordinates communications with smart-card readers
+and smart cards and cryptographic tokens that are connected to the system.
+
+pcscd is normally started at boot time from
+.IR /System/Library/StartupItems/SmartCardServices .
+It allows applications to access smart cards and readers without knowing
+details of the card or reader.
+
+pcscd coordinates the loading of drivers for card readers and plug-ins
+for different card types.
+
+The purpose of pcsc-lite is to provide both a cross compatible API for
+migrating Windows based PCSC applications to Unix and to provide a
+pluggable architecture for supporting smartcards and cryptographic tokens
+through high level API's.
+
+At startup, pcscd loads the smart card reader drivers specified in the
+.I /etc/reader.conf
+file (or specified using \fB-c\fR \fIfile\fR).
+
+When a smart card is inserted into a reader, pcscd uses the ATR string from
+the card to identify this card. The
+.I /usr/libexec/SmartCardServices/services
+directory contains plug-ins for the card. These plug-ins are searched. If
+the ATR string matches, the client library loads that plug-in for that
+token.
+
+.SH "USB SMART CARD READER DRIVERS"
+USB Smart card reader drivers are placed in the
+.I /usr/libexec/SmartCardServices/drivers
+directory. Each driver is simply a
+bundle. The bundle contains an XML file Info.plist
+which is parsed by pcscd. This file contains the vendor
+and product id of the device. This information allows
+pcscd to automatically determine when a reader is inserted
+or removed.
+
+.SH "SERIAL SMART CARD READER DRIVERS"
+Serial Smart card reader drivers are placed in the
+.I /usr/libexec/SmartCardServices/drivers
+directory. Each driver is simply a
+.I shared object
+file. The pcscd locates serial drivers with the
+.I /etc/reader.conf
+file. The file has the following format:
+
+ # comment
+ FRIENDLYNAME <Descriptive name>
+ DEVICENAME <Short name>
+ LIBPATH <Location of the driver library>
+ CHANNELID <Hexadecimal channel identificator>
+
+.IP FRIENDLYNAME
+is a user-friendly name of the reader that is served by this driver.
+This name is displayed to the user when necessary.
+
+.IP DEVICENAME
+is a driver specific value. If you do not know this value,
+GEN_SMART_RDR is a good choice.
+
+.IP LIBPATH
+is the full path to the shared library.
+
+.IP CHANNELID
+is the channel ID for serial-port, smart-card readers. This could vary
+depending on the driver in which you are using - check the driver README
+for more information. Some use the following:
+
+ \fI/dev/ttyS0\fR (COM1) -> 0x0103F8 or 1
+ \fI/dev/ttyS1\fR (COM2) -> 0x0102F8 or 2
+ \fI/dev/ttyS2\fR (COM3) -> 0x0103E8 or 3
+ \fI/dev/ttyS3\fR (COM4) -> 0x0102E8 or 4
+.PP
+Example:
+
+ # Configuration file for pcsc-lite
+
+ FRIENDLYNAME "My Smartcard Reader"
+ DEVICENAME GEN_SMART_RDR
+ LIBPATH /usr/libexec/SmartCardServices/drivers/my_reader.so
+ CHANNELID 0x0103F8
+
+ # End of file
+
+Multiple drivers can be listed in
+.I /etc/reader.conf.
+
+Drivers are available at \fIhttp://www.musclecard.com/drivers.html\fR.
+.SH "SMART CARD PLUG-INS"
+pcsc-lite uses plug-ins to handle different types of smart cards. There is
+a plug-in for each smart-card type. Plug-ins are installed in the
+.I /usr/libexec/SmartCardServices/services
+directory. Plug-ins for cards/tokens are available from the MUSCLE
+web site \fIhttp://www.musclecard.com\fR.
+.SH FILES
+.I /etc/reader.conf
+: Reader configuration file
+.br
+.I /System/Library/StartupItems/SmartCardServices
+: pcscd startup script
+.br
+.I /var/run/pcscd.pid
+: process id of the running pcscd
+.br
+.I /usr/libexec/SmartCardServices/drivers/
+: directory containing bundles for USB
+drivers"
+.SH BUGS
+None known.
+.SH "SEE ALSO"
+.BR pcsctool (1),
+.SH AUTHORS
+David Corcoran <corcoran at identityalliance.com> and Ludovic Rousseau
+<ludovic.rousseau at free.fr>
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/installPhase/man/pcsctest.8
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/installPhase/man/pcsctest.8 (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/installPhase/man/pcsctest.8 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,57 @@
+.\" Process this file with
+.\" groff -man -Tascii pcsctool.8
+.\"
+.TH PCSCTEST 8 "March 2003" MacOSX "User Manual"
+.SH NAME
+pcsctest
+.SH SYNOPSIS
+.B pcsctest
+.SH DESCRPTION
+pcsctest runs a test on pcscd, lists the readers currently connected, and
+displays card information if a card is inserted.
+.SH OPTIONS
+None
+.SH USAGE
+pcsctest lists the currently connected readers and asks the user
+to choose one. After choosing the reader, pcsctest will ask the
+user to insert a card into the card reader. If this happens pcsctest
+will display the cards's ATR and other information.
+
+Example:
+
+The following will occur if no reader is inserted and recognized:
+
+MUSCLE PC/SC Lite Test Program
+
+ Testing SCardEstablishContext : Command successful.
+ Testing SCardGetStatusChange
+
+Once a reader is inserted and recognized the following will occur:
+
+ MUSCLE PC/SC Lite Test Program
+
+ Testing SCardEstablishContext : Command successful.
+ Testing SCardGetStatusChange
+ Please insert a working reader : Command successful.
+ Testing SCardListReaders : Command successful.
+ Reader 01: SCM SCR-331 CCID 0 0
+ Enter the reader number : 1
+
+ Waiting for card insertion
+ : Command successful.
+ Testing SCardConnect : Command successful.
+ Testing SCardStatus : Command successful.
+ Current Reader Name : CCID USB Reader 0 0
+ Current Reader State : 34
+ Current Reader Protocol : 0
+ Current Reader ATR Size : 9
+ Current Reader ATR Value : 3B E2 00 00 04 03 00
+ Testing SCardDisconnect : Command successful.
+ Testing SCardReleaseContext : Command successful.
+
+ PC/SC Test Completed Successfully !
+
+
+.SH SEE ALSO
+.BR pcscd (8)
+.SH BUGS
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/installPhase/man/pcsctool.8
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/installPhase/man/pcsctool.8 (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/installPhase/man/pcsctool.8 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,37 @@
+.\" Process this file with
+.\" groff -man -Tascii pcsctool.8
+.\"
+.TH PCSCTOOL 8 "March 2002" Linux "User Manual"
+.SH NAME
+pcsctool
+.SH SYNOPSIS
+.B pcsctool
+.SH DESCRPTION
+pcsctool introduces new smart cards to pcsc-lite and assigns a
+plugin to service the card.
+.SH OPTIONS
+None
+.SH USAGE
+pcsctool lists the currently installed bundles and asks you to
+select one. You select the plugin bundle that services your
+smartcard. pcsctool will then ask you to insert the new card. The
+application exits and pcsc is now configured to use your card.
+
+Example:
+
+ [root at osx]# pcsctool
+ Select the approprate token driver:
+ -----------------------------------
+ 1. mscMuscleCard.bundle
+ -----------------------------------
+ Enter the number: 1
+
+ Insert your token in: My Friendly Reader 0 0
+
+ Token support updated successfully !
+ [root at osx]#
+.SH SEE ALSO
+.BR pcscd (8)
+.SH BUGS
+Plugins MUST reside in
+.I /usr/libexec/SmartCardServices/services
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/installPhase/man/sc_auth.8
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/installPhase/man/sc_auth.8 (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/installPhase/man/sc_auth.8 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,91 @@
+.\"Modified from man(1) of FreeBSD, the NetBSD mdoc.template, and mdoc.samples.
+.\"See Also:
+.\"man mdoc.samples for a complete listing of options
+.\"man mdoc for the short list of editing options
+.\"/usr/share/misc/mdoc.template
+.Dd December 11, 2006 \" DATE
+.Dt sc_auth 8 \" Program name and manual section number
+.Os MacOSX
+.Sh NAME \" Section Header - required - don't modify
+.Nm sc_auth
+.\" The following lines are read in generating the apropos(man -k) database. Use only key
+.\" words here as the database is built based on the words here and in the .ND line.
+.\" Use .Nm macro to designate other names for the documented program.
+.Nd smart card authorization setup script
+.Sh SYNOPSIS \" Section Header - required - don't modify
+.Nm
+.Ar accept
+.Op Fl v
+.Op Fl u Ar user
+.Op Fl d Ar domain
+.Op Fl k Ar keyname
+.Nm
+.Ar accept
+.Op Fl v
+.Op Fl u Ar user
+.Op Fl d Ar domain
+.Fl h Ar hash
+.Nm
+.Ar remove
+.Op Fl v
+.Op Fl u Ar user
+.Op Fl d Ar domain
+.Nm
+.Ar hash " "
+.Op Fl k Ar keyname
+.Nm
+.Ar list " "
+.Op Fl v
+.Op Fl u Ar user
+.Op Fl d Ar domain
+.Sh DESCRIPTION \" Section Header - required - don't modify
+.Nm
+configures a local user account to permit authentication using a supported
+smart card. Authentication is via asymmetric key (also known as
+public-key) encryption.
+.Nm
+works with signing keys, but not encryption keys.
+.Pp
+.Nm
+can perform the following actions:
+.Bl -tag -width -indent \" Begins a tagged list
+.It Ar accept
+Associate a user with a public key on a card. The key to use can be
+specified either by its name or its hash.
+.It Ar remove
+Remove all public keys associated with a user.
+.It Ar hash
+Print the hashes for all keys on all inserted cards.
+.It Ar list
+List all public keys associated with a user.
+.El \" Ends the list
+.Pp
+.Sh OPTIONS
+.Bl -tag -width -indent \" Differs from above in tag removed
+.It Fl u Ar user
+Specifies the user whose account is to be modified
+.It Fl d Ar domain
+Specifies the directory domain containing the user account
+.It Fl k Ar keyname
+Specifies a public key by its name
+.It Fl h Ar hash
+Specifies a public key by its hash
+.It Fl v
+Verbose mode
+.El \" Ends the list
+.Sh NOTES
+.Nm
+is a shell script. It is intended to be modified by administrators to
+suit their local environments.
+.Pp
+.Nm
+is only known to work with a local directory. Consult the script's source
+for some limited guidance to using remote directories.
+.Sh BUGS
+.Nm
+.Ar hash
+might display the hashes of encryption keys as well as signing keys, even
+though
+.Nm
+.Ar accept
+does not work with encryption keys.
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/installPhase/scripts/sc_auth
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/installPhase/scripts/sc_auth (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/installPhase/scripts/sc_auth 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,148 @@
+#!/bin/bash
+#
+# sc_auth - smart card authorization setup script
+#
+# You can log in with a smart card if the authentication_authority field
+# of your user record contains an entry of the form
+# ;pubkeyhash;THEHASH
+# where THEHASH is the hex encoding of the SHA1 of the public key to be used.
+# (In keychains, this is the value in the Label attribute of keys, and of
+# the PublicKeyHash # attribute of certificate records.)
+#
+# This script allows you to get the hash from a smartcard, and to create
+# the appropriate authority entry in a user account. It also lets you list
+# and delete them. It works as is for (local) NetInfo directories. If you
+# use LDAP or more exotic directory sources, you'll have to find your own
+# way to store the authentication_authority information, but the workflow
+# is the same. Feel free to hack.
+#
+# This script assumes the Tiger version of the /usr/bin/security command.
+# It will probably not work (without modification) with future versions.
+#
+# This script has been updated to use the dscl command in place of the
+# deprecated nicl command. To use the standard name in the header file:
+# /System/Library/Frameworks/DirectoryService.framework/Headers/DirServicesConst.h
+# we have replaced "authentication_authority" with "AuthenticationAuthority"
+
+#set -x
+
+# general functions
+die() { echo "$*" 1>&2; exit 1; }
+note() { [ $verbose = yes ] && echo "$*" 1>&2; }
+
+usage() {
+cat <<EOU
+Usage: $(basename $0) accept [-v] [-u user] [-d domain] [-k keyname] # by key on inserted card(s)
+ $(basename $0) accept [-v] [-u user] [-d domain] -h hash # by known pubkey hash
+ $(basename $0) remove [-v] [-u user] [-d domain] # remove all public keys for this user
+ $(basename $0) hash [-k keyname] # print hashes for keys on inserted card(s)
+ $(basename $0) list [-v] [-u user] [-d domain] # list pubkey hashes that can authenticate this user
+EOU
+exit 2
+}
+
+# first argument is a command word
+[ -n "$1" ] || usage
+command=$1; shift
+
+# parse options
+user=${USER:-$(logname)}
+keyname=
+hash=
+verbose=no
+domain="."
+while getopts d:h:k:u:v arg; do
+ case $arg in
+ d) domain="$OPTARG";;
+ h) hash="$OPTARG";;
+ k) keyname="$OPTARG";;
+ u) user="$OPTARG";;
+ v) verbose=yes;;
+ esac
+done
+shift $(($OPTIND - 1))
+
+
+#
+# Using "security dump-keychain", extract the public key hash for a key
+# on a smartcard and print it to stdout.
+# The optional argument is a regular expression to match against the
+# print name of the key.
+# Prints all matching keys; aborts if none are found.
+#
+hash_for_key() {
+ # hash_for_key [string in name]
+ string=${1:-'.*'}
+ HOME=/no/where /usr/bin/security dump-keychain |
+ awk -v RE="$string" '
+ /^ 0x00000001/ {
+ if (matched = ($2 ~ RE)) { name=$0; sub("^.*<blob>=\"", "", name); sub("\"$", "", name); count++; }}
+ /^ 0x00000006/ {
+ if (matched) { hash=$2; sub("<blob>=0x", "", hash); print hash, name; }}
+ '
+ HOME=/no/where /usr/bin/security dump-keychain |
+ awk -v RE="$string" '
+ /^ 0x01000000/ {
+ if (matched = ($2 ~ RE)) { name=$0; sub("^.*<blob>=\"", "", name); sub("\"$", "", name); count++; }}
+ /^ 0x06000000/ {
+ if (matched) { hash=$2; sub("<blob>=0x", "", hash); print hash, name; }}
+ '
+}
+
+
+get_hash() {
+ if [ -n "$hash" ]; then # passed in
+ echo "$hash"
+ else # find it
+ hash_for_key "$keyname" |
+ (
+ read hash rest
+ [ -n "$hash" ] || die "No matching keys found"
+ [ $verbose = yes ] && note "Using key \"$rest\""
+ echo $hash
+ )
+ fi
+}
+
+
+accept_user() {
+ local hash="$1"
+ [ -n "$hash" ] || die "No hash specified"
+ dscl "$domain" -append "/Users/$user" AuthenticationAuthority ";pubkeyhash;$hash"
+}
+
+remove_user() {
+ set -- $(dscl "$domain" -read "/Users/$user" AuthenticationAuthority)
+ shift # skip authentication_authority: header
+ while [ -n "$1" ]; do
+ case "$1" in
+ \;pubkeyhash\;*)
+ dscl "$domain" -delete "/Users/$user" AuthenticationAuthority "$1"
+ [ $verbose = yes ] && note "Removed $1"
+ ;;
+ esac
+ shift
+ done
+}
+
+list_hashes() {
+ set -- $(dscl "$domain" -read "/Users/$user" AuthenticationAuthority)
+ shift # skip authentication_authority: header
+ while [ -n "$1" ]; do
+ case "$1" in
+ \;pubkeyhash\;*)
+ echo $1 | sed -e 's/;pubkeyhash;//'
+ ;;
+ esac
+ shift
+ done
+}
+
+
+case "$command" in
+ hash) hash_for_key "$keyname";;
+ accept) accept_user $(get_hash);;
+ remove) remove_user;;
+ list) list_hashes;;
+ *) usage;;
+esac
Property changes on: releases/Apple/OSX-10.6.7/SmartCardServices-36160/installPhase/scripts/sc_auth
___________________________________________________________________
Added: svn:executable
+
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/pbx/config.h
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/pbx/config.h (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/pbx/config.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,36 @@
+/* config.h.in. Generated automatically from configure.in by autoheader. */
+
+/* Define if you have the daemon function. */
+#define HAVE_DAEMON 1
+
+/* Name of package */
+#define PACKAGE "PCSC Framework"
+
+/* Version number of package */
+#define VERSION "1.1.1"
+
+/* OSX */
+#define PCSC_TARGET_OSX 1
+#define MSC_TARGET_OSX 1
+
+/* Define if you have POSIX threads libraries and header files. */
+#define HAVE_PTHREAD 1
+
+/* enable full PCSC debug messaging. */
+ #define PCSC_DEBUG 1
+
+/* enable full musclecard debug messaging. */
+ #define MSC_DEBUG 1
+
+/* display ATR parsing debug messages. */
+/* #define ATR_DEBUG */
+
+/* send messages to syslog instead of stdout */
+/* #define USE_SYSLOG */
+
+/* pcsc runs as a daemon in the background. */
+#define USE_DAEMON 1
+
+/* enable client side thread safety. */
+#define USE_THREAD_SAFETY 1
+
Property changes on: releases/Apple/OSX-10.6.7/SmartCardServices-36160/pbx/config.h
___________________________________________________________________
Added: svn:executable
+
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/PCSC.exp
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/PCSC.exp (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/PCSC.exp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,71 @@
+_DebugLogSetLevel
+_DebugLogSetLogType
+_MSCBeginTransaction
+_MSCCancelEventWait
+_MSCChangePIN
+_MSCClearReset
+_MSCComputeCrypt
+_MSCCreateObject
+_MSCCreatePIN
+_MSCDeleteObject
+_MSCEndTransaction
+_MSCEstablishConnection
+_MSCExportKey
+_MSCExtAuthenticate
+_MSCExtendedFeature
+_MSCGenerateKeys
+_MSCGetCapabilities
+_MSCGetChallenge
+_MSCGetKeyAttributes
+_MSCGetObjectAttributes
+_MSCGetStatus
+_MSCImportKey
+_MSCIsTokenChanged
+_MSCIsTokenKnown
+_MSCIsTokenMoved
+_MSCIsTokenReset
+_MSCListKeys
+_MSCListObjects
+_MSCListPINs
+_MSCListTokens
+_MSCLogoutAll
+_MSCReEstablishConnection
+_MSCReadAllocateObject
+_MSCReadObject
+_MSCReleaseConnection
+_MSCUnblockPIN
+_MSCVerifyPIN
+_MSCWaitForTokenEvent
+_MSCWriteFramework
+_MSCWriteObject
+_PCSCVersionNumber
+_PCSCVersionString
+_SCardBeginTransaction
+_SCardCancel
+_SCardCancelTransaction
+_SCardConnect
+_SCardControl
+_SCardControl132
+_SCardDisconnect
+_SCardEndTransaction
+_SCardEstablishContext
+_SCardGetAttrib
+_SCardGetStatusChange
+_SCardIsValidContext
+_SCardListReaderGroups
+_SCardListReaders
+_SCardReconnect
+_SCardReleaseContext
+_SCardSetAttrib
+_SCardSetTimeout
+_SCardStatus
+_SCardTransmit
+_SCardUnload
+_TPSvcDropdir
+_mscLockThread
+_mscUnLockThread
+_msc_error
+_pcsc_stringify_error
+_g_rgSCardT0Pci
+_g_rgSCardT1Pci
+_g_rgSCardRawPci
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/PCSCDevice.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/PCSCDevice.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/PCSCDevice.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,66 @@
+/*
+ * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * PCSCDevice.cpp
+ * SmartCardServices
+ *
+ */
+
+#include "PCSCDevice.h"
+#include <security_utilities/debugging.h>
+#include <IOKit/IOCFPlugIn.h>
+#include <IOKit/IOKitLib.h>
+#include <IOKit/usb/IOUSBLib.h>
+
+namespace PCSCD {
+
+Device::~Device() throw()
+{
+}
+
+void Device::dump()
+{
+ //, serial: %s", // always empty for known readers, mSerialNumber.c_str());
+ secdebug("device", " Service: 0x%04X, Address: 0x%08X, vendor/product: 0x%04X/0x%04X, vendor/product: %s/%s",
+ ioObject(), mAddress, mVendorid, mProductid, mVendorName.c_str(), mProductName.c_str());
+ secdebug("device", " path: %s", path().c_str());
+}
+
+/*
+Device::Device(const Device& x) throw() // copy constructor
+{
+ *this = x;
+}
+
+Device& Device::operator= (const Device& x) throw() // assignment operator
+{
+ mAddress = x.mAddress;
+ mName = x.mName;
+ mLibPath = x.mLibPath;
+ return *this;
+}
+*/
+
+} // end namespace PCSCD
+
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/PCSCDevice.h
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/PCSCDevice.h (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/PCSCDevice.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,100 @@
+/*
+ * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * PCSCDevice.h
+ * SmartCardServices
+ *
+ */
+
+#ifndef _H_PCSCDEVICE
+#define _H_PCSCDEVICE
+
+#include <security_utilities/iodevices.h>
+#include <security_utilities/refcount.h>
+
+#if defined(__cplusplus)
+
+namespace PCSCD {
+
+class Device : public IOKit::Device, public RefCount
+{
+public:
+// Device() : { }
+ Device(io_service_t d) : IOKit::Device(d) { }
+
+ virtual ~Device() throw();
+
+ bool operator < (const Device &other) const { return this->address() < other.address(); }
+
+ void setAddress(uint32_t address) { mAddress = address; }
+ void setInterfaceClass(uint32_t interfaceClass) { mInterfaceClass = interfaceClass; }
+ void setDeviceClass(uint32_t deviceClass) { mDeviceClass = deviceClass; }
+ void setVendorid(uint32_t vendorid) { mVendorid = vendorid; }
+ void setProductid(uint32_t productid) { mProductid = productid; }
+ void setPath(const std::string path) { mLibPath = path; }
+ void setName(const std::string name) { mName = name; }
+ void setIsPCCard(bool isPCCard) { mIsPCCard = isPCCard; }
+
+ uint32_t address() const { return mAddress; }
+ uint32_t interfaceClass() const { return mInterfaceClass; }
+ uint32_t deviceClass() const { return mDeviceClass; }
+ uint32_t vendorid() const { return mVendorid; }
+ uint32_t productid() const { return mProductid; }
+ std::string path() const { return mLibPath; }
+ std::string name() const { return mName; }
+ bool isPCCard() const { return mIsPCCard; }
+
+ std::string vendorName() const { return mVendorName; }
+ std::string productName() const { return mProductName; }
+ std::string serialNumber() const { return mSerialNumber; }
+
+ void setDebugParams(const std::string vendorName, const std::string productName,
+ const std::string serialNumber)
+ { mVendorName = vendorName; mProductName = productName; mSerialNumber = serialNumber;}
+
+ void dump();
+
+private:
+
+ uint32_t mAddress;
+
+ std::string mName; // Manufacturer's name for device
+ std::string mLibPath; // path to driver bundle from PCSCDriverBundle
+
+ uint32_t mInterfaceClass; // If present, one of kUSBChipSmartCardInterfaceClass/kUSBVendorSpecificInterfaceClass
+ uint32_t mDeviceClass; // If == kUSBVendorSpecificClass, check vendor/product
+ uint32_t mVendorid;
+ uint32_t mProductid;
+
+ bool mIsPCCard;
+
+ // Mainly for debugging
+ std::string mVendorName, mProductName, mSerialNumber;
+};
+
+} // end namespace PCSCD
+
+#endif /* __cplusplus__ */
+
+#endif // _H_PCSCDEVICE
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/PCSCDriverBundle.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/PCSCDriverBundle.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/PCSCDriverBundle.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,261 @@
+/*
+ * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * PCSCDriverBundle.cpp
+ * SmartCardServices
+ */
+
+/*
+ A driver bundle is a standard Mac OS X bundle that usually lives in the directory:
+
+ /usr/libexec/SmartCardServices/drivers/
+
+ The two major components of this bundle are the executable and the Info.plist. A single
+ driver bundle may provide support for multiple readers. See
+
+ <rdar://problem/4432039> pcscd crash for multiple VID/PIDs
+ and
+ <http://pcsclite.alioth.debian.org/ifdhandler-3/node7.html>
+
+ The key that determines if a driver supports only one reader or multiple readers is
+ "ifdVendorID", sometimes referred to as the manufacturer name. If this is a
+ CFStringRef, then only one reader is supported; if it is a CFArrayRef, then
+ multiple readers are supports. There are three fields for each reader:
+
+ VendorID uint32_t
+ ProductID uint32_t
+ Friendly name string
+
+ See e.g. http://pcsclite.alioth.debian.org/ccid.html for a working driver with multiple IDs.
+
+*/
+
+#include "PCSCDriverBundle.h"
+#include <CoreFoundation/CoreFoundation.h>
+#include <security_utilities/cfutilities.h>
+#include <security_utilities/debugging.h>
+#include <security_utilities/errors.h>
+#include <IOKit/usb/USBSpec.h>
+#include <IOKit/usb/USB.h>
+
+#define DEBUG_BUNDLE_MATCHES 1
+
+namespace PCSCD {
+
+// Keys in CFDictionary for bundle's Info.plist
+static const CFStringRef kManufacturerName = CFSTR("ifdVendorID");
+static const CFStringRef kProductName = CFSTR("ifdProductID");
+static const CFStringRef kFriendlyName = CFSTR("ifdFriendlyName");
+static const CFStringRef kInterfaceClass = CFSTR("ifdInterfaceClass");
+static const CFStringRef kInterfaceSubClass = CFSTR("ifdInterfaceSubClass");
+static const CFStringRef kInterfaceProtocol = CFSTR("ifdInterfaceProtocol");
+
+DriverBundle::DriverBundle(CFBundleRef bundle) : LoadableBundle(bundle)
+{
+ initialize(CFBundleGetInfoDictionary(bundle));
+}
+
+void DriverBundle::initialize(CFDictionaryRef dict)
+{
+ const int radix = 16;
+
+ try
+ {
+ CFTypeRef vend = CFDictionaryGetValue(dict, kManufacturerName);
+ if (!vend)
+ {
+ // Must be a class driver
+ secdebug("pcscd", "Class Driver: %s", path().c_str());
+ std::string istr(getStringAttr(dict,kInterfaceClass));
+ uint8_t dclass = strtoul(istr.c_str(), NULL, radix);
+ std::string sstr(getStringAttr(dict,kInterfaceSubClass));
+ uint8_t dsubclass = strtoul(sstr.c_str(), NULL, radix);
+ std::string pstr(getStringAttr(dict,kInterfaceProtocol));
+ uint8_t dprotocol = strtoul(pstr.c_str(), NULL, radix);
+ std::string name(getStringAttr(dict,kFriendlyName));
+ DeviceDescription *dev = new DeviceDescription(dclass, dsubclass, dprotocol, name);
+ addProduct(dev);
+ }
+ else
+ if (CFGetTypeID(vend) == CFArrayGetTypeID())
+ {
+ secdebug("pcscd", "Driver with aliases: %s", path().c_str());
+ CFTypeRef xprod = CFDictionaryGetValue(dict, kProductName);
+ CFTypeRef xname = CFDictionaryGetValue(dict, kFriendlyName);
+ if (!xprod || !xname ||
+ (CFGetTypeID(xprod) != CFArrayGetTypeID()) || (CFGetTypeID(xname) != CFArrayGetTypeID()))
+ CFError::throwMe();
+ CFRef<CFArrayRef> products(reinterpret_cast<CFArrayRef>(xprod));
+ CFRef<CFArrayRef> names (reinterpret_cast<CFArrayRef>(xname));
+ const int productCount = CFArrayGetCount(reinterpret_cast<CFArrayRef>(vend));
+ // Make sure parallel arrays vendor, product, name are same size
+ if ((productCount != CFArrayGetCount(products)) ||
+ (productCount != CFArrayGetCount(names)))
+ CFError::throwMe();
+
+ for (int ix=0;ix<productCount;++ix)
+ {
+ std::string vstr(getStringAttr(reinterpret_cast<CFArrayRef>(vend), ix));
+ uint16_t vendor = strtoul(vstr.c_str(), NULL, radix);
+ std::string pstr(getStringAttr(products, ix));
+ uint16_t product = strtoul(pstr.c_str(), NULL, radix);
+ std::string name(getStringAttr(names, ix));
+ DeviceDescription *dev = new DeviceDescription(vendor, product, name);
+ addProduct(dev);
+ }
+ }
+ else
+ if (CFGetTypeID(vend) == CFStringGetTypeID())
+ {
+ secdebug("pcscd", "Driver for single product: %s", path().c_str());
+ std::string vstr(cfString(reinterpret_cast<CFStringRef>(vend)));
+ uint16_t vendor = strtoul(vstr.c_str(), NULL, radix);
+ std::string pstr(getStringAttr(dict,kProductName));
+ uint16_t product = strtoul(pstr.c_str(), NULL, radix);
+ std::string name(getStringAttr(dict,kFriendlyName));
+ DeviceDescription *dev = new DeviceDescription(vendor, product, name);
+ addProduct(dev);
+ }
+ else
+ CFError::throwMe();
+ }
+ catch (...)
+ {
+ secdebug("pcscd", "Malformed Info.plist for: %s", path().c_str());
+ secdebug("pcscd", "error getting plugin directory bundles");
+ return;
+ }
+
+ dump();
+}
+
+std::string DriverBundle::getStringAttr(CFDictionaryRef dict, CFStringRef key)
+{
+ // Do some sanity checking on potential string values in the plist
+ CFTypeRef attr = CFDictionaryGetValue(dict, key);
+ if (!attr)
+ return std::string();
+ if (CFGetTypeID(attr) != CFStringGetTypeID())
+ CFError::throwMe();
+
+ return std::string(cfString(static_cast<CFStringRef>(attr)));
+}
+
+std::string DriverBundle::getStringAttr(CFArrayRef arr, CFIndex idx)
+{
+ // Do some sanity checking on potential string values in the plist
+ CFTypeRef attr = CFArrayGetValueAtIndex(arr, idx);
+ if (!attr)
+ return std::string();
+ if (CFGetTypeID(attr) != CFStringGetTypeID())
+ CFError::throwMe();
+
+ return std::string(cfString(static_cast<CFStringRef>(attr)));
+}
+
+DriverBundle::~DriverBundle() throw()
+{
+ // delete supported devices objects
+}
+
+uint32_t DriverBundle::matches(const PCSCD::Device &device, std::string &name) const
+{
+ // Searches for a driver bundle that matches device. If found,
+ // it sets the libpath for the device and returns true.
+
+#ifdef DEBUG_BUNDLE_MATCHES
+ secdebug("device", " DEVICE: vendor/product: 0x%04X/0x%04X, interfaceClass: 0x%04X, vendor/product: %s/%s",
+ device.vendorid(), device.productid(), device.interfaceClass(),
+ device.vendorName().c_str(), device.productName().c_str());
+#endif
+
+ // Look for a manufacturer-specific driver first
+ for (ConstDeviceDescriptionIterator it=mDeviceDescriptions.begin();it!=mDeviceDescriptions.end();++it)
+ {
+ const DeviceDescription *desc = static_cast<DeviceDescription *>(*it);
+#ifdef DEBUG_BUNDLE_MATCHES
+ secdebug("device", " DESC: vendor/product: 0x%04X/0x%04X, interfaceClass: 0x%04X, path: %s",
+ desc->vendorid(), desc->productid(), desc->interfaceClass(), path().c_str());
+#endif
+ if (desc->vendorid() && (desc->vendorid()==device.vendorid()) &&
+ desc->productid() && (desc->productid()==device.productid()))
+ {
+ name = desc->name();
+ return eMatchVendorSpecific;
+ }
+ }
+
+ if (device.interfaceClass())
+ for (ConstDeviceDescriptionIterator it=mDeviceDescriptions.begin();it!=mDeviceDescriptions.end();++it)
+ {
+ const DeviceDescription *desc = static_cast<DeviceDescription *>(*it);
+ if (desc->interfaceClass() && (desc->interfaceClass()==device.interfaceClass()))
+ {
+ name = desc->name();
+ return eMatchInterfaceClass;
+ }
+ }
+
+ return eMatchNone;
+}
+
+#pragma mark -------------------- Operators --------------------
+
+bool DriverBundle::operator < (const DriverBundle &other) const throw()
+{
+ return this->path() < other.path();
+}
+
+bool DeviceDescription::operator < (const DeviceDescription &other) const throw()
+{
+ if (this->mVendor >= other.mVendor)
+ return false;
+
+ return (this->mProduct < other.mProduct);
+}
+
+#pragma mark -------------------- Debugging Routines --------------------
+
+void DriverBundle::dump()
+{
+#ifndef NDEBUG
+ secdebug("pcscd", "Driver at path: %s", path().c_str());
+ for (DeviceDescriptionIterator it = mDeviceDescriptions.begin(); it != mDeviceDescriptions.end();++it)
+ (*it)->dump();
+#endif
+}
+
+void DeviceDescription::dump()
+{
+#ifndef NDEBUG
+ secdebug("pcscd", " Friendly name: %s", mFriendlyName.c_str());
+ if (interfaceClass())
+ secdebug("pcscd", " Class: 0x%02X SubClass: 0x%02X Protocol: 0x%02X",
+ mDeviceClass,mDeviceSubClass,mDeviceProtocol);
+ else
+ secdebug("pcscd", " VendorID: 0x%04X ProductID: 0x%04X", mVendor, mProduct);
+#endif
+}
+
+} // end namespace PCSCD
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/PCSCDriverBundle.h
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/PCSCDriverBundle.h (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/PCSCDriverBundle.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,125 @@
+/*
+ * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * PCSCDriverBundle.h
+ * SmartCardServices
+ */
+
+#ifndef _H_XPCSCDRIVERBUNDLE
+#define _H_XPCSCDRIVERBUNDLE
+
+#include <string>
+#include <vector>
+#include <security_utilities/refcount.h>
+#include <security_utilities/osxcode.h>
+#include "PCSCDevice.h"
+
+#if defined(__cplusplus)
+
+namespace PCSCD {
+
+class DeviceDescription
+{
+public:
+
+ DeviceDescription() { }
+ DeviceDescription(uint16_t vendor, uint16_t product, std::string name) :
+ mVendor(vendor), mProduct(product),
+ mDeviceClass(0), mDeviceSubClass(0), mDeviceProtocol(0),
+ mFriendlyName(name) {}
+ DeviceDescription(uint8_t deviceClass, uint8_t deviceSubClass, uint8_t protocol, std::string name) :
+ mVendor(0), mProduct(0),
+ mDeviceClass(deviceClass), mDeviceSubClass(deviceSubClass), mDeviceProtocol(protocol),
+ mFriendlyName(name) {}
+
+ bool operator < (const DeviceDescription &other) const throw();
+
+ uint8_t interfaceClass() const { return mDeviceClass; }
+ uint16_t vendorid() const { return mVendor; }
+ uint16_t productid() const { return mProduct; }
+ std::string name() const { return mFriendlyName; }
+
+ void dump();
+
+protected:
+ // Match types from <IOKit/USB.h> for IOUSBDeviceDescriptor
+
+ uint16_t mVendor; // Unique vendor's manufacturer code assigned by the USB-IF
+ uint16_t mProduct; // Manufacturer's unique product code
+
+ uint8_t mDeviceClass;
+ uint8_t mDeviceSubClass;
+ uint8_t mDeviceProtocol;
+
+ std::string mFriendlyName; // Manufacturer's name for device
+};
+
+/*
+ * An aggregation of useful information on a driver bundle in the
+ * drop directory.
+ */
+
+class DriverBundle : public LoadableBundle
+{
+private:
+ DriverBundle(const char *pathname) : LoadableBundle(pathname) { }
+
+public:
+ DriverBundle(CFBundleRef bundle);
+
+ virtual ~DriverBundle() throw();
+
+ bool operator < (const DriverBundle &other) const throw();
+
+ void addProduct(DeviceDescription *dev) { mDeviceDescriptions.push_back(dev); }
+
+ uint32_t matches(const Device &device, std::string &name) const;
+
+ enum
+ {
+ eMatchNone = 0,
+ eMatchInterfaceClass, // must be less than eMatchVendorSpecific
+ eMatchVendorSpecific
+ };
+
+protected:
+ void initialize(CFDictionaryRef dict);
+
+private:
+
+ typedef std::vector<DeviceDescription *> DeviceDescriptions;
+ typedef DeviceDescriptions::iterator DeviceDescriptionIterator;
+ typedef DeviceDescriptions::const_iterator ConstDeviceDescriptionIterator;
+ DeviceDescriptions mDeviceDescriptions;
+
+ std::string getStringAttr(CFDictionaryRef dict, CFStringRef key);
+ std::string getStringAttr(CFArrayRef arr, CFIndex idx);
+ void dump();
+};
+
+} // end namespace PCSCD
+
+#endif /* __cplusplus__ */
+
+#endif /* _H_XPCSCDRIVERBUNDLE */
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/PCSCDriverBundles.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/PCSCDriverBundles.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/PCSCDriverBundles.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,97 @@
+/*
+ * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
+ * The contents of this file constitute Original Code as defined in and are
+ * subject to the Apple Public Source License Version 1.2 (the 'License').
+ * You may not use this file except in compliance with the License. Please
+ * obtain a copy of the License at http://www.apple.com/publicsource and
+ * read it before using this file.
+ *
+ * This Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS
+ * FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please
+ * see the License for the specific language governing rights and
+ * limitations under the License.
+ */
+
+/*
+ * PCSCDriverBundles.cpp
+ * SmartCardServices
+ */
+
+/*
+ Creates a vector of driver bundle info structures from the hot-plug driver
+ directory.
+
+ Returns NULL on error and a pointer to an allocated HPDriver vector on
+ success. The caller must free the HPDriver with a call to HPDriversRelease().
+
+ See http://developer.apple.com/documentation/CoreFoundation/Reference/CFArrayRef/index.html#//apple_ref/doc/uid/20001192
+ for information about CFArrayApplyFunction
+*/
+
+#include "PCSCDriverBundles.h"
+#include <security_utilities/debugging.h>
+#include <security_utilities/cfutilities.h>
+#include <security_utilities/errors.h>
+#include <map>
+
+namespace PCSCD {
+
+static const char *kPCSCLITE_HP_DROPDIR = "/usr/libexec/SmartCardServices/drivers/";
+static const char *kENV_PCSC_DEBUG_DRIVER = "PCSC_DEBUG_DRIVER_DIR"; // environment var
+
+DriverBundles::DriverBundles()
+{
+ // If debugging, look in build directory
+#if !defined(NDEBUG)
+ const char *envar = kENV_PCSC_DEBUG_DRIVER;
+ if (envar)
+ if (const char *envPath = getenv(envar))
+ {
+ // treat envPath as a classic colon-separated list of directories
+ secdebug("pathlist", "%p configuring from env(\"%s\")", this, envar);
+ while (const char *p = strchr(envPath, ':'))
+ {
+ addDirectory(string(envPath, p - envPath));
+ envPath = p + 1;
+ }
+ addDirectory(envPath);
+ }
+#endif
+ addDirectory(kPCSCLITE_HP_DROPDIR);
+}
+
+bool DriverBundles::find(PCSCD::Device &device) const
+{
+ // Searches for a driver bundle that matches device. If found,
+ // it sets the libpath for the device and returns true.
+
+ ProductMatchMap matchingProducts;
+
+ for (DriverBundles::const_iterator it=this->begin();it!=this->end();++it)
+ {
+ std::string name;
+ const DriverBundle *bndl = static_cast<DriverBundle *>((*it).get());
+ if (int32_t score = bndl->matches(device, name))
+ {
+ ProductMatchInfo *mi = new ProductMatchInfo(bndl->path(),name);
+ matchingProducts.push_back(make_pair(score, mi));
+ }
+ }
+
+ if (matchingProducts.empty())
+ return false;
+
+ sort(matchingProducts.begin(), matchingProducts.end());
+ const ProductMatchInfo *mi = (*matchingProducts.rbegin()).second;
+ device.setName(mi->name());
+ device.setPath(mi->path());
+ // clean up
+ for (ProductMatchMap::iterator it = matchingProducts.begin();it!=matchingProducts.end();++it)
+ delete (*it).second;
+ return true;
+}
+
+} // end namespace PCSCD
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/PCSCDriverBundles.h
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/PCSCDriverBundles.h (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/PCSCDriverBundles.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,76 @@
+/*
+ * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * PCSCDriverBundles.h
+ * SmartCardServices
+ */
+
+#ifndef _H_XPCSCDRIVERBUNDLES
+#define _H_XPCSCDRIVERBUNDLES
+
+#include "PCSCDriverBundle.h"
+#include "PCSCDevice.h"
+#include <security_utilities/threading.h>
+#include <security_utilities/coderepository.h>
+#include <security_utilities/osxcode.h>
+#include <set>
+
+#if defined(__cplusplus)
+
+namespace PCSCD {
+
+class DriverBundles : public CodeRepository<DriverBundle>
+{
+ friend class DriverBundle;
+
+public:
+ DriverBundles();
+ ~DriverBundles() {}
+
+ bool find(Device &device) const;
+
+ // These are the things we need to know about which part of
+ // bundle we are matched up with
+
+ class ProductMatchInfo
+ {
+ public:
+ ProductMatchInfo(std::string path, std::string name) : mPath(path), mName(name) {}
+
+ std::string path() const { return mPath; }
+ std::string name() const { return mName; }
+
+ private:
+ std::string mPath;
+ std::string mName;
+ };
+
+ typedef std::vector< pair<int32_t, ProductMatchInfo * > > ProductMatchMap;
+};
+
+} // end namespace PCSCD
+
+#endif /* __cplusplus__ */
+
+#endif /* _H_XPCSCDRIVERBUNDLE */
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/atrhandler.c
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/atrhandler.c (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/atrhandler.c 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,232 @@
+/*
+ * Copyright (c) 2000-2002 Apple Computer, Inc. All Rights Reserved.
+ * The contents of this file constitute Original Code as defined in and are
+ * subject to the Apple Public Source License Version 1.2 (the 'License').
+ * You may not use this file except in compliance with the License. Please
+ * obtain a copy of the License at http://www.apple.com/publicsource and
+ * read it before using this file.
+ *
+ * This Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS
+ * FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please
+ * see the License for the specific language governing rights and
+ * limitations under the License.
+ */
+
+/******************************************************************
+
+ MUSCLE SmartCard Development ( http://www.linuxnet.com )
+ Title : atrhandler.c
+ Author : David Corcoran
+ Date : 7/27/99
+ License: Copyright (C) 1999 David Corcoran
+ <corcoran at linuxnet.com>
+ Purpose: This keeps track of smartcard protocols,
+ timing issues, and atr handling.
+
+********************************************************************/
+
+#include <syslog.h>
+#include <string.h>
+
+#include "config.h"
+#include "wintypes.h"
+#include "pcsclite.h"
+#include "atrhandler.h"
+
+/*
+ * Uncomment the following for ATR debugging
+ */
+/*
+ * #define ATR_DEBUG 1
+ */
+
+short ATRDecodeAtr(PSMARTCARD_EXTENSION psExtension,
+ const unsigned char *pucAtr, DWORD dwLength)
+{
+
+ USHORT p;
+ UCHAR K, TCK; /* MSN of T0/Check Sum */
+ UCHAR Y1i, T; /* MSN/LSN of TDi */
+ short TAi, TBi, TCi, TDi; /* Interface characters */
+
+ /*
+ * Zero out everything
+ */
+ p = K = TCK = Y1i = T = TAi = TBi = TCi = TDi = 0;
+
+ if (dwLength < 2)
+ {
+ return 0; /* Atr must have TS and T0 */
+ }
+
+ /*
+ * Zero out the bitmasks
+ */
+
+ psExtension->CardCapabilities.AvailableProtocols = 0x00;
+ psExtension->CardCapabilities.CurrentProtocol = 0x00;
+
+ /*
+ * Decode the TS byte
+ */
+
+ if (pucAtr[0] == 0x3F)
+ { /* Inverse convention used */
+ psExtension->CardCapabilities.Convention =
+ SCARD_CONVENTION_INVERSE;
+ } else if (pucAtr[0] == 0x3B)
+ { /* Direct convention used */
+ psExtension->CardCapabilities.Convention = SCARD_CONVENTION_DIRECT;
+ } else
+ {
+ memset(psExtension, 0x00, sizeof(SMARTCARD_EXTENSION));
+ return 0;
+ }
+
+ /*
+ * Here comes the platform dependant stuff
+ */
+
+ /*
+ * Decode the T0 byte
+ */
+ Y1i = pucAtr[1] >> 4; /* Get the MSN in Y1 */
+ K = pucAtr[1] & 0x0F; /* Get the LSN in K */
+
+ p = 2;
+
+#ifdef ATR_DEBUG
+ debug_msg("Conv %02X, Y1 %02X, K %02X",
+ psExtension->CardCapabilities.Convention, Y1i, K);
+#endif
+
+ /*
+ * Examine Y1
+ */
+
+ do
+ {
+
+ TAi = (Y1i & 0x01) ? pucAtr[p++] : -1;
+ TBi = (Y1i & 0x02) ? pucAtr[p++] : -1;
+ TCi = (Y1i & 0x04) ? pucAtr[p++] : -1;
+ TDi = (Y1i & 0x08) ? pucAtr[p++] : -1;
+
+#ifdef ATR_DEBUG
+ debug_msg("T's %02X %02X %02X %02X", TAi, TBi, TCi, TDi);
+ debug_msg("P %02X", p);
+#endif
+
+ /*
+ * Examine TDi to determine protocol and more
+ */
+ if (TDi >= 0)
+ {
+ Y1i = TDi >> 4; /* Get the MSN in Y1 */
+ T = TDi & 0x0F; /* Get the LSN in K */
+
+ /*
+ * Set the current protocol TD1
+ */
+ if (psExtension->CardCapabilities.CurrentProtocol == 0x00)
+ {
+ switch (T)
+ {
+ case 0:
+ psExtension->CardCapabilities.CurrentProtocol =
+ SCARD_PROTOCOL_T0;
+ break;
+ case 1:
+ psExtension->CardCapabilities.CurrentProtocol =
+ SCARD_PROTOCOL_T1;
+ break;
+ default:
+ return 0;
+ }
+ }
+
+ if (T == 0)
+ {
+#ifdef ATR_DEBUG
+ debug_msg("T=0 Protocol Found");
+#endif
+ psExtension->CardCapabilities.AvailableProtocols |=
+ SCARD_PROTOCOL_T0;
+ psExtension->CardCapabilities.T0.BGT = 0;
+ psExtension->CardCapabilities.T0.BWT = 0;
+ psExtension->CardCapabilities.T0.CWT = 0;
+ psExtension->CardCapabilities.T0.CGT = 0;
+ psExtension->CardCapabilities.T0.WT = 0;
+ } else if (T == 1)
+ {
+#ifdef ATR_DEBUG
+ debug_msg("T=1 Protocol Found");
+#endif
+ psExtension->CardCapabilities.AvailableProtocols |=
+ SCARD_PROTOCOL_T1;
+ psExtension->CardCapabilities.T1.BGT = 0;
+ psExtension->CardCapabilities.T1.BWT = 0;
+ psExtension->CardCapabilities.T1.CWT = 0;
+ psExtension->CardCapabilities.T1.CGT = 0;
+ psExtension->CardCapabilities.T1.WT = 0;
+ } else
+ {
+ psExtension->CardCapabilities.AvailableProtocols |= T;
+ /*
+ * Do nothing for now since other protocols are not
+ * supported at this time
+ */
+ }
+
+ } else
+ {
+ Y1i = 0;
+ }
+
+ if (p > MAX_ATR_SIZE)
+ {
+ memset(psExtension, 0x00, sizeof(SMARTCARD_EXTENSION));
+ return 0;
+ }
+
+ }
+ while (Y1i != 0);
+
+ /*
+ * If TDx is not set then the current must be T0
+ */
+ if (psExtension->CardCapabilities.CurrentProtocol == 0x00)
+ {
+ psExtension->CardCapabilities.CurrentProtocol = SCARD_PROTOCOL_T0;
+ psExtension->CardCapabilities.AvailableProtocols |=
+ SCARD_PROTOCOL_T0;
+ }
+
+ /*
+ * Take care of the historical characters
+ */
+
+ psExtension->ATR.HistoryLength = K;
+ memcpy(psExtension->ATR.HistoryValue, &pucAtr[p], K);
+
+ p = p + K;
+
+ /*
+ * Check to see if TCK character is included It will be included if
+ * more than T=0 is supported
+ */
+
+ if (psExtension->CardCapabilities.AvailableProtocols &
+ SCARD_PROTOCOL_T1)
+ {
+ TCK = pucAtr[p++];
+ }
+
+ memcpy(psExtension->ATR.Value, pucAtr, p);
+ psExtension->ATR.Length = p; /* modified from p-1 */
+
+ return 1;
+}
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/atrhandler.h
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/atrhandler.h (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/atrhandler.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,114 @@
+/*
+ * Copyright (c) 2000-2002 Apple Computer, Inc. All Rights Reserved.
+ * The contents of this file constitute Original Code as defined in and are
+ * subject to the Apple Public Source License Version 1.2 (the 'License').
+ * You may not use this file except in compliance with the License. Please
+ * obtain a copy of the License at http://www.apple.com/publicsource and
+ * read it before using this file.
+ *
+ * This Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS
+ * FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please
+ * see the License for the specific language governing rights and
+ * limitations under the License.
+ */
+
+/******************************************************************
+
+ MUSCLE SmartCard Development ( http://www.linuxnet.com )
+ Title : atrhandler.h
+ Author : David Corcoran
+ Date : 7/27/99
+ License: Copyright (C) 1999 David Corcoran
+ <corcoran at linuxnet.com>
+ Purpose: This keeps track of smartcard protocols,
+ timing issues, and atr handling.
+
+********************************************************************/
+
+#ifndef __atrhandler_h__
+#define __atrhandler_h__
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+
+#define SCARD_CONVENTION_DIRECT 0x0001
+#define SCARD_CONVENTION_INVERSE 0x0002
+
+ typedef struct _SMARTCARD_EXTENSION
+ {
+
+ struct _ATR
+ {
+ DWORD Length;
+ UCHAR Value[MAX_ATR_SIZE];
+ DWORD HistoryLength;
+ UCHAR HistoryValue[MAX_ATR_SIZE];
+ }
+ ATR;
+
+ DWORD ReadTimeout;
+
+ struct _CardCapabilities
+ {
+ UCHAR AvailableProtocols;
+ UCHAR CurrentProtocol;
+ UCHAR Convention;
+ USHORT ETU;
+
+ struct _PtsData
+ {
+ UCHAR F1;
+ UCHAR D1;
+ UCHAR I1;
+ UCHAR P1;
+ UCHAR N1;
+ }
+ PtsData;
+
+ struct _T1
+ {
+ USHORT BGT;
+ USHORT BWT;
+ USHORT CWT;
+ USHORT CGT;
+ USHORT WT;
+ }
+ T1;
+
+ struct _T0
+ {
+ USHORT BGT;
+ USHORT BWT;
+ USHORT CWT;
+ USHORT CGT;
+ USHORT WT;
+ }
+ T0;
+
+ }
+ CardCapabilities;
+
+ /*
+ * PREADER_CONNECTION psReaderConnection;
+ */
+
+ }
+ SMARTCARD_EXTENSION, *PSMARTCARD_EXTENSION;
+
+ /*
+ * Decodes the ATR and fills the structure
+ */
+
+ short ATRDecodeAtr(PSMARTCARD_EXTENSION psExtension,
+ const unsigned char *pucAtr, DWORD dwLength);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __smclib_h__ */
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/config.h
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/config.h (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/config.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,200 @@
+/*
+ * Copyright (c) 2000-2007 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * config.h
+ * SmartCardServices
+ */
+
+/* config.h.in. Generated automatically from configure.in by autoheader. */
+
+/* display ATR parsing debug messages. */
+/* #undef ATR_DEBUG */
+
+/* Define to 1 if you have the `daemon' function. */
+#define HAVE_DAEMON 1
+
+/* Define to 1 if you have the <dlfcn.h> header file. */
+#define HAVE_DLFCN_H 1
+
+/* Define to 1 if you have the <dl.h> header file. */
+/* #undef HAVE_DL_H */
+
+/* Define to 1 if you don't have `vprintf' but do have `_doprnt.' */
+/* #undef HAVE_DOPRNT */
+
+/* Define to 1 if you have the <fcntl.h> header file. */
+#define HAVE_FCNTL_H 1
+
+/* Define to 1 if you have the `flock' function. */
+#define HAVE_FLOCK 1
+
+/* Define to 1 if you have the <getopt.h> header file. */
+#define HAVE_GETOPT_H 1
+
+/* Define to 1 if you have the `getopt_long' function. */
+#define HAVE_GETOPT_LONG 1
+
+/* Define to 1 if you have the <inttypes.h> header file. */
+#define HAVE_INTTYPES_H 1
+
+/* Libusb is available */
+/* #undef HAVE_LIBUSB */
+
+/* Define to 1 if you have the <memory.h> header file. */
+#define HAVE_MEMORY_H 1
+
+/* Define to 1 if you have the `nanosleep' function. */
+#define HAVE_NANOSLEEP 1
+
+/* Define if you have POSIX threads libraries and header files. */
+#define HAVE_PTHREAD 1
+
+/* Define to 1 if `stat' has the bug that it succeeds when given the
+ zero-length file name argument. */
+/* #undef HAVE_STAT_EMPTY_STRING_BUG */
+
+/* Define to 1 if you have the <stdint.h> header file. */
+#define HAVE_STDINT_H 1
+
+/* Define to 1 if you have the <stdlib.h> header file. */
+#define HAVE_STDLIB_H 1
+
+/* Define to 1 if you have the `strerror' function. */
+#define HAVE_STRERROR 1
+
+/* Define to 1 if you have the <strings.h> header file. */
+#define HAVE_STRINGS_H 1
+
+/* Define to 1 if you have the <string.h> header file. */
+#define HAVE_STRING_H 1
+
+/* Define to 1 if you have the `strlcat' function. */
+#define HAVE_STRLCAT 1
+
+/* Define to 1 if you have the `strlcpy' function. */
+#define HAVE_STRLCPY 1
+
+/* Define to 1 if you have the <syslog.h> header file. */
+#define HAVE_SYSLOG_H 1
+
+/* Define to 1 if you have the <sys/filio.h> header file. */
+#define HAVE_SYS_FILIO_H 1
+
+/* Define to 1 if you have the <sys/stat.h> header file. */
+#define HAVE_SYS_STAT_H 1
+
+/* Define to 1 if you have the <sys/types.h> header file. */
+#define HAVE_SYS_TYPES_H 1
+
+/* Define to 1 if you have <sys/wait.h> that is POSIX.1 compatible. */
+#define HAVE_SYS_WAIT_H 1
+
+/* Define to 1 if you have the <unistd.h> header file. */
+#define HAVE_UNISTD_H 1
+
+/* Define to 1 if you have the <usb.h> header file. */
+/* #undef HAVE_USB_H */
+
+/* Define to 1 if you have the `vprintf' function. */
+#define HAVE_VPRINTF 1
+
+/* Define to 1 if you have the `vsnprintf' function. */
+#define HAVE_VSNPRINTF 1
+
+/* Define to 1 if `lstat' dereferences a symlink specified with a trailing
+ slash. */
+/* #undef LSTAT_FOLLOWS_SLASHED_SYMLINK */
+
+/* Name of package */
+#define PACKAGE "PCSC Framework"
+
+/* Define to the address where bug reports for this package should be sent. */
+#define PACKAGE_BUGREPORT ""
+
+/* Define to the full name of this package. */
+#define PACKAGE_NAME "pcsc-lite"
+
+/* Define to the full name and version of this package. */
+#define PACKAGE_STRING "pcsc-lite 1.4.0"
+
+/* Define to the one symbol short name of this package. */
+#define PACKAGE_TARNAME "pcsc-lite"
+
+/* Define to the version of this package. */
+#define PACKAGE_VERSION "1.4.0"
+
+/* directory containing USB drivers */
+//#define PCSCLITE_HP_DROPDIR "/usr/local/pcsc/drivers"
+
+/* PC/SC target architecture */
+#define PCSC_ARCH "MacOS"
+
+/* Define to the necessary symbol if this constant uses a non-standard name on
+ your system. */
+/* #undef PTHREAD_CREATE_JOINABLE */
+
+/* Define to 1 if you have the ANSI C header files. */
+#define STDC_HEADERS 1
+
+/* Define to 1 if you can safely include both <sys/time.h> and <time.h>. */
+#define TIME_WITH_SYS_TIME 1
+
+/* directory containing IPC files (default /var/run) */
+/* #undef USE_IPCDIR */
+
+/* file containing pcscd pid */
+#define USE_RUN_PID "/var/run/pcscd"
+
+/* Version number of package */
+#define VERSION "1.4.0"
+
+/* Define to 1 if your processor stores words with the most significant byte
+ first (like Motorola and SPARC, unlike Intel and VAX). */
+/* #undef WORDS_BIGENDIAN */
+
+/* Define to 1 if `lex' declares `yytext' as a `char *' by default, not a
+ `char[]'. */
+#define YYTEXT_POINTER 1
+
+/* Define to empty if `const' does not conform to ANSI C. */
+/* #undef const */
+
+/* Define to `int' if <sys/types.h> doesn't define. */
+/* #undef gid_t */
+
+/* Define to `__inline__' or `__inline' if that's what the C compiler
+ calls it, or to nothing if 'inline' is not supported under any name. */
+#ifndef __cplusplus
+/* #undef inline */
+#endif
+
+/* Define to `unsigned int' if <sys/types.h> does not define. */
+/* #undef size_t */
+
+/* Define to `int' if <sys/types.h> doesn't define. */
+/* #undef uid_t */
+
+/* enable full musclecard debug messaging. */
+ #define MSC_DEBUG 1
+
Property changes on: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/config.h
___________________________________________________________________
Added: svn:executable
+
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/configfile.c
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/configfile.c (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/configfile.c 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,1781 @@
+/*
+ * Copyright (c) 2000-2002 Apple Computer, Inc. All Rights Reserved.
+ * The contents of this file constitute Original Code as defined in and are
+ * subject to the Apple Public Source License Version 1.2 (the 'License').
+ * You may not use this file except in compliance with the License. Please
+ * obtain a copy of the License at http://www.apple.com/publicsource and
+ * read it before using this file.
+ *
+ * This Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS
+ * FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please
+ * see the License for the specific language governing rights and
+ * limitations under the License.
+ */
+
+/*
+ * A lexical scanner generated by flex
+ */
+
+/*
+ * Scanner skeleton version: $Header:
+ * /home/cvsroot/muscle/PCSC/src/configfile.c,v 1.3 2002/03/31 07:05:07
+ * corcoran Exp $
+ */
+
+#define FLEX_SCANNER
+#define YY_FLEX_MAJOR_VERSION 2
+#define YY_FLEX_MINOR_VERSION 5
+
+#include <stdio.h>
+
+/*
+ * cfront 1.2 defines "c_plusplus" instead of "__cplusplus"
+ */
+#ifdef c_plusplus
+#ifndef __cplusplus
+#define __cplusplus
+#endif
+#endif
+
+#ifdef __cplusplus
+
+#include <stdlib.h>
+#include <unistd.h>
+
+/*
+ * Use prototypes in function declarations.
+ */
+#define YY_USE_PROTOS
+
+/*
+ * The "const" storage-class-modifier is valid.
+ */
+#define YY_USE_CONST
+
+#else /* ! __cplusplus */
+
+#if __STDC__
+
+#define YY_USE_PROTOS
+#define YY_USE_CONST
+
+#endif /* __STDC__ */
+#endif /* ! __cplusplus */
+
+#ifdef __TURBOC__
+#pragma warn -rch
+#pragma warn -use
+#include <io.h>
+#include <stdlib.h>
+#define YY_USE_CONST
+#define YY_USE_PROTOS
+#endif
+
+#ifdef YY_USE_CONST
+#define yyconst const
+#else
+#define yyconst
+#endif
+
+#ifdef YY_USE_PROTOS
+#define YY_PROTO(proto) proto
+#else
+#define YY_PROTO(proto) ()
+#endif
+
+/*
+ * Returned upon end-of-file.
+ */
+#define YY_NULL 0
+
+/*
+ * Promotes a possibly negative, possibly signed char to an unsigned
+ * integer for use as an array index. If the signed char is negative, we
+ * want to instead treat it as an 8-bit unsigned char, hence the double
+ * cast.
+ */
+#define YY_SC_TO_UI(c) ((unsigned int) (unsigned char) c)
+
+/*
+ * Enter a start condition. This macro really ought to take a parameter,
+ * but we do it the disgusting crufty way forced on us by the ()-less
+ * definition of BEGIN.
+ */
+#define BEGIN yy_start = 1 + 2 *
+
+/*
+ * Translate the current start state into a value that can be later handed
+ * to BEGIN to return to the state. The YYSTATE alias is for lex
+ * compatibility.
+ */
+#define YY_START ((yy_start - 1) / 2)
+#define YYSTATE YY_START
+
+/*
+ * Action number for EOF rule of a given start state.
+ */
+#define YY_STATE_EOF(state) (YY_END_OF_BUFFER + state + 1)
+
+/*
+ * Special action meaning "start processing a new file".
+ */
+#define YY_NEW_FILE yyrestart( yyin )
+
+#define YY_END_OF_BUFFER_CHAR 0
+
+/*
+ * Size of default input buffer.
+ */
+#define YY_BUF_SIZE 16384
+
+typedef struct yy_buffer_state *YY_BUFFER_STATE;
+
+extern int yyleng;
+extern FILE *yyin, *yyout;
+
+#define EOB_ACT_CONTINUE_SCAN 0
+#define EOB_ACT_END_OF_FILE 1
+#define EOB_ACT_LAST_MATCH 2
+
+/*
+ * The funky do-while in the following #define is used to turn the
+ * definition int a single C statement (which needs a semi-colon
+ * terminator). This avoids problems with code like: if (
+ * condition_holds ) yyless( 5 ); else do_something_else(); Prior to
+ * using the do-while the compiler would get upset at the "else" because
+ * it interpreted the "if" statement as being all done when it reached the
+ * ';' after the yyless() call.
+ */
+
+/*
+ * Return all but the first 'n' matched characters back to the input
+ * stream.
+ */
+
+#define yyless(n) \
+ do \
+ { \
+ /* Undo effects of setting up yytext. */ \
+ *yy_cp = yy_hold_char; \
+ YY_RESTORE_YY_MORE_OFFSET \
+ yy_c_buf_p = yy_cp = yy_bp + n - YY_MORE_ADJ; \
+ YY_DO_BEFORE_ACTION; /* set up yytext again */ \
+ } \
+ while ( 0 )
+
+#define unput(c) yyunput( c, yytext_ptr )
+
+/*
+ * The following is because we cannot portably get our hands on size_t
+ * (without autoconf's help, which isn't available because we want
+ * flex-generated scanners to compile on their own).
+ */
+typedef unsigned int yy_size_t;
+
+struct yy_buffer_state
+{
+ FILE *yy_input_file;
+
+ char *yy_ch_buf; /* input buffer */
+ char *yy_buf_pos; /* current position in input buffer */
+
+ /*
+ * Size of input buffer in bytes, not including room for EOB
+ * characters.
+ */
+ yy_size_t yy_buf_size;
+
+ /*
+ * Number of characters read into yy_ch_buf, not including EOB
+ * characters.
+ */
+ int yy_n_chars;
+
+ /*
+ * Whether we "own" the buffer - i.e., we know we created it, and can
+ * realloc() it to grow it, and should free() it to delete it.
+ */
+ int yy_is_our_buffer;
+
+ /*
+ * Whether this is an "interactive" input source; if so, and if we're
+ * using stdio for input, then we want to use getc() instead of
+ * fread(), to make sure we stop fetching input after each newline.
+ */
+ int yy_is_interactive;
+
+ /*
+ * Whether we're considered to be at the beginning of a line. If so,
+ * '^' rules will be active on the next match, otherwise not.
+ */
+ int yy_at_bol;
+
+ /*
+ * Whether to try to fill the input buffer when we reach the end of
+ * it.
+ */
+ int yy_fill_buffer;
+
+ int yy_buffer_status;
+#define YY_BUFFER_NEW 0
+#define YY_BUFFER_NORMAL 1
+ /*
+ * When an EOF's been seen but there's still some text to process then
+ * we mark the buffer as YY_EOF_PENDING, to indicate that we shouldn't
+ * try reading from the input source any more. We might still have a
+ * bunch of tokens to match, though, because of possible backing-up.
+ * When we actually see the EOF, we change the status to "new" (via
+ * yyrestart()), so that the user can continue scanning by just
+ * pointing yyin at a new input file.
+ */
+#define YY_BUFFER_EOF_PENDING 2
+};
+
+static YY_BUFFER_STATE yy_current_buffer = 0;
+
+/*
+ * We provide macros for accessing buffer states in case in the future we
+ * want to put the buffer states in a more general "scanner state".
+ */
+#define YY_CURRENT_BUFFER yy_current_buffer
+
+/*
+ * yy_hold_char holds the character lost when yytext is formed.
+ */
+static char yy_hold_char;
+
+static int yy_n_chars; /* number of characters read into
+ * yy_ch_buf */
+
+int yyleng;
+
+/*
+ * Points to current character in buffer.
+ */
+static char *yy_c_buf_p = (char *) 0;
+static int yy_init = 1; /* whether we need to initialize */
+static int yy_start = 0; /* start state number */
+
+/*
+ * Flag which is used to allow yywrap()'s to do buffer switches instead of
+ * setting up a fresh yyin. A bit of a hack ...
+ */
+static int yy_did_buffer_switch_on_eof;
+
+void yyrestart YY_PROTO((FILE * input_file));
+
+void yy_switch_to_buffer YY_PROTO((YY_BUFFER_STATE new_buffer));
+void yy_load_buffer_state YY_PROTO((void));
+YY_BUFFER_STATE yy_create_buffer YY_PROTO((FILE * file, int size));
+void yy_delete_buffer YY_PROTO((YY_BUFFER_STATE b));
+void yy_init_buffer YY_PROTO((YY_BUFFER_STATE b, FILE * file));
+void yy_flush_buffer YY_PROTO((YY_BUFFER_STATE b));
+#define YY_FLUSH_BUFFER yy_flush_buffer( yy_current_buffer )
+
+YY_BUFFER_STATE yy_scan_buffer YY_PROTO((char *base, yy_size_t size));
+YY_BUFFER_STATE yy_scan_string YY_PROTO((yyconst char *yy_str));
+YY_BUFFER_STATE yy_scan_bytes YY_PROTO((yyconst char *bytes, int len));
+
+static void *yy_flex_alloc YY_PROTO((yy_size_t));
+static void *yy_flex_realloc YY_PROTO((void *, yy_size_t));
+static void yy_flex_free YY_PROTO((void *));
+
+#define yy_new_buffer yy_create_buffer
+
+#define yy_set_interactive(is_interactive) \
+ { \
+ if ( ! yy_current_buffer ) \
+ yy_current_buffer = yy_create_buffer( yyin, YY_BUF_SIZE ); \
+ yy_current_buffer->yy_is_interactive = is_interactive; \
+ }
+
+#define yy_set_bol(at_bol) \
+ { \
+ if ( ! yy_current_buffer ) \
+ yy_current_buffer = yy_create_buffer( yyin, YY_BUF_SIZE ); \
+ yy_current_buffer->yy_at_bol = at_bol; \
+ }
+
+#define YY_AT_BOL() (yy_current_buffer->yy_at_bol)
+
+typedef unsigned char YY_CHAR;
+FILE *yyin = (FILE *) 0, *yyout = (FILE *) 0;
+typedef int yy_state_type;
+extern char *yytext;
+#define yytext_ptr yytext
+
+static yy_state_type yy_get_previous_state YY_PROTO((void));
+static yy_state_type yy_try_NUL_trans YY_PROTO((yy_state_type
+ current_state));
+static int yy_get_next_buffer YY_PROTO((void));
+static void yy_fatal_error YY_PROTO((yyconst char msg[]));
+
+/*
+ * Done after the current pattern has been matched and before the
+ * corresponding action - sets up yytext.
+ */
+#define YY_DO_BEFORE_ACTION \
+ yytext_ptr = yy_bp; \
+ yyleng = (int) (yy_cp - yy_bp); \
+ yy_hold_char = *yy_cp; \
+ *yy_cp = '\0'; \
+ yy_c_buf_p = yy_cp;
+
+#define YY_NUM_RULES 7
+#define YY_END_OF_BUFFER 8
+static yyconst short int yy_accept[17] = { 0,
+ 0, 0, 8, 6, 4, 2, 6, 1, 6, 5,
+ 0, 3, 1, 0, 5, 0
+};
+
+static yyconst int yy_ec[256] = { 0,
+ 1, 1, 1, 1, 1, 1, 1, 1, 2, 3,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 2, 1, 4, 5, 1, 1, 1, 6, 1,
+ 1, 1, 1, 1, 7, 7, 7, 8, 8, 8,
+ 8, 8, 8, 8, 8, 8, 8, 1, 1, 1,
+ 1, 1, 1, 7, 9, 9, 9, 9, 9, 9,
+ 9, 9, 9, 9, 9, 9, 9, 9, 9, 9,
+ 9, 9, 9, 9, 9, 9, 9, 9, 9, 9,
+ 1, 7, 1, 1, 7, 1, 10, 10, 10, 10,
+
+ 10, 10, 10, 10, 10, 10, 10, 10, 10, 10,
+ 10, 10, 10, 10, 10, 10, 10, 10, 10, 10,
+ 10, 10, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1
+};
+
+static yyconst int yy_meta[11] = { 0,
+ 1, 1, 2, 1, 1, 1, 1, 1, 1, 1
+};
+
+static yyconst short int yy_base[20] = { 0,
+ 0, 0, 15, 31, 31, 31, 8, 0, 10, 10,
+ 18, 31, 0, 20, 0, 31, 26, 13, 28
+};
+
+static yyconst short int yy_def[20] = { 0,
+ 16, 1, 16, 16, 16, 16, 17, 18, 19, 16,
+ 17, 16, 18, 19, 10, 0, 16, 16, 16
+};
+
+static yyconst short int yy_nxt[42] = { 0,
+ 4, 5, 6, 7, 8, 9, 10, 10, 10, 10,
+ 12, 12, 12, 13, 16, 12, 15, 15, 15, 15,
+ 12, 12, 12, 16, 16, 12, 11, 11, 14, 14,
+ 3, 16, 16, 16, 16, 16, 16, 16, 16, 16,
+ 16
+};
+
+static yyconst short int yy_chk[42] = { 0,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 7, 7, 9, 18, 3, 9, 10, 10, 10, 10,
+ 11, 11, 14, 0, 0, 14, 17, 17, 19, 19,
+ 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
+ 16
+};
+
+static yy_state_type yy_last_accepting_state;
+static char *yy_last_accepting_cpos;
+
+/*
+ * The intent behind this definition is that it'll catch any uses of
+ * REJECT which flex missed.
+ */
+#define REJECT reject_used_but_not_detected
+#define yymore() yymore_used_but_not_detected
+#define YY_MORE_ADJ 0
+#define YY_RESTORE_YY_MORE_OFFSET
+char *yytext;
+#line 1 "configfile.l"
+#define INITIAL 0
+/*****************************************************************
+
+ File : configfile.ll
+ Author : David Corcoran
+ Date : February 12, 1999 modified 7/28/99
+ Purpose: Reads lexical config files and updates database.
+ See http://www.linuxnet.com for more information.
+ License: Copyright (C) 1999 David Corcoran
+ <corcoran at linuxnet.com>
+
+******************************************************************/
+#line 14 "configfile.l"
+int evaluatetoken(char *pcToken);
+
+static int iLinenumber = 1;
+static char *pcPrevious = 0;
+static char *pcCurrent = 0;
+static char *pcFriendlyname = 0;
+static char *pcDevicename = 0;
+static char *pcLibpath = 0;
+static char *pcChannelid = 0;
+static int badError = 0;
+
+void tok_error(char *pcToken_error);
+
+#line 399 "lex.yy.c"
+
+/*
+ * Macros after this point can all be overridden by user definitions in
+ * section 1.
+ */
+
+#ifndef YY_SKIP_YYWRAP
+#ifdef __cplusplus
+extern "C" int yywrap YY_PROTO((void));
+#else
+extern int yywrap YY_PROTO((void));
+#endif
+#endif
+
+#ifndef YY_NO_UNPUT
+static void yyunput YY_PROTO((int c, char *buf_ptr));
+#endif
+
+#ifndef yytext_ptr
+static void yy_flex_strncpy YY_PROTO((char *, yyconst char *, int));
+#endif
+
+#ifdef YY_NEED_STRLEN
+static int yy_flex_strlen YY_PROTO((yyconst char *));
+#endif
+
+#ifndef YY_NO_INPUT
+#ifdef __cplusplus
+static int yyinput YY_PROTO((void));
+#else
+static int input YY_PROTO((void));
+#endif
+#endif
+
+#if YY_STACK_USED
+static int yy_start_stack_ptr = 0;
+static int yy_start_stack_depth = 0;
+static int *yy_start_stack = 0;
+#ifndef YY_NO_PUSH_STATE
+static void yy_push_state YY_PROTO((int new_state));
+#endif
+#ifndef YY_NO_POP_STATE
+static void yy_pop_state YY_PROTO((void));
+#endif
+#ifndef YY_NO_TOP_STATE
+static int yy_top_state YY_PROTO((void));
+#endif
+
+#else
+#define YY_NO_PUSH_STATE 1
+#define YY_NO_POP_STATE 1
+#define YY_NO_TOP_STATE 1
+#endif
+
+#ifdef YY_MALLOC_DECL
+YY_MALLOC_DECL
+#else
+#if __STDC__
+#ifndef __cplusplus
+#include <stdlib.h>
+#endif
+#else
+/*
+ * Just try to get by without declaring the routines. This will fail
+ * miserably on non-ANSI systems for which sizeof(size_t) != sizeof(int)
+ * or sizeof(void*) != sizeof(int).
+ */
+#endif
+#endif
+
+/*
+ * Amount of stuff to slurp up with each read.
+ */
+#ifndef YY_READ_BUF_SIZE
+#define YY_READ_BUF_SIZE 8192
+#endif
+
+/*
+ * Copy whatever the last rule matched to the standard output.
+ */
+
+#ifndef ECHO
+/*
+ * This used to be an fputs(), but since the string might contain NUL's,
+ * we now use fwrite().
+ */
+#define ECHO (void) fwrite( yytext, yyleng, 1, yyout )
+#endif
+
+/*
+ * Gets input and stuffs it into "buf". number of characters read, or
+ * YY_NULL, is returned in "result".
+ */
+#ifndef YY_INPUT
+#define YY_INPUT(buf,result,max_size) \
+ if ( yy_current_buffer->yy_is_interactive ) \
+ { \
+ int c = '*', n; \
+ for ( n = 0; n < max_size && \
+ (c = getc( yyin )) != EOF && c != '\n'; ++n ) \
+ buf[n] = (char) c; \
+ if ( c == '\n' ) \
+ buf[n++] = (char) c; \
+ if ( c == EOF && ferror( yyin ) ) \
+ YY_FATAL_ERROR( "input in flex scanner failed" ); \
+ result = n; \
+ } \
+ else if ( ((result = fread( buf, 1, max_size, yyin )) == 0) \
+ && ferror( yyin ) ) \
+ YY_FATAL_ERROR( "input in flex scanner failed" );
+#endif
+
+/*
+ * No semi-colon after return; correct usage is to write "yyterminate();"
+ * - we don't want an extra ';' after the "return" because that will cause
+ * some compilers to complain about unreachable statements.
+ */
+#ifndef yyterminate
+#define yyterminate() return YY_NULL
+#endif
+
+/*
+ * Number of entries by which start-condition stack grows.
+ */
+#ifndef YY_START_STACK_INCR
+#define YY_START_STACK_INCR 25
+#endif
+
+/*
+ * Report a fatal error.
+ */
+#ifndef YY_FATAL_ERROR
+#define YY_FATAL_ERROR(msg) yy_fatal_error( msg )
+#endif
+
+/*
+ * Default declaration of generated scanner - a define so the user can
+ * easily add parameters.
+ */
+#ifndef YY_DECL
+#define YY_DECL int yylex YY_PROTO(( void ))
+#endif
+
+/*
+ * Code executed at the beginning of each rule, after yytext and yyleng
+ * have been set up.
+ */
+#ifndef YY_USER_ACTION
+#define YY_USER_ACTION
+#endif
+
+/*
+ * Code executed at the end of each rule.
+ */
+#ifndef YY_BREAK
+#define YY_BREAK break;
+#endif
+
+#define YY_RULE_SETUP \
+ YY_USER_ACTION
+
+YY_DECL
+{
+ register yy_state_type yy_current_state;
+ register char *yy_cp, *yy_bp;
+ register int yy_act;
+
+#line 29 "configfile.l"
+
+#line 553 "lex.yy.c"
+
+ if (yy_init)
+ {
+ yy_init = 0;
+
+#ifdef YY_USER_INIT
+ YY_USER_INIT;
+#endif
+
+ if (!yy_start)
+ yy_start = 1; /* first start state */
+
+ if (!yyin)
+ yyin = stdin;
+
+ if (!yyout)
+ yyout = stdout;
+
+ if (!yy_current_buffer)
+ yy_current_buffer = yy_create_buffer(yyin, YY_BUF_SIZE);
+
+ yy_load_buffer_state();
+ }
+
+ while (1) /* loops until end-of-file is reached */
+ {
+ yy_cp = yy_c_buf_p;
+
+ /*
+ * Support of yytext.
+ */
+ *yy_cp = yy_hold_char;
+
+ /*
+ * yy_bp points to the position in yy_ch_buf of the start of the
+ * current run.
+ */
+ yy_bp = yy_cp;
+
+ yy_current_state = yy_start;
+ yy_match:
+ do
+ {
+ register YY_CHAR yy_c = yy_ec[YY_SC_TO_UI(*yy_cp)];
+ if (yy_accept[yy_current_state])
+ {
+ yy_last_accepting_state = yy_current_state;
+ yy_last_accepting_cpos = yy_cp;
+ }
+ while (yy_chk[yy_base[yy_current_state] + yy_c] !=
+ yy_current_state)
+ {
+ yy_current_state = (int) yy_def[yy_current_state];
+ if (yy_current_state >= 17)
+ yy_c = yy_meta[(unsigned int) yy_c];
+ }
+ yy_current_state =
+ yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c];
+ ++yy_cp;
+ }
+ while (yy_base[yy_current_state] != 31);
+
+ yy_find_action:
+ yy_act = yy_accept[yy_current_state];
+ if (yy_act == 0)
+ { /* have to back up */
+ yy_cp = yy_last_accepting_cpos;
+ yy_current_state = yy_last_accepting_state;
+ yy_act = yy_accept[yy_current_state];
+ }
+
+ YY_DO_BEFORE_ACTION;
+
+ do_action: /* This label is used only to access EOF actions. */
+
+ switch (yy_act)
+ { /* beginning of action switch */
+ case 0: /* must back up */
+ /*
+ * undo the effects of YY_DO_BEFORE_ACTION
+ */
+ *yy_cp = yy_hold_char;
+ yy_cp = yy_last_accepting_cpos;
+ yy_current_state = yy_last_accepting_state;
+ goto yy_find_action;
+
+ case 1:
+ YY_RULE_SETUP
+#line 31 "configfile.l"
+ {
+ }
+ YY_BREAK case 2:
+ YY_RULE_SETUP
+#line 32 "configfile.l"
+ {
+ iLinenumber++;
+ }
+ YY_BREAK case 3:
+ YY_RULE_SETUP
+#line 33 "configfile.l"
+ {
+ evaluatetoken(yytext);
+ }
+ YY_BREAK case 4:
+ YY_RULE_SETUP
+#line 34 "configfile.l"
+ {
+ }
+ YY_BREAK case 5:
+ YY_RULE_SETUP
+#line 35 "configfile.l"
+ {
+ evaluatetoken(yytext);
+ }
+ YY_BREAK case 6:
+ YY_RULE_SETUP
+#line 36 "configfile.l"
+ {
+ tok_error(yytext);
+ }
+ YY_BREAK case 7:
+ YY_RULE_SETUP
+#line 37 "configfile.l"
+ ECHO;
+ YY_BREAK
+#line 671 "lex.yy.c"
+ case YY_STATE_EOF(INITIAL):
+ yyterminate();
+
+ case YY_END_OF_BUFFER:
+ {
+ /*
+ * Amount of text matched not including the EOB char.
+ */
+ int yy_amount_of_matched_text =
+ (int) (yy_cp - yytext_ptr) - 1;
+
+ /*
+ * Undo the effects of YY_DO_BEFORE_ACTION.
+ */
+ *yy_cp = yy_hold_char;
+ YY_RESTORE_YY_MORE_OFFSET
+ if (yy_current_buffer->yy_buffer_status ==
+ YY_BUFFER_NEW)
+ {
+ /*
+ * We're scanning a new file or input source. It's
+ * possible that this happened because the user just
+ * pointed yyin at a new source and called yylex().
+ * If so, then we have to assure consistency between
+ * yy_current_buffer and our globals. Here is the
+ * right place to do so, because this is the first
+ * action (other than possibly a back-up) that will
+ * match for the new input source.
+ */
+ yy_n_chars = yy_current_buffer->yy_n_chars;
+ yy_current_buffer->yy_input_file = yyin;
+ yy_current_buffer->yy_buffer_status = YY_BUFFER_NORMAL;
+ }
+
+ /*
+ * Note that here we test for yy_c_buf_p "<=" to the
+ * position of the first EOB in the buffer, since
+ * yy_c_buf_p will already have been incremented past the
+ * NUL character (since all states make transitions on EOB
+ * to the end-of-buffer state). Contrast this with the
+ * test in input().
+ */
+ if (yy_c_buf_p <=
+ &yy_current_buffer->yy_ch_buf[yy_n_chars])
+ { /* This was really a NUL. */
+ yy_state_type yy_next_state;
+
+ yy_c_buf_p = yytext_ptr + yy_amount_of_matched_text;
+
+ yy_current_state = yy_get_previous_state();
+
+ /*
+ * Okay, we're now positioned to make the NUL
+ * transition. We couldn't have
+ * yy_get_previous_state() go ahead and do it for us
+ * because it doesn't know how to deal with the
+ * possibility of jamming (and we don't want to build
+ * jamming into it because then it will run more
+ * slowly).
+ */
+
+ yy_next_state = yy_try_NUL_trans(yy_current_state);
+
+ yy_bp = yytext_ptr + YY_MORE_ADJ;
+
+ if (yy_next_state)
+ {
+ /*
+ * Consume the NUL.
+ */
+ yy_cp = ++yy_c_buf_p;
+ yy_current_state = yy_next_state;
+ goto yy_match;
+ }
+
+ else
+ {
+ yy_cp = yy_c_buf_p;
+ goto yy_find_action;
+ }
+ }
+
+ else
+ switch (yy_get_next_buffer())
+ {
+ case EOB_ACT_END_OF_FILE:
+ {
+ yy_did_buffer_switch_on_eof = 0;
+
+ if (yywrap())
+ {
+ /*
+ * Note: because we've taken care in
+ * yy_get_next_buffer() to have set up
+ * yytext, we can now set up yy_c_buf_p so
+ * that if some total hoser (like flex
+ * itself) wants to call the scanner after
+ * we return the YY_NULL, it'll still work
+ * - another YY_NULL will get returned.
+ */
+ yy_c_buf_p = yytext_ptr + YY_MORE_ADJ;
+
+ yy_act = YY_STATE_EOF(YY_START);
+ goto do_action;
+ }
+
+ else
+ {
+ if (!yy_did_buffer_switch_on_eof)
+ YY_NEW_FILE;
+ }
+ break;
+ }
+
+ case EOB_ACT_CONTINUE_SCAN:
+ yy_c_buf_p =
+ yytext_ptr + yy_amount_of_matched_text;
+
+ yy_current_state = yy_get_previous_state();
+
+ yy_cp = yy_c_buf_p;
+ yy_bp = yytext_ptr + YY_MORE_ADJ;
+ goto yy_match;
+
+ case EOB_ACT_LAST_MATCH:
+ yy_c_buf_p =
+ &yy_current_buffer->yy_ch_buf[yy_n_chars];
+
+ yy_current_state = yy_get_previous_state();
+
+ yy_cp = yy_c_buf_p;
+ yy_bp = yytext_ptr + YY_MORE_ADJ;
+ goto yy_find_action;
+ }
+ break;
+ }
+
+ default:
+ YY_FATAL_ERROR
+ ("fatal flex scanner internal error--no action found");
+ } /* end of action switch */
+ } /* end of scanning one token */
+} /* end of yylex */
+
+/*
+ * yy_get_next_buffer - try to read in a new buffer Returns a code
+ * representing an action: EOB_ACT_LAST_MATCH - EOB_ACT_CONTINUE_SCAN -
+ * continue scanning from current position EOB_ACT_END_OF_FILE - end of
+ * file
+ */
+
+static int yy_get_next_buffer()
+{
+ register char *dest = yy_current_buffer->yy_ch_buf;
+ register char *source = yytext_ptr;
+ register int number_to_move, i;
+ int ret_val;
+
+ if (yy_c_buf_p > &yy_current_buffer->yy_ch_buf[yy_n_chars + 1])
+ YY_FATAL_ERROR
+ ("fatal flex scanner internal error--end of buffer missed");
+
+ if (yy_current_buffer->yy_fill_buffer == 0)
+ { /* Don't try to fill the buffer, so this is an EOF. */
+ if (yy_c_buf_p - yytext_ptr - YY_MORE_ADJ == 1)
+ {
+ /*
+ * We matched a single character, the EOB, so treat this as a
+ * final EOF.
+ */
+ return EOB_ACT_END_OF_FILE;
+ }
+
+ else
+ {
+ /*
+ * We matched some text prior to the EOB, first process it.
+ */
+ return EOB_ACT_LAST_MATCH;
+ }
+ }
+
+ /*
+ * Try to read more data.
+ */
+
+ /*
+ * First move last chars to start of buffer.
+ */
+ number_to_move = (int) (yy_c_buf_p - yytext_ptr) - 1;
+
+ for (i = 0; i < number_to_move; ++i)
+ *(dest++) = *(source++);
+
+ if (yy_current_buffer->yy_buffer_status == YY_BUFFER_EOF_PENDING)
+ /*
+ * don't do the read, it's not guaranteed to return an EOF, just
+ * force an EOF
+ */
+ yy_current_buffer->yy_n_chars = yy_n_chars = 0;
+
+ else
+ {
+ int num_to_read =
+ yy_current_buffer->yy_buf_size - number_to_move - 1;
+
+ while (num_to_read <= 0)
+ { /* Not enough room in the buffer - grow it. */
+#ifdef YY_USES_REJECT
+ YY_FATAL_ERROR
+ ("input buffer overflow, can't enlarge buffer because scanner uses REJECT");
+#else
+
+ /*
+ * just a shorter name for the current buffer
+ */
+ YY_BUFFER_STATE b = yy_current_buffer;
+
+ int yy_c_buf_p_offset = (int) (yy_c_buf_p - b->yy_ch_buf);
+
+ if (b->yy_is_our_buffer)
+ {
+ int new_size = b->yy_buf_size * 2;
+
+ if (new_size <= 0)
+ b->yy_buf_size += b->yy_buf_size / 8;
+ else
+ b->yy_buf_size *= 2;
+
+ b->yy_ch_buf = (char *)
+ /*
+ * Include room in for 2 EOB chars.
+ */
+ yy_flex_realloc((void *) b->yy_ch_buf,
+ b->yy_buf_size + 2);
+ } else
+ /*
+ * Can't grow it, we don't own it.
+ */
+ b->yy_ch_buf = 0;
+
+ if (!b->yy_ch_buf)
+ YY_FATAL_ERROR
+ ("fatal error - scanner input buffer overflow");
+
+ yy_c_buf_p = &b->yy_ch_buf[yy_c_buf_p_offset];
+
+ num_to_read = yy_current_buffer->yy_buf_size -
+ number_to_move - 1;
+#endif
+ }
+
+ if (num_to_read > YY_READ_BUF_SIZE)
+ num_to_read = YY_READ_BUF_SIZE;
+
+ /*
+ * Read in more data.
+ */
+ YY_INPUT((&yy_current_buffer->yy_ch_buf[number_to_move]),
+ yy_n_chars, num_to_read);
+
+ yy_current_buffer->yy_n_chars = yy_n_chars;
+ }
+
+ if (yy_n_chars == 0)
+ {
+ if (number_to_move == YY_MORE_ADJ)
+ {
+ ret_val = EOB_ACT_END_OF_FILE;
+ yyrestart(yyin);
+ }
+
+ else
+ {
+ ret_val = EOB_ACT_LAST_MATCH;
+ yy_current_buffer->yy_buffer_status = YY_BUFFER_EOF_PENDING;
+ }
+ }
+
+ else
+ ret_val = EOB_ACT_CONTINUE_SCAN;
+
+ yy_n_chars += number_to_move;
+ yy_current_buffer->yy_ch_buf[yy_n_chars] = YY_END_OF_BUFFER_CHAR;
+ yy_current_buffer->yy_ch_buf[yy_n_chars + 1] = YY_END_OF_BUFFER_CHAR;
+
+ yytext_ptr = &yy_current_buffer->yy_ch_buf[0];
+
+ return ret_val;
+}
+
+/*
+ * yy_get_previous_state - get the state just before the EOB char was
+ * reached
+ */
+
+static yy_state_type yy_get_previous_state()
+{
+ register yy_state_type yy_current_state;
+ register char *yy_cp;
+
+ yy_current_state = yy_start;
+
+ for (yy_cp = yytext_ptr + YY_MORE_ADJ; yy_cp < yy_c_buf_p; ++yy_cp)
+ {
+ register YY_CHAR yy_c = (*yy_cp ? yy_ec[YY_SC_TO_UI(*yy_cp)] : 1);
+ if (yy_accept[yy_current_state])
+ {
+ yy_last_accepting_state = yy_current_state;
+ yy_last_accepting_cpos = yy_cp;
+ }
+ while (yy_chk[yy_base[yy_current_state] + yy_c] !=
+ yy_current_state)
+ {
+ yy_current_state = (int) yy_def[yy_current_state];
+ if (yy_current_state >= 17)
+ yy_c = yy_meta[(unsigned int) yy_c];
+ }
+ yy_current_state =
+ yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c];
+ }
+
+ return yy_current_state;
+}
+
+/*
+ * yy_try_NUL_trans - try to make a transition on the NUL character
+ * synopsis next_state = yy_try_NUL_trans( current_state );
+ */
+
+#ifdef YY_USE_PROTOS
+static yy_state_type yy_try_NUL_trans(yy_state_type yy_current_state)
+#else
+static yy_state_type yy_try_NUL_trans(yy_current_state)
+ yy_state_type yy_current_state;
+#endif
+{
+ register int yy_is_jam;
+ register char *yy_cp = yy_c_buf_p;
+
+ register YY_CHAR yy_c = 1;
+ if (yy_accept[yy_current_state])
+ {
+ yy_last_accepting_state = yy_current_state;
+ yy_last_accepting_cpos = yy_cp;
+ }
+ while (yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state)
+ {
+ yy_current_state = (int) yy_def[yy_current_state];
+ if (yy_current_state >= 17)
+ yy_c = yy_meta[(unsigned int) yy_c];
+ }
+ yy_current_state =
+ yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c];
+ yy_is_jam = (yy_current_state == 16);
+
+ return yy_is_jam ? 0 : yy_current_state;
+}
+
+#ifndef YY_NO_UNPUT
+#ifdef YY_USE_PROTOS
+static void yyunput(int c, register char *yy_bp)
+#else
+static void yyunput(c, yy_bp)
+ int c;
+ register char *yy_bp;
+#endif
+{
+ register char *yy_cp = yy_c_buf_p;
+
+ /*
+ * undo effects of setting up yytext
+ */
+ *yy_cp = yy_hold_char;
+
+ if (yy_cp < yy_current_buffer->yy_ch_buf + 2)
+ { /* need to shift things up to make room */
+ /*
+ * +2 for EOB chars.
+ */
+ register int number_to_move = yy_n_chars + 2;
+ register char *dest =
+ &yy_current_buffer->yy_ch_buf[yy_current_buffer->yy_buf_size +
+ 2];
+ register char *source =
+ &yy_current_buffer->yy_ch_buf[number_to_move];
+
+ while (source > yy_current_buffer->yy_ch_buf)
+ *--dest = *--source;
+
+ yy_cp += (int) (dest - source);
+ yy_bp += (int) (dest - source);
+ yy_current_buffer->yy_n_chars =
+ yy_n_chars = yy_current_buffer->yy_buf_size;
+
+ if (yy_cp < yy_current_buffer->yy_ch_buf + 2)
+ YY_FATAL_ERROR("flex scanner push-back overflow");
+ }
+
+ *--yy_cp = (char) c;
+
+ yytext_ptr = yy_bp;
+ yy_hold_char = *yy_cp;
+ yy_c_buf_p = yy_cp;
+}
+#endif /* ifndef YY_NO_UNPUT */
+
+#ifdef __cplusplus
+static int yyinput()
+#else
+static int input()
+#endif
+{
+ int c;
+
+ *yy_c_buf_p = yy_hold_char;
+
+ if (*yy_c_buf_p == YY_END_OF_BUFFER_CHAR)
+ {
+ /*
+ * yy_c_buf_p now points to the character we want to return. If
+ * this occurs *before* the EOB characters, then it's a valid NUL;
+ * if not, then we've hit the end of the buffer.
+ */
+ if (yy_c_buf_p < &yy_current_buffer->yy_ch_buf[yy_n_chars])
+ /*
+ * This was really a NUL.
+ */
+ *yy_c_buf_p = '\0';
+
+ else
+ { /* need more input */
+ int offset = yy_c_buf_p - yytext_ptr;
+ ++yy_c_buf_p;
+
+ switch (yy_get_next_buffer())
+ {
+ case EOB_ACT_LAST_MATCH:
+ /*
+ * This happens because yy_g_n_b() sees that we've
+ * accumulated a token and flags that we need to try
+ * matching the token before proceeding. But for input(),
+ * there's no matching to consider. So convert the
+ * EOB_ACT_LAST_MATCH to EOB_ACT_END_OF_FILE.
+ */
+
+ /*
+ * Reset buffer status.
+ */
+ yyrestart(yyin);
+
+ /*
+ * fall through
+ */
+
+ case EOB_ACT_END_OF_FILE:
+ {
+ if (yywrap())
+ return EOF;
+
+ if (!yy_did_buffer_switch_on_eof)
+ YY_NEW_FILE;
+#ifdef __cplusplus
+ return yyinput();
+#else
+ return input();
+#endif
+ }
+
+ case EOB_ACT_CONTINUE_SCAN:
+ yy_c_buf_p = yytext_ptr + offset;
+ break;
+ }
+ }
+ }
+
+ c = *(unsigned char *) yy_c_buf_p; /* cast for 8-bit char's */
+ *yy_c_buf_p = '\0'; /* preserve yytext */
+ yy_hold_char = *++yy_c_buf_p;
+
+ return c;
+}
+
+#ifdef YY_USE_PROTOS
+void yyrestart(FILE * input_file)
+#else
+void yyrestart(input_file)
+ FILE *input_file;
+#endif
+{
+ if (!yy_current_buffer)
+ yy_current_buffer = yy_create_buffer(yyin, YY_BUF_SIZE);
+
+ yy_init_buffer(yy_current_buffer, input_file);
+ yy_load_buffer_state();
+}
+
+#ifdef YY_USE_PROTOS
+void yy_switch_to_buffer(YY_BUFFER_STATE new_buffer)
+#else
+void yy_switch_to_buffer(new_buffer)
+ YY_BUFFER_STATE new_buffer;
+#endif
+{
+ if (yy_current_buffer == new_buffer)
+ return;
+
+ if (yy_current_buffer)
+ {
+ /*
+ * Flush out information for old buffer.
+ */
+ *yy_c_buf_p = yy_hold_char;
+ yy_current_buffer->yy_buf_pos = yy_c_buf_p;
+ yy_current_buffer->yy_n_chars = yy_n_chars;
+ }
+
+ yy_current_buffer = new_buffer;
+ yy_load_buffer_state();
+
+ /*
+ * We don't actually know whether we did this switch during EOF
+ * (yywrap()) processing, but the only time this flag is looked at is
+ * after yywrap() is called, so it's safe to go ahead and always set
+ * it.
+ */
+ yy_did_buffer_switch_on_eof = 1;
+}
+
+#ifdef YY_USE_PROTOS
+void yy_load_buffer_state(void)
+#else
+void yy_load_buffer_state()
+#endif
+{
+ yy_n_chars = yy_current_buffer->yy_n_chars;
+ yytext_ptr = yy_c_buf_p = yy_current_buffer->yy_buf_pos;
+ yyin = yy_current_buffer->yy_input_file;
+ yy_hold_char = *yy_c_buf_p;
+}
+
+#ifdef YY_USE_PROTOS
+YY_BUFFER_STATE yy_create_buffer(FILE * file, int size)
+#else
+YY_BUFFER_STATE yy_create_buffer(file, size)
+ FILE *file;
+ int size;
+#endif
+{
+ YY_BUFFER_STATE b;
+
+ b = (YY_BUFFER_STATE) yy_flex_alloc(sizeof(struct yy_buffer_state));
+ if (!b)
+ YY_FATAL_ERROR("out of dynamic memory in yy_create_buffer()");
+
+ b->yy_buf_size = size;
+
+ /*
+ * yy_ch_buf has to be 2 characters longer than the size given because
+ * we need to put in 2 end-of-buffer characters.
+ */
+ b->yy_ch_buf = (char *) yy_flex_alloc(b->yy_buf_size + 2);
+ if (!b->yy_ch_buf)
+ YY_FATAL_ERROR("out of dynamic memory in yy_create_buffer()");
+
+ b->yy_is_our_buffer = 1;
+
+ yy_init_buffer(b, file);
+
+ return b;
+}
+
+#ifdef YY_USE_PROTOS
+void yy_delete_buffer(YY_BUFFER_STATE b)
+#else
+void yy_delete_buffer(b)
+ YY_BUFFER_STATE b;
+#endif
+{
+ if (!b)
+ return;
+
+ if (b == yy_current_buffer)
+ yy_current_buffer = (YY_BUFFER_STATE) 0;
+
+ if (b->yy_is_our_buffer)
+ yy_flex_free((void *) b->yy_ch_buf);
+
+ yy_flex_free((void *) b);
+}
+
+#ifndef YY_ALWAYS_INTERACTIVE
+#ifndef YY_NEVER_INTERACTIVE
+extern int isatty YY_PROTO((int));
+#endif
+#endif
+
+#ifdef YY_USE_PROTOS
+void yy_init_buffer(YY_BUFFER_STATE b, FILE * file)
+#else
+void yy_init_buffer(b, file)
+ YY_BUFFER_STATE b;
+ FILE *file;
+#endif
+
+{
+ yy_flush_buffer(b);
+
+ b->yy_input_file = file;
+ b->yy_fill_buffer = 1;
+
+#if YY_ALWAYS_INTERACTIVE
+ b->yy_is_interactive = 1;
+#else
+#if YY_NEVER_INTERACTIVE
+ b->yy_is_interactive = 0;
+#else
+ b->yy_is_interactive = file ? (isatty(fileno(file)) > 0) : 0;
+#endif
+#endif
+}
+
+#ifdef YY_USE_PROTOS
+void yy_flush_buffer(YY_BUFFER_STATE b)
+#else
+void yy_flush_buffer(b)
+ YY_BUFFER_STATE b;
+#endif
+
+{
+ if (!b)
+ return;
+
+ b->yy_n_chars = 0;
+
+ /*
+ * We always need two end-of-buffer characters. The first causes a
+ * transition to the end-of-buffer state. The second causes a jam in
+ * that state.
+ */
+ b->yy_ch_buf[0] = YY_END_OF_BUFFER_CHAR;
+ b->yy_ch_buf[1] = YY_END_OF_BUFFER_CHAR;
+
+ b->yy_buf_pos = &b->yy_ch_buf[0];
+
+ b->yy_at_bol = 1;
+ b->yy_buffer_status = YY_BUFFER_NEW;
+
+ if (b == yy_current_buffer)
+ yy_load_buffer_state();
+}
+
+#ifndef YY_NO_SCAN_BUFFER
+#ifdef YY_USE_PROTOS
+YY_BUFFER_STATE yy_scan_buffer(char *base, yy_size_t size)
+#else
+YY_BUFFER_STATE yy_scan_buffer(base, size)
+ char *base;
+ yy_size_t size;
+#endif
+{
+ YY_BUFFER_STATE b;
+
+ if (size < 2 ||
+ base[size - 2] != YY_END_OF_BUFFER_CHAR ||
+ base[size - 1] != YY_END_OF_BUFFER_CHAR)
+ /*
+ * They forgot to leave room for the EOB's.
+ */
+ return 0;
+
+ b = (YY_BUFFER_STATE) yy_flex_alloc(sizeof(struct yy_buffer_state));
+ if (!b)
+ YY_FATAL_ERROR("out of dynamic memory in yy_scan_buffer()");
+
+ b->yy_buf_size = size - 2; /* "- 2" to take care of EOB's */
+ b->yy_buf_pos = b->yy_ch_buf = base;
+ b->yy_is_our_buffer = 0;
+ b->yy_input_file = 0;
+ b->yy_n_chars = b->yy_buf_size;
+ b->yy_is_interactive = 0;
+ b->yy_at_bol = 1;
+ b->yy_fill_buffer = 0;
+ b->yy_buffer_status = YY_BUFFER_NEW;
+
+ yy_switch_to_buffer(b);
+
+ return b;
+}
+#endif
+
+#ifndef YY_NO_SCAN_STRING
+#ifdef YY_USE_PROTOS
+YY_BUFFER_STATE yy_scan_string(yyconst char *yy_str)
+#else
+YY_BUFFER_STATE yy_scan_string(yy_str)
+ yyconst char *yy_str;
+#endif
+{
+ int len;
+ for (len = 0; yy_str[len]; ++len)
+ ;
+
+ return yy_scan_bytes(yy_str, len);
+}
+#endif
+
+#ifndef YY_NO_SCAN_BYTES
+#ifdef YY_USE_PROTOS
+YY_BUFFER_STATE yy_scan_bytes(yyconst char *bytes, int len)
+#else
+YY_BUFFER_STATE yy_scan_bytes(bytes, len)
+ yyconst char *bytes;
+ int len;
+#endif
+{
+ YY_BUFFER_STATE b;
+ char *buf;
+ yy_size_t n;
+ int i;
+
+ /*
+ * Get memory for full buffer, including space for trailing EOB's.
+ */
+ n = len + 2;
+ buf = (char *) yy_flex_alloc(n);
+ if (!buf)
+ YY_FATAL_ERROR("out of dynamic memory in yy_scan_bytes()");
+
+ for (i = 0; i < len; ++i)
+ buf[i] = bytes[i];
+
+ buf[len] = buf[len + 1] = YY_END_OF_BUFFER_CHAR;
+
+ b = yy_scan_buffer(buf, n);
+ if (!b)
+ YY_FATAL_ERROR("bad buffer in yy_scan_bytes()");
+
+ /*
+ * It's okay to grow etc. this buffer, and we should throw it away
+ * when we're done.
+ */
+ b->yy_is_our_buffer = 1;
+
+ return b;
+}
+#endif
+
+#ifndef YY_NO_PUSH_STATE
+#ifdef YY_USE_PROTOS
+static void yy_push_state(int new_state)
+#else
+static void yy_push_state(new_state)
+ int new_state;
+#endif
+{
+ if (yy_start_stack_ptr >= yy_start_stack_depth)
+ {
+ yy_size_t new_size;
+
+ yy_start_stack_depth += YY_START_STACK_INCR;
+ new_size = yy_start_stack_depth * sizeof(int);
+
+ if (!yy_start_stack)
+ yy_start_stack = (int *) yy_flex_alloc(new_size);
+
+ else
+ yy_start_stack = (int *) yy_flex_realloc(
+ (void *) yy_start_stack, new_size);
+
+ if (!yy_start_stack)
+ YY_FATAL_ERROR
+ ("out of memory expanding start-condition stack");
+ }
+
+ yy_start_stack[yy_start_stack_ptr++] = YY_START;
+
+ BEGIN(new_state);
+}
+#endif
+
+#ifndef YY_NO_POP_STATE
+static void yy_pop_state()
+{
+ if (--yy_start_stack_ptr < 0)
+ YY_FATAL_ERROR("start-condition stack underflow");
+
+ BEGIN(yy_start_stack[yy_start_stack_ptr]);
+}
+#endif
+
+#ifndef YY_NO_TOP_STATE
+static int yy_top_state()
+{
+ return yy_start_stack[yy_start_stack_ptr - 1];
+}
+#endif
+
+#ifndef YY_EXIT_FAILURE
+#define YY_EXIT_FAILURE 2
+#endif
+
+#ifdef YY_USE_PROTOS
+static void yy_fatal_error(yyconst char msg[])
+#else
+static void yy_fatal_error(msg)
+ char msg[];
+#endif
+{
+ (void) fprintf(stderr, "%s\n", msg);
+ exit(YY_EXIT_FAILURE);
+}
+
+/*
+ * Redefine yyless() so it works in section 3 code.
+ */
+
+#undef yyless
+#define yyless(n) \
+ do \
+ { \
+ /* Undo effects of setting up yytext. */ \
+ yytext[yyleng] = yy_hold_char; \
+ yy_c_buf_p = yytext + n; \
+ yy_hold_char = *yy_c_buf_p; \
+ *yy_c_buf_p = '\0'; \
+ yyleng = n; \
+ } \
+ while ( 0 )
+
+/*
+ * Internal utility routines.
+ */
+
+#ifndef yytext_ptr
+#ifdef YY_USE_PROTOS
+static void yy_flex_strncpy(char *s1, yyconst char *s2, int n)
+#else
+static void yy_flex_strncpy(s1, s2, n)
+ char *s1;
+ yyconst char *s2;
+ int n;
+#endif
+{
+ register int i;
+ for (i = 0; i < n; ++i)
+ s1[i] = s2[i];
+}
+#endif
+
+#ifdef YY_NEED_STRLEN
+#ifdef YY_USE_PROTOS
+static int yy_flex_strlen(yyconst char *s)
+#else
+static int yy_flex_strlen(s)
+ yyconst char *s;
+#endif
+{
+ register int n;
+ for (n = 0; s[n]; ++n)
+ ;
+
+ return n;
+}
+#endif
+
+#ifdef YY_USE_PROTOS
+static void *yy_flex_alloc(yy_size_t size)
+#else
+static void *yy_flex_alloc(size)
+ yy_size_t size;
+#endif
+{
+ return (void *) malloc(size);
+}
+
+#ifdef YY_USE_PROTOS
+static void *yy_flex_realloc(void *ptr, yy_size_t size)
+#else
+static void *yy_flex_realloc(ptr, size)
+ void *ptr;
+ yy_size_t size;
+#endif
+{
+ /*
+ * The cast to (char *) in the following accommodates both
+ * implementations that use char* generic pointers, and those that use
+ * void* generic pointers. It works with the latter because both ANSI
+ * C and C++ allow castless assignment from any pointer type to void*,
+ * and deal with argument conversions as though doing an assignment.
+ */
+ return (void *) realloc((char *) ptr, size);
+}
+
+#ifdef YY_USE_PROTOS
+static void yy_flex_free(void *ptr)
+#else
+static void yy_flex_free(ptr)
+ void *ptr;
+#endif
+{
+ free(ptr);
+}
+
+#if YY_MAIN
+int main()
+{
+ yylex();
+ return 0;
+}
+#endif
+#line 37 "configfile.l"
+
+#include <stdio.h>
+#include <string.h>
+#include <wintypes.h>
+
+#include "pcsclite.h"
+#include "sys_generic.h"
+#include "readerfactory.h"
+#include "debuglog.h"
+
+int evaluatetoken(char *pcToken)
+{
+
+ DWORD dwChannelId = 0;
+ int p = 0;
+ int n = 0;
+
+ if (pcPrevious == 0)
+ { /* This is the key */
+ pcPrevious = strdup(pcToken);
+ } else
+ {
+ pcCurrent = pcToken;
+ if (strcmp(pcPrevious, "FRIENDLYNAME") == 0)
+ {
+ if (pcFriendlyname == 0)
+ {
+ pcFriendlyname = (char *) malloc(strlen(pcCurrent) - 1);
+ for (n = 0; n < strlen(pcCurrent); n++)
+ {
+ if (pcCurrent[n] != '"')
+ { /* Strip off the quotes */
+ pcFriendlyname[p++] = pcCurrent[n];
+ }
+ }
+ pcFriendlyname[p++] = 0;
+ } else
+ {
+ tok_error(pcPrevious);
+ return 1;
+ }
+ } else if (strcmp(pcPrevious, "DEVICENAME") == 0)
+ {
+ if (pcDevicename == 0)
+ {
+ pcDevicename = strdup(pcCurrent);
+ } else
+ {
+ tok_error(pcPrevious);
+ return 1;
+ }
+ } else if (strcmp(pcPrevious, "LIBPATH") == 0)
+ {
+ if (pcLibpath == 0)
+ {
+ pcLibpath = strdup(pcCurrent);
+ } else
+ {
+ tok_error(pcPrevious);
+ return 1;
+ }
+ } else if (strcmp(pcPrevious, "CHANNELID") == 0)
+ {
+ if (pcChannelid == 0)
+ {
+ pcChannelid = strdup(pcCurrent);
+ } else
+ {
+ tok_error(pcPrevious);
+ return 1;
+ }
+ } else
+ {
+ tok_error(pcPrevious);
+ return 1;
+ }
+
+ free(pcPrevious);
+ pcPrevious = 0;
+ }
+
+ if (pcFriendlyname != 0 && pcDevicename != 0 &&
+ pcLibpath != 0 && pcChannelid != 0)
+ {
+
+ dwChannelId = strtoul(pcChannelid, 0, 16);
+ RFAddReader(pcFriendlyname, dwChannelId, pcLibpath, pcDevicename);
+
+ free(pcFriendlyname);
+ free(pcDevicename);
+ free(pcLibpath);
+ free(pcChannelid);
+ pcFriendlyname = 0;
+ pcDevicename = 0;
+ pcLibpath = 0;
+ pcChannelid = 0;
+ }
+
+ return 0;
+}
+
+void tok_error(char *token_error)
+{
+ log_msg(PCSC_LOG_ERROR, "%s:%d tok_error: invalid value in reader.conf",
+ __FILE__, __LINE__);
+ badError = 1;
+}
+
+int DBUpdateReaders(char *readerconf)
+{
+
+ FILE *configFile;
+ configFile = 0;
+
+ configFile = fopen(readerconf, "r");
+
+ if (configFile == 0)
+ {
+ return 1;
+ }
+
+ yyin = configFile;
+
+ do
+ {
+ yylex();
+ }
+ while (!feof(configFile));
+
+ fclose(configFile);
+
+ if (badError == 1)
+ {
+ return -1;
+ } else
+ {
+ return 0;
+ }
+} /* End of configfile.c */
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/configfile.h
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/configfile.h (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/configfile.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,44 @@
+/*
+ * Copyright (c) 2000-2002 Apple Computer, Inc. All Rights Reserved.
+ * The contents of this file constitute Original Code as defined in and are
+ * subject to the Apple Public Source License Version 1.2 (the 'License').
+ * You may not use this file except in compliance with the License. Please
+ * obtain a copy of the License at http://www.apple.com/publicsource and
+ * read it before using this file.
+ *
+ * This Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS
+ * FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please
+ * see the License for the specific language governing rights and
+ * limitations under the License.
+ */
+
+/*****************************************************************
+/
+/ File : configfile.h
+/ Author : David Corcoran
+/ Date : February 12, 1999 modified 7/28/99
+/ License: Copyright (C) 1999 David Corcoran
+/ <corcoran at linuxnet.com>
+/ Purpose: Header file for reading lexical config files.
+/ See http://www.linuxnet.com for more information.
+/
+******************************************************************/
+
+#ifndef __configfile_h__
+#define __configfile_h__
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+
+ int DBUpdateReaders(char *readerconf);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __configfile_h__ */
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/configfile.l
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/configfile.l (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/configfile.l 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,142 @@
+/*****************************************************************
+
+ File : configfile.ll
+ Author : David Corcoran
+ Date : February 12, 1999 modified 7/28/99
+ Purpose: Reads lexical config files and updates database.
+ See http://www.linuxnet.com for more information.
+ License: Copyright (C) 1999 David Corcoran
+ <corcoran at linuxnet.com>
+
+******************************************************************/
+
+%{
+int evaluatetoken( char *pcToken );
+
+static int iLinenumber = 1;
+static char *pcPrevious = 0;
+static char *pcCurrent = 0;
+static char *pcFriendlyname = 0;
+static char *pcDevicename = 0;
+static char *pcLibpath = 0;
+static char *pcChannelid = 0;
+static int badError = 0;
+
+void tok_error ( char *pcToken_error );
+
+%}
+
+%%
+
+#.* {}
+"\n" { iLinenumber++; }
+(\"[^"\n]*["\n])|(\'[^'\n]*['\n]) { evaluatetoken( yytext); }
+[ \t] {}
+([A-Z]|[a-z]|[0-9]|[\\\/\-\.\_\@])+ { evaluatetoken( yytext ); }
+. { tok_error( yytext ); }
+%%
+
+#include <stdio.h>
+#include <string.h>
+#include <wintypes.h>
+
+#include "pcsclite.h"
+#include "sys_generic.h"
+#include "readerfactory.h"
+#include "debuglog.h"
+
+int evaluatetoken( char *pcToken ) {
+
+ DWORD dwChannelId = 0;
+ int p = 0;
+ int n = 0;
+
+ if ( pcPrevious == 0 ) { /* This is the key */
+ pcPrevious = strdup( pcToken );
+ } else {
+ pcCurrent = pcToken;
+ if ( strcmp( pcPrevious, "FRIENDLYNAME" ) == 0 ) {
+ if ( pcFriendlyname == 0 ) {
+ pcFriendlyname = (char *)malloc(strlen(pcCurrent)-1);
+ for ( n = 0; n < strlen(pcCurrent); n++ ) {
+ if ( pcCurrent[n] != '"' ) { /* Strip off the quotes */
+ pcFriendlyname[p++] = pcCurrent[n];
+ }
+ }
+ pcFriendlyname[p++] = 0;
+ } else {
+ tok_error( pcPrevious ); return 1;
+ }
+ } else if ( strcmp( pcPrevious, "DEVICENAME" ) == 0 ) {
+ if ( pcDevicename == 0 ) {
+ pcDevicename = strdup( pcCurrent );
+ } else {
+ tok_error( pcPrevious ); return 1;
+ }
+ } else if ( strcmp( pcPrevious, "LIBPATH" ) == 0 ) {
+ if ( pcLibpath == 0 ) {
+ pcLibpath = strdup( pcCurrent );
+ } else {
+ tok_error( pcPrevious ); return 1;
+ }
+ } else if ( strcmp( pcPrevious, "CHANNELID" ) == 0 ) {
+ if ( pcChannelid == 0 ) {
+ pcChannelid = strdup( pcCurrent );
+ } else {
+ tok_error( pcPrevious ); return 1;
+ }
+ } else {
+ tok_error( pcPrevious ); return 1;
+ }
+
+ free( pcPrevious ); pcPrevious = 0;
+ }
+
+ if ( pcFriendlyname != 0 && pcDevicename != 0 &&
+ pcLibpath != 0 && pcChannelid != 0 ) {
+
+ dwChannelId = strtoul( pcChannelid, 0, 16 );
+ RFAddReader( pcFriendlyname, dwChannelId, pcLibpath, pcDevicename );
+
+ free( pcFriendlyname ); free( pcDevicename );
+ free( pcLibpath); free( pcChannelid );
+ pcFriendlyname = 0; pcDevicename = 0;
+ pcLibpath = 0; pcChannelid = 0;
+ }
+
+ return 0;
+}
+
+void tok_error ( char *token_error ) {
+ debug_msg("%s:%d tok_error: invalid value in reader.conf",
+ __FILE__, __LINE__);
+ badError = 1;
+}
+
+int DBUpdateReaders ( char *readerconf ) {
+
+ FILE *configFile;
+ configFile = 0;
+
+ configFile = fopen( readerconf, "r");
+
+ if (configFile == 0) {
+ return 1;
+ }
+
+ yyin = configFile;
+
+ do {
+ yylex();
+ }
+ while (!feof(configFile));
+
+ fclose(configFile);
+
+ if (badError == 1) {
+ return -1;
+ } else {
+ return 0;
+ }
+} /* End of configfile.c */
+
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/debug.c
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/debug.c (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/debug.c 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,160 @@
+/*
+ * MUSCLE SmartCard Development ( http://www.linuxnet.com )
+ *
+ * Copyright (C) 1999-2002
+ * David Corcoran <corcoran at linuxnet.com>
+ * Copyright (C) 1999-2005
+ * Ludovic Rousseau <ludovic.rousseau at free.fr>
+ *
+ * $Id: debuglog.c 1953 2006-03-21 13:46:28Z rousseau $
+ */
+
+/**
+ * @file
+ * @brief This handles debugging for libpcsclite.
+ */
+
+#include "config.h"
+#include <stdarg.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <string.h>
+
+#include "debug.h"
+//#include "strlcpycat.h"
+
+#define DEBUG_BUF_SIZE 2048
+
+/* default level is a bit verbose to be backward compatible */
+static char LogLevel = PCSC_LOG_ERROR;
+
+static signed char LogDoColor = 0; /* no color by default */
+void log_init(void);
+
+void log_init(void)
+{
+ char *e;
+
+#ifdef LIBPCSCLITE
+ e = getenv("PCSCLITE_DEBUG");
+#else
+ e = getenv("MUSCLECARD_DEBUG");
+#endif
+ if (e)
+ LogLevel = atoi(e);
+
+ /* no color under Windows */
+#ifndef WIN32
+ /* log to stderr and stderr is a tty? */
+ if (isatty(fileno(stderr)))
+ {
+ const char *terms[] = { "linux", "xterm", "xterm-color", "Eterm", "rxvt", "rxvt-unicode" };
+ char *term;
+
+ term = getenv("TERM");
+ if (term)
+ {
+ unsigned int i;
+
+ /* for each known color terminal */
+ for (i = 0; i < sizeof(terms) / sizeof(terms[0]); i++)
+ {
+ /* we found a supported term? */
+ if (0 == strcmp(terms[i], term))
+ {
+ LogDoColor = 1;
+ break;
+ }
+ }
+ }
+ }
+#endif
+} /* log_init */
+
+void log_msg(const int priority, const char *fmt, ...)
+{
+ char DebugBuffer[DEBUG_BUF_SIZE];
+ va_list argptr;
+ static int is_initialized = 0;
+
+ if (!is_initialized)
+ {
+ log_init();
+ is_initialized = 1;
+ }
+
+ if (priority < LogLevel) /* log priority lower than threshold? */
+ return;
+
+ va_start(argptr, fmt);
+#ifndef WIN32
+ vsnprintf(DebugBuffer, DEBUG_BUF_SIZE, fmt, argptr);
+#else
+#if HAVE_VSNPRINTF
+ vsnprintf(DebugBuffer, DEBUG_BUF_SIZE, fmt, argptr);
+#else
+ vsprintf(DebugBuffer, fmt, argptr);
+#endif
+#endif
+ va_end(argptr);
+
+#ifndef WIN32
+ {
+ if (LogDoColor)
+ {
+ const char *color_pfx = "", *color_sfx = "\33[0m";
+
+ switch (priority)
+ {
+ case PCSC_LOG_CRITICAL:
+ color_pfx = "\33[01;31m"; /* bright + Red */
+ break;
+
+ case PCSC_LOG_ERROR:
+ color_pfx = "\33[35m"; /* Magenta */
+ break;
+
+ case PCSC_LOG_INFO:
+ color_pfx = "\33[34m"; /* Blue */
+ break;
+
+ case PCSC_LOG_DEBUG:
+ color_pfx = ""; /* normal (black) */
+ color_sfx = "";
+ break;
+ }
+ fprintf(stderr, "%s%s%s\n", color_pfx, DebugBuffer, color_sfx);
+ }
+ else
+ fprintf(stderr, "%s\n", DebugBuffer);
+ }
+#else
+ fprintf(stderr, "%s\n", DebugBuffer);
+#endif
+} /* log_msg */
+
+void log_xxd(const int priority, const char *msg, const unsigned char *buffer,
+ const int len)
+{
+ char DebugBuffer[DEBUG_BUF_SIZE];
+ int i;
+ char *c;
+ char *debug_buf_end;
+
+ if (priority < LogLevel) /* log priority lower than threshold? */
+ return;
+
+ debug_buf_end = DebugBuffer + DEBUG_BUF_SIZE - 5;
+
+ strlcpy(DebugBuffer, msg, sizeof(DebugBuffer));
+ c = DebugBuffer + strlen(DebugBuffer);
+
+ for (i = 0; (i < len) && (c < debug_buf_end); ++i)
+ {
+ sprintf(c, "%02X ", buffer[i]);
+ c += strlen(c);
+ }
+
+ fprintf(stderr, "%s\n", DebugBuffer);
+} /* log_xxd */
+
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/debug.h
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/debug.h (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/debug.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,78 @@
+/*
+ * MUSCLE SmartCard Development ( http://www.linuxnet.com )
+ *
+ * Copyright (C) 1999-2004
+ * David Corcoran <corcoran at linuxnet.com>
+ * Copyright (C) 1999-2005
+ * Ludovic Rousseau <ludovic.rousseau at free.fr>
+ *
+ * $Id: debuglog.h 1835 2006-01-25 10:42:23Z rousseau $
+ */
+
+/**
+ * @file
+ * @brief This handles debugging.
+ *
+ * @note log message is sent to syslog or stderr depending on --foreground
+ * command line argument
+ *
+ * @test
+ * @code
+ * Log1(priority, "text");
+ * log "text" with priority level priority
+ * Log2(priority, "text: %d", 1234);
+ * log "text: 1234"
+ * the format string can be anything printf() can understand
+ * Log3(priority, "text: %d %d", 1234, 5678);
+ * log "text: 1234 5678"
+ * the format string can be anything printf() can understand
+ * LogXxd(priority, msg, buffer, size);
+ * log "msg" + a hex dump of size bytes of buffer[]
+ * @endcode
+ */
+
+#ifndef __debug_h__
+#define __debug_h__
+
+#ifdef PCSC
+/* use syslog, etc. if we are included from a file for pcscd */
+#include "debuglog.h"
+#else
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+
+enum {
+ PCSC_LOG_DEBUG = 0,
+ PCSC_LOG_INFO,
+ PCSC_LOG_ERROR,
+ PCSC_LOG_CRITICAL
+};
+
+#include <stdio.h>
+
+/* You can't do #ifndef __FUNCTION__ */
+#if !defined(__GNUC__) && !defined(__IBMC__)
+#define __FUNCTION__ ""
+#endif
+
+#define Log0(priority) log_msg(priority, "%s:%d:%s()", __FILE__, __LINE__, __FUNCTION__)
+#define Log1(priority, fmt) log_msg(priority, "%s:%d:%s() " fmt, __FILE__, __LINE__, __FUNCTION__)
+#define Log2(priority, fmt, data) log_msg(priority, "%s:%d:%s() " fmt, __FILE__, __LINE__, __FUNCTION__, data)
+#define Log3(priority, fmt, data1, data2) log_msg(priority, "%s:%d:%s() " fmt, __FILE__, __LINE__, __FUNCTION__, data1, data2)
+#define LogXxd(priority, msg, buffer, size) log_xxd(priority, msg, buffer, size)
+
+void log_msg(const int priority, const char *fmt, ...);
+void log_xxd(const int priority, const char *msg,
+ const unsigned char *buffer, const int size);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
+
+#endif /* __debug_h__ */
+
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/debuglog.c
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/debuglog.c (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/debuglog.c 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,452 @@
+/*
+ * Copyright (c) 2000-2007 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * debuglog.c
+ * SmartCardServices
+ */
+
+/*
+ * MUSCLE SmartCard Development ( http://www.linuxnet.com )
+ *
+ * Copyright (C) 1999-2002
+ * David Corcoran <corcoran at linuxnet.com>
+ * Copyright (C) 1999-2005
+ * Ludovic Rousseau <ludovic.rousseau at free.fr>
+ *
+ * $Id: debuglog.c 2302 2007-01-06 17:57:58Z rousseau $
+ */
+
+/**
+ * @file
+ * @brief This handles debugging for pcscd.
+ */
+
+#include "config.h"
+
+#ifndef WIN32
+#include <syslog.h>
+#endif
+#include <unistd.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <stdarg.h>
+#include <assert.h>
+#include <sys/types.h>
+
+#include "wintypes.h"
+#include "pcsclite.h"
+#include "debuglog.h"
+#include "sys_generic.h"
+//#include "strlcpy.h"
+
+/**
+ * Max string size when dumping a 256 bytes longs APDU
+ * Should be bigger than 256*3+30
+ */
+#define DEBUG_BUF_SIZE 2048
+
+static char LogSuppress = DEBUGLOG_LOG_ENTRIES;
+static char LogMsgType = DEBUGLOG_NO_DEBUG;
+static char LogCategory = DEBUG_CATEGORY_NOTHING;
+
+/* default level is a bit verbose to be backward compatible */
+static char LogLevel = PCSC_LOG_INFO;
+
+static signed char LogDoColor = 0; /* no color by default */
+
+void log_msg(const int priority, const char *fmt, ...)
+{
+ char DebugBuffer[DEBUG_BUF_SIZE];
+ va_list argptr;
+
+ if ((LogSuppress != DEBUGLOG_LOG_ENTRIES)
+ || (priority < LogLevel) /* log priority lower than threshold? */
+ || (DEBUGLOG_NO_DEBUG == LogMsgType))
+ return;
+
+ va_start(argptr, fmt);
+#ifndef WIN32
+ vsnprintf(DebugBuffer, DEBUG_BUF_SIZE, fmt, argptr);
+#else
+#if HAVE_VSNPRINTF
+ vsnprintf(DebugBuffer, DEBUG_BUF_SIZE, fmt, argptr);
+#else
+ vsprintf(DebugBuffer, fmt, argptr);
+#endif
+#endif
+ va_end(argptr);
+
+#ifndef WIN32
+ if (DEBUGLOG_SYSLOG_DEBUG == LogMsgType)
+ syslog(LOG_INFO, "%s", DebugBuffer);
+ else
+ {
+ if (LogDoColor)
+ {
+ const char *color_pfx = "", *color_sfx = "\33[0m";
+
+ switch (priority)
+ {
+ case PCSC_LOG_CRITICAL:
+ color_pfx = "\33[01;31m"; /* bright + Red */
+ break;
+
+ case PCSC_LOG_ERROR:
+ color_pfx = "\33[35m"; /* Magenta */
+ break;
+
+ case PCSC_LOG_INFO:
+ color_pfx = "\33[34m"; /* Blue */
+ break;
+
+ case PCSC_LOG_DEBUG:
+ color_pfx = ""; /* normal (black) */
+ color_sfx = "";
+ break;
+ }
+ fprintf(stderr, "%s%s%s\n", color_pfx, DebugBuffer, color_sfx);
+ }
+ else
+ fprintf(stderr, "%s\n", DebugBuffer);
+ }
+#else
+ fprintf(stderr, "%s\n", DebugBuffer);
+#endif
+} /* log_msg */
+
+void log_xxd(const int priority, const char *msg, const unsigned char *buffer,
+ const int len)
+{
+ char DebugBuffer[DEBUG_BUF_SIZE];
+ int i;
+ char *c;
+ char *debug_buf_end;
+
+ if ((LogSuppress != DEBUGLOG_LOG_ENTRIES)
+ || (priority < LogLevel) /* log priority lower than threshold? */
+ || (DEBUGLOG_NO_DEBUG == LogMsgType))
+ return;
+
+ debug_buf_end = DebugBuffer + DEBUG_BUF_SIZE - 5;
+
+ strlcpy(DebugBuffer, msg, sizeof(DebugBuffer));
+ c = DebugBuffer + strlen(DebugBuffer);
+
+ for (i = 0; (i < len) && (c < debug_buf_end); ++i)
+ {
+ sprintf(c, "%02X ", buffer[i]);
+ c += 3;
+ }
+
+ /* the buffer is too small so end it with "..." */
+ if ((c >= debug_buf_end) && (i < len))
+ c[-3] = c[-2] = c[-1] = '.';
+
+#ifndef WIN32
+ if (DEBUGLOG_SYSLOG_DEBUG == LogMsgType)
+ syslog(LOG_INFO, "%s", DebugBuffer);
+ else
+#endif
+ fprintf(stderr, "%s\n", DebugBuffer);
+} /* log_xxd */
+
+#ifdef PCSCD
+void DebugLogSuppress(const int lSType)
+{
+ LogSuppress = lSType;
+}
+#endif
+
+void DebugLogSetLogType(const int dbgtype)
+{
+ switch (dbgtype)
+ {
+ case DEBUGLOG_NO_DEBUG:
+ case DEBUGLOG_SYSLOG_DEBUG:
+ case DEBUGLOG_STDERR_DEBUG:
+ LogMsgType = dbgtype;
+ break;
+ default:
+ Log2(PCSC_LOG_CRITICAL, "unknown log type (%d), using stderr",
+ dbgtype);
+ LogMsgType = DEBUGLOG_STDERR_DEBUG;
+ }
+
+ /* no color under Windows */
+#ifndef WIN32
+ /* log to stderr and stderr is a tty? */
+ if (DEBUGLOG_STDERR_DEBUG == LogMsgType && isatty(fileno(stderr)))
+ {
+ const char *terms[] = { "linux", "xterm", "xterm-color", "Eterm", "rxvt", "rxvt-unicode" };
+ char *term;
+
+ term = getenv("TERM");
+ if (term)
+ {
+ unsigned int i;
+
+ /* for each known color terminal */
+ for (i = 0; i < sizeof(terms) / sizeof(terms[0]); i++)
+ {
+ /* we found a supported term? */
+ if (0 == strcmp(terms[i], term))
+ {
+ LogDoColor = 1;
+ break;
+ }
+ }
+ }
+ }
+#endif
+}
+
+void DebugLogSetLevel(const int level)
+{
+ LogLevel = level;
+ switch (level)
+ {
+ case PCSC_LOG_CRITICAL:
+ case PCSC_LOG_ERROR:
+ /* do not log anything */
+ break;
+
+ case PCSC_LOG_INFO:
+ Log1(PCSC_LOG_INFO, "debug level=notice");
+ break;
+
+ case PCSC_LOG_DEBUG:
+ Log1(PCSC_LOG_DEBUG, "debug level=debug");
+ break;
+
+ default:
+ LogLevel = PCSC_LOG_INFO;
+ Log2(PCSC_LOG_CRITICAL, "unknown level (%d), using level=notice",
+ level);
+ }
+}
+
+INTERNAL int DebugLogSetCategory(const int dbginfo)
+{
+#define DEBUG_INFO_LENGTH 80
+ char text[DEBUG_INFO_LENGTH];
+
+ /* use a negative number to UNset
+ * typically use ~DEBUG_CATEGORY_APDU
+ */
+ if (dbginfo < 0)
+ LogCategory &= dbginfo;
+ else
+ LogCategory |= dbginfo;
+
+ /* set to empty string */
+ text[0] = '\0';
+
+ if (LogCategory & DEBUG_CATEGORY_APDU)
+ strlcat(text, " APDU", sizeof(text));
+
+ Log2(PCSC_LOG_INFO, "Debug options:%s", text);
+
+ return LogCategory;
+}
+
+INTERNAL void DebugLogCategory(const int category, const unsigned char *buffer,
+ const int len)
+{
+ if ((category & DEBUG_CATEGORY_APDU)
+ && (LogCategory & DEBUG_CATEGORY_APDU))
+ log_xxd(PCSC_LOG_INFO, "APDU: ", (const unsigned char *)buffer, len);
+
+ if ((category & DEBUG_CATEGORY_SW)
+ && (LogCategory & DEBUG_CATEGORY_APDU))
+ log_xxd(PCSC_LOG_INFO, "SW: ", (const unsigned char *)buffer, len);
+}
+
+/*
+ * old function supported for backward object code compatibility
+ * defined only for pcscd
+ */
+#ifdef PCSCD
+void debug_msg(const char *fmt, ...)
+{
+ char DebugBuffer[DEBUG_BUF_SIZE];
+ va_list argptr;
+
+ if ((LogSuppress != DEBUGLOG_LOG_ENTRIES)
+ || (DEBUGLOG_NO_DEBUG == LogMsgType))
+ return;
+
+ va_start(argptr, fmt);
+#ifndef WIN32
+ vsnprintf(DebugBuffer, DEBUG_BUF_SIZE, fmt, argptr);
+#else
+#if HAVE_VSNPRINTF
+ vsnprintf(DebugBuffer, DEBUG_BUF_SIZE, fmt, argptr);
+#else
+ vsprintf(DebugBuffer, fmt, argptr);
+#endif
+#endif
+ va_end(argptr);
+
+#ifndef WIN32
+ if (DEBUGLOG_SYSLOG_DEBUG == LogMsgType)
+ syslog(LOG_INFO, "%s", DebugBuffer);
+ else
+#endif
+ fprintf(stderr, "%s\n", DebugBuffer);
+} /* debug_msg */
+
+void debug_xxd(const char *msg, const unsigned char *buffer, const int len)
+{
+ log_xxd(PCSC_LOG_ERROR, msg, buffer, len);
+} /* debug_xxd */
+#endif
+
+char *pcsc_stringify_error(const int32_t Error)
+{
+
+ static char strError[75];
+
+ switch (Error)
+ {
+ case SCARD_S_SUCCESS:
+ strcpy(strError, "Command successful.");
+ break;
+ case SCARD_E_CANCELLED:
+ strcpy(strError, "Command cancelled.");
+ break;
+ case SCARD_E_CANT_DISPOSE:
+ strcpy(strError, "Cannot dispose handle.");
+ break;
+ case SCARD_E_INSUFFICIENT_BUFFER:
+ strcpy(strError, "Insufficient buffer.");
+ break;
+ case SCARD_E_INVALID_ATR:
+ strcpy(strError, "Invalid ATR.");
+ break;
+ case SCARD_E_INVALID_HANDLE:
+ strcpy(strError, "Invalid handle.");
+ break;
+ case SCARD_E_INVALID_PARAMETER:
+ strcpy(strError, "Invalid parameter given.");
+ break;
+ case SCARD_E_INVALID_TARGET:
+ strcpy(strError, "Invalid target given.");
+ break;
+ case SCARD_E_INVALID_VALUE:
+ strcpy(strError, "Invalid value given.");
+ break;
+ case SCARD_E_NO_MEMORY:
+ strcpy(strError, "Not enough memory.");
+ break;
+ case SCARD_F_COMM_ERROR:
+ strcpy(strError, "RPC transport error.");
+ break;
+ case SCARD_F_INTERNAL_ERROR:
+ strcpy(strError, "Unknown internal error.");
+ break;
+ case SCARD_F_UNKNOWN_ERROR:
+ strcpy(strError, "Unknown internal error.");
+ break;
+ case SCARD_F_WAITED_TOO_LONG:
+ strcpy(strError, "Waited too long.");
+ break;
+ case SCARD_E_UNKNOWN_READER:
+ strcpy(strError, "Unknown reader specified.");
+ break;
+ case SCARD_E_TIMEOUT:
+ strcpy(strError, "Command timeout.");
+ break;
+ case SCARD_E_SHARING_VIOLATION:
+ strcpy(strError, "Sharing violation.");
+ break;
+ case SCARD_E_NO_SMARTCARD:
+ strcpy(strError, "No smartcard inserted.");
+ break;
+ case SCARD_E_UNKNOWN_CARD:
+ strcpy(strError, "Unknown card.");
+ break;
+ case SCARD_E_PROTO_MISMATCH:
+ strcpy(strError, "Card protocol mismatch.");
+ break;
+ case SCARD_E_NOT_READY:
+ strcpy(strError, "Subsystem not ready.");
+ break;
+ case SCARD_E_SYSTEM_CANCELLED:
+ strcpy(strError, "System cancelled.");
+ break;
+ case SCARD_E_NOT_TRANSACTED:
+ strcpy(strError, "Transaction failed.");
+ break;
+ case SCARD_E_READER_UNAVAILABLE:
+ strcpy(strError, "Reader/s is unavailable.");
+ break;
+ case SCARD_W_UNSUPPORTED_CARD:
+ strcpy(strError, "Card is not supported.");
+ break;
+ case SCARD_W_UNRESPONSIVE_CARD:
+ strcpy(strError, "Card is unresponsive.");
+ break;
+ case SCARD_W_UNPOWERED_CARD:
+ strcpy(strError, "Card is unpowered.");
+ break;
+ case SCARD_W_RESET_CARD:
+ strcpy(strError, "Card was reset.");
+ break;
+ case SCARD_W_REMOVED_CARD:
+ strcpy(strError, "Card was removed.");
+ break;
+ case SCARD_W_INSERTED_CARD:
+ strcpy(strError, "Card was inserted.");
+ break;
+ case SCARD_E_UNSUPPORTED_FEATURE:
+ strcpy(strError, "Feature not supported.");
+ break;
+ case SCARD_E_PCI_TOO_SMALL:
+ strcpy(strError, "PCI struct too small.");
+ break;
+ case SCARD_E_READER_UNSUPPORTED:
+ strcpy(strError, "Reader is unsupported.");
+ break;
+ case SCARD_E_DUPLICATE_READER:
+ strcpy(strError, "Reader already exists.");
+ break;
+ case SCARD_E_CARD_UNSUPPORTED:
+ strcpy(strError, "Card is unsupported.");
+ break;
+ case SCARD_E_NO_SERVICE:
+ strcpy(strError, "Service not available.");
+ break;
+ case SCARD_E_SERVICE_STOPPED:
+ strcpy(strError, "Service was stopped.");
+ break;
+ default:
+ sprintf(strError, "Unknown PCSC error: %d [0x%08X]", Error, Error);
+ break;
+
+ };
+
+ return strError;
+}
+
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/debuglog.h
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/debuglog.h (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/debuglog.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,124 @@
+/*
+ * Copyright (c) 2000-2007 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * debuglog.h
+ * SmartCardServices
+ */
+
+/*
+ * MUSCLE SmartCard Development ( http://www.linuxnet.com )
+ *
+ * Copyright (C) 1999-2004
+ * David Corcoran <corcoran at linuxnet.com>
+ * Copyright (C) 1999-2005
+ * Ludovic Rousseau <ludovic.rousseau at free.fr>
+ *
+ * $Id: debuglog.h 2151 2006-09-06 20:02:47Z rousseau $
+ */
+
+/**
+ * @file
+ * @brief This handles debugging.
+ *
+ * @note log message is sent to syslog or stderr depending on --foreground
+ * command line argument
+ *
+ * @test
+ * @code
+ * Log1(priority, "text");
+ * log "text" with priority level priority
+ * Log2(priority, "text: %d", 1234);
+ * log "text: 1234"
+ * the format string can be anything printf() can understand
+ * Log3(priority, "text: %d %d", 1234, 5678);
+ * log "text: 1234 5678"
+ * the format string can be anything printf() can understand
+ * LogXxd(priority, msg, buffer, size);
+ * log "msg" + a hex dump of size bytes of buffer[]
+ * @endcode
+ */
+
+#ifndef __debuglog_h__
+#define __debuglog_h__
+
+#include "pcscexport.h"
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+
+#define DEBUGLOG_LOG_ENTRIES 1
+#define DEBUGLOG_IGNORE_ENTRIES 2
+
+enum {
+ DEBUGLOG_NO_DEBUG = 0,
+ DEBUGLOG_SYSLOG_DEBUG,
+ DEBUGLOG_STDERR_DEBUG
+};
+
+#define DEBUG_CATEGORY_NOTHING 0
+#define DEBUG_CATEGORY_APDU 1
+#define DEBUG_CATEGORY_SW 2
+
+enum {
+ PCSC_LOG_DEBUG = 0,
+ PCSC_LOG_INFO,
+ PCSC_LOG_ERROR,
+ PCSC_LOG_CRITICAL
+};
+
+/* You can't do #ifndef __FUNCTION__ */
+#if !defined(__GNUC__) && !defined(__IBMC__)
+#define __FUNCTION__ ""
+#endif
+
+#define Log0(priority) log_msg(priority, "%s:%d:%s()", __FILE__, __LINE__, __FUNCTION__)
+#define Log1(priority, fmt) log_msg(priority, "%s:%d:%s() " fmt, __FILE__, __LINE__, __FUNCTION__)
+#define Log2(priority, fmt, data) log_msg(priority, "%s:%d:%s() " fmt, __FILE__, __LINE__, __FUNCTION__, data)
+#define Log3(priority, fmt, data1, data2) log_msg(priority, "%s:%d:%s() " fmt, __FILE__, __LINE__, __FUNCTION__, data1, data2)
+#define Log4(priority, fmt, data1, data2, data3) log_msg(priority, "%s:%d:%s() " fmt, __FILE__, __LINE__, __FUNCTION__, data1, data2, data3)
+#define Log9(priority, fmt, data1, data2, data3, data4, data5, data6, data7, data8) log_msg(priority, "%s:%d:%s() " fmt, __FILE__, __LINE__, __FUNCTION__, data1, data2, data3, data4, data5, data6, data7, data8)
+#define LogXxd(priority, msg, buffer, size) log_xxd(priority, msg, buffer, size)
+
+#define DebugLogA(a) Log1(PCSC_LOG_INFO, a)
+#define DebugLogB(a, b) Log2(PCSC_LOG_INFO, a, b)
+#define DebugLogC(a, b,c) Log3(PCSC_LOG_INFO, a, b, c)
+
+PCSC_API void log_msg(const int priority, const char *fmt, ...);
+PCSC_API void log_xxd(const int priority, const char *msg,
+ const unsigned char *buffer, const int size);
+
+void DebugLogSuppress(const int);
+void DebugLogSetLogType(const int);
+int DebugLogSetCategory(const int);
+void DebugLogCategory(const int, const unsigned char *, const int);
+PCSC_API void DebugLogSetLevel(const int level);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __debuglog_h__ */
+
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/driverparser.c
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/driverparser.c (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/driverparser.c 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,1735 @@
+#define yy_create_buffer bp_create_buffer
+#define yy_delete_buffer bp_delete_buffer
+#define yy_scan_buffer bp_scan_buffer
+#define yy_scan_string bp_scan_string
+#define yy_scan_bytes bp_scan_bytes
+#define yy_flex_debug bp_flex_debug
+#define yy_init_buffer bp_init_buffer
+#define yy_flush_buffer bp_flush_buffer
+#define yy_load_buffer_state bp_load_buffer_state
+#define yy_switch_to_buffer bp_switch_to_buffer
+#define yyin bpin
+#define yyleng bpleng
+#define yylex bplex
+#define yyout bpout
+#define yyrestart bprestart
+#define yytext bptext
+#define yywrap bpwrap
+
+/*
+ * A lexical scanner generated by flex
+ */
+
+/*
+ * Scanner skeleton version: $Header:
+ * /home/cvsroot/muscle/PCSC/src/driverparser.c,v 1.1.1.1 2002/03/30
+ * 18:15:03 corcoran Exp $
+ */
+
+#define FLEX_SCANNER
+#define YY_FLEX_MAJOR_VERSION 2
+#define YY_FLEX_MINOR_VERSION 5
+
+#include <stdio.h>
+
+/*
+ * cfront 1.2 defines "c_plusplus" instead of "__cplusplus"
+ */
+#ifdef c_plusplus
+#ifndef __cplusplus
+#define __cplusplus
+#endif
+#endif
+
+#ifdef __cplusplus
+
+#include <stdlib.h>
+#include <unistd.h>
+
+/*
+ * Use prototypes in function declarations.
+ */
+#define YY_USE_PROTOS
+
+/*
+ * The "const" storage-class-modifier is valid.
+ */
+#define YY_USE_CONST
+
+#else /* ! __cplusplus */
+
+#if __STDC__
+
+#define YY_USE_PROTOS
+#define YY_USE_CONST
+
+#endif /* __STDC__ */
+#endif /* ! __cplusplus */
+
+#ifdef __TURBOC__
+#pragma warn -rch
+#pragma warn -use
+#include <io.h>
+#include <stdlib.h>
+#define YY_USE_CONST
+#define YY_USE_PROTOS
+#endif
+
+#ifdef YY_USE_CONST
+#define yyconst const
+#else
+#define yyconst
+#endif
+
+#ifdef YY_USE_PROTOS
+#define YY_PROTO(proto) proto
+#else
+#define YY_PROTO(proto) ()
+#endif
+
+/*
+ * Returned upon end-of-file.
+ */
+#define YY_NULL 0
+
+/*
+ * Promotes a possibly negative, possibly signed char to an unsigned
+ * integer for use as an array index. If the signed char is negative, we
+ * want to instead treat it as an 8-bit unsigned char, hence the double
+ * cast.
+ */
+#define YY_SC_TO_UI(c) ((unsigned int) (unsigned char) c)
+
+/*
+ * Enter a start condition. This macro really ought to take a parameter,
+ * but we do it the disgusting crufty way forced on us by the ()-less
+ * definition of BEGIN.
+ */
+#define BEGIN yy_start = 1 + 2 *
+
+/*
+ * Translate the current start state into a value that can be later handed
+ * to BEGIN to return to the state. The YYSTATE alias is for lex
+ * compatibility.
+ */
+#define YY_START ((yy_start - 1) / 2)
+#define YYSTATE YY_START
+
+/*
+ * Action number for EOF rule of a given start state.
+ */
+#define YY_STATE_EOF(state) (YY_END_OF_BUFFER + state + 1)
+
+/*
+ * Special action meaning "start processing a new file".
+ */
+#define YY_NEW_FILE yyrestart( yyin )
+
+#define YY_END_OF_BUFFER_CHAR 0
+
+/*
+ * Size of default input buffer.
+ */
+#define YY_BUF_SIZE 16384
+
+typedef struct yy_buffer_state *YY_BUFFER_STATE;
+
+extern int yyleng;
+extern FILE *yyin, *yyout;
+
+#define EOB_ACT_CONTINUE_SCAN 0
+#define EOB_ACT_END_OF_FILE 1
+#define EOB_ACT_LAST_MATCH 2
+
+/*
+ * The funky do-while in the following #define is used to turn the
+ * definition int a single C statement (which needs a semi-colon
+ * terminator). This avoids problems with code like: if (
+ * condition_holds ) yyless( 5 ); else do_something_else(); Prior to
+ * using the do-while the compiler would get upset at the "else" because
+ * it interpreted the "if" statement as being all done when it reached the
+ * ';' after the yyless() call.
+ */
+
+/*
+ * Return all but the first 'n' matched characters back to the input
+ * stream.
+ */
+
+#define yyless(n) \
+ do \
+ { \
+ /* Undo effects of setting up yytext. */ \
+ *yy_cp = yy_hold_char; \
+ YY_RESTORE_YY_MORE_OFFSET \
+ yy_c_buf_p = yy_cp = yy_bp + n - YY_MORE_ADJ; \
+ YY_DO_BEFORE_ACTION; /* set up yytext again */ \
+ } \
+ while ( 0 )
+
+#define unput(c) yyunput( c, yytext_ptr )
+
+/*
+ * The following is because we cannot portably get our hands on size_t
+ * (without autoconf's help, which isn't available because we want
+ * flex-generated scanners to compile on their own).
+ */
+typedef unsigned int yy_size_t;
+
+struct yy_buffer_state
+{
+ FILE *yy_input_file;
+
+ char *yy_ch_buf; /* input buffer */
+ char *yy_buf_pos; /* current position in input buffer */
+
+ /*
+ * Size of input buffer in bytes, not including room for EOB
+ * characters.
+ */
+ yy_size_t yy_buf_size;
+
+ /*
+ * Number of characters read into yy_ch_buf, not including EOB
+ * characters.
+ */
+ int yy_n_chars;
+
+ /*
+ * Whether we "own" the buffer - i.e., we know we created it, and can
+ * realloc() it to grow it, and should free() it to delete it.
+ */
+ int yy_is_our_buffer;
+
+ /*
+ * Whether this is an "interactive" input source; if so, and if we're
+ * using stdio for input, then we want to use getc() instead of
+ * fread(), to make sure we stop fetching input after each newline.
+ */
+ int yy_is_interactive;
+
+ /*
+ * Whether we're considered to be at the beginning of a line. If so,
+ * '^' rules will be active on the next match, otherwise not.
+ */
+ int yy_at_bol;
+
+ /*
+ * Whether to try to fill the input buffer when we reach the end of
+ * it.
+ */
+ int yy_fill_buffer;
+
+ int yy_buffer_status;
+#define YY_BUFFER_NEW 0
+#define YY_BUFFER_NORMAL 1
+ /*
+ * When an EOF's been seen but there's still some text to process then
+ * we mark the buffer as YY_EOF_PENDING, to indicate that we shouldn't
+ * try reading from the input source any more. We might still have a
+ * bunch of tokens to match, though, because of possible backing-up.
+ * When we actually see the EOF, we change the status to "new" (via
+ * yyrestart()), so that the user can continue scanning by just
+ * pointing yyin at a new input file.
+ */
+#define YY_BUFFER_EOF_PENDING 2
+};
+
+static YY_BUFFER_STATE yy_current_buffer = 0;
+
+/*
+ * We provide macros for accessing buffer states in case in the future we
+ * want to put the buffer states in a more general "scanner state".
+ */
+#define YY_CURRENT_BUFFER yy_current_buffer
+
+/*
+ * yy_hold_char holds the character lost when yytext is formed.
+ */
+static char yy_hold_char;
+
+static int yy_n_chars; /* number of characters read into
+ * yy_ch_buf */
+
+int yyleng;
+
+/*
+ * Points to current character in buffer.
+ */
+static char *yy_c_buf_p = (char *) 0;
+static int yy_init = 1; /* whether we need to initialize */
+static int yy_start = 0; /* start state number */
+
+/*
+ * Flag which is used to allow yywrap()'s to do buffer switches instead of
+ * setting up a fresh yyin. A bit of a hack ...
+ */
+static int yy_did_buffer_switch_on_eof;
+
+void yyrestart YY_PROTO((FILE * input_file));
+
+void yy_switch_to_buffer YY_PROTO((YY_BUFFER_STATE new_buffer));
+void yy_load_buffer_state YY_PROTO((void));
+YY_BUFFER_STATE yy_create_buffer YY_PROTO((FILE * file, int size));
+void yy_delete_buffer YY_PROTO((YY_BUFFER_STATE b));
+void yy_init_buffer YY_PROTO((YY_BUFFER_STATE b, FILE * file));
+void yy_flush_buffer YY_PROTO((YY_BUFFER_STATE b));
+#define YY_FLUSH_BUFFER yy_flush_buffer( yy_current_buffer )
+
+YY_BUFFER_STATE yy_scan_buffer YY_PROTO((char *base, yy_size_t size));
+YY_BUFFER_STATE yy_scan_string YY_PROTO((yyconst char *yy_str));
+YY_BUFFER_STATE yy_scan_bytes YY_PROTO((yyconst char *bytes, int len));
+
+static void *yy_flex_alloc YY_PROTO((yy_size_t));
+static void *yy_flex_realloc YY_PROTO((void *, yy_size_t));
+static void yy_flex_free YY_PROTO((void *));
+
+#define yy_new_buffer yy_create_buffer
+
+#define yy_set_interactive(is_interactive) \
+ { \
+ if ( ! yy_current_buffer ) \
+ yy_current_buffer = yy_create_buffer( yyin, YY_BUF_SIZE ); \
+ yy_current_buffer->yy_is_interactive = is_interactive; \
+ }
+
+#define yy_set_bol(at_bol) \
+ { \
+ if ( ! yy_current_buffer ) \
+ yy_current_buffer = yy_create_buffer( yyin, YY_BUF_SIZE ); \
+ yy_current_buffer->yy_at_bol = at_bol; \
+ }
+
+#define YY_AT_BOL() (yy_current_buffer->yy_at_bol)
+
+typedef unsigned char YY_CHAR;
+FILE *yyin = (FILE *) 0, *yyout = (FILE *) 0;
+typedef int yy_state_type;
+extern char *yytext;
+#define yytext_ptr yytext
+
+static yy_state_type yy_get_previous_state YY_PROTO((void));
+static yy_state_type yy_try_NUL_trans YY_PROTO((yy_state_type
+ current_state));
+static int yy_get_next_buffer YY_PROTO((void));
+static void yy_fatal_error YY_PROTO((yyconst char msg[]));
+
+/*
+ * Done after the current pattern has been matched and before the
+ * corresponding action - sets up yytext.
+ */
+#define YY_DO_BEFORE_ACTION \
+ yytext_ptr = yy_bp; \
+ yyleng = (int) (yy_cp - yy_bp); \
+ yy_hold_char = *yy_cp; \
+ *yy_cp = '\0'; \
+ yy_c_buf_p = yy_cp;
+
+#define YY_NUM_RULES 7
+#define YY_END_OF_BUFFER 8
+static yyconst short int yy_accept[39] = { 0,
+ 0, 0, 8, 6, 4, 2, 1, 6, 1, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 3,
+ 0, 0, 0, 0, 0, 0, 5, 0
+};
+
+static yyconst int yy_ec[256] = { 0,
+ 1, 1, 1, 1, 1, 1, 1, 1, 2, 3,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 2, 4, 4, 5, 4, 4, 4, 4, 4,
+ 4, 4, 4, 4, 4, 4, 6, 7, 7, 7,
+ 7, 7, 7, 7, 7, 7, 7, 4, 1, 8,
+ 4, 9, 4, 4, 10, 10, 10, 10, 10, 10,
+ 10, 10, 10, 10, 10, 10, 10, 10, 10, 10,
+ 10, 10, 10, 10, 10, 10, 10, 10, 10, 10,
+ 1, 1, 1, 4, 4, 1, 11, 11, 11, 11,
+
+ 12, 11, 13, 11, 14, 11, 15, 11, 11, 16,
+ 11, 11, 11, 17, 18, 19, 11, 11, 11, 11,
+ 20, 11, 1, 1, 1, 4, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1
+};
+
+static yyconst int yy_meta[21] = { 0,
+ 1, 2, 3, 4, 4, 4, 2, 1, 1, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2
+};
+
+static yyconst short int yy_base[43] = { 0,
+ 0, 7, 49, 50, 50, 50, 0, 1, 0, 36,
+ 28, 26, 28, 35, 29, 0, 26, 33, 27, 33,
+ 29, 22, 0, 24, 27, 14, 27, 23, 13, 50,
+ 10, 9, 4, 1, 0, 2, 50, 50, 19, 23,
+ 2, 26
+};
+
+static yyconst short int yy_def[43] = { 0,
+ 39, 39, 38, 38, 38, 38, 40, 38, 40, 38,
+ 38, 38, 38, 38, 38, 41, 38, 41, 38, 38,
+ 38, 38, 42, 38, 42, 38, 38, 38, 38, 38,
+ 38, 38, 38, 38, 38, 38, 38, 0, 38, 38,
+ 38, 38
+};
+
+static yyconst short int yy_nxt[71] = { 0,
+ 38, 5, 6, 18, 7, 38, 38, 8, 5, 6,
+ 37, 7, 36, 38, 8, 10, 35, 34, 11, 4,
+ 4, 4, 4, 9, 9, 33, 9, 25, 32, 25,
+ 31, 30, 29, 28, 27, 26, 24, 23, 22, 21,
+ 20, 19, 17, 16, 15, 14, 13, 12, 38, 3,
+ 38, 38, 38, 38, 38, 38, 38, 38, 38, 38,
+ 38, 38, 38, 38, 38, 38, 38, 38, 38, 38
+};
+
+static yyconst short int yy_chk[71] = { 0,
+ 0, 1, 1, 41, 1, 0, 0, 1, 2, 2,
+ 36, 2, 35, 0, 2, 8, 34, 33, 8, 39,
+ 39, 39, 39, 40, 40, 32, 40, 42, 31, 42,
+ 29, 28, 27, 26, 25, 24, 22, 21, 20, 19,
+ 18, 17, 15, 14, 13, 12, 11, 10, 3, 38,
+ 38, 38, 38, 38, 38, 38, 38, 38, 38, 38,
+ 38, 38, 38, 38, 38, 38, 38, 38, 38, 38
+};
+
+static yy_state_type yy_last_accepting_state;
+static char *yy_last_accepting_cpos;
+
+/*
+ * The intent behind this definition is that it'll catch any uses of
+ * REJECT which flex missed.
+ */
+#define REJECT reject_used_but_not_detected
+#define yymore() yymore_used_but_not_detected
+#define YY_MORE_ADJ 0
+#define YY_RESTORE_YY_MORE_OFFSET
+char *yytext;
+#line 1 "bundleparser.l"
+#define INITIAL 0
+/*****************************************************************
+
+ File : configfile.ll
+ Author : David Corcoran
+ Date : February 12, 1999 modified 7/28/99
+ Purpose: Reads lexical config files and updates database.
+ See http://www.linuxnet.com for more information.
+ License: Copyright (C) 1999 David Corcoran
+ <corcoran at linuxnet.com>
+
+******************************************************************/
+#line 14 "bundleparser.l"
+
+void evalToken(char *pcToken, int tokType);
+
+static char *pcDesiredKey = 0;
+static char pcKey[200];
+static char pcValue[200];
+static char pcFinValue[200];
+
+void errorCheck(char *pcToken_error);
+
+#line 427 "lex.bp.c"
+
+/*
+ * Macros after this point can all be overridden by user definitions in
+ * section 1.
+ */
+
+#ifndef YY_SKIP_YYWRAP
+#ifdef __cplusplus
+extern "C" int yywrap YY_PROTO((void));
+#else
+extern int yywrap YY_PROTO((void));
+#endif
+#endif
+
+#ifndef YY_NO_UNPUT
+static void yyunput YY_PROTO((int c, char *buf_ptr));
+#endif
+
+#ifndef yytext_ptr
+static void yy_flex_strncpy YY_PROTO((char *, yyconst char *, int));
+#endif
+
+#ifdef YY_NEED_STRLEN
+static int yy_flex_strlen YY_PROTO((yyconst char *));
+#endif
+
+#ifndef YY_NO_INPUT
+#ifdef __cplusplus
+static int yyinput YY_PROTO((void));
+#else
+static int input YY_PROTO((void));
+#endif
+#endif
+
+#if YY_STACK_USED
+static int yy_start_stack_ptr = 0;
+static int yy_start_stack_depth = 0;
+static int *yy_start_stack = 0;
+#ifndef YY_NO_PUSH_STATE
+static void yy_push_state YY_PROTO((int new_state));
+#endif
+#ifndef YY_NO_POP_STATE
+static void yy_pop_state YY_PROTO((void));
+#endif
+#ifndef YY_NO_TOP_STATE
+static int yy_top_state YY_PROTO((void));
+#endif
+
+#else
+#define YY_NO_PUSH_STATE 1
+#define YY_NO_POP_STATE 1
+#define YY_NO_TOP_STATE 1
+#endif
+
+#ifdef YY_MALLOC_DECL
+YY_MALLOC_DECL
+#else
+#if __STDC__
+#ifndef __cplusplus
+#include <stdlib.h>
+#endif
+#else
+/*
+ * Just try to get by without declaring the routines. This will fail
+ * miserably on non-ANSI systems for which sizeof(size_t) != sizeof(int)
+ * or sizeof(void*) != sizeof(int).
+ */
+#endif
+#endif
+
+/*
+ * Amount of stuff to slurp up with each read.
+ */
+#ifndef YY_READ_BUF_SIZE
+#define YY_READ_BUF_SIZE 8192
+#endif
+
+/*
+ * Copy whatever the last rule matched to the standard output.
+ */
+
+#ifndef ECHO
+/*
+ * This used to be an fputs(), but since the string might contain NUL's,
+ * we now use fwrite().
+ */
+#define ECHO (void) fwrite( yytext, yyleng, 1, yyout )
+#endif
+
+/*
+ * Gets input and stuffs it into "buf". number of characters read, or
+ * YY_NULL, is returned in "result".
+ */
+#ifndef YY_INPUT
+#define YY_INPUT(buf,result,max_size) \
+ if ( yy_current_buffer->yy_is_interactive ) \
+ { \
+ int c = '*', n; \
+ for ( n = 0; n < max_size && \
+ (c = getc( yyin )) != EOF && c != '\n'; ++n ) \
+ buf[n] = (char) c; \
+ if ( c == '\n' ) \
+ buf[n++] = (char) c; \
+ if ( c == EOF && ferror( yyin ) ) \
+ YY_FATAL_ERROR( "input in flex scanner failed" ); \
+ result = n; \
+ } \
+ else if ( ((result = fread( buf, 1, max_size, yyin )) == 0) \
+ && ferror( yyin ) ) \
+ YY_FATAL_ERROR( "input in flex scanner failed" );
+#endif
+
+/*
+ * No semi-colon after return; correct usage is to write "yyterminate();"
+ * - we don't want an extra ';' after the "return" because that will cause
+ * some compilers to complain about unreachable statements.
+ */
+#ifndef yyterminate
+#define yyterminate() return YY_NULL
+#endif
+
+/*
+ * Number of entries by which start-condition stack grows.
+ */
+#ifndef YY_START_STACK_INCR
+#define YY_START_STACK_INCR 25
+#endif
+
+/*
+ * Report a fatal error.
+ */
+#ifndef YY_FATAL_ERROR
+#define YY_FATAL_ERROR(msg) yy_fatal_error( msg )
+#endif
+
+/*
+ * Default declaration of generated scanner - a define so the user can
+ * easily add parameters.
+ */
+#ifndef YY_DECL
+#define YY_DECL int yylex YY_PROTO(( void ))
+#endif
+
+/*
+ * Code executed at the beginning of each rule, after yytext and yyleng
+ * have been set up.
+ */
+#ifndef YY_USER_ACTION
+#define YY_USER_ACTION
+#endif
+
+/*
+ * Code executed at the end of each rule.
+ */
+#ifndef YY_BREAK
+#define YY_BREAK break;
+#endif
+
+#define YY_RULE_SETUP \
+ YY_USER_ACTION
+
+YY_DECL
+{
+ register yy_state_type yy_current_state;
+ register char *yy_cp, *yy_bp;
+ register int yy_act;
+
+#line 26 "bundleparser.l"
+
+#line 581 "lex.bp.c"
+
+ if (yy_init)
+ {
+ yy_init = 0;
+
+#ifdef YY_USER_INIT
+ YY_USER_INIT;
+#endif
+
+ if (!yy_start)
+ yy_start = 1; /* first start state */
+
+ if (!yyin)
+ yyin = stdin;
+
+ if (!yyout)
+ yyout = stdout;
+
+ if (!yy_current_buffer)
+ yy_current_buffer = yy_create_buffer(yyin, YY_BUF_SIZE);
+
+ yy_load_buffer_state();
+ }
+
+ while (1) /* loops until end-of-file is reached */
+ {
+ yy_cp = yy_c_buf_p;
+
+ /*
+ * Support of yytext.
+ */
+ *yy_cp = yy_hold_char;
+
+ /*
+ * yy_bp points to the position in yy_ch_buf of the start of the
+ * current run.
+ */
+ yy_bp = yy_cp;
+
+ yy_current_state = yy_start;
+ yy_match:
+ do
+ {
+ register YY_CHAR yy_c = yy_ec[YY_SC_TO_UI(*yy_cp)];
+ if (yy_accept[yy_current_state])
+ {
+ yy_last_accepting_state = yy_current_state;
+ yy_last_accepting_cpos = yy_cp;
+ }
+ while (yy_chk[yy_base[yy_current_state] + yy_c] !=
+ yy_current_state)
+ {
+ yy_current_state = (int) yy_def[yy_current_state];
+ if (yy_current_state >= 39)
+ yy_c = yy_meta[(unsigned int) yy_c];
+ }
+ yy_current_state =
+ yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c];
+ ++yy_cp;
+ }
+ while (yy_base[yy_current_state] != 50);
+
+ yy_find_action:
+ yy_act = yy_accept[yy_current_state];
+ if (yy_act == 0)
+ { /* have to back up */
+ yy_cp = yy_last_accepting_cpos;
+ yy_current_state = yy_last_accepting_state;
+ yy_act = yy_accept[yy_current_state];
+ }
+
+ YY_DO_BEFORE_ACTION;
+
+ do_action: /* This label is used only to access EOF actions. */
+
+ switch (yy_act)
+ { /* beginning of action switch */
+ case 0: /* must back up */
+ /*
+ * undo the effects of YY_DO_BEFORE_ACTION
+ */
+ *yy_cp = yy_hold_char;
+ yy_cp = yy_last_accepting_cpos;
+ yy_current_state = yy_last_accepting_state;
+ goto yy_find_action;
+
+ case 1:
+ YY_RULE_SETUP
+#line 28 "bundleparser.l"
+ {
+ }
+ YY_BREAK case 2:
+ YY_RULE_SETUP
+#line 29 "bundleparser.l"
+ {
+ }
+ YY_BREAK case 3:
+ YY_RULE_SETUP
+#line 30 "bundleparser.l"
+ {
+ evalToken(bptext, 1);
+ }
+ YY_BREAK case 4:
+ YY_RULE_SETUP
+#line 31 "bundleparser.l"
+ {
+ }
+ YY_BREAK case 5:
+ YY_RULE_SETUP
+#line 32 "bundleparser.l"
+ {
+ evalToken(bptext, 2);
+ }
+ YY_BREAK case 6:
+ YY_RULE_SETUP
+#line 33 "bundleparser.l"
+ {
+ errorCheck(bptext);
+ }
+ YY_BREAK case 7:
+ YY_RULE_SETUP
+#line 34 "bundleparser.l"
+ ECHO;
+ YY_BREAK
+#line 699 "lex.bp.c"
+ case YY_STATE_EOF(INITIAL):
+ yyterminate();
+
+ case YY_END_OF_BUFFER:
+ {
+ /*
+ * Amount of text matched not including the EOB char.
+ */
+ int yy_amount_of_matched_text =
+ (int) (yy_cp - yytext_ptr) - 1;
+
+ /*
+ * Undo the effects of YY_DO_BEFORE_ACTION.
+ */
+ *yy_cp = yy_hold_char;
+ YY_RESTORE_YY_MORE_OFFSET
+ if (yy_current_buffer->yy_buffer_status ==
+ YY_BUFFER_NEW)
+ {
+ /*
+ * We're scanning a new file or input source. It's
+ * possible that this happened because the user just
+ * pointed yyin at a new source and called yylex().
+ * If so, then we have to assure consistency between
+ * yy_current_buffer and our globals. Here is the
+ * right place to do so, because this is the first
+ * action (other than possibly a back-up) that will
+ * match for the new input source.
+ */
+ yy_n_chars = yy_current_buffer->yy_n_chars;
+ yy_current_buffer->yy_input_file = yyin;
+ yy_current_buffer->yy_buffer_status = YY_BUFFER_NORMAL;
+ }
+
+ /*
+ * Note that here we test for yy_c_buf_p "<=" to the
+ * position of the first EOB in the buffer, since
+ * yy_c_buf_p will already have been incremented past the
+ * NUL character (since all states make transitions on EOB
+ * to the end-of-buffer state). Contrast this with the
+ * test in input().
+ */
+ if (yy_c_buf_p <=
+ &yy_current_buffer->yy_ch_buf[yy_n_chars])
+ { /* This was really a NUL. */
+ yy_state_type yy_next_state;
+
+ yy_c_buf_p = yytext_ptr + yy_amount_of_matched_text;
+
+ yy_current_state = yy_get_previous_state();
+
+ /*
+ * Okay, we're now positioned to make the NUL
+ * transition. We couldn't have
+ * yy_get_previous_state() go ahead and do it for us
+ * because it doesn't know how to deal with the
+ * possibility of jamming (and we don't want to build
+ * jamming into it because then it will run more
+ * slowly).
+ */
+
+ yy_next_state = yy_try_NUL_trans(yy_current_state);
+
+ yy_bp = yytext_ptr + YY_MORE_ADJ;
+
+ if (yy_next_state)
+ {
+ /*
+ * Consume the NUL.
+ */
+ yy_cp = ++yy_c_buf_p;
+ yy_current_state = yy_next_state;
+ goto yy_match;
+ }
+
+ else
+ {
+ yy_cp = yy_c_buf_p;
+ goto yy_find_action;
+ }
+ }
+
+ else
+ switch (yy_get_next_buffer())
+ {
+ case EOB_ACT_END_OF_FILE:
+ {
+ yy_did_buffer_switch_on_eof = 0;
+
+ if (yywrap())
+ {
+ /*
+ * Note: because we've taken care in
+ * yy_get_next_buffer() to have set up
+ * yytext, we can now set up yy_c_buf_p so
+ * that if some total hoser (like flex
+ * itself) wants to call the scanner after
+ * we return the YY_NULL, it'll still work
+ * - another YY_NULL will get returned.
+ */
+ yy_c_buf_p = yytext_ptr + YY_MORE_ADJ;
+
+ yy_act = YY_STATE_EOF(YY_START);
+ goto do_action;
+ }
+
+ else
+ {
+ if (!yy_did_buffer_switch_on_eof)
+ YY_NEW_FILE;
+ }
+ break;
+ }
+
+ case EOB_ACT_CONTINUE_SCAN:
+ yy_c_buf_p =
+ yytext_ptr + yy_amount_of_matched_text;
+
+ yy_current_state = yy_get_previous_state();
+
+ yy_cp = yy_c_buf_p;
+ yy_bp = yytext_ptr + YY_MORE_ADJ;
+ goto yy_match;
+
+ case EOB_ACT_LAST_MATCH:
+ yy_c_buf_p =
+ &yy_current_buffer->yy_ch_buf[yy_n_chars];
+
+ yy_current_state = yy_get_previous_state();
+
+ yy_cp = yy_c_buf_p;
+ yy_bp = yytext_ptr + YY_MORE_ADJ;
+ goto yy_find_action;
+ }
+ break;
+ }
+
+ default:
+ YY_FATAL_ERROR
+ ("fatal flex scanner internal error--no action found");
+ } /* end of action switch */
+ } /* end of scanning one token */
+} /* end of yylex */
+
+/*
+ * yy_get_next_buffer - try to read in a new buffer Returns a code
+ * representing an action: EOB_ACT_LAST_MATCH - EOB_ACT_CONTINUE_SCAN -
+ * continue scanning from current position EOB_ACT_END_OF_FILE - end of
+ * file
+ */
+
+static int yy_get_next_buffer()
+{
+ register char *dest = yy_current_buffer->yy_ch_buf;
+ register char *source = yytext_ptr;
+ register int number_to_move, i;
+ int ret_val;
+
+ if (yy_c_buf_p > &yy_current_buffer->yy_ch_buf[yy_n_chars + 1])
+ YY_FATAL_ERROR
+ ("fatal flex scanner internal error--end of buffer missed");
+
+ if (yy_current_buffer->yy_fill_buffer == 0)
+ { /* Don't try to fill the buffer, so this is an EOF. */
+ if (yy_c_buf_p - yytext_ptr - YY_MORE_ADJ == 1)
+ {
+ /*
+ * We matched a single character, the EOB, so treat this as a
+ * final EOF.
+ */
+ return EOB_ACT_END_OF_FILE;
+ }
+
+ else
+ {
+ /*
+ * We matched some text prior to the EOB, first process it.
+ */
+ return EOB_ACT_LAST_MATCH;
+ }
+ }
+
+ /*
+ * Try to read more data.
+ */
+
+ /*
+ * First move last chars to start of buffer.
+ */
+ number_to_move = (int) (yy_c_buf_p - yytext_ptr) - 1;
+
+ for (i = 0; i < number_to_move; ++i)
+ *(dest++) = *(source++);
+
+ if (yy_current_buffer->yy_buffer_status == YY_BUFFER_EOF_PENDING)
+ /*
+ * don't do the read, it's not guaranteed to return an EOF, just
+ * force an EOF
+ */
+ yy_current_buffer->yy_n_chars = yy_n_chars = 0;
+
+ else
+ {
+ int num_to_read =
+ yy_current_buffer->yy_buf_size - number_to_move - 1;
+
+ while (num_to_read <= 0)
+ { /* Not enough room in the buffer - grow it. */
+#ifdef YY_USES_REJECT
+ YY_FATAL_ERROR
+ ("input buffer overflow, can't enlarge buffer because scanner uses REJECT");
+#else
+
+ /*
+ * just a shorter name for the current buffer
+ */
+ YY_BUFFER_STATE b = yy_current_buffer;
+
+ int yy_c_buf_p_offset = (int) (yy_c_buf_p - b->yy_ch_buf);
+
+ if (b->yy_is_our_buffer)
+ {
+ int new_size = b->yy_buf_size * 2;
+
+ if (new_size <= 0)
+ b->yy_buf_size += b->yy_buf_size / 8;
+ else
+ b->yy_buf_size *= 2;
+
+ b->yy_ch_buf = (char *)
+ /*
+ * Include room in for 2 EOB chars.
+ */
+ yy_flex_realloc((void *) b->yy_ch_buf,
+ b->yy_buf_size + 2);
+ } else
+ /*
+ * Can't grow it, we don't own it.
+ */
+ b->yy_ch_buf = 0;
+
+ if (!b->yy_ch_buf)
+ YY_FATAL_ERROR
+ ("fatal error - scanner input buffer overflow");
+
+ yy_c_buf_p = &b->yy_ch_buf[yy_c_buf_p_offset];
+
+ num_to_read = yy_current_buffer->yy_buf_size -
+ number_to_move - 1;
+#endif
+ }
+
+ if (num_to_read > YY_READ_BUF_SIZE)
+ num_to_read = YY_READ_BUF_SIZE;
+
+ /*
+ * Read in more data.
+ */
+ YY_INPUT((&yy_current_buffer->yy_ch_buf[number_to_move]),
+ yy_n_chars, num_to_read);
+
+ yy_current_buffer->yy_n_chars = yy_n_chars;
+ }
+
+ if (yy_n_chars == 0)
+ {
+ if (number_to_move == YY_MORE_ADJ)
+ {
+ ret_val = EOB_ACT_END_OF_FILE;
+ yyrestart(yyin);
+ }
+
+ else
+ {
+ ret_val = EOB_ACT_LAST_MATCH;
+ yy_current_buffer->yy_buffer_status = YY_BUFFER_EOF_PENDING;
+ }
+ }
+
+ else
+ ret_val = EOB_ACT_CONTINUE_SCAN;
+
+ yy_n_chars += number_to_move;
+ yy_current_buffer->yy_ch_buf[yy_n_chars] = YY_END_OF_BUFFER_CHAR;
+ yy_current_buffer->yy_ch_buf[yy_n_chars + 1] = YY_END_OF_BUFFER_CHAR;
+
+ yytext_ptr = &yy_current_buffer->yy_ch_buf[0];
+
+ return ret_val;
+}
+
+/*
+ * yy_get_previous_state - get the state just before the EOB char was
+ * reached
+ */
+
+static yy_state_type yy_get_previous_state()
+{
+ register yy_state_type yy_current_state;
+ register char *yy_cp;
+
+ yy_current_state = yy_start;
+
+ for (yy_cp = yytext_ptr + YY_MORE_ADJ; yy_cp < yy_c_buf_p; ++yy_cp)
+ {
+ register YY_CHAR yy_c = (*yy_cp ? yy_ec[YY_SC_TO_UI(*yy_cp)] : 1);
+ if (yy_accept[yy_current_state])
+ {
+ yy_last_accepting_state = yy_current_state;
+ yy_last_accepting_cpos = yy_cp;
+ }
+ while (yy_chk[yy_base[yy_current_state] + yy_c] !=
+ yy_current_state)
+ {
+ yy_current_state = (int) yy_def[yy_current_state];
+ if (yy_current_state >= 39)
+ yy_c = yy_meta[(unsigned int) yy_c];
+ }
+ yy_current_state =
+ yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c];
+ }
+
+ return yy_current_state;
+}
+
+/*
+ * yy_try_NUL_trans - try to make a transition on the NUL character
+ * synopsis next_state = yy_try_NUL_trans( current_state );
+ */
+
+#ifdef YY_USE_PROTOS
+static yy_state_type yy_try_NUL_trans(yy_state_type yy_current_state)
+#else
+static yy_state_type yy_try_NUL_trans(yy_current_state)
+ yy_state_type yy_current_state;
+#endif
+{
+ register int yy_is_jam;
+ register char *yy_cp = yy_c_buf_p;
+
+ register YY_CHAR yy_c = 1;
+ if (yy_accept[yy_current_state])
+ {
+ yy_last_accepting_state = yy_current_state;
+ yy_last_accepting_cpos = yy_cp;
+ }
+ while (yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state)
+ {
+ yy_current_state = (int) yy_def[yy_current_state];
+ if (yy_current_state >= 39)
+ yy_c = yy_meta[(unsigned int) yy_c];
+ }
+ yy_current_state =
+ yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c];
+ yy_is_jam = (yy_current_state == 38);
+
+ return yy_is_jam ? 0 : yy_current_state;
+}
+
+#ifndef YY_NO_UNPUT
+#ifdef YY_USE_PROTOS
+static void yyunput(int c, register char *yy_bp)
+#else
+static void yyunput(c, yy_bp)
+ int c;
+ register char *yy_bp;
+#endif
+{
+ register char *yy_cp = yy_c_buf_p;
+
+ /*
+ * undo effects of setting up yytext
+ */
+ *yy_cp = yy_hold_char;
+
+ if (yy_cp < yy_current_buffer->yy_ch_buf + 2)
+ { /* need to shift things up to make room */
+ /*
+ * +2 for EOB chars.
+ */
+ register int number_to_move = yy_n_chars + 2;
+ register char *dest =
+ &yy_current_buffer->yy_ch_buf[yy_current_buffer->yy_buf_size +
+ 2];
+ register char *source =
+ &yy_current_buffer->yy_ch_buf[number_to_move];
+
+ while (source > yy_current_buffer->yy_ch_buf)
+ *--dest = *--source;
+
+ yy_cp += (int) (dest - source);
+ yy_bp += (int) (dest - source);
+ yy_current_buffer->yy_n_chars =
+ yy_n_chars = yy_current_buffer->yy_buf_size;
+
+ if (yy_cp < yy_current_buffer->yy_ch_buf + 2)
+ YY_FATAL_ERROR("flex scanner push-back overflow");
+ }
+
+ *--yy_cp = (char) c;
+
+ yytext_ptr = yy_bp;
+ yy_hold_char = *yy_cp;
+ yy_c_buf_p = yy_cp;
+}
+#endif /* ifndef YY_NO_UNPUT */
+
+#ifdef __cplusplus
+static int yyinput()
+#else
+static int input()
+#endif
+{
+ int c;
+
+ *yy_c_buf_p = yy_hold_char;
+
+ if (*yy_c_buf_p == YY_END_OF_BUFFER_CHAR)
+ {
+ /*
+ * yy_c_buf_p now points to the character we want to return. If
+ * this occurs *before* the EOB characters, then it's a valid NUL;
+ * if not, then we've hit the end of the buffer.
+ */
+ if (yy_c_buf_p < &yy_current_buffer->yy_ch_buf[yy_n_chars])
+ /*
+ * This was really a NUL.
+ */
+ *yy_c_buf_p = '\0';
+
+ else
+ { /* need more input */
+ int offset = yy_c_buf_p - yytext_ptr;
+ ++yy_c_buf_p;
+
+ switch (yy_get_next_buffer())
+ {
+ case EOB_ACT_LAST_MATCH:
+ /*
+ * This happens because yy_g_n_b() sees that we've
+ * accumulated a token and flags that we need to try
+ * matching the token before proceeding. But for input(),
+ * there's no matching to consider. So convert the
+ * EOB_ACT_LAST_MATCH to EOB_ACT_END_OF_FILE.
+ */
+
+ /*
+ * Reset buffer status.
+ */
+ yyrestart(yyin);
+
+ /*
+ * fall through
+ */
+
+ case EOB_ACT_END_OF_FILE:
+ {
+ if (yywrap())
+ return EOF;
+
+ if (!yy_did_buffer_switch_on_eof)
+ YY_NEW_FILE;
+#ifdef __cplusplus
+ return yyinput();
+#else
+ return input();
+#endif
+ }
+
+ case EOB_ACT_CONTINUE_SCAN:
+ yy_c_buf_p = yytext_ptr + offset;
+ break;
+ }
+ }
+ }
+
+ c = *(unsigned char *) yy_c_buf_p; /* cast for 8-bit char's */
+ *yy_c_buf_p = '\0'; /* preserve yytext */
+ yy_hold_char = *++yy_c_buf_p;
+
+ return c;
+}
+
+#ifdef YY_USE_PROTOS
+void yyrestart(FILE * input_file)
+#else
+void yyrestart(input_file)
+ FILE *input_file;
+#endif
+{
+ if (!yy_current_buffer)
+ yy_current_buffer = yy_create_buffer(yyin, YY_BUF_SIZE);
+
+ yy_init_buffer(yy_current_buffer, input_file);
+ yy_load_buffer_state();
+}
+
+#ifdef YY_USE_PROTOS
+void yy_switch_to_buffer(YY_BUFFER_STATE new_buffer)
+#else
+void yy_switch_to_buffer(new_buffer)
+ YY_BUFFER_STATE new_buffer;
+#endif
+{
+ if (yy_current_buffer == new_buffer)
+ return;
+
+ if (yy_current_buffer)
+ {
+ /*
+ * Flush out information for old buffer.
+ */
+ *yy_c_buf_p = yy_hold_char;
+ yy_current_buffer->yy_buf_pos = yy_c_buf_p;
+ yy_current_buffer->yy_n_chars = yy_n_chars;
+ }
+
+ yy_current_buffer = new_buffer;
+ yy_load_buffer_state();
+
+ /*
+ * We don't actually know whether we did this switch during EOF
+ * (yywrap()) processing, but the only time this flag is looked at is
+ * after yywrap() is called, so it's safe to go ahead and always set
+ * it.
+ */
+ yy_did_buffer_switch_on_eof = 1;
+}
+
+#ifdef YY_USE_PROTOS
+void yy_load_buffer_state(void)
+#else
+void yy_load_buffer_state()
+#endif
+{
+ yy_n_chars = yy_current_buffer->yy_n_chars;
+ yytext_ptr = yy_c_buf_p = yy_current_buffer->yy_buf_pos;
+ yyin = yy_current_buffer->yy_input_file;
+ yy_hold_char = *yy_c_buf_p;
+}
+
+#ifdef YY_USE_PROTOS
+YY_BUFFER_STATE yy_create_buffer(FILE * file, int size)
+#else
+YY_BUFFER_STATE yy_create_buffer(file, size)
+ FILE *file;
+ int size;
+#endif
+{
+ YY_BUFFER_STATE b;
+
+ b = (YY_BUFFER_STATE) yy_flex_alloc(sizeof(struct yy_buffer_state));
+ if (!b)
+ YY_FATAL_ERROR("out of dynamic memory in yy_create_buffer()");
+
+ b->yy_buf_size = size;
+
+ /*
+ * yy_ch_buf has to be 2 characters longer than the size given because
+ * we need to put in 2 end-of-buffer characters.
+ */
+ b->yy_ch_buf = (char *) yy_flex_alloc(b->yy_buf_size + 2);
+ if (!b->yy_ch_buf)
+ YY_FATAL_ERROR("out of dynamic memory in yy_create_buffer()");
+
+ b->yy_is_our_buffer = 1;
+
+ yy_init_buffer(b, file);
+
+ return b;
+}
+
+#ifdef YY_USE_PROTOS
+void yy_delete_buffer(YY_BUFFER_STATE b)
+#else
+void yy_delete_buffer(b)
+ YY_BUFFER_STATE b;
+#endif
+{
+ if (!b)
+ return;
+
+ if (b == yy_current_buffer)
+ yy_current_buffer = (YY_BUFFER_STATE) 0;
+
+ if (b->yy_is_our_buffer)
+ yy_flex_free((void *) b->yy_ch_buf);
+
+ yy_flex_free((void *) b);
+}
+
+#ifndef YY_ALWAYS_INTERACTIVE
+#ifndef YY_NEVER_INTERACTIVE
+extern int isatty YY_PROTO((int));
+#endif
+#endif
+
+#ifdef YY_USE_PROTOS
+void yy_init_buffer(YY_BUFFER_STATE b, FILE * file)
+#else
+void yy_init_buffer(b, file)
+ YY_BUFFER_STATE b;
+ FILE *file;
+#endif
+
+{
+ yy_flush_buffer(b);
+
+ b->yy_input_file = file;
+ b->yy_fill_buffer = 1;
+
+#if YY_ALWAYS_INTERACTIVE
+ b->yy_is_interactive = 1;
+#else
+#if YY_NEVER_INTERACTIVE
+ b->yy_is_interactive = 0;
+#else
+ b->yy_is_interactive = file ? (isatty(fileno(file)) > 0) : 0;
+#endif
+#endif
+}
+
+#ifdef YY_USE_PROTOS
+void yy_flush_buffer(YY_BUFFER_STATE b)
+#else
+void yy_flush_buffer(b)
+ YY_BUFFER_STATE b;
+#endif
+
+{
+ if (!b)
+ return;
+
+ b->yy_n_chars = 0;
+
+ /*
+ * We always need two end-of-buffer characters. The first causes a
+ * transition to the end-of-buffer state. The second causes a jam in
+ * that state.
+ */
+ b->yy_ch_buf[0] = YY_END_OF_BUFFER_CHAR;
+ b->yy_ch_buf[1] = YY_END_OF_BUFFER_CHAR;
+
+ b->yy_buf_pos = &b->yy_ch_buf[0];
+
+ b->yy_at_bol = 1;
+ b->yy_buffer_status = YY_BUFFER_NEW;
+
+ if (b == yy_current_buffer)
+ yy_load_buffer_state();
+}
+
+#ifndef YY_NO_SCAN_BUFFER
+#ifdef YY_USE_PROTOS
+YY_BUFFER_STATE yy_scan_buffer(char *base, yy_size_t size)
+#else
+YY_BUFFER_STATE yy_scan_buffer(base, size)
+ char *base;
+ yy_size_t size;
+#endif
+{
+ YY_BUFFER_STATE b;
+
+ if (size < 2 ||
+ base[size - 2] != YY_END_OF_BUFFER_CHAR ||
+ base[size - 1] != YY_END_OF_BUFFER_CHAR)
+ /*
+ * They forgot to leave room for the EOB's.
+ */
+ return 0;
+
+ b = (YY_BUFFER_STATE) yy_flex_alloc(sizeof(struct yy_buffer_state));
+ if (!b)
+ YY_FATAL_ERROR("out of dynamic memory in yy_scan_buffer()");
+
+ b->yy_buf_size = size - 2; /* "- 2" to take care of EOB's */
+ b->yy_buf_pos = b->yy_ch_buf = base;
+ b->yy_is_our_buffer = 0;
+ b->yy_input_file = 0;
+ b->yy_n_chars = b->yy_buf_size;
+ b->yy_is_interactive = 0;
+ b->yy_at_bol = 1;
+ b->yy_fill_buffer = 0;
+ b->yy_buffer_status = YY_BUFFER_NEW;
+
+ yy_switch_to_buffer(b);
+
+ return b;
+}
+#endif
+
+#ifndef YY_NO_SCAN_STRING
+#ifdef YY_USE_PROTOS
+YY_BUFFER_STATE yy_scan_string(yyconst char *yy_str)
+#else
+YY_BUFFER_STATE yy_scan_string(yy_str)
+ yyconst char *yy_str;
+#endif
+{
+ int len;
+ for (len = 0; yy_str[len]; ++len)
+ ;
+
+ return yy_scan_bytes(yy_str, len);
+}
+#endif
+
+#ifndef YY_NO_SCAN_BYTES
+#ifdef YY_USE_PROTOS
+YY_BUFFER_STATE yy_scan_bytes(yyconst char *bytes, int len)
+#else
+YY_BUFFER_STATE yy_scan_bytes(bytes, len)
+ yyconst char *bytes;
+ int len;
+#endif
+{
+ YY_BUFFER_STATE b;
+ char *buf;
+ yy_size_t n;
+ int i;
+
+ /*
+ * Get memory for full buffer, including space for trailing EOB's.
+ */
+ n = len + 2;
+ buf = (char *) yy_flex_alloc(n);
+ if (!buf)
+ YY_FATAL_ERROR("out of dynamic memory in yy_scan_bytes()");
+
+ for (i = 0; i < len; ++i)
+ buf[i] = bytes[i];
+
+ buf[len] = buf[len + 1] = YY_END_OF_BUFFER_CHAR;
+
+ b = yy_scan_buffer(buf, n);
+ if (!b)
+ YY_FATAL_ERROR("bad buffer in yy_scan_bytes()");
+
+ /*
+ * It's okay to grow etc. this buffer, and we should throw it away
+ * when we're done.
+ */
+ b->yy_is_our_buffer = 1;
+
+ return b;
+}
+#endif
+
+#ifndef YY_NO_PUSH_STATE
+#ifdef YY_USE_PROTOS
+static void yy_push_state(int new_state)
+#else
+static void yy_push_state(new_state)
+ int new_state;
+#endif
+{
+ if (yy_start_stack_ptr >= yy_start_stack_depth)
+ {
+ yy_size_t new_size;
+
+ yy_start_stack_depth += YY_START_STACK_INCR;
+ new_size = yy_start_stack_depth * sizeof(int);
+
+ if (!yy_start_stack)
+ yy_start_stack = (int *) yy_flex_alloc(new_size);
+
+ else
+ yy_start_stack = (int *) yy_flex_realloc(
+ (void *) yy_start_stack, new_size);
+
+ if (!yy_start_stack)
+ YY_FATAL_ERROR
+ ("out of memory expanding start-condition stack");
+ }
+
+ yy_start_stack[yy_start_stack_ptr++] = YY_START;
+
+ BEGIN(new_state);
+}
+#endif
+
+#ifndef YY_NO_POP_STATE
+static void yy_pop_state()
+{
+ if (--yy_start_stack_ptr < 0)
+ YY_FATAL_ERROR("start-condition stack underflow");
+
+ BEGIN(yy_start_stack[yy_start_stack_ptr]);
+}
+#endif
+
+#ifndef YY_NO_TOP_STATE
+static int yy_top_state()
+{
+ return yy_start_stack[yy_start_stack_ptr - 1];
+}
+#endif
+
+#ifndef YY_EXIT_FAILURE
+#define YY_EXIT_FAILURE 2
+#endif
+
+#ifdef YY_USE_PROTOS
+static void yy_fatal_error(yyconst char msg[])
+#else
+static void yy_fatal_error(msg)
+ char msg[];
+#endif
+{
+ (void) fprintf(stderr, "%s\n", msg);
+ exit(YY_EXIT_FAILURE);
+}
+
+/*
+ * Redefine yyless() so it works in section 3 code.
+ */
+
+#undef yyless
+#define yyless(n) \
+ do \
+ { \
+ /* Undo effects of setting up yytext. */ \
+ yytext[yyleng] = yy_hold_char; \
+ yy_c_buf_p = yytext + n; \
+ yy_hold_char = *yy_c_buf_p; \
+ *yy_c_buf_p = '\0'; \
+ yyleng = n; \
+ } \
+ while ( 0 )
+
+/*
+ * Internal utility routines.
+ */
+
+#ifndef yytext_ptr
+#ifdef YY_USE_PROTOS
+static void yy_flex_strncpy(char *s1, yyconst char *s2, int n)
+#else
+static void yy_flex_strncpy(s1, s2, n)
+ char *s1;
+ yyconst char *s2;
+ int n;
+#endif
+{
+ register int i;
+ for (i = 0; i < n; ++i)
+ s1[i] = s2[i];
+}
+#endif
+
+#ifdef YY_NEED_STRLEN
+#ifdef YY_USE_PROTOS
+static int yy_flex_strlen(yyconst char *s)
+#else
+static int yy_flex_strlen(s)
+ yyconst char *s;
+#endif
+{
+ register int n;
+ for (n = 0; s[n]; ++n)
+ ;
+
+ return n;
+}
+#endif
+
+#ifdef YY_USE_PROTOS
+static void *yy_flex_alloc(yy_size_t size)
+#else
+static void *yy_flex_alloc(size)
+ yy_size_t size;
+#endif
+{
+ return (void *) malloc(size);
+}
+
+#ifdef YY_USE_PROTOS
+static void *yy_flex_realloc(void *ptr, yy_size_t size)
+#else
+static void *yy_flex_realloc(ptr, size)
+ void *ptr;
+ yy_size_t size;
+#endif
+{
+ /*
+ * The cast to (char *) in the following accommodates both
+ * implementations that use char* generic pointers, and those that use
+ * void* generic pointers. It works with the latter because both ANSI
+ * C and C++ allow castless assignment from any pointer type to void*,
+ * and deal with argument conversions as though doing an assignment.
+ */
+ return (void *) realloc((char *) ptr, size);
+}
+
+#ifdef YY_USE_PROTOS
+static void yy_flex_free(void *ptr)
+#else
+static void yy_flex_free(ptr)
+ void *ptr;
+#endif
+{
+ free(ptr);
+}
+
+#if YY_MAIN
+int main()
+{
+ yylex();
+ return 0;
+}
+#endif
+#line 34 "bundleparser.l"
+
+#include <stdio.h>
+#include <string.h>
+
+#include "wintypes.h"
+#include "debuglog.h"
+
+int bpwrap()
+{
+ return 1;
+}
+
+void evalToken(char *pcToken, int tokType)
+{
+
+ int len;
+ len = 0;
+
+ if (tokType == 1)
+ {
+ for (len = 5; pcToken[len] != '<'; len++) ;
+ strncpy(pcKey, &pcToken[5], len - 5);
+ pcKey[len - 5] = 0;
+ }
+
+ if (tokType == 2)
+ {
+ for (len = 8; pcToken[len] != '<'; len++) ;
+ strncpy(pcValue, &pcToken[8], len - 8);
+ pcValue[len - 8] = 0;
+ if (strcmp(pcKey, pcDesiredKey) == 0)
+ {
+ strcpy(pcFinValue, pcValue);
+ }
+ }
+
+}
+
+void errorCheck(char *token_error)
+{
+}
+
+int LCFBundleFindValueWithKey(char *fileName, char *tokenKey,
+ char *tokenValue)
+{
+
+ FILE *file;
+ file = 0;
+
+ pcDesiredKey = tokenKey;
+ pcFinValue[0] = 0;
+
+ file = fopen(fileName, "r");
+
+ if (!file)
+ {
+ DebugLogB("Could not open bundle file : %s", fileName);
+ return 1;
+ }
+
+ bpin = file;
+
+ do
+ {
+ bplex();
+ }
+ while (!feof(file));
+
+ if (pcFinValue[0] == 0)
+ {
+ DebugLogB("Value/Key not defined for: %s", tokenKey);
+ fclose(file);
+ return -1;
+ } else
+ {
+ strcpy(tokenValue, pcFinValue);
+ fclose(file);
+ return 0;
+ }
+
+ fclose(file);
+ return 0;
+}
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/driverparser.l
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/driverparser.l (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/driverparser.l 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,108 @@
+/*****************************************************************
+
+ File : configfile.ll
+ Author : David Corcoran
+ Date : February 12, 1999 modified 7/28/99
+ Purpose: Reads lexical config files and updates database.
+ See http://www.linuxnet.com for more information.
+ License: Copyright (C) 1999 David Corcoran
+ <corcoran at linuxnet.com>
+
+******************************************************************/
+
+%{
+
+void evalToken( char *pcToken, int tokType );
+
+static char *pcDesiredKey = 0;
+static char pcKey[200];
+static char pcValue[200];
+static char pcFinValue[200];
+
+void errorCheck ( char *pcToken_error );
+
+%}
+
+%%
+
+#.* {}
+"\n" {}
+\<key\>([A-Z]|[a-z]|[0-9]|[ \t])+\<\/key\> { evalToken(bptext, 1); }
+[ \t] {}
+\<string\>([A-Z]|[a-z]|[0-9]|[ \t]|[!@#$%^&*()\-+/_\:?.,=~'"])+\<\/string\> { evalToken(bptext, 2); }
+. { errorCheck( bptext ); }
+%%
+
+#include <stdio.h>
+#include <string.h>
+
+#include "wintypes.h"
+#include "debuglog.h"
+
+int bpwrap() {
+ return 1;
+}
+
+
+void evalToken( char *pcToken, int tokType ) {
+
+ int len;
+ len = 0;
+
+ if ( tokType == 1 ) {
+ for (len=5; pcToken[len] != '<'; len++);
+ strncpy(pcKey, &pcToken[5], len - 5);
+ pcKey[len-5] = 0;
+ }
+
+ if ( tokType == 2 ) {
+ for (len=8; pcToken[len] != '<'; len++);
+ strncpy(pcValue, &pcToken[8], len - 8);
+ pcValue[len-8] = 0;
+ if ( strcmp(pcKey, pcDesiredKey) == 0 ) {
+ strcpy(pcFinValue, pcValue);
+ }
+ }
+
+
+}
+
+void errorCheck ( char *token_error ) { }
+
+int LCFBundleFindValueWithKey(char *fileName, char *tokenKey,
+ char *tokenValue ) {
+
+ FILE *file;
+ file = 0;
+
+ pcDesiredKey = tokenKey;
+ pcFinValue[0] = 0;
+
+ file = fopen(fileName, "r");
+
+ if (!file) {
+ DebugLogB( "Could not open bundle file : %s", fileName );
+ return 1;
+ }
+
+ bpin = file;
+
+ do {
+ bplex();
+ }
+ while (!feof(file));
+
+ if ( pcFinValue[0] == 0 ) {
+ DebugLogB( "Value/Key not defined for: %s", tokenKey );
+ fclose(file);
+ return -1;
+ } else {
+ strcpy(tokenValue, pcFinValue);
+ fclose(file);
+ return 0;
+ }
+
+ fclose(file);
+ return 0;
+}
+
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/dyn_generic.h
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/dyn_generic.h (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/dyn_generic.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,48 @@
+/*
+ * Copyright (c) 2000-2002 Apple Computer, Inc. All Rights Reserved.
+ * The contents of this file constitute Original Code as defined in and are
+ * subject to the Apple Public Source License Version 1.2 (the 'License').
+ * You may not use this file except in compliance with the License. Please
+ * obtain a copy of the License at http://www.apple.com/publicsource and
+ * read it before using this file.
+ *
+ * This Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS
+ * FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please
+ * see the License for the specific language governing rights and
+ * limitations under the License.
+ */
+
+/******************************************************************
+
+ MUSCLE SmartCard Development ( http://www.linuxnet.com )
+ Title : dyn_generic.h
+ Package: pcsc lite
+ Author : David Corcoran
+ Date : 8/12/99
+ License: Copyright (C) 1999 David Corcoran
+ <corcoran at linuxnet.com>
+ Purpose: This abstracts dynamic library loading
+ functions.
+
+********************************************************************/
+
+#ifndef __dyn_generic_h__
+#define __dyn_generic_h__
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+
+ int DYN_LoadLibrary(void **, char *);
+ int DYN_CloseLibrary(void **);
+ int DYN_GetAddress(void *, void **, char *);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/dyn_macosx.c
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/dyn_macosx.c (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/dyn_macosx.c 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,133 @@
+/*
+ * Copyright (c) 2000-2002 Apple Computer, Inc. All Rights Reserved.
+ * The contents of this file constitute Original Code as defined in and are
+ * subject to the Apple Public Source License Version 1.2 (the 'License').
+ * You may not use this file except in compliance with the License. Please
+ * obtain a copy of the License at http://www.apple.com/publicsource and
+ * read it before using this file.
+ *
+ * This Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS
+ * FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please
+ * see the License for the specific language governing rights and
+ * limitations under the License.
+ */
+
+/******************************************************************
+
+ MUSCLE SmartCard Development ( http://www.linuxnet.com )
+ Title : dyn_macosx.c
+ Package: pcsc lite
+ Author : David Corcoran
+ Date : 3/15/00
+ License: Copyright (C) 2000 David Corcoran
+ <corcoran at linuxnet.com>
+ Purpose: This abstracts dynamic library loading
+ functions and timing.
+
+********************************************************************/
+
+#include <CoreFoundation/CFBundle.h>
+#include <CoreFoundation/CFString.h>
+#include <CoreFoundation/CFURL.h>
+
+#include "config.h"
+#include "wintypes.h"
+#include "pcsclite.h"
+#include "dyn_generic.h"
+#include "debuglog.h"
+
+/*
+ * / Load a module (if needed)
+ */
+int DYN_LoadLibrary(void **pvLHandle, char *pcLibrary)
+{
+
+ CFStringRef bundlePath;
+ CFURLRef bundleURL;
+ CFBundleRef bundle;
+
+ *pvLHandle = 0;
+
+ /*
+ * @@@ kCFStringEncodingMacRoman might be wrong on non US systems.
+ */
+
+ bundlePath = CFStringCreateWithCString(NULL, pcLibrary,
+ kCFStringEncodingMacRoman);
+ if (bundlePath == NULL)
+ {
+ return SCARD_E_NO_MEMORY;
+
+ } else
+ {
+ }
+
+ bundleURL = CFURLCreateWithFileSystemPath(NULL, bundlePath,
+ kCFURLPOSIXPathStyle, TRUE);
+ CFRelease(bundlePath);
+ if (bundleURL == NULL)
+ {
+ return SCARD_E_NO_MEMORY;
+ } else
+ {
+ }
+
+ bundle = CFBundleCreate(NULL, bundleURL);
+ CFRelease(bundleURL);
+ if (bundle == NULL)
+ {
+ return SCARD_F_UNKNOWN_ERROR;
+ } else
+ {
+ }
+
+ if (!CFBundleLoadExecutable(bundle))
+ {
+ CFRelease(bundle);
+ return SCARD_F_UNKNOWN_ERROR;
+ } else
+ {
+ }
+
+ *pvLHandle = (void *) bundle;
+
+ return SCARD_S_SUCCESS;
+}
+
+int DYN_CloseLibrary(void **pvLHandle)
+{
+
+ CFBundleRef bundle = (CFBundleRef) * pvLHandle;
+
+ if (CFBundleIsExecutableLoaded(bundle) == TRUE)
+ {
+ CFBundleUnloadExecutable(bundle);
+ CFRelease(bundle);
+ } else
+ {
+ DebugLogA("DYN_CloseLibrary: Cannot unload library.");
+ }
+
+ *pvLHandle = 0;
+ return SCARD_S_SUCCESS;
+}
+
+int DYN_GetAddress(void *pvLHandle, void **pvFHandle, char *pcFunction)
+{
+
+ CFBundleRef bundle = (CFBundleRef) pvLHandle;
+ CFStringRef cfName = CFStringCreateWithCString(NULL, pcFunction,
+ kCFStringEncodingMacRoman);
+ if (cfName == NULL)
+ return SCARD_E_NO_MEMORY;
+
+ *pvFHandle = CFBundleGetFunctionPointerForName(bundle, cfName);
+ CFRelease(cfName);
+ if (*pvFHandle == NULL)
+ return SCARD_F_UNKNOWN_ERROR;
+
+ return SCARD_S_SUCCESS;
+}
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/eventhandler.c
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/eventhandler.c (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/eventhandler.c 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,550 @@
+/*
+ * Copyright (c) 2000-2002 Apple Computer, Inc. All Rights Reserved.
+ * The contents of this file constitute Original Code as defined in and are
+ * subject to the Apple Public Source License Version 1.2 (the 'License').
+ * You may not use this file except in compliance with the License. Please
+ * obtain a copy of the License at http://www.apple.com/publicsource and
+ * read it before using this file.
+ *
+ * This Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS
+ * FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please
+ * see the License for the specific language governing rights and
+ * limitations under the License.
+ */
+
+/******************************************************************
+
+ MUSCLE SmartCard Development ( http://www.linuxnet.com )
+ Title : eventhandler.c
+ Package: pcsc lite
+ Author : David Corcoran
+ Date : 3/13/00
+ License: Copyright (C) 2000 David Corcoran
+ <corcoran at linuxnet.com>
+ Purpose: This keeps track of card insertion/removal events
+ and updates ATR, protocol, and status information.
+
+********************************************************************/
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/errno.h>
+#include <string.h>
+#include <stdlib.h>
+#include <fcntl.h>
+
+
+#include "config.h"
+#include "wintypes.h"
+#include "pcsclite.h"
+#include "thread_generic.h"
+#include "readerfactory.h"
+#include "eventhandler.h"
+#include "dyn_generic.h"
+#include "sys_generic.h"
+#include "ifdhandler.h"
+#include "ifdwrapper.h"
+#include "debuglog.h"
+#include "prothandler.h"
+
+#include <security_utilities/debugging.h>
+
+static PREADER_STATES readerStates[PCSCLITE_MAX_CONTEXTS];
+
+void EHStatusHandlerThread(PREADER_CONTEXT);
+
+LONG EHInitializeEventStructures()
+{
+
+ int fd, i, pageSize;
+
+ fd = 0;
+ i = 0;
+ pageSize = 0;
+
+ SYS_RemoveFile(PCSCLITE_PUBSHM_FILE);
+
+ fd = SYS_OpenFile(PCSCLITE_PUBSHM_FILE, O_RDWR | O_CREAT, 00644);
+ if (fd < 0)
+ {
+ DebugLogA("Error: Cannot open public shared file");
+ exit(1);
+ }
+
+ SYS_Chmod(PCSCLITE_PUBSHM_FILE,
+ S_IRGRP | S_IREAD | S_IWRITE | S_IROTH);
+
+ pageSize = SYS_GetPageSize();
+
+ /*
+ * Jump to end of file space and allocate zero's
+ */
+ SYS_SeekFile(fd, pageSize * PCSCLITE_MAX_CONTEXTS);
+ SYS_WriteFile(fd, "", 1);
+
+ /*
+ * Allocate each reader structure
+ */
+ for (i = 0; i < PCSCLITE_MAX_CONTEXTS; i++)
+ {
+ readerStates[i] = (PREADER_STATES)
+ SYS_MemoryMap(sizeof(READER_STATES), fd, (i * pageSize));
+ if (readerStates[i] == 0)
+ {
+ DebugLogA("Error: Cannot public memory map");
+ exit(1);
+ }
+
+ /*
+ * Zero out each value in the struct
+ */
+ memset((readerStates[i])->readerName, 0, MAX_READERNAME);
+ memset((readerStates[i])->cardAtr, 0, MAX_ATR_SIZE);
+ (readerStates[i])->readerID = 0;
+ (readerStates[i])->readerState = 0;
+ (readerStates[i])->lockState = 0;
+ (readerStates[i])->readerSharing = 0;
+ (readerStates[i])->cardAtrLength = 0;
+ (readerStates[i])->cardProtocol = 0;
+ }
+
+ return SCARD_S_SUCCESS;
+}
+
+LONG EHDestroyEventHandler(PREADER_CONTEXT rContext)
+{
+
+ LONG rv;
+ int i;
+
+ i = 0;
+ rv = 0;
+
+
+ i = rContext->dwPublicID;
+ if ((readerStates[i])->readerName[0] == 0)
+ {
+ DebugLogA("EHDestroyEventHandler: Thread already stomped.");
+ return SCARD_S_SUCCESS;
+ }
+
+ /*
+ * Set the thread to 0 to exit thread
+ */
+ rContext->dwLockId = 0xFFFF;
+
+ DebugLogA("EHDestroyEventHandler: Stomping thread.");
+
+ do
+ {
+ /*
+ * Wait 0.05 seconds for the child to respond
+ */
+ SYS_USleep(50000);
+ }
+ while (rContext->dwLockId == 0xFFFF);
+
+ /*
+ * Zero out the public status struct to allow it to be recycled and
+ * used again
+ */
+
+ memset((readerStates[i])->readerName, 0, MAX_READERNAME);
+ memset((readerStates[i])->cardAtr, 0, MAX_ATR_SIZE);
+ (readerStates[i])->readerID = 0;
+ (readerStates[i])->readerState = 0;
+ (readerStates[i])->lockState = 0;
+ (readerStates[i])->readerSharing = 0;
+ (readerStates[i])->cardAtrLength = 0;
+ (readerStates[i])->cardProtocol = 0;
+
+ SYS_MMapSynchronize((void *) readerStates[i], SYS_GetPageSize());
+
+ /* Zero the thread */
+ rContext->pthThread = 0;
+
+ DebugLogA("EHDestroyEventHandler: Thread stomped.");
+
+ return SCARD_S_SUCCESS;
+}
+
+LONG EHSpawnEventHandler(PREADER_CONTEXT rContext)
+{
+ LONG rv;
+ LPCSTR lpcReader;
+ DWORD dwStatus, dwProtocol;
+ int i;
+
+ /*
+ * Zero out everything
+ */
+ rv = 0;
+ lpcReader = 0;
+ dwStatus = 0;
+ dwProtocol = 0;
+ i = 0;
+
+ lpcReader = rContext->lpcReader;
+
+ rv = IFDStatusICC(rContext, &dwStatus,
+ &dwProtocol, rContext->ucAtr, &rContext->dwAtrLen);
+
+ if (rv != SCARD_S_SUCCESS)
+ {
+ DebugLogB("EHSpawnEventHandler: Initial Check Failed on %s",
+ lpcReader);
+ return SCARD_F_UNKNOWN_ERROR;
+ }
+
+ /*
+ * Find an empty reader slot and insert the new reader
+ */
+ for (i = 0; i < PCSCLITE_MAX_CONTEXTS; i++)
+ {
+ if ((readerStates[i])->readerID == 0)
+ {
+ break;
+ }
+ }
+
+ if (i == PCSCLITE_MAX_CONTEXTS)
+ {
+ return SCARD_F_INTERNAL_ERROR;
+ }
+
+ /*
+ * Set all the attributes to this reader
+ */
+ strcpy((readerStates[i])->readerName, rContext->lpcReader);
+ memcpy((readerStates[i])->cardAtr, rContext->ucAtr,
+ rContext->dwAtrLen);
+ (readerStates[i])->readerID = htonl(i + 100);
+ (readerStates[i])->readerState = htonl(rContext->dwStatus);
+ (readerStates[i])->readerSharing = htonl(rContext->dwContexts);
+ (readerStates[i])->cardAtrLength = htonl(rContext->dwAtrLen);
+ (readerStates[i])->cardProtocol = htonl(rContext->dwProtocol);
+ /*
+ * So the thread can access this array indice
+ */
+ rContext->dwPublicID = i;
+
+ rv = SYS_ThreadCreate(&rContext->pthThread, NULL,
+ (LPVOID) EHStatusHandlerThread, (LPVOID) rContext);
+ secdebug("pcscd", "EHSpawnEventHandler after thread create: %d [%04X]", rv, rv);
+ if (rv == 1)
+ {
+ return SCARD_S_SUCCESS;
+ } else
+ {
+ return SCARD_E_NO_MEMORY;
+ }
+
+}
+
+void EHStatusHandlerThread(PREADER_CONTEXT rContext)
+{
+
+ LONG rv;
+ LPCSTR lpcReader;
+ DWORD dwStatus, dwProtocol, dwReaderSharing;
+ DWORD dwErrorCount, dwCurrentState;
+ int i, pageSize;
+
+ /*
+ * Zero out everything
+ */
+ rv = 0;
+ lpcReader = 0;
+ dwStatus = 0;
+ dwProtocol = 0;
+ dwReaderSharing = 0;
+ dwCurrentState = 0;
+ dwErrorCount = 0;
+ i = 0;
+ pageSize = 0;
+
+ lpcReader = rContext->lpcReader;
+ i = rContext->dwPublicID;
+
+ pageSize = SYS_GetPageSize();
+
+ rv = IFDStatusICC(rContext, &dwStatus,
+ &dwProtocol, rContext->ucAtr, &rContext->dwAtrLen);
+ secdebug("pcscd", "EHStatusHandlerThread: initial call to IFDStatusICC: %d [%04X]", rv, rv);
+
+ if (dwStatus & SCARD_PRESENT)
+ {
+ rv = IFDPowerICC(rContext, IFD_POWER_UP,
+ rContext->ucAtr, &rContext->dwAtrLen);
+ secdebug("pcscd", "EHStatusHandlerThread: initial call to IFDPowerICC: %d [%04X]", rv, rv);
+
+ if (rv == IFD_SUCCESS)
+ {
+ rContext->dwProtocol = PHGetDefaultProtocol(rContext->ucAtr,
+ rContext->dwAtrLen);
+ rContext->dwStatus |= SCARD_PRESENT;
+ rContext->dwStatus &= ~SCARD_ABSENT;
+ rContext->dwStatus |= SCARD_POWERED;
+ rContext->dwStatus |= SCARD_NEGOTIABLE;
+ rContext->dwStatus &= ~SCARD_SPECIFIC;
+ rContext->dwStatus &= ~SCARD_SWALLOWED;
+ rContext->dwStatus &= ~SCARD_UNKNOWN;
+ } else
+ {
+ rContext->dwStatus |= SCARD_PRESENT;
+ rContext->dwStatus &= ~SCARD_ABSENT;
+ rContext->dwStatus |= SCARD_SWALLOWED;
+ rContext->dwStatus &= ~SCARD_POWERED;
+ rContext->dwStatus &= ~SCARD_NEGOTIABLE;
+ rContext->dwStatus &= ~SCARD_SPECIFIC;
+ rContext->dwStatus &= ~SCARD_UNKNOWN;
+ rContext->dwProtocol = 0;
+ rContext->dwAtrLen = 0;
+ }
+
+ dwCurrentState = SCARD_PRESENT;
+
+ } else
+ {
+ dwCurrentState = SCARD_ABSENT;
+ rContext->dwStatus |= SCARD_ABSENT;
+ rContext->dwStatus &= ~SCARD_PRESENT;
+ rContext->dwStatus &= ~SCARD_POWERED;
+ rContext->dwStatus &= ~SCARD_NEGOTIABLE;
+ rContext->dwStatus &= ~SCARD_SPECIFIC;
+ rContext->dwStatus &= ~SCARD_SWALLOWED;
+ rContext->dwStatus &= ~SCARD_UNKNOWN;
+ rContext->dwAtrLen = 0;
+ rContext->dwProtocol = 0;
+ }
+
+ /*
+ * Set all the public attributes to this reader
+ */
+ (readerStates[i])->readerState = htonl(rContext->dwStatus);
+ (readerStates[i])->cardAtrLength = htonl(rContext->dwAtrLen);
+ (readerStates[i])->cardProtocol = htonl(rContext->dwProtocol);
+ dwReaderSharing = rContext->dwContexts;
+ (readerStates[i])->readerSharing = htonl(dwReaderSharing);
+ memcpy((readerStates[i])->cardAtr, rContext->ucAtr,
+ rContext->dwAtrLen);
+
+ SYS_MMapSynchronize((void *) readerStates[i], pageSize);
+
+ while (1)
+ {
+
+ dwStatus = 0;
+
+ rv = IFDStatusICC(rContext, &dwStatus,
+ &dwProtocol, rContext->ucAtr, &rContext->dwAtrLen);
+// secdebug("pcscd", "EHStatusHandlerThread: loop call to IFDStatusICC: %d [%04X]", rv, rv);
+
+ if (rv != SCARD_S_SUCCESS)
+ {
+ DebugLogB("EHSpawnEventHandler: Error communicating to: %s",
+ lpcReader);
+
+ /*
+ * Set error status on this reader while errors occur
+ */
+
+ rContext->dwStatus &= ~SCARD_ABSENT;
+ rContext->dwStatus &= ~SCARD_PRESENT;
+ rContext->dwStatus &= ~SCARD_POWERED;
+ rContext->dwStatus &= ~SCARD_NEGOTIABLE;
+ rContext->dwStatus &= ~SCARD_SPECIFIC;
+ rContext->dwStatus &= ~SCARD_SWALLOWED;
+ rContext->dwStatus |= SCARD_UNKNOWN;
+ rContext->dwAtrLen = 0;
+ rContext->dwProtocol = 0;
+
+ dwCurrentState = SCARD_UNKNOWN;
+
+ /*
+ * Set all the public attributes to this reader
+ */
+ (readerStates[i])->readerState = htonl(rContext->dwStatus);
+ (readerStates[i])->cardAtrLength = htonl(rContext->dwAtrLen);
+ (readerStates[i])->cardProtocol = htonl(rContext->dwProtocol);
+ memcpy((readerStates[i])->cardAtr, rContext->ucAtr,
+ rContext->dwAtrLen);
+ SYS_MMapSynchronize((void *) readerStates[i], pageSize);
+
+ /*
+ * This code causes race conditions on G4's with USB
+ * insertion
+ */
+ /*
+ * dwErrorCount += 1; SYS_Sleep(1);
+ */
+ /*
+ * After 10 seconds of errors, try to reinitialize the reader
+ * This sometimes helps bring readers out of *crazy* states.
+ */
+ /*
+ * if ( dwErrorCount == 10 ) { RFUnInitializeReader( rContext
+ * ); RFInitializeReader( rContext ); dwErrorCount = 0; }
+ */
+
+ /*
+ * End of race condition code block
+ */
+
+ }
+
+ if (dwStatus & SCARD_ABSENT)
+ {
+ if (dwCurrentState == SCARD_PRESENT ||
+ dwCurrentState == SCARD_UNKNOWN)
+ {
+
+ /*
+ * Change the status structure
+ */
+ DebugLogB("EHSpawnEventHandler: Card Removed From %s",
+ lpcReader);
+ /*
+ * Notify the card has been removed
+ */
+ RFSetReaderEventState(rContext, SCARD_REMOVED);
+
+ rContext->dwAtrLen = 0;
+ rContext->dwProtocol = 0;
+ rContext->dwStatus |= SCARD_ABSENT;
+ rContext->dwStatus &= ~SCARD_UNKNOWN;
+ rContext->dwStatus &= ~SCARD_PRESENT;
+ rContext->dwStatus &= ~SCARD_POWERED;
+ rContext->dwStatus &= ~SCARD_NEGOTIABLE;
+ rContext->dwStatus &= ~SCARD_SWALLOWED;
+ rContext->dwStatus &= ~SCARD_SPECIFIC;
+ dwCurrentState = SCARD_ABSENT;
+
+ /*
+ * Set all the public attributes to this reader
+ */
+ (readerStates[i])->readerState = htonl(rContext->dwStatus);
+ (readerStates[i])->cardAtrLength = htonl(rContext->dwAtrLen);
+ (readerStates[i])->cardProtocol = htonl(rContext->dwProtocol);
+ memcpy((readerStates[i])->cardAtr, rContext->ucAtr,
+ rContext->dwAtrLen);
+
+ SYS_MMapSynchronize((void *) readerStates[i], pageSize);
+ }
+
+ } else if (dwStatus & SCARD_PRESENT)
+ {
+ if (dwCurrentState == SCARD_ABSENT ||
+ dwCurrentState == SCARD_UNKNOWN)
+ {
+
+ /*
+ * Power and reset the card
+ */
+ SYS_USleep(PCSCLITE_STATUS_WAIT);
+ rv = IFDPowerICC(rContext, IFD_POWER_UP,
+ rContext->ucAtr, &rContext->dwAtrLen);
+ secdebug("pcscd", "EHStatusHandlerThread: power-and-reset call to IFDPowerICC: %d [%04X]", rv, rv);
+
+ if (rv == IFD_SUCCESS)
+ {
+ rContext->dwProtocol =
+ PHGetDefaultProtocol(rContext->ucAtr,
+ rContext->dwAtrLen);
+ rContext->dwStatus |= SCARD_PRESENT;
+ rContext->dwStatus &= ~SCARD_ABSENT;
+ rContext->dwStatus |= SCARD_POWERED;
+ rContext->dwStatus |= SCARD_NEGOTIABLE;
+ rContext->dwStatus &= ~SCARD_SPECIFIC;
+ rContext->dwStatus &= ~SCARD_UNKNOWN;
+ rContext->dwStatus &= ~SCARD_SWALLOWED;
+
+ /*
+ * Notify the card has been reset
+ */
+ /*
+ * RFSetReaderEventState( rContext, SCARD_RESET );
+ */
+ } else
+ {
+ rContext->dwStatus |= SCARD_PRESENT;
+ rContext->dwStatus &= ~SCARD_ABSENT;
+ rContext->dwStatus |= SCARD_SWALLOWED;
+ rContext->dwStatus &= ~SCARD_POWERED;
+ rContext->dwStatus &= ~SCARD_NEGOTIABLE;
+ rContext->dwStatus &= ~SCARD_SPECIFIC;
+ rContext->dwStatus &= ~SCARD_UNKNOWN;
+ rContext->dwAtrLen = 0;
+ rContext->dwProtocol = 0;
+ }
+
+ dwCurrentState = SCARD_PRESENT;
+
+ /*
+ * Set all the public attributes to this reader
+ */
+ (readerStates[i])->readerState = htonl(rContext->dwStatus);
+ (readerStates[i])->cardAtrLength = htonl(rContext->dwAtrLen);
+ (readerStates[i])->cardProtocol = htonl(rContext->dwProtocol);
+ memcpy((readerStates[i])->cardAtr, rContext->ucAtr,
+ rContext->dwAtrLen);
+
+ SYS_MMapSynchronize((void *) readerStates[i], pageSize);
+
+ DebugLogB("EHSpawnEventHandler: Card inserted into %s",
+ lpcReader);
+
+ if (rv == IFD_SUCCESS)
+ {
+ if (rContext->dwAtrLen > 0)
+ {
+ DebugXxd("EHSpawnEventHandler: Card ATR: ",
+ rContext->ucAtr, rContext->dwAtrLen);
+ } else
+ {
+ DebugLogA("EHSpawnEventHandler: Card ATR: (NULL)");
+ }
+
+ } else
+ {
+ DebugLogA
+ ("EHSpawnEventHandler: Error powering up card.");
+ }
+ }
+ }
+
+ if (rContext->dwLockId == 0xFFFF)
+ {
+ /*
+ * Exit and notify the caller
+ */
+ secdebug("pcscd", "EHStatusHandlerThread: lockid is -1?? - exiting");
+ rContext->dwLockId = 0;
+ SYS_ThreadDetach(rContext->pthThread);
+ SYS_ThreadExit(0);
+ }
+
+ /*
+ * Sharing may change w/o an event pass it on
+ */
+
+ if (dwReaderSharing != rContext->dwContexts)
+ {
+ dwReaderSharing = rContext->dwContexts;
+ (readerStates[i])->readerSharing = htonl(dwReaderSharing);
+ SYS_MMapSynchronize((void *) readerStates[i], pageSize);
+ }
+
+ SYS_USleep(PCSCLITE_STATUS_POLL_RATE);
+ }
+}
+
+void EHSetSharingEvent(PREADER_CONTEXT rContext, DWORD dwValue)
+{
+
+ (readerStates[rContext->dwPublicID])->lockState = htonl(dwValue);
+
+}
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/eventhandler.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/eventhandler.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/eventhandler.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,533 @@
+/*
+ * Copyright (c) 2000-2007 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * eventhandler.cpp
+ * SmartCardServices
+ */
+
+/*
+ * MUSCLE SmartCard Development ( http://www.linuxnet.com )
+ *
+ * Copyright (C) 2000
+ * David Corcoran <corcoran at linuxnet.com>
+ * Copyright (C) 2004
+ * Ludovic Rousseau <ludovic.rousseau at free.fr>
+ *
+ * $Id: eventhandler.c 2377 2007-02-05 13:13:56Z rousseau $
+ */
+
+/**
+ * @file
+ * @brief This keeps track of card insertion/removal events
+ * and updates ATR, protocol, and status information.
+ */
+
+#include "config.h"
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/errno.h>
+#include <sys/mman.h>
+#include <fcntl.h>
+#include <string.h>
+#include <stdlib.h>
+
+#include "wintypes.h"
+#include "pcsclite.h"
+#include "ifdhandler.h"
+#include "debuglog.h"
+#include "thread_generic.h"
+#include "readerfactory.h"
+#include "eventhandler.h"
+#include "dyn_generic.h"
+#include "sys_generic.h"
+#include "ifdwrapper.h"
+#include "prothandler.h"
+#include "readerstate.h"
+
+#include <security_utilities/debugging.h>
+
+static PREADER_STATE readerStates[PCSCLITE_MAX_READERS_CONTEXTS];
+
+void EHStatusHandlerThread(PREADER_CONTEXT);
+
+LONG EHInitializeEventStructures(void)
+{
+ int fd, i, pageSize;
+
+ fd = 0;
+ i = 0;
+ pageSize = 0;
+
+ /*
+ Do not truncate to avoid possible SIGSEG on clients
+ Do not remove the file to allow long-term clients such as securityd to
+ stay connected to the same file
+ */
+ fd = SYS_OpenFile(PCSCLITE_PUBSHM_FILE, O_RDWR | O_CREAT , 00644);
+ if (fd < 0)
+ {
+ Log3(PCSC_LOG_CRITICAL, "Cannot create public shared file %s: %s",
+ PCSCLITE_PUBSHM_FILE, strerror(errno));
+ exit(1);
+ }
+
+ SYS_Chmod(PCSCLITE_PUBSHM_FILE,
+ S_IRGRP | S_IREAD | S_IWRITE | S_IROTH);
+
+ pageSize = SYS_GetPageSize();
+
+ int rx = ftruncate(fd, pageSize * PCSCLITE_MAX_READERS_CONTEXTS);
+ if (rx)
+ Log3(PCSC_LOG_CRITICAL, "Cannot truncate public shared file %d: %s",
+ errno, strerror(errno));
+ /*
+ * Jump to end of file space and allocate zero's
+ */
+ SYS_SeekFile(fd, pageSize * PCSCLITE_MAX_READERS_CONTEXTS);
+ SYS_WriteFile(fd, "", 1);
+
+ /*
+ * Allocate each reader structure
+ */
+ for (i = 0; i < PCSCLITE_MAX_READERS_CONTEXTS; i++)
+ {
+ readerStates[i] = (PREADER_STATE)
+ SYS_MemoryMap(sizeof(READER_STATE), fd, (i * pageSize));
+ if (readerStates[i] == MAP_FAILED)
+ {
+ Log3(PCSC_LOG_CRITICAL, "Cannot memory map public shared file %s: %s",
+ PCSCLITE_PUBSHM_FILE, strerror(errno));
+ exit(1);
+ }
+
+ /*
+ * Zero out each value in the struct
+ */
+ memset((readerStates[i])->readerName, 0, MAX_READERNAME);
+ memset((readerStates[i])->cardAtr, 0, MAX_ATR_SIZE);
+ (readerStates[i])->readerID = 0;
+ (readerStates[i])->readerState = 0;
+ (readerStates[i])->lockState = 0;
+ (readerStates[i])->readerSharing = 0;
+ (readerStates[i])->cardAtrLength = 0;
+ (readerStates[i])->cardProtocol = SCARD_PROTOCOL_UNSET; // ok since this is 0
+ }
+
+ return SCARD_S_SUCCESS;
+}
+
+LONG EHDestroyEventHandler(PREADER_CONTEXT rContext)
+{
+ if (NULL == rContext->readerState)
+ {
+ Log1(PCSC_LOG_ERROR, "Thread never started (reader init failed?)");
+ return SCARD_S_SUCCESS;
+ }
+
+ PCSCD::SharedReaderState *rs = PCSCD::SharedReaderState::overlay(rContext->readerState);
+ if ((rContext->pthThread == 0) || !rs || (rs->readerNameLength() == 0))
+ {
+ Log1(PCSC_LOG_INFO, "Thread already stomped.");
+ return SCARD_S_SUCCESS;
+ }
+
+ secdebug("pcscd", "EHDestroyEventHandler: pthThread: %p, reader name len: %ld",
+ rContext->pthThread, rs->readerNameLength());
+
+ /*
+ * Zero out the public status struct to allow it to be recycled and
+ * used again
+ */
+
+ rs->xreaderNameClear();
+ rs->xcardAtrClear();
+ rs->xreaderID(0);
+ rs->xreaderState(0);
+ rs->xlockState(0);
+ rs->sharing(0);
+ rs->xcardAtrLength(0);
+ rs->xcardProtocol(SCARD_PROTOCOL_UNSET); // we only set this one to write to memory cache
+
+ /*
+ * Set the thread to 0 to exit thread
+ */
+ ReaderContextLock(rContext);
+
+ Log1(PCSC_LOG_INFO, "Stomping thread.");
+
+ int ix;
+ for (ix = 0; (ix < 100) && ReaderContextIsLocked(rContext); ++ix)
+ {
+ /*
+ * Wait 0.05 seconds for the child to respond
+ */
+ SYS_USleep(50000);
+ }
+
+ secdebug("pcscd", "EHDestroyEventHandler: post-stop dwLockId: %d", rContext->dwLockId);
+
+
+ /* Zero the thread */
+ rContext->pthThread = 0;
+
+ Log1(PCSC_LOG_INFO, "Thread stomped.");
+
+ return SCARD_S_SUCCESS;
+}
+
+LONG EHSpawnEventHandler(PREADER_CONTEXT rContext)
+{
+ LONG rv;
+ DWORD dwStatus = 0;
+ int i;
+ UCHAR ucAtr[MAX_ATR_SIZE];
+ DWORD dwAtrLen = 0;
+
+ secdebug("pcscd", "EHSpawnEventHandler: rContext: %p", rContext);
+ rv = IFDStatusICC(rContext, &dwStatus, ucAtr, &dwAtrLen);
+ if (rv != SCARD_S_SUCCESS)
+ {
+ Log2(PCSC_LOG_ERROR, "Initial Check Failed on %s", rContext->lpcReader);
+ return SCARD_F_UNKNOWN_ERROR;
+ }
+
+ /*
+ * Find an empty reader slot and insert the new reader
+ */
+ for (i = 0; i < PCSCLITE_MAX_READERS_CONTEXTS; i++)
+ {
+ PCSCD::SharedReaderState *rstmp = PCSCD::SharedReaderState::overlay(readerStates[i]);
+ if (rstmp->xreaderID() == 0)
+ break;
+ }
+
+ if (i == PCSCLITE_MAX_READERS_CONTEXTS)
+ return SCARD_F_INTERNAL_ERROR;
+
+ /*
+ * Set all the attributes to this reader
+ */
+ PCSCD::SharedReaderState *rs = PCSCD::SharedReaderState::overlay(readerStates[i]);
+ rContext->readerState = readerStates[i];
+ rs->xreaderName(rContext->lpcReader);
+ rs->xcardAtr(ucAtr, dwAtrLen); // also sets cardAtrLength
+
+ rs->xreaderID(i + 100);
+ rs->xreaderState(dwStatus);
+ rs->sharing(rContext->dwContexts);
+ rs->xcardProtocol(SCARD_PROTOCOL_UNSET);
+
+ rv = SYS_ThreadCreate(&rContext->pthThread, THREAD_ATTR_DETACHED,
+ (PCSCLITE_THREAD_FUNCTION( ))EHStatusHandlerThread, (LPVOID) rContext);
+ secdebug("pcscd", "EHSpawnEventHandler after thread create: %d [%04X]", rv, rv);
+ if (rv == 1)
+ return SCARD_S_SUCCESS;
+ else
+ return SCARD_E_NO_MEMORY;
+}
+
+void EHStatusHandlerThread(PREADER_CONTEXT rContext)
+{
+ LONG rv;
+ LPCSTR lpcReader;
+ DWORD dwStatus, dwReaderSharing;
+ DWORD dwCurrentState;
+ int pageSize = SYS_GetPageSize();
+
+ /*
+ * Zero out everything
+ */
+ dwStatus = 0;
+ dwReaderSharing = 0;
+ dwCurrentState = 0;
+
+ secdebug("pcscd", "EHStatusHandlerThread: rContext: %p", rContext);
+ lpcReader = rContext->lpcReader;
+
+ PCSCD::SharedReaderState *rs = PCSCD::SharedReaderState::overlay(rContext->readerState);
+
+ DWORD tmpCardAtrLength = MAX_ATR_SIZE;
+ rv = IFDStatusICC(rContext, &dwStatus, rs->xcardAtr(), &tmpCardAtrLength);
+ secdebug("pcscd", "EHStatusHandlerThread: initial call to IFDStatusICC: %d [%04X]", rv, rv);
+
+ if (dwStatus & SCARD_PRESENT)
+ {
+ tmpCardAtrLength = MAX_ATR_SIZE;
+ rv = IFDPowerICC(rContext, IFD_POWER_UP, rs->xcardAtr(), &tmpCardAtrLength);
+
+ /* the protocol is unset after a power on */
+ rs->xcardProtocol(SCARD_PROTOCOL_UNSET);
+
+ secdebug("pcscd", "EHStatusHandlerThread: initial call to IFDPowerICC: %d [%04X]", rv, rv);
+
+ if (rv == IFD_SUCCESS)
+ {
+ rs->xcardAtrLength(tmpCardAtrLength);
+
+ dwStatus |= SCARD_PRESENT;
+ dwStatus &= ~SCARD_ABSENT;
+ dwStatus |= SCARD_POWERED;
+ dwStatus |= SCARD_NEGOTIABLE;
+ dwStatus &= ~SCARD_SPECIFIC;
+ dwStatus &= ~SCARD_SWALLOWED;
+ dwStatus &= ~SCARD_UNKNOWN;
+
+ if (rs->xcardAtrLength() > 0)
+ {
+ LogXxd(PCSC_LOG_INFO, "Card ATR: ",
+ rs->xcardAtr(),
+ rs->xcardAtrLength());
+ }
+ else
+ Log1(PCSC_LOG_INFO, "Card ATR: (NULL)");
+ }
+ else
+ {
+ dwStatus |= SCARD_PRESENT;
+ dwStatus &= ~SCARD_ABSENT;
+ dwStatus |= SCARD_SWALLOWED;
+ dwStatus &= ~SCARD_POWERED;
+ dwStatus &= ~SCARD_NEGOTIABLE;
+ dwStatus &= ~SCARD_SPECIFIC;
+ dwStatus &= ~SCARD_UNKNOWN;
+ Log3(PCSC_LOG_ERROR, "Error powering up card: %d 0x%04X", rv, rv);
+ }
+
+ dwCurrentState = SCARD_PRESENT;
+ }
+ else
+ {
+ dwStatus |= SCARD_ABSENT;
+ dwStatus &= ~SCARD_PRESENT;
+ dwStatus &= ~SCARD_POWERED;
+ dwStatus &= ~SCARD_NEGOTIABLE;
+ dwStatus &= ~SCARD_SPECIFIC;
+ dwStatus &= ~SCARD_SWALLOWED;
+ dwStatus &= ~SCARD_UNKNOWN;
+ rs->xcardAtrLength(0);
+ rs->xcardProtocol(SCARD_PROTOCOL_UNSET);
+
+ dwCurrentState = SCARD_ABSENT;
+ }
+
+ /*
+ * Set all the public attributes to this reader
+ */
+ rs->xreaderState(dwStatus);
+ dwReaderSharing = rContext->dwContexts;
+ rs->sharing(dwReaderSharing);
+
+ SYS_MMapSynchronize((void *) rContext->readerState, pageSize);
+
+ while (1)
+ {
+ dwStatus = 0;
+
+ // Defensive measure
+ if (!rContext->vHandle)
+ {
+ // Exit and notify the caller
+ secdebug("pcscd", "EHStatusHandlerThread: lost dynamic callbacks ??");
+ ReaderContextUnlock(rContext);
+ SYS_ThreadDetach(rContext->pthThread);
+ SYS_ThreadExit(0);
+ }
+
+ DWORD tmpCardAtrLength = MAX_ATR_SIZE;
+ rv = IFDStatusICC(rContext, &dwStatus, rs->xcardAtr(), &tmpCardAtrLength);
+
+ if (rv != SCARD_S_SUCCESS)
+ {
+ Log2(PCSC_LOG_ERROR, "Error communicating to: %s", lpcReader);
+
+ /*
+ * Set error status on this reader while errors occur
+ */
+
+ DWORD readerStateTmp = rs->xreaderState();
+ readerStateTmp &= ~SCARD_ABSENT;
+ readerStateTmp &= ~SCARD_PRESENT;
+ readerStateTmp &= ~SCARD_POWERED;
+ readerStateTmp &= ~SCARD_NEGOTIABLE;
+ readerStateTmp &= ~SCARD_SPECIFIC;
+ readerStateTmp &= ~SCARD_SWALLOWED;
+ readerStateTmp |= SCARD_UNKNOWN;
+ rs->xcardAtrLength(0);
+ rs->xcardProtocol(SCARD_PROTOCOL_UNSET);
+ rs->xreaderState(readerStateTmp);
+
+ dwCurrentState = SCARD_UNKNOWN;
+
+ SYS_MMapSynchronize((void *) rContext->readerState, pageSize);
+
+ /*
+ * This code causes race conditions on G4's with USB
+ * insertion
+ */
+ /*
+ * dwErrorCount += 1; SYS_Sleep(1);
+ */
+ /*
+ * After 10 seconds of errors, try to reinitialize the reader
+ * This sometimes helps bring readers out of *crazy* states.
+ */
+ /*
+ * if ( dwErrorCount == 10 ) { RFUnInitializeReader( rContext
+ * ); RFInitializeReader( rContext ); dwErrorCount = 0; }
+ */
+
+ /*
+ * End of race condition code block
+ */
+ }
+
+ if (dwStatus & SCARD_ABSENT)
+ {
+ if (dwCurrentState == SCARD_PRESENT ||
+ dwCurrentState == SCARD_UNKNOWN)
+ {
+ /*
+ * Change the status structure
+ */
+ Log2(PCSC_LOG_INFO, "Card Removed From %s", lpcReader);
+ /*
+ * Notify the card has been removed
+ */
+ RFSetReaderEventState(rContext, SCARD_REMOVED);
+
+ rs->xcardAtrLength(0);
+ rs->xcardProtocol(SCARD_PROTOCOL_UNSET);
+ DWORD readerStateTmp = rs->xreaderState();
+ readerStateTmp |= SCARD_ABSENT;
+ readerStateTmp &= ~SCARD_UNKNOWN;
+ readerStateTmp &= ~SCARD_PRESENT;
+ readerStateTmp &= ~SCARD_POWERED;
+ readerStateTmp &= ~SCARD_NEGOTIABLE;
+ readerStateTmp &= ~SCARD_SWALLOWED;
+ readerStateTmp &= ~SCARD_SPECIFIC;
+ rs->xreaderState(readerStateTmp);
+ dwCurrentState = SCARD_ABSENT;
+
+ SYS_MMapSynchronize((void *) rContext->readerState, pageSize);
+ }
+
+ }
+ else if (dwStatus & SCARD_PRESENT)
+ {
+ if (dwCurrentState == SCARD_ABSENT ||
+ dwCurrentState == SCARD_UNKNOWN)
+ {
+ /*
+ * Power and reset the card
+ */
+ SYS_USleep(PCSCLITE_STATUS_WAIT);
+ DWORD tmpCardAtrLength = MAX_ATR_SIZE;
+ rv = IFDPowerICC(rContext, IFD_POWER_UP, rs->xcardAtr(), &tmpCardAtrLength);
+
+ /* the protocol is unset after a power on */
+ rs->xcardProtocol(SCARD_PROTOCOL_UNSET);
+
+ secdebug("pcscd", "EHStatusHandlerThread: power-and-reset call to IFDPowerICC: %d [%04X]", rv, rv);
+
+ DWORD readerStateTmp = rs->xreaderState();
+ if (rv == IFD_SUCCESS)
+ {
+ rs->xcardAtrLength(tmpCardAtrLength);
+
+ readerStateTmp |= SCARD_PRESENT;
+ readerStateTmp &= ~SCARD_ABSENT;
+ readerStateTmp |= SCARD_POWERED;
+ readerStateTmp |= SCARD_NEGOTIABLE;
+ readerStateTmp &= ~SCARD_SPECIFIC;
+ readerStateTmp &= ~SCARD_UNKNOWN;
+ readerStateTmp &= ~SCARD_SWALLOWED;
+ rs->xreaderState(readerStateTmp);
+
+ /*
+ * Notify the card has been reset
+ */
+ RFSetReaderEventState(rContext, SCARD_RESET);
+ }
+ else
+ {
+ readerStateTmp |= SCARD_PRESENT;
+ readerStateTmp &= ~SCARD_ABSENT;
+ readerStateTmp |= SCARD_SWALLOWED;
+ readerStateTmp &= ~SCARD_POWERED;
+ readerStateTmp &= ~SCARD_NEGOTIABLE;
+ readerStateTmp &= ~SCARD_SPECIFIC;
+ readerStateTmp &= ~SCARD_UNKNOWN;
+ rs->xreaderState(readerStateTmp);
+ rs->xcardAtrLength(0);
+ }
+
+ dwCurrentState = SCARD_PRESENT;
+
+ SYS_MMapSynchronize((void *) rContext->readerState, pageSize);
+
+ Log2(PCSC_LOG_INFO, "Card inserted into %s", lpcReader);
+
+ if (rv == IFD_SUCCESS)
+ {
+ if (rs->xcardAtrLength() > 0)
+ LogXxd(PCSC_LOG_INFO, "Card ATR: ", rs->xcardAtr(), rs->xcardAtrLength());
+ else
+ Log1(PCSC_LOG_INFO, "Card ATR: (NULL)");
+ }
+ else
+ Log1(PCSC_LOG_ERROR,"Error powering up card.");
+ }
+ }
+
+ if (ReaderContextIsLocked(rContext))
+ {
+ /*
+ * Exit and notify the caller
+ */
+ secdebug("pcscd", "EHStatusHandlerThread: parent requested shutdown");
+ ReaderContextUnlock(rContext);
+ SYS_ThreadDetach(rContext->pthThread);
+ SYS_ThreadExit(0);
+ }
+
+ /*
+ * Sharing may change w/o an event pass it on
+ */
+
+ if (dwReaderSharing != (uint32_t)rContext->dwContexts)
+ {
+ dwReaderSharing = rContext->dwContexts;
+ rs->sharing(dwReaderSharing);
+ SYS_MMapSynchronize((void *) rContext->readerState, pageSize);
+ }
+
+ SYS_USleep(PCSCLITE_STATUS_POLL_RATE);
+ }
+}
+
+void EHSetSharingEvent(PREADER_CONTEXT rContext, DWORD dwValue)
+{
+ PCSCD::SharedReaderState *rs = PCSCD::SharedReaderState::overlay(rContext->readerState);
+ rs->xlockState(dwValue);
+}
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/eventhandler.h
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/eventhandler.h (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/eventhandler.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,81 @@
+/*
+ * Copyright (c) 2000-2007 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * eventhandler.h
+ * SmartCardServices
+ */
+
+/*
+ * MUSCLE SmartCard Development ( http://www.linuxnet.com )
+ *
+ * Copyright (C) 1999
+ * David Corcoran <corcoran at linuxnet.com>
+ * Copyright (C) 2004
+ * Ludovic Rousseau <ludovic.rousseau at free.fr>
+ *
+ * $Id: eventhandler.h 2151 2006-09-06 20:02:47Z rousseau $
+ */
+
+/**
+ * @file
+ * @brief This handles card insertion/removal events, updates ATR,
+ * protocol, and status information.
+ */
+
+#ifndef __eventhandler_h__
+#define __eventhandler_h__
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+
+ /**
+ * Define an exported public reader state structure so each
+ * application gets instant notification of changes in state.
+ */
+ typedef struct pubReaderStatesList
+ {
+ LONG readerID;
+ char readerName[MAX_READERNAME];
+ DWORD readerState;
+ LONG readerSharing;
+ DWORD lockState;
+
+ UCHAR cardAtr[MAX_ATR_SIZE];
+ DWORD cardAtrLength;
+ DWORD cardProtocol;
+ }
+ READER_STATE, *PREADER_STATE;
+
+ LONG EHInitializeEventStructures(void);
+ LONG EHSpawnEventHandler(PREADER_CONTEXT);
+ LONG EHDestroyEventHandler(PREADER_CONTEXT);
+ void EHSetSharingEvent(PREADER_CONTEXT, DWORD);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __eventhandler_h__ */
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/hotplug.h
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/hotplug.h (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/hotplug.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,71 @@
+/*
+ * Copyright (c) 2000-2007 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * hotplug.h
+ * SmartCardServices
+ */
+
+/*
+ * MUSCLE SmartCard Development ( http://www.linuxnet.com )
+ *
+ * Copyright (C) 2000-2003
+ * David Corcoran <corcoran at linuxnet.com>
+ *
+ * $Id: hotplug.h 2310 2007-01-06 21:14:56Z rousseau $
+ */
+
+/**
+ * @file
+ * @brief This provides a search API for hot pluggble devices.
+ */
+
+#ifndef __hotplug_h__
+#define __hotplug_h__
+
+#include "pthread.h"
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+
+#define PCSCLITE_HP_BASE_PORT 0x200000
+
+ LONG HPSearchHotPluggables();
+ LONG HPRegisterForHotplugEvents();
+ LONG HPStopHotPluggables(void);
+ void HPReCheckSerialReaders(void);
+ int SendHotplugSignal(void);
+ LONG HPCancelHotPluggables(void);
+ LONG HPJoinHotPluggables(void);
+
+ LONG HPRegisterForHotplugEventsT(pthread_t *wthread);
+
+ void systemAwakeAndReadyCheck();
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/hotplug_macosx.c
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/hotplug_macosx.c (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/hotplug_macosx.c 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,869 @@
+/*
+ * Copyright (c) 2000-2002 Apple Computer, Inc. All Rights Reserved.
+ * The contents of this file constitute Original Code as defined in and are
+ * subject to the Apple Public Source License Version 1.2 (the 'License').
+ * You may not use this file except in compliance with the License. Please
+ * obtain a copy of the License at http://www.apple.com/publicsource and
+ * read it before using this file.
+ *
+ * This Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS
+ * FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please
+ * see the License for the specific language governing rights and
+ * limitations under the License.
+ */
+
+/******************************************************************
+
+ MUSCLE SmartCard Development ( http://www.linuxnet.com )
+ Title : hotplug_macosx.c
+ Package: pcsc lite
+ Author : Stephen M. Webb <stephenw at cryptocard.com>
+ Date : 03 Dec 2002
+ License: Copyright (C) 2002 David Corcoran
+ <corcoran at linuxnet.com>
+ Purpose: This provides a search API for hot pluggble
+ devices.
+
+********************************************************************/
+
+#include <CoreFoundation/CoreFoundation.h>
+#include <IOKit/IOCFPlugIn.h>
+#include <IOKit/IOKitLib.h>
+#include <IOKit/usb/IOUSBLib.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "config.h"
+#include "wintypes.h"
+#include "pcsclite.h"
+#include "debuglog.h"
+#include "hotplug.h"
+#include "readerfactory.h"
+#include "thread_generic.h"
+
+#define PCSCLITE_HP_DROPDIR "/usr/libexec/SmartCardServices/drivers/"
+#define PCSCLITE_HP_MANUKEY_NAME "ifdVendorID"
+#define PCSCLITE_HP_PRODKEY_NAME "ifdProductID"
+#define PCSCLITE_HP_NAMEKEY_NAME "ifdFriendlyName"
+#define PCSCLITE_HP_IFACECLASSKEY_NAME "ifdInterfaceClass"
+#define PCSCLITE_HP_IFACESUBCLASSKEY_NAME "ifdInterfaceSubClass"
+#define PCSCLITE_HP_IFACEPROTOCOLKEY_NAME "ifdInterfaceProtocol"
+#define PCSCLITE_HP_BASE_PORT 0x200000
+
+
+/*
+ * Defines the type of driver in the driver vector
+ */
+typedef enum
+{
+ PCSCLITE_HP_Proprietary = 0,
+ PCSCLITE_HP_InterfaceClass = 1,
+ // * Could accomodate more types */
+} HPDriverType;
+
+
+
+/*
+ * An aggregation of useful information on a driver bundle in the
+ * drop directory.
+ */
+typedef struct HPDriver
+{
+ UInt8 m_NotEOV; /* set to 1 for any driver before the end */
+ UInt8 m_initialized; /* set to 1 on successful intialization */
+ HPDriverType m_type; /* type of the driver in this element */
+ UInt32 m_vendorId; /* unique vendor's manufacturer code */
+ UInt32 m_productId; /* manufacturer's unique product code */
+ UInt8 m_class; /* class of a non product specific driver */
+ UInt8 m_subClass; /* subClass of a non product specific driver */
+ UInt8 m_protocol; /* protocol of a non product specific driver */
+ char* m_friendlyName; /* bundle friendly name */
+ char* m_libPath; /* bundle's plugin library location */
+} HPDriver, *HPDriverVector;
+
+/*
+ * An aggregation on information on currently active reader drivers.
+ */
+typedef struct HPDevice
+{
+ HPDriver* m_driver; /* driver bundle information */
+ UInt32 m_address; /* unique system address of device */
+ struct HPDevice* m_next; /* next device in list */
+} HPDevice, *HPDeviceList;
+
+/*
+ * Pointer to a list of (currently) known hotplug reader devices (and their
+ * drivers).
+ */
+static HPDeviceList sDeviceList = NULL;
+static IONotificationPortRef sNotificationPort = NULL;
+static io_iterator_t sUSBAppearedIter = NULL;
+static io_iterator_t sUSBRemovedIter = NULL;
+static io_iterator_t sPCCardAppearedIter = NULL;
+static io_iterator_t sPCCardRemovedIter = NULL;
+
+/*
+ * A callback to handle the asynchronous appearance of new devices that are
+ * candidates for PCSC readers.
+ */
+static void
+HPDeviceAppeared(void* refCon, io_iterator_t iterator)
+{
+ kern_return_t kret;
+ io_service_t obj;
+ while ((obj = IOIteratorNext(iterator)))
+ {
+ kret = IOObjectRelease(obj);
+ }
+
+ HPSearchHotPluggables();
+}
+
+/*
+ * A callback to handle the asynchronous disappearance of devices that are
+ * possibly PCSC readers.
+ */
+static void
+HPDeviceDisappeared(void* refCon, io_iterator_t iterator)
+{
+ kern_return_t kret;
+ io_service_t obj;
+ while ((obj = IOIteratorNext(iterator)))
+ {
+ kret = IOObjectRelease(obj);
+ }
+ HPSearchHotPluggables();
+}
+
+
+/*
+ * Creates a vector of driver bundle info structures from the hot-plug driver
+ * directory.
+ *
+ * Returns NULL on error and a pointer to an allocated HPDriver vector on
+ * success. The caller must free the HPDriver with a call to
+ * HPDriversRelease().
+ */
+static HPDriverVector
+HPDriversGetFromDirectory(const char* driverBundlePath)
+{
+ HPDriverVector bundleVector = NULL;
+ CFArrayRef bundleArray;
+ CFStringRef driverBundlePathString;
+ driverBundlePathString = CFStringCreateWithCString(kCFAllocatorDefault,
+ driverBundlePath,
+ kCFStringEncodingMacRoman);
+ CFURLRef pluginUrl = CFURLCreateWithFileSystemPath(kCFAllocatorDefault,
+ driverBundlePathString,
+ kCFURLPOSIXPathStyle, TRUE);
+ CFRelease(driverBundlePathString);
+ if (!pluginUrl)
+ {
+ DebugLogA("error getting plugin directory URL");
+ return bundleVector;
+ }
+ bundleArray = CFBundleCreateBundlesFromDirectory(kCFAllocatorDefault,
+ pluginUrl,
+ NULL);
+ if (!bundleArray)
+ {
+ DebugLogA("error getting plugin directory bundles");
+ return bundleVector;
+ }
+ CFRelease(pluginUrl);
+
+ size_t bundleArraySize = CFArrayGetCount(bundleArray);
+ // bundleArraySize + 1 <- because the last vector element is
+ // blank and is used to determine the length (m_NotEOV == 0)
+ bundleVector = (HPDriver*)calloc(bundleArraySize + 1, sizeof(HPDriver));
+ if (!bundleVector)
+ {
+ DebugLogA("memory allocation failure");
+ return bundleVector;
+ }
+
+ int i = 0;
+ for (; i < bundleArraySize; ++i)
+ {
+ HPDriver* driverBundle = bundleVector + i;
+ // This is not the last
+ driverBundle->m_NotEOV = 1;
+ CFBundleRef currBundle = (CFBundleRef)CFArrayGetValueAtIndex(bundleArray, i);
+ CFDictionaryRef dict = CFBundleGetInfoDictionary(currBundle);
+
+ CFURLRef bundleUrl = CFBundleCopyBundleURL(currBundle);
+ CFStringRef bundlePath = CFURLCopyPath(bundleUrl);
+ driverBundle->m_libPath = strdup(CFStringGetCStringPtr(bundlePath,
+ CFStringGetSystemEncoding()));
+ if (driverBundle->m_libPath == NULL)
+ {
+ DebugLogA("memory allocation failure");
+ return bundleVector;
+ }
+ UInt32 vendorId = 0;
+ UInt8 gotVendorId = 0;
+ UInt32 productId = 0;
+ UInt8 gotProductId = 0;
+
+ CFStringRef strValue = (CFStringRef)CFDictionaryGetValue(dict,
+ CFSTR(PCSCLITE_HP_MANUKEY_NAME));
+ if (strValue)
+ {
+ gotVendorId = 1;
+ vendorId = strtoul(CFStringGetCStringPtr(strValue,
+ CFStringGetSystemEncoding()),
+ NULL, 16);
+
+ strValue = (CFStringRef)CFDictionaryGetValue(dict,
+ CFSTR(PCSCLITE_HP_PRODKEY_NAME));
+ if (strValue)
+ {
+ gotProductId = 1;
+ productId = strtoul(CFStringGetCStringPtr(strValue,
+ CFStringGetSystemEncoding()),
+ NULL, 16);
+ }
+ }
+ if (gotVendorId && gotProductId)
+ {
+ /* This is a product-specific driver */
+ driverBundle->m_productId = productId;
+ driverBundle->m_vendorId = vendorId;
+ driverBundle->m_type = PCSCLITE_HP_Proprietary;
+ }
+ else
+ {
+ /* If not a product-specific driver, it must be */
+ /* an interface class-specifc driver */
+ UInt8 class;
+ UInt8 subClass;
+ UInt8 protocol;
+
+ strValue = (CFStringRef)CFDictionaryGetValue(dict,
+ CFSTR(PCSCLITE_HP_IFACECLASSKEY_NAME));
+ if (strValue)
+ {
+ class = (UInt8) strtoul(CFStringGetCStringPtr(strValue,
+ CFStringGetSystemEncoding()),
+ NULL, 16);
+ driverBundle->m_class = class;
+ }
+ else
+ {
+ DebugLogB("Malformed bundle (class absent) in driver folder: %s. Will be ignored",
+ driverBundle->m_libPath);
+ free(driverBundle->m_libPath);
+ driverBundle->m_libPath = NULL;
+ continue;
+ }
+ strValue = (CFStringRef)CFDictionaryGetValue(dict,
+ CFSTR(PCSCLITE_HP_IFACESUBCLASSKEY_NAME));
+ if (strValue)
+ {
+ subClass = (UInt8) strtoul(CFStringGetCStringPtr(strValue,
+ CFStringGetSystemEncoding()),
+ NULL, 16);
+ driverBundle->m_subClass = subClass;
+ }
+ else
+ {
+ DebugLogB("Malformed bundle (subClass absent) in driver folder: %s. Will be ignored",
+ driverBundle->m_libPath);
+ free(driverBundle->m_libPath);
+ driverBundle->m_libPath = NULL;
+ continue;
+ }
+ strValue = (CFStringRef)CFDictionaryGetValue(dict,
+ CFSTR(PCSCLITE_HP_IFACEPROTOCOLKEY_NAME));
+ if (strValue)
+ {
+ protocol = (UInt8) strtoul(CFStringGetCStringPtr(strValue,
+ CFStringGetSystemEncoding()),
+ NULL, 16);
+ driverBundle->m_protocol = protocol;
+ }
+ else
+ {
+ DebugLogB("Malformed bundle (protocol absent) in driver folder: %s. Will be ignored",
+ driverBundle->m_libPath);
+ free(driverBundle->m_libPath);
+ driverBundle->m_libPath = NULL;
+ continue;
+ }
+ driverBundle->m_type = PCSCLITE_HP_InterfaceClass;
+ }
+ strValue = (CFStringRef)CFDictionaryGetValue(dict,
+ CFSTR(PCSCLITE_HP_NAMEKEY_NAME));
+ if (!strValue)
+ {
+ DebugLogB("Product friendly name absent in driver folder: %s.",
+ driverBundle->m_libPath);
+ driverBundle->m_friendlyName = strdup("unnamed device");
+ }
+ else
+ {
+ const char* cstr = CFStringGetCStringPtr(strValue,
+ CFStringGetSystemEncoding());
+ driverBundle->m_friendlyName = strdup(cstr);
+ }
+ driverBundle->m_initialized = 1;
+ }
+ CFRelease(bundleArray);
+ return bundleVector;
+}
+
+/*
+ * Copies a driver bundle instance.
+ */
+static HPDriver*
+HPDriverCopy(HPDriver* rhs)
+{
+ if (!rhs)
+ {
+ return NULL;
+ }
+ HPDriver* newDriverBundle = (HPDriver*)calloc(1, sizeof(HPDriver));
+ if (!newDriverBundle)
+ {
+ return NULL;
+ }
+
+ newDriverBundle->m_initialized = rhs->m_initialized;
+ newDriverBundle->m_type = rhs->m_type;
+ newDriverBundle->m_vendorId = rhs->m_vendorId;
+ newDriverBundle->m_productId = rhs->m_productId;
+
+ newDriverBundle->m_class = rhs->m_class;
+ newDriverBundle->m_subClass = rhs->m_subClass;
+ newDriverBundle->m_friendlyName = strdup(rhs->m_friendlyName);
+ newDriverBundle->m_libPath = strdup(rhs->m_libPath);
+ if (newDriverBundle->m_friendlyName == NULL)
+ {
+ if (newDriverBundle->m_libPath != NULL)
+ {
+ free(newDriverBundle->m_libPath);
+ }
+ free(newDriverBundle);
+ return NULL;
+ }
+
+ if (newDriverBundle->m_libPath == NULL)
+ {
+ if (newDriverBundle->m_friendlyName != NULL)
+ {
+ free(newDriverBundle->m_friendlyName);
+ }
+ free(newDriverBundle);
+ return NULL;
+ }
+ return newDriverBundle;
+}
+
+/*
+ * Releases resources allocated to a driver bundle vector.
+ */
+static void
+HPDriverRelease(HPDriver* driverBundle)
+{
+ if (driverBundle)
+ {
+ free(driverBundle->m_friendlyName);
+ free(driverBundle->m_libPath);
+ }
+}
+
+/*
+ * Releases resources allocated to a driver bundle vector.
+ */
+static void
+HPDriverVectorRelease(HPDriverVector driverBundleVector)
+{
+ if (driverBundleVector)
+ {
+ HPDriver* b = driverBundleVector;
+ for (; b->m_initialized; ++b)
+ {
+ HPDriverRelease(b);
+ }
+ free(driverBundleVector);
+ }
+}
+
+/*
+ * Inserts a new reader device in the list.
+ */
+static HPDeviceList
+HPDeviceListInsert(HPDeviceList list, HPDriver* bundle, UInt32 address)
+{
+ HPDevice* newReader = (HPDevice*)calloc(1, sizeof(HPDevice));
+ if (!newReader)
+ {
+ DebugLogA("memory allocation failure");
+ return list;
+ }
+ newReader->m_driver = HPDriverCopy(bundle);
+ newReader->m_address = address;
+ newReader->m_next = list;
+ return newReader;
+}
+
+/*
+ * Frees resources allocated to a HPDeviceList.
+ */
+static void
+HPDeviceListRelease(HPDeviceList list)
+{
+ HPDevice* p = list;
+ for (; p; p = p->m_next)
+ {
+ HPDriverRelease(p->m_driver);
+ }
+}
+
+/*
+ * Compares two driver bundle instances for equality.
+ */
+static int
+HPDeviceEquals(HPDevice* a, HPDevice* b)
+{
+ int res;
+ if (a->m_driver->m_type == b->m_driver->m_type)
+ {
+ if (a->m_driver->m_type == PCSCLITE_HP_Proprietary)
+ {
+ // a and b have same vendor and product id
+ res = (a->m_driver->m_vendorId == b->m_driver->m_vendorId)
+ && (a->m_driver->m_productId == b->m_driver->m_productId);
+ }
+ else
+ {
+ // a and b have same class
+ res = (a->m_driver->m_subClass == b->m_driver->m_subClass)
+ && (a->m_driver->m_class == b->m_driver->m_class);
+ }
+ // AND have the same address
+ res = res && (a->m_address == b->m_address);
+
+ return res;
+ }
+ return 0;
+}
+
+/*
+ * Finds USB devices currently registered in the system that match any of
+ * the drivers detected in the driver bundle vector.
+ */
+static int
+HPDriversMatchUSBDevices(HPDriverVector driverBundle, HPDeviceList* readerList)
+{
+ CFDictionaryRef usbMatch = IOServiceMatching("IOUSBDevice");
+ if (0 == usbMatch)
+ {
+ DebugLogA("error getting USB match from IOServiceMatching()");
+ return 1;
+ }
+
+ io_iterator_t usbIter;
+ kern_return_t kret = IOServiceGetMatchingServices(kIOMasterPortDefault,
+ usbMatch,
+ &usbIter);
+ if (kret != 0)
+ {
+ DebugLogA("error getting iterator from IOServiceGetMatchingServices()");
+ return 1;
+ }
+
+ io_object_t usbDevice = 0;
+ while ((usbDevice = IOIteratorNext(usbIter)))
+ {
+ IOCFPlugInInterface** iodev;
+ SInt32 score;
+ kret = IOCreatePlugInInterfaceForService(usbDevice,
+ kIOUSBDeviceUserClientTypeID,
+ kIOCFPlugInInterfaceID,
+ &iodev,
+ &score);
+ IOObjectRelease(usbDevice);
+ if (kret != 0)
+ {
+ DebugLogA("error getting plugin interface from IOCreatePlugInInterfaceForService()");
+ continue;
+ }
+
+ IOUSBDeviceInterface245** usbdev;
+ HRESULT hres = (*iodev)->QueryInterface(iodev,
+ CFUUIDGetUUIDBytes(kIOUSBDeviceInterfaceID245),
+ (LPVOID*)&usbdev);
+ if (hres)
+ {
+ DebugLogA("error querying interface in QueryInterface()");
+ IODestroyPlugInInterface ( iodev );
+ continue;
+ }
+
+ else
+ {
+
+ UInt16 vendorId = 0;
+ UInt16 productId = 0;
+ UInt32 usbAddress = 0;
+ kret = (*usbdev)->GetDeviceVendor(usbdev, &vendorId);
+ kret = (*usbdev)->GetDeviceProduct(usbdev, &productId);
+ kret = (*usbdev)->GetLocationID(usbdev, &usbAddress);
+
+ HPDriver* driver = driverBundle;
+ int match = 0;
+ for (; driver->m_NotEOV; ++driver)
+ {
+ if (!driver->m_initialized)
+ {
+ // Malformed driver, skip
+ continue;
+ }
+ if ( (driver->m_type == PCSCLITE_HP_Proprietary)
+ && (driver->m_vendorId == vendorId)
+ && (driver->m_productId == productId))
+ {
+ *readerList = HPDeviceListInsert(*readerList, driver, usbAddress);
+ match = 1;
+ }
+ }
+ if (!match)
+ {
+ // Now try to locate Interfaces with supported classes
+ // We create an interface iterator for each of the
+ // classes supported by drivers of PCSCLITE_HP_InterfaceClass
+ // type.
+
+ // Using IOServiceMatching(kIOUSBInterfaceClassName)
+ // does not seem feasible as there does not seem to be a
+ // way to limit the search to the device we are currently
+ // analysing
+
+ // Another option would be to iterate on all interfaces
+ // and get the class of each of them. This is probably
+ // not interesting as the list of PCSCLITE_HP_InterfaceClass
+ // type of readers should only have one element (CCID)
+
+ // Restart scan at the begining of the array
+ driver = driverBundle;
+ // Iterate on PCSCLITE_HP_InterfaceClass driver types
+ for (; driver->m_NotEOV; ++driver)
+ {
+ if (!driver->m_initialized)
+ {
+ // Malformed driver, skip
+ continue;
+ }
+ if ( driver->m_type == PCSCLITE_HP_InterfaceClass)
+ {
+ // Iterate on interfaces of the current device
+ IOUSBFindInterfaceRequest interfaceClassRequest;
+ io_iterator_t interfaceIterator;
+ io_service_t interface;
+
+ interfaceClassRequest.bInterfaceClass = driver->m_class;
+ interfaceClassRequest.bInterfaceSubClass = driver->m_subClass;
+ interfaceClassRequest.bInterfaceProtocol = driver->m_protocol;
+ interfaceClassRequest.bAlternateSetting = kIOUSBFindInterfaceDontCare;
+ hres = (*usbdev)->CreateInterfaceIterator(usbdev,
+ &interfaceClassRequest,
+ &interfaceIterator);
+ if (hres)
+ {
+ // Continue to next driver class
+ continue;
+ }
+
+ while ( (interface = IOIteratorNext(interfaceIterator)) )
+ {
+ // Found a matching device
+ *readerList = HPDeviceListInsert(*readerList, driver, usbAddress);
+ match = 1;
+ IOObjectRelease ( interface );
+ }
+
+ IOObjectRelease ( interfaceIterator );
+
+ }
+ }
+ // Add another if (!match) for other driver types
+ }
+ (*usbdev)->Release(usbdev);
+ IODestroyPlugInInterface ( iodev );
+ }
+ }
+
+ IOObjectRelease(usbIter);
+ return 0;
+}
+
+/*
+ * Finds PC Card devices currently registered in the system that match any of
+ * the drivers detected in the driver bundle vector.
+ */
+static int
+HPDriversMatchPCCardDevices(HPDriver* driverBundle, HPDeviceList* readerList)
+{
+ CFDictionaryRef pccMatch = IOServiceMatching("IOPCCard16Device");
+ if (0 == pccMatch)
+ {
+ DebugLogA("error getting PCCard match from IOServiceMatching()");
+ return 1;
+ }
+
+ io_iterator_t pccIter;
+ kern_return_t kret = IOServiceGetMatchingServices(kIOMasterPortDefault, pccMatch, &pccIter);
+ if (kret != 0)
+ {
+ DebugLogA("error getting iterator from IOServiceGetMatchingServices()");
+ return 1;
+ }
+
+ io_object_t pccDevice = 0;
+ while ((pccDevice = IOIteratorNext(pccIter)))
+ {
+
+ UInt32 vendorId = 0;
+ UInt32 productId = 0;
+ UInt32 pccAddress = 0;
+ CFTypeRef valueRef = IORegistryEntryCreateCFProperty(pccDevice, CFSTR("VendorID"),
+ kCFAllocatorDefault, 0);
+ if (!valueRef)
+ {
+ DebugLogA("error getting vendor");
+ }
+ else
+ {
+ CFNumberGetValue((CFNumberRef)valueRef, kCFNumberSInt32Type, &vendorId);
+ CFRelease ( valueRef );
+ }
+ valueRef = IORegistryEntryCreateCFProperty(pccDevice, CFSTR("DeviceID"),
+ kCFAllocatorDefault, 0);
+ if (!valueRef)
+ {
+ DebugLogA("error getting device");
+ }
+ else
+ {
+ CFNumberGetValue((CFNumberRef)valueRef, kCFNumberSInt32Type, &productId);
+ CFRelease ( valueRef );
+ }
+ valueRef = IORegistryEntryCreateCFProperty(pccDevice, CFSTR("SocketNumber"),
+ kCFAllocatorDefault, 0);
+ if (!valueRef)
+ {
+ DebugLogA("error getting PC Card socket");
+ }
+ else
+ {
+ CFNumberGetValue((CFNumberRef)valueRef, kCFNumberSInt32Type, &pccAddress);
+ CFRelease ( valueRef );
+ }
+ HPDriver* driver = driverBundle;
+ for (; driver->m_vendorId; ++driver)
+ {
+ if ((driver->m_vendorId == vendorId)
+ && (driver->m_productId == productId))
+ {
+ *readerList = HPDeviceListInsert(*readerList, driver, pccAddress);
+ }
+ }
+
+ IOObjectRelease ( pccDevice );
+
+ }
+ IOObjectRelease(pccIter);
+ return 0;
+}
+
+
+static void
+HPEstablishUSBNotification()
+{
+
+ CFMutableDictionaryRef matchingDictionary;
+ IOReturn kret;
+
+ if ( sNotificationPort == NULL )
+ sNotificationPort = IONotificationPortCreate(kIOMasterPortDefault);
+
+ CFRunLoopAddSource(CFRunLoopGetCurrent(),
+ IONotificationPortGetRunLoopSource(sNotificationPort),
+ kCFRunLoopDefaultMode);
+
+ matchingDictionary = IOServiceMatching("IOUSBDevice");
+ if (!matchingDictionary)
+ {
+ DebugLogB("IOServiceMatching() failed", 0);
+ }
+ matchingDictionary = (CFMutableDictionaryRef)CFRetain(matchingDictionary);
+
+ kret = IOServiceAddMatchingNotification(sNotificationPort,
+ kIOMatchedNotification,
+ matchingDictionary,
+ HPDeviceAppeared, NULL,
+ &sUSBAppearedIter);
+ if (kret)
+ {
+ DebugLogB("IOServiceAddMatchingNotification()-1 failed with code %d", kret);
+ }
+
+ HPDeviceAppeared(NULL, sUSBAppearedIter);
+
+ kret = IOServiceAddMatchingNotification(sNotificationPort,
+ kIOTerminatedNotification,
+ matchingDictionary,
+ HPDeviceDisappeared, NULL,
+ &sUSBRemovedIter);
+ if (kret)
+ {
+ DebugLogB("IOServiceAddMatchingNotification()-2 failed with code %d", kret);
+ }
+ HPDeviceDisappeared(NULL, sUSBRemovedIter);
+}
+
+static void
+HPEstablishPCCardNotification()
+{
+
+ CFMutableDictionaryRef matchingDictionary;
+ IOReturn kret;
+
+ if ( sNotificationPort == NULL )
+ sNotificationPort = IONotificationPortCreate(kIOMasterPortDefault);
+
+ CFRunLoopAddSource(CFRunLoopGetCurrent(),
+ IONotificationPortGetRunLoopSource(sNotificationPort),
+ kCFRunLoopDefaultMode);
+
+ matchingDictionary = IOServiceMatching("IOPCCard16Device");
+ if (!matchingDictionary)
+ {
+ DebugLogB("IOServiceMatching() failed", 0);
+ }
+ matchingDictionary = (CFMutableDictionaryRef)CFRetain(matchingDictionary);
+
+ kret = IOServiceAddMatchingNotification(sNotificationPort,
+ kIOMatchedNotification,
+ matchingDictionary,
+ HPDeviceAppeared, NULL,
+ &sPCCardAppearedIter);
+ if (kret)
+ {
+ DebugLogB("IOServiceAddMatchingNotification()-1 failed with code %d", kret);
+ }
+ HPDeviceAppeared(NULL, sPCCardAppearedIter);
+
+ kret = IOServiceAddMatchingNotification(sNotificationPort,
+ kIOTerminatedNotification,
+ matchingDictionary,
+ HPDeviceDisappeared, NULL,
+ &sPCCardRemovedIter);
+ if (kret)
+ {
+ DebugLogB("IOServiceAddMatchingNotification()-2 failed with code %d", kret);
+ }
+ HPDeviceDisappeared(NULL, sPCCardRemovedIter);
+}
+
+/*
+ * Thread runner (does not return).
+ */
+static void
+HPDeviceNotificationThread()
+{
+ HPEstablishUSBNotification();
+ HPEstablishPCCardNotification();
+ CFRunLoopRun();
+}
+
+/*
+ * Scans the hotplug driver directory and looks in the system for matching devices.
+ * Adds or removes matching readers as necessary.
+ */
+LONG
+HPSearchHotPluggables()
+{
+ HPDriver* drivers = HPDriversGetFromDirectory(PCSCLITE_HP_DROPDIR);
+ if (!drivers) return 1;
+
+ HPDeviceList devices = NULL;
+ int istat;
+ istat = HPDriversMatchUSBDevices(drivers, &devices);
+ if (istat)
+ {
+ return -1;
+ }
+ istat = HPDriversMatchPCCardDevices(drivers, &devices);
+ if (istat)
+ {
+ return -1;
+ }
+
+ HPDevice* a = devices;
+ for (; a; a = a->m_next)
+ {
+ int found = 0;
+ HPDevice* b = sDeviceList;
+ for (; b; b = b->m_next)
+ {
+ if (HPDeviceEquals(a, b))
+ {
+ found = 1;
+ break;
+ }
+ }
+ if (!found)
+ {
+ RFAddReader(a->m_driver->m_friendlyName,
+ PCSCLITE_HP_BASE_PORT + a->m_address,
+ a->m_driver->m_libPath);
+ }
+ }
+
+ a = sDeviceList;
+ for (; a; a = a->m_next)
+ {
+ int found = 0;
+ HPDevice* b = devices;
+ for (; b; b = b->m_next)
+ {
+ if (HPDeviceEquals(a, b))
+ {
+ found = 1;
+ break;
+ }
+ }
+ if (!found)
+ {
+ RFRemoveReader(a->m_driver->m_friendlyName,
+ PCSCLITE_HP_BASE_PORT + a->m_address);
+ }
+ }
+
+ HPDeviceListRelease(sDeviceList);
+ sDeviceList = devices;
+ HPDriverVectorRelease(drivers);
+ return 0;
+}
+
+
+PCSCLITE_THREAD_T sHotplugWatcherThread;
+
+/*
+ * Sets up callbacks for device hotplug events.
+ */
+LONG
+HPRegisterForHotplugEvents()
+{
+ LONG sstat;
+ sstat = SYS_ThreadCreate(&sHotplugWatcherThread,
+ NULL,
+ (LPVOID)HPDeviceNotificationThread,
+ NULL);
+ return 0;
+}
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/hotplug_macosx.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/hotplug_macosx.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/hotplug_macosx.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,166 @@
+/*
+ * Copyright (c) 2000-2006 Apple Computer, Inc. All Rights Reserved.
+ * The contents of this file constitute Original Code as defined in and are
+ * subject to the Apple Public Source License Version 1.2 (the 'License').
+ * You may not use this file except in compliance with the License. Please
+ * obtain a copy of the License at http://www.apple.com/publicsource and
+ * read it before using this file.
+ *
+ * This Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS
+ * FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please
+ * see the License for the specific language governing rights and
+ * limitations under the License.
+ */
+
+/******************************************************************
+
+ MUSCLE SmartCard Development ( http://www.linuxnet.com )
+ Title : hotplug_macosx.c
+ Package: pcsc lite
+ Author : Stephen M. Webb <stephenw at cryptocard.com>
+ Date : 03 Dec 2002
+ License: Copyright (C) 2002 David Corcoran
+ <corcoran at linuxnet.com>
+ Purpose: This provides a search API for hot pluggble
+ devices.
+
+********************************************************************/
+
+#include "wintypes.h"
+
+#include "hotplug.h"
+#include "pthread.h"
+#include "PCSCDriverBundles.h"
+#include "pcscdserver.h"
+#include "pcscdmonitor.h"
+#include <security_utilities/debugging.h>
+
+const uint32_t kPCSCLITE_HP_BASE_PORT = 0x200000;
+PCSCDMonitor *gPCSCDMonitor = NULL;
+static Security::MachPlusPlus::Port gMainServerPort;
+
+#ifndef HOTPLUGTEST
+ #include "readerfactory.h"
+#else
+LONG RFAddReader(LPSTR, DWORD, LPSTR)
+{
+ return 0;
+}
+
+LONG RFRemoveReader(LPSTR, DWORD)
+{
+ return 0;
+}
+#endif
+
+// See PCSCDMonitor::addDevice for where this is actually called
+
+int32_t WrapRFAddReader(const char *name, uint32_t address, const char *pathLibrary, const char *deviceName)
+{
+ secdebug("device", "RFAddReader: name: %s, address: %04X, pathLibrary: %s, pathDevice: %s", name, address, pathLibrary, deviceName);
+ return RFAddReader(const_cast<char *>(name), kPCSCLITE_HP_BASE_PORT+address, const_cast<char *>(pathLibrary), const_cast<char *>(deviceName));
+}
+
+int32_t WrapRFRemoveReader(const char *name, uint32_t address)
+{
+ secdebug("device", "RFRemoveReader: name: %s, address: %04X", name, address);
+ return RFRemoveReader(const_cast<char *>(name), kPCSCLITE_HP_BASE_PORT+address);
+}
+
+int32_t WrapRFAwakeAllReaders()
+{
+ secdebug("device", "RFAwakeAllReaders");
+ RFAwakeAllReaders();
+ return 0;
+}
+
+int32_t WrapRFSuspendAllReaders()
+{
+ secdebug("device", "RFSuspendAllReaders");
+ RFSuspendAllReaders();
+ return 0;
+}
+
+static void *HPDeviceNotificationThread(void *foo)
+{
+ try
+ {
+ // Thread runner (does not return)
+ PCSCD::DriverBundles bdls;
+ PCSCD::Server myserv("hotplug");
+ PCSCDMonitor xmon(myserv,bdls);
+ gPCSCDMonitor = &xmon;
+ gMainServerPort = myserv.primaryServicePort();
+ xmon.setCallbacks(WrapRFAddReader, WrapRFRemoveReader, WrapRFSuspendAllReaders, WrapRFAwakeAllReaders);
+ bdls.update();
+ myserv.run();
+ }
+ catch (Security::MachPlusPlus::Error e)
+ {
+ char *perr = (char *)mach_error_string(e.error);
+ if (perr)
+ secdebug("device", "Caught error in xx: %s, error: %04lX", perr, e.osStatus());
+ else
+ secdebug("device", "Caught error in xx: %04X", e.error);
+ }
+ catch (...)
+ {
+ }
+ exit(0);
+ return NULL; // never gets here
+}
+
+void systemAwakeAndReadyCheck()
+{
+ gPCSCDMonitor->systemAwakeAndReadyCheck();
+}
+
+/*
+ * Scans the hotplug driver directory and looks in the system for matching devices.
+ * Adds or removes matching readers as necessary.
+ */
+int32_t HPSearchHotPluggables()
+{
+ // this function is a no-op now
+ return 0;
+}
+
+static pthread_t sHotplugWatcherThread;
+
+int32_t HPRegisterForHotplugEvents()
+{
+ return HPRegisterForHotplugEventsT(&sHotplugWatcherThread);
+}
+
+int32_t HPRegisterForHotplugEventsT(pthread_t *wthread)
+{
+ // Sets up callbacks for device hotplug events
+ int rx = pthread_create(wthread, NULL, HPDeviceNotificationThread, NULL);
+ return rx;
+}
+
+LONG HPStopHotPluggables(void)
+{
+ int rx = pthread_detach(sHotplugWatcherThread);
+ return rx;
+}
+
+void HPReCheckSerialReaders(void)
+{
+}
+
+LONG HPCancelHotPluggables(void)
+{
+ int rx = pthread_cancel(sHotplugWatcherThread);
+ return rx;
+}
+
+LONG HPJoinHotPluggables(void)
+{
+ char *value_ptr;
+ int rx = pthread_join(sHotplugWatcherThread, (void **)&value_ptr);
+ return rx;
+}
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/ifdhandler.h
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/ifdhandler.h (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/ifdhandler.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,240 @@
+/*
+ * Copyright (c) 2000-2007 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * ifdhandler.h
+ * SmartCardServices
+ */
+
+/*
+ * MUSCLE SmartCard Development ( http://www.linuxnet.com )
+ *
+ * Copyright (C) 1999-2004
+ * David Corcoran <corcoran at linuxnet.com>
+ * Damien Sauveron <damien.sauveron at labri.fr>
+ *
+ * $Id: ifdhandler.h 2348 2007-01-20 15:12:19Z rousseau $
+ */
+
+/**
+ * @file
+ * @brief This provides reader specific low-level calls.
+ */
+
+#ifndef _ifd_handler_h_
+#define _ifd_handler_h_
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+
+ /*
+ * List of data structures available to ifdhandler
+ */
+
+ typedef struct _DEVICE_CAPABILITIES
+ {
+ LPSTR Vendor_Name; /* Tag 0x0100 */
+ LPSTR IFD_Type; /* Tag 0x0101 */
+ DWORD IFD_Version; /* Tag 0x0102 */
+ LPSTR IFD_Serial; /* Tag 0x0103 */
+ DWORD IFD_Channel_ID; /* Tag 0x0110 */
+
+ DWORD Asynch_Supported; /* Tag 0x0120 */
+ DWORD Default_Clock; /* Tag 0x0121 */
+ DWORD Max_Clock; /* Tag 0x0122 */
+ DWORD Default_Data_Rate; /* Tag 0x0123 */
+ DWORD Max_Data_Rate; /* Tag 0x0124 */
+ DWORD Max_IFSD; /* Tag 0x0125 */
+ DWORD Synch_Supported; /* Tag 0x0126 */
+ DWORD Power_Mgmt; /* Tag 0x0131 */
+ DWORD Card_Auth_Devices; /* Tag 0x0140 */
+ DWORD User_Auth_Device; /* Tag 0x0142 */
+ DWORD Mechanics_Supported; /* Tag 0x0150 */
+ DWORD Vendor_Features; /* Tag 0x0180 - 0x01F0 User Defined. */
+ }
+ DEVICE_CAPABILITIES, *PDEVICE_CAPABILITIES;
+
+ typedef struct _ICC_STATE
+ {
+ UCHAR ICC_Presence; /* Tag 0x0300 */
+ UCHAR ICC_Interface_Status; /* Tag 0x0301 */
+ UCHAR ATR[MAX_ATR_SIZE]; /* Tag 0x0303 */
+ UCHAR ICC_Type; /* Tag 0x0304 */
+ }
+ ICC_STATE, *PICC_STATE;
+
+ typedef struct _PROTOCOL_OPTIONS
+ {
+ DWORD Protocol_Type; /* Tag 0x0201 */
+ DWORD Current_Clock; /* Tag 0x0202 */
+ DWORD Current_F; /* Tag 0x0203 */
+ DWORD Current_D; /* Tag 0x0204 */
+ DWORD Current_N; /* Tag 0x0205 */
+ DWORD Current_W; /* Tag 0x0206 */
+ DWORD Current_IFSC; /* Tag 0x0207 */
+ DWORD Current_IFSD; /* Tag 0x0208 */
+ DWORD Current_BWT; /* Tag 0x0209 */
+ DWORD Current_CWT; /* Tag 0x020A */
+ DWORD Current_EBC; /* Tag 0x020B */
+ }
+ PROTOCOL_OPTIONS, *PPROTOCOL_OPTIONS;
+
+ typedef struct _SCARD_IO_HEADER
+ {
+ DWORD Protocol;
+ DWORD Length;
+ }
+ SCARD_IO_HEADER, *PSCARD_IO_HEADER;
+
+ /*
+ * End of structure list
+ */
+
+ /*
+ * The list of tags should be alot more but this is all I use in the
+ * meantime
+ */
+
+#define TAG_IFD_ATR 0x0303
+#define TAG_IFD_SLOTNUM 0x0180
+#define TAG_IFD_SLOT_THREAD_SAFE 0x0FAC
+#define TAG_IFD_THREAD_SAFE 0x0FAD
+#define TAG_IFD_SLOTS_NUMBER 0x0FAE
+#define TAG_IFD_SIMULTANEOUS_ACCESS 0x0FAF
+
+ /*
+ * End of tag list
+ */
+
+ /*
+ * IFD Handler version number enummerations
+ */
+#define IFD_HVERSION_1_0 0x00010000
+#define IFD_HVERSION_2_0 0x00020000
+#define IFD_HVERSION_3_0 0x00030000
+ /*
+ * End of version number enummerations
+ */
+
+ /*
+ * List of defines available to ifdhandler
+ */
+
+#define IFD_POWER_UP 500
+#define IFD_POWER_DOWN 501
+#define IFD_RESET 502
+
+#define IFD_NEGOTIATE_PTS1 1
+#define IFD_NEGOTIATE_PTS2 2
+#define IFD_NEGOTIATE_PTS3 4
+
+#define IFD_SUCCESS 0
+#define IFD_ERROR_TAG 600
+#define IFD_ERROR_SET_FAILURE 601
+#define IFD_ERROR_VALUE_READ_ONLY 602
+#define IFD_ERROR_PTS_FAILURE 605
+#define IFD_ERROR_NOT_SUPPORTED 606
+#define IFD_PROTOCOL_NOT_SUPPORTED 607
+#define IFD_ERROR_POWER_ACTION 608
+#define IFD_ERROR_SWALLOW 609
+#define IFD_ERROR_EJECT 610
+#define IFD_ERROR_CONFISCATE 611
+#define IFD_COMMUNICATION_ERROR 612
+#define IFD_RESPONSE_TIMEOUT 613
+#define IFD_NOT_SUPPORTED 614
+#define IFD_ICC_PRESENT 615
+#define IFD_ICC_NOT_PRESENT 616
+#define IFD_NO_SUCH_DEVICE 617
+
+// typedef long RESPONSECODE;
+
+ /*
+ * If you want to compile a V2.0 IFDHandler, define IFDHANDLERv2 before you
+ * include this file.
+ *
+ * By default it is setup for for most recent version of the API (V3.0)
+ */
+
+#ifndef IFDHANDLERv2
+
+ /*
+ * List of Defined Functions Available to IFD_Handler 3.0
+ *
+ * All the functions of IFD_Handler 2.0 are available
+ * IFDHCreateChannelByName() is new
+ * IFDHControl() API changed
+ */
+
+ RESPONSECODE IFDHCreateChannelByName(DWORD, LPSTR);
+ RESPONSECODE IFDHControl(DWORD, DWORD, PUCHAR, DWORD, PUCHAR,
+ DWORD, LPDWORD);
+#else
+
+ /*
+ * List of Defined Functions Available to IFD_Handler 2.0
+ */
+
+ RESPONSECODE IFDHControl(DWORD, PUCHAR, DWORD, PUCHAR, PDWORD);
+
+#endif
+
+ /*
+ * common functions in IFD_Handler 2.0 and 3.0
+ */
+ RESPONSECODE IFDHCreateChannel(DWORD, DWORD);
+ RESPONSECODE IFDHCloseChannel(DWORD);
+ RESPONSECODE IFDHGetCapabilities(DWORD, DWORD, PDWORD, PUCHAR);
+ RESPONSECODE IFDHSetCapabilities(DWORD, DWORD, DWORD, PUCHAR);
+ RESPONSECODE IFDHSetProtocolParameters(DWORD, DWORD, UCHAR,
+ UCHAR, UCHAR, UCHAR);
+ RESPONSECODE IFDHPowerICC(DWORD, DWORD, PUCHAR, PDWORD);
+ RESPONSECODE IFDHTransmitToICC(DWORD, SCARD_IO_HEADER, PUCHAR,
+ DWORD, PUCHAR, PDWORD, PSCARD_IO_HEADER);
+ RESPONSECODE IFDHICCPresence(DWORD);
+
+ /*
+ * List of Defined Functions Available to IFD_Handler 1.0
+ */
+
+ RESPONSECODE IO_Create_Channel(DWORD);
+ RESPONSECODE IO_Close_Channel();
+ RESPONSECODE IFD_Get_Capabilities(DWORD, PUCHAR);
+ RESPONSECODE IFD_Set_Capabilities(DWORD, PUCHAR);
+ RESPONSECODE IFD_Set_Protocol_Parameters(DWORD, UCHAR, UCHAR,
+ UCHAR, UCHAR);
+ RESPONSECODE IFD_Power_ICC(DWORD);
+ RESPONSECODE IFD_Swallow_ICC();
+ RESPONSECODE IFD_Eject_ICC();
+ RESPONSECODE IFD_Confiscate_ICC();
+ RESPONSECODE IFD_Transmit_to_ICC(SCARD_IO_HEADER, PUCHAR, DWORD,
+ PUCHAR, PDWORD, PSCARD_IO_HEADER);
+ RESPONSECODE IFD_Is_ICC_Present();
+ RESPONSECODE IFD_Is_ICC_Absent();
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/ifdwrapper.c
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/ifdwrapper.c (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/ifdwrapper.c 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,804 @@
+/*
+ * Copyright (c) 2000-2007 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * ifdwrapper.c
+ * SmartCardServices
+ */
+
+/*
+ * MUSCLE SmartCard Development ( http://www.linuxnet.com )
+ *
+ * Copyright (C) 1999-2004
+ * David Corcoran <corcoran at linuxnet.com>
+ * Damien Sauveron <damien.sauveron at labri.fr>
+ * Ludovic Rousseau <ludovic.rousseau at free.fr>
+ *
+ * $Id: ifdwrapper.c 2377 2007-02-05 13:13:56Z rousseau $
+ */
+
+/**
+ * @file
+ * @brief This wraps the dynamic ifdhandler functions.
+ */
+
+#include "config.h"
+#include "wintypes.h"
+#include "pcsclite.h"
+#include "ifdhandler.h"
+#include "debuglog.h"
+#include "readerfactory.h"
+#include "ifdwrapper.h"
+#include "atrhandler.h"
+#include "dyn_generic.h"
+#include "sys_generic.h"
+
+#include <security_utilities/debugging.h>
+
+#undef PCSCLITE_STATIC_DRIVER
+
+/*
+ * Function: IFDSetPTS Purpose : To set the protocol type selection (PTS).
+ * This function sets the appropriate protocol to be used on the card.
+ */
+
+LONG IFDSetPTS(PREADER_CONTEXT rContext, DWORD dwProtocol, UCHAR ucFlags,
+ UCHAR ucPTS1, UCHAR ucPTS2, UCHAR ucPTS3)
+{
+ RESPONSECODE rv = IFD_SUCCESS;
+ UCHAR ucValue[1];
+
+#ifndef PCSCLITE_STATIC_DRIVER
+ RESPONSECODE(*IFD_set_protocol_parameters) (DWORD, UCHAR, UCHAR,
+ UCHAR, UCHAR) = NULL;
+ RESPONSECODE(*IFDH_set_protocol_parameters) (DWORD, DWORD, UCHAR,
+ UCHAR, UCHAR, UCHAR) = NULL;
+
+ if (rContext->dwVersion == IFD_HVERSION_1_0)
+ {
+ IFD_set_protocol_parameters = (RESPONSECODE(*)(DWORD, UCHAR, UCHAR,
+ UCHAR, UCHAR)) rContext->psFunctions.psFunctions_v1.pvfSetProtocolParameters;
+
+ if (NULL == IFD_set_protocol_parameters)
+ return SCARD_E_UNSUPPORTED_FEATURE;
+ }
+ else
+ {
+ IFDH_set_protocol_parameters = (RESPONSECODE(*)(DWORD, DWORD, UCHAR,
+ UCHAR, UCHAR, UCHAR))
+ rContext->psFunctions.psFunctions_v2.pvfSetProtocolParameters;
+
+ if (NULL == IFDH_set_protocol_parameters)
+ return SCARD_E_UNSUPPORTED_FEATURE;
+ }
+#endif
+
+ /*
+ * Locking is done in winscard.c SCardConnect() and SCardReconnect()
+ *
+ * This avoids renegotiating the protocol and confusing the card
+ * Error returned by CCID driver is: CCID_Receive Procedure byte conflict
+ */
+
+ ucValue[0] = rContext->dwSlot;
+
+#ifndef PCSCLITE_STATIC_DRIVER
+ if (rContext->dwVersion == IFD_HVERSION_1_0)
+ {
+ ucValue[0] = rContext->dwSlot;
+ IFDSetCapabilities(rContext, TAG_IFD_SLOTNUM, 1, ucValue);
+ rv = (*IFD_set_protocol_parameters) (dwProtocol,
+ ucFlags, ucPTS1, ucPTS2, ucPTS3);
+ }
+ else
+ {
+ rv = (*IFDH_set_protocol_parameters) (rContext->dwSlot,
+ dwProtocol,
+ ucFlags, ucPTS1,
+ ucPTS2, ucPTS3);
+ }
+#else
+ if (rContext->dwVersion == IFD_HVERSION_1_0)
+ {
+ ucValue[0] = rContext->dwSlot;
+ IFDSetCapabilities(rContext, TAG_IFD_SLOTNUM, 1, ucValue);
+ rv = IFD_Set_Protocol_Parameters(dwProtocol, ucFlags, ucPTS1,
+ ucPTS2, ucPTS3);
+ }
+ else
+ {
+ rv = IFDHSetProtocolParameters(rContext->dwSlot, dwProtocol,
+ ucFlags, ucPTS1, ucPTS2, ucPTS3);
+ }
+#endif
+
+ return rv;
+}
+
+/*
+ * Function: IFDOpenIFD Purpose : This function opens a communication
+ * channel to the IFD.
+ */
+
+LONG IFDOpenIFD(PREADER_CONTEXT rContext)
+{
+ RESPONSECODE rv = 0;
+
+#ifndef PCSCLITE_STATIC_DRIVER
+ RESPONSECODE(*IO_create_channel) (DWORD) = NULL;
+ RESPONSECODE(*IFDH_create_channel) (DWORD, DWORD) = NULL;
+ RESPONSECODE(*IFDH_create_channel_by_name) (DWORD, LPSTR) = NULL;
+
+ if (rContext->dwVersion == IFD_HVERSION_1_0)
+ IO_create_channel =
+ rContext->psFunctions.psFunctions_v1.pvfCreateChannel;
+ else
+ if (rContext->dwVersion == IFD_HVERSION_2_0)
+ IFDH_create_channel =
+ rContext->psFunctions.psFunctions_v2.pvfCreateChannel;
+ else
+ {
+ IFDH_create_channel =
+ rContext->psFunctions.psFunctions_v3.pvfCreateChannel;
+ IFDH_create_channel_by_name =
+ rContext->psFunctions.psFunctions_v3.pvfCreateChannelByName;
+ }
+#endif
+
+ /*
+ * LOCK THIS CODE REGION
+ */
+
+ SYS_MutexLock(rContext->mMutex);
+#ifndef PCSCLITE_STATIC_DRIVER
+ if (rContext->dwVersion == IFD_HVERSION_1_0)
+ {
+ rv = (*IO_create_channel) (rContext->dwPort);
+ } else if (rContext->dwVersion == IFD_HVERSION_2_0)
+ {
+ rv = (*IFDH_create_channel) (rContext->dwSlot, rContext->dwPort);
+ } else
+ {
+ /* use device name only if defined */
+ if (rContext->lpcDevice[0] != '\0')
+ rv = (*IFDH_create_channel_by_name) (rContext->dwSlot, rContext->lpcDevice);
+ else
+ rv = (*IFDH_create_channel) (rContext->dwSlot, rContext->dwPort);
+ }
+#else
+ if (rContext->dwVersion == IFD_HVERSION_1_0)
+ {
+ rv = IO_Create_Channel(rContext->dwPort);
+ } else if (rContext->dwVersion == IFD_HVERSION_2_0)
+ {
+ rv = IFDHCreateChannel(rContext->dwSlot, rContext->dwPort);
+ } else
+ {
+ /* Use device name only if defined */
+ if (rContext->lpcDevice[0] != '\0')
+ rv = IFDHCreateChannelByName(rContext->dwSlot, rContext->lpcDevice);
+ else
+ rv = IFDHCreateChannel(rContext->dwSlot, rContext->dwPort);
+ }
+#endif
+ SYS_MutexUnLock(rContext->mMutex);
+
+ /*
+ * END OF LOCKED REGION
+ */
+
+ return rv;
+}
+
+/*
+ * Function: IFDCloseIFD Purpose : This function closes a communication
+ * channel to the IFD.
+ */
+
+LONG IFDCloseIFD(PREADER_CONTEXT rContext)
+{
+ RESPONSECODE rv = IFD_SUCCESS;
+
+#ifndef PCSCLITE_STATIC_DRIVER
+ RESPONSECODE(*IO_close_channel) () = NULL;
+ RESPONSECODE(*IFDH_close_channel) (DWORD) = NULL;
+
+ if (rContext->dwVersion == IFD_HVERSION_1_0)
+ IO_close_channel = rContext->psFunctions.psFunctions_v1.pvfCloseChannel;
+ else
+ IFDH_close_channel = rContext->psFunctions.psFunctions_v2.pvfCloseChannel;
+#endif
+
+ /*
+ * LOCK THIS CODE REGION
+ */
+
+ SYS_MutexLock(rContext->mMutex);
+#ifndef PCSCLITE_STATIC_DRIVER
+ if (rContext->dwVersion == IFD_HVERSION_1_0)
+
+ rv = (*IO_close_channel) ();
+ else
+ rv = (*IFDH_close_channel) (rContext->dwSlot);
+#else
+ if (rContext->dwVersion == IFD_HVERSION_1_0)
+ rv = IO_Close_Channel();
+ else
+ rv = IFDHCloseChannel(rContext->dwSlot);
+#endif
+ SYS_MutexUnLock(rContext->mMutex);
+
+ /*
+ * END OF LOCKED REGION
+ */
+
+ return rv;
+}
+
+/*
+ * Function: IFDSetCapabilites Purpose : This function set's capabilities
+ * in the reader.
+ */
+
+LONG IFDSetCapabilities(PREADER_CONTEXT rContext, DWORD dwTag,
+ DWORD dwLength, PUCHAR pucValue)
+{
+ RESPONSECODE rv = IFD_SUCCESS;
+
+#ifndef PCSCLITE_STATIC_DRIVER
+ RESPONSECODE(*IFD_set_capabilities) (DWORD, PUCHAR) = NULL;
+ RESPONSECODE(*IFDH_set_capabilities) (DWORD, DWORD, DWORD, PUCHAR) = NULL;
+
+ if (rContext->dwVersion == IFD_HVERSION_1_0)
+ IFD_set_capabilities = rContext->psFunctions.psFunctions_v1.pvfSetCapabilities;
+ else
+ IFDH_set_capabilities = rContext->psFunctions.psFunctions_v2.pvfSetCapabilities;
+#endif
+
+ /*
+ * Let the calling function lock this otherwise a deadlock will
+ * result
+ */
+
+#ifndef PCSCLITE_STATIC_DRIVER
+ if (rContext->dwVersion == IFD_HVERSION_1_0)
+ rv = (*IFD_set_capabilities) (dwTag, pucValue);
+ else
+ rv = (*IFDH_set_capabilities) (rContext->dwSlot, dwTag,
+ dwLength, pucValue);
+#else
+ if (rContext->dwVersion == IFD_HVERSION_1_0)
+ rv = IFD_Set_Capabilities(dwTag, pucValue);
+ else
+ rv = IFDHSetCapabilities(rContext->dwSlot, dwTag, dwLength,
+ pucValue);
+#endif
+
+ return rv;
+}
+
+/*
+ * Function: IFDGetCapabilites Purpose : This function get's capabilities
+ * in the reader. Other functions int this file will call the driver
+ * directly to not cause a deadlock.
+ */
+
+LONG IFDGetCapabilities(PREADER_CONTEXT rContext, DWORD dwTag,
+ PDWORD pdwLength, PUCHAR pucValue)
+{
+ RESPONSECODE rv = IFD_SUCCESS;
+
+#ifndef PCSCLITE_STATIC_DRIVER
+ RESPONSECODE(*IFD_get_capabilities) (DWORD, PUCHAR) = NULL;
+ RESPONSECODE(*IFDH_get_capabilities) (DWORD, DWORD, PDWORD, PUCHAR) = NULL;
+
+ if (rContext->dwVersion == IFD_HVERSION_1_0)
+ IFD_get_capabilities =
+ rContext->psFunctions.psFunctions_v1.pvfGetCapabilities;
+ else
+ IFDH_get_capabilities =
+ rContext->psFunctions.psFunctions_v2.pvfGetCapabilities;
+#endif
+
+ /*
+ * LOCK THIS CODE REGION
+ */
+
+ SYS_MutexLock(rContext->mMutex);
+
+#ifndef PCSCLITE_STATIC_DRIVER
+ if (rContext->dwVersion == IFD_HVERSION_1_0)
+ rv = (*IFD_get_capabilities) (dwTag, pucValue);
+ else
+ rv = (*IFDH_get_capabilities) (rContext->dwSlot, dwTag,
+ pdwLength, pucValue);
+#else
+ if (rContext->dwVersion == IFD_HVERSION_1_0)
+ rv = IFD_Get_Capabilities(dwTag, pucValue);
+ else
+ rv = IFDHGetCapabilities(rContext->dwSlot, dwTag, pdwLength,
+ pucValue);
+#endif
+
+ SYS_MutexUnLock(rContext->mMutex);
+
+ /*
+ * END OF LOCKED REGION
+ */
+
+ return rv;
+}
+
+/*
+ * Function: IFDPowerICC Purpose : This function powers up/down or reset's
+ * an ICC located in the IFD.
+ */
+
+LONG IFDPowerICC(PREADER_CONTEXT rContext, DWORD dwAction,
+ const unsigned char *pucAtr, PDWORD pdwAtrLen)
+{
+ RESPONSECODE rv;
+ short ret;
+ SMARTCARD_EXTENSION sSmartCard;
+ DWORD dwStatus;
+ UCHAR ucValue[1];
+
+#ifndef PCSCLITE_STATIC_DRIVER
+ RESPONSECODE(*IFD_power_icc) (DWORD) = NULL;
+ RESPONSECODE(*IFDH_power_icc) (DWORD, DWORD, PUCHAR, PDWORD) = NULL;
+#endif
+
+ /*
+ * Zero out everything
+ */
+ rv = IFD_SUCCESS;
+ dwStatus = 0;
+ ucValue[0] = 0;
+
+ /*
+ * Check that the card is inserted first
+ */
+ IFDStatusICC(rContext, &dwStatus, pucAtr, pdwAtrLen);
+
+ if (dwStatus & SCARD_ABSENT)
+ return SCARD_W_REMOVED_CARD;
+#ifndef PCSCLITE_STATIC_DRIVER
+ if (rContext->dwVersion == IFD_HVERSION_1_0)
+ IFD_power_icc = rContext->psFunctions.psFunctions_v1.pvfPowerICC;
+ else
+ IFDH_power_icc = rContext->psFunctions.psFunctions_v2.pvfPowerICC;
+#endif
+
+ /*
+ * LOCK THIS CODE REGION
+ */
+
+ SYS_MutexLock(rContext->mMutex);
+
+#ifndef PCSCLITE_STATIC_DRIVER
+ if (rContext->dwVersion == IFD_HVERSION_1_0)
+ {
+ ucValue[0] = rContext->dwSlot;
+ IFDSetCapabilities(rContext, TAG_IFD_SLOTNUM, 1, ucValue);
+ rv = (*IFD_power_icc) (dwAction);
+ }
+ else
+ {
+ rv = (*IFDH_power_icc) (rContext->dwSlot, dwAction,
+ (unsigned char *)pucAtr, pdwAtrLen);
+
+ ret = ATRDecodeAtr(&sSmartCard, pucAtr, *pdwAtrLen);
+ }
+#else
+ if (rContext->dwVersion == IFD_HVERSION_1_0)
+ {
+ ucValue[0] = rContext->dwSlot;
+ IFDSetCapabilities(rContext, TAG_IFD_SLOTNUM, 1, ucValue);
+ rv = IFD_Power_ICC(dwAction);
+ }
+ else
+ rv = IFDHPowerICC(rContext->dwSlot, dwAction, pucAtr, pdwAtrLen);
+#endif
+ SYS_MutexUnLock(rContext->mMutex);
+
+ /*
+ * END OF LOCKED REGION
+ */
+
+ /* use clean values in case of error */
+ if (rv != IFD_SUCCESS)
+ {
+ *pdwAtrLen = 0;
+// pucAtr[0] = '\0';
+
+ if (rv == IFD_NO_SUCH_DEVICE)
+ {
+ // SendHotplugSignal();
+ return SCARD_E_READER_UNAVAILABLE;
+ }
+
+ return SCARD_E_NOT_TRANSACTED;
+ }
+
+ /*
+ * Get the ATR and it's length
+ */
+ if (rContext->dwVersion == IFD_HVERSION_1_0)
+ IFDStatusICC(rContext, &dwStatus, pucAtr, pdwAtrLen);
+
+ return rv;
+}
+
+/*
+ * Function: IFDStatusICC Purpose : This function provides statistical
+ * information about the IFD and ICC including insertions, atr, powering
+ * status/etc.
+ */
+
+LONG IFDStatusICC(PREADER_CONTEXT rContext, PDWORD pdwStatus,
+ const unsigned char *pucAtr, PDWORD pdwAtrLen)
+{
+ RESPONSECODE rv = IFD_SUCCESS;
+ DWORD dwTag = 0, dwCardStatus = 0;
+ SMARTCARD_EXTENSION sSmartCard;
+ UCHAR ucValue[1] = "\x00";
+
+#ifndef PCSCLITE_STATIC_DRIVER
+ RESPONSECODE(*IFD_is_icc_present) () = NULL;
+ RESPONSECODE(*IFDH_icc_presence) (DWORD) = NULL;
+ RESPONSECODE(*IFD_get_capabilities) (DWORD, PUCHAR) = NULL;
+
+ if (rContext->dwVersion == IFD_HVERSION_1_0)
+ {
+ IFD_is_icc_present =
+ rContext->psFunctions.psFunctions_v1.pvfICCPresence;
+ IFD_get_capabilities =
+ rContext->psFunctions.psFunctions_v1.pvfGetCapabilities;
+ }
+ else
+ {
+ IFDH_icc_presence = rContext->psFunctions.psFunctions_v2.pvfICCPresence;
+ // Defensive measure
+ if (!IFDH_icc_presence)
+ return SCARD_E_SYSTEM_CANCELLED;
+ }
+#endif
+
+ /*
+ * LOCK THIS CODE REGION
+ */
+
+ SYS_MutexLock(rContext->mMutex);
+
+#ifndef PCSCLITE_STATIC_DRIVER
+ if (rContext->dwVersion == IFD_HVERSION_1_0)
+ {
+ ucValue[0] = rContext->dwSlot;
+ IFDSetCapabilities(rContext, TAG_IFD_SLOTNUM, 1, ucValue);
+ rv = (*IFD_is_icc_present) ();
+ }
+ else
+ rv = (*IFDH_icc_presence) (rContext->dwSlot);
+#else
+ if (rContext->dwVersion == IFD_HVERSION_1_0)
+ {
+ ucValue[0] = rContext->dwSlot;
+ IFDSetCapabilities(rContext, TAG_IFD_SLOTNUM, 1, ucValue);
+ rv = IFD_Is_ICC_Present();
+ }
+ else
+ rv = IFDHICCPresence(rContext->dwSlot);
+#endif
+ SYS_MutexUnLock(rContext->mMutex);
+
+ /*
+ * END OF LOCKED REGION
+ */
+
+ if (rv == IFD_SUCCESS || rv == IFD_ICC_PRESENT)
+ dwCardStatus |= SCARD_PRESENT;
+ else
+ if (rv == IFD_ICC_NOT_PRESENT)
+ dwCardStatus |= SCARD_ABSENT;
+ else
+ {
+ Log2(PCSC_LOG_ERROR, "Card not transacted: %ld", rv);
+ *pdwStatus = SCARD_UNKNOWN;
+
+ if (rv == IFD_NO_SUCH_DEVICE)
+ {
+ // SendHotplugSignal();
+ return SCARD_E_READER_UNAVAILABLE;
+ }
+
+ return SCARD_E_NOT_TRANSACTED;
+ }
+
+ /*
+ * Now lets get the ATR and process it if IFD Handler version 1.0.
+ * IFD Handler version 2.0 does this immediately after reset/power up
+ * to conserve resources
+ */
+
+ if (rContext->dwVersion == IFD_HVERSION_1_0)
+ {
+ if (rv == IFD_SUCCESS || rv == IFD_ICC_PRESENT)
+ {
+ short ret;
+
+ dwTag = TAG_IFD_ATR;
+
+ /*
+ * LOCK THIS CODE REGION
+ */
+
+ SYS_MutexLock(rContext->mMutex);
+
+ ucValue[0] = rContext->dwSlot;
+ IFDSetCapabilities(rContext, TAG_IFD_SLOTNUM, 1, ucValue);
+
+#ifndef PCSCLITE_STATIC_DRIVER
+ rv = (*IFD_get_capabilities) (dwTag, (unsigned char *)pucAtr);
+#else
+ rv = IFD_Get_Capabilities(dwTag, pucAtr);
+#endif
+ SYS_MutexUnLock(rContext->mMutex);
+
+ /*
+ * END OF LOCKED REGION
+ */
+
+ /*
+ * FIX :: This is a temporary way to return the correct size
+ * of the ATR since most of the drivers return MAX_ATR_SIZE
+ */
+
+ ret = ATRDecodeAtr(&sSmartCard, pucAtr, MAX_ATR_SIZE);
+
+ /*
+ * Might be a memory card without an ATR
+ */
+ if (ret == 0)
+ *pdwAtrLen = 0;
+ else
+ *pdwAtrLen = sSmartCard.ATR.Length;
+ }
+ else
+ {
+ /*
+ * No card is inserted - Atr length is 0
+ */
+ *pdwAtrLen = 0;
+ }
+ /*
+ * End of FIX
+ */
+ }
+
+ *pdwStatus = dwCardStatus;
+
+ return SCARD_S_SUCCESS;
+}
+
+/*
+ * Function: IFDControl Purpose : This function provides a means for
+ * toggling a specific action on the reader such as swallow, eject,
+ * biometric.
+ */
+
+/*
+ * Valid only for IFDHandler version 2.0
+ */
+
+LONG IFDControl_v2(PREADER_CONTEXT rContext, PUCHAR TxBuffer,
+ DWORD TxLength, PUCHAR RxBuffer, PDWORD RxLength)
+{
+ RESPONSECODE rv = IFD_SUCCESS;
+
+#ifndef PCSCLITE_STATIC_DRIVER
+ RESPONSECODE(*IFDH_control_v2) (DWORD, PUCHAR, DWORD, PUCHAR, PDWORD);
+#endif
+
+ if (rContext->dwVersion != IFD_HVERSION_2_0)
+ return SCARD_E_UNSUPPORTED_FEATURE;
+
+#ifndef PCSCLITE_STATIC_DRIVER
+ IFDH_control_v2 = rContext->psFunctions.psFunctions_v2.pvfControl;
+#endif
+
+ /*
+ * LOCK THIS CODE REGION
+ */
+ SYS_MutexLock(rContext->mMutex);
+
+#ifndef PCSCLITE_STATIC_DRIVER
+ rv = (*IFDH_control_v2) (rContext->dwSlot, TxBuffer, TxLength,
+ RxBuffer, RxLength);
+#else
+ rv = IFDHControl_v2(rContext->dwSlot, TxBuffer, TxLength,
+ RxBuffer, RxLength);
+#endif
+ SYS_MutexUnLock(rContext->mMutex);
+ /*
+ * END OF LOCKED REGION
+ */
+
+ if (rv == IFD_SUCCESS)
+ return SCARD_S_SUCCESS;
+ else
+ {
+ Log2(PCSC_LOG_ERROR, "Card not transacted: %ld", rv);
+ return SCARD_E_NOT_TRANSACTED;
+ }
+}
+
+/*
+ * Function: IFDControl Purpose : This function provides a means for
+ * toggling a specific action on the reader such as swallow, eject,
+ * biometric.
+ */
+
+/*
+ * Valid only for IFDHandler version 3.0 and up
+ */
+
+LONG IFDControl(PREADER_CONTEXT rContext, DWORD ControlCode,
+ LPCVOID TxBuffer, DWORD TxLength, LPVOID RxBuffer, DWORD RxLength,
+ LPDWORD BytesReturned)
+{
+ RESPONSECODE rv = IFD_SUCCESS;
+
+#ifndef PCSCLITE_STATIC_DRIVER
+ RESPONSECODE(*IFDH_control) (DWORD, DWORD, LPCVOID, DWORD, LPVOID, DWORD, LPDWORD);
+#endif
+
+ if (rContext->dwVersion < IFD_HVERSION_3_0)
+ return SCARD_E_UNSUPPORTED_FEATURE;
+
+#ifndef PCSCLITE_STATIC_DRIVER
+ IFDH_control = rContext->psFunctions.psFunctions_v3.pvfControl;
+#endif
+
+ /*
+ * LOCK THIS CODE REGION
+ */
+
+ SYS_MutexLock(rContext->mMutex);
+
+#ifndef PCSCLITE_STATIC_DRIVER
+ rv = (*IFDH_control) (rContext->dwSlot, ControlCode, TxBuffer,
+ TxLength, RxBuffer, RxLength, BytesReturned);
+#else
+ rv = IFDHControl(rContext->dwSlot, ControlCode, TxBuffer,
+ TxLength, RxBuffer, RxLength, BytesReturned);
+#endif
+ SYS_MutexUnLock(rContext->mMutex);
+
+ /*
+ * END OF LOCKED REGION
+ */
+
+ if (rv == IFD_SUCCESS)
+ return SCARD_S_SUCCESS;
+ else
+ {
+ Log2(PCSC_LOG_ERROR, "Card not transacted: %ld", rv);
+
+ if (rv == IFD_NO_SUCH_DEVICE)
+ {
+// SendHotplugSignal();
+ return SCARD_E_READER_UNAVAILABLE;
+ }
+
+ return SCARD_E_NOT_TRANSACTED;
+ }
+}
+
+/*
+ * Function: IFDTransmit Purpose : This function transmits an APDU to the
+ * ICC.
+ */
+
+LONG IFDTransmit(PREADER_CONTEXT rContext, SCARD_IO_HEADER pioTxPci,
+ PUCHAR pucTxBuffer, DWORD dwTxLength, PUCHAR pucRxBuffer,
+ PDWORD pdwRxLength, PSCARD_IO_HEADER pioRxPci)
+{
+ RESPONSECODE rv = IFD_SUCCESS;
+ UCHAR ucValue[1] = "\x00";
+
+#ifndef PCSCLITE_STATIC_DRIVER
+ RESPONSECODE(*IFD_transmit_to_icc) (SCARD_IO_HEADER, PUCHAR, DWORD,
+ PUCHAR, PDWORD, PSCARD_IO_HEADER) = NULL;
+ RESPONSECODE(*IFDH_transmit_to_icc) (DWORD, SCARD_IO_HEADER, PUCHAR,
+ DWORD, PUCHAR, PDWORD, PSCARD_IO_HEADER) = NULL;
+#endif
+
+ /* log the APDU */
+ DebugLogCategory(DEBUG_CATEGORY_APDU, pucTxBuffer, dwTxLength);
+
+#ifndef PCSCLITE_STATIC_DRIVER
+ if (rContext->dwVersion == IFD_HVERSION_1_0)
+ IFD_transmit_to_icc =
+ rContext->psFunctions.psFunctions_v1.pvfTransmitToICC;
+ else
+ IFDH_transmit_to_icc =
+ rContext->psFunctions.psFunctions_v2.pvfTransmitToICC;
+#endif
+
+ /*
+ * LOCK THIS CODE REGION
+ */
+
+ SYS_MutexLock(rContext->mMutex);
+
+
+#ifndef PCSCLITE_STATIC_DRIVER
+ if (rContext->dwVersion == IFD_HVERSION_1_0)
+ {
+ ucValue[0] = rContext->dwSlot;
+ IFDSetCapabilities(rContext, TAG_IFD_SLOTNUM, 1, ucValue);
+ rv = (*IFD_transmit_to_icc) (pioTxPci, (LPBYTE) pucTxBuffer,
+ dwTxLength, pucRxBuffer, pdwRxLength, pioRxPci);
+ }
+ else
+ rv = (*IFDH_transmit_to_icc) (rContext->dwSlot, pioTxPci,
+ (LPBYTE) pucTxBuffer, dwTxLength,
+ pucRxBuffer, pdwRxLength, pioRxPci);
+#else
+ if (rContext->dwVersion == IFD_HVERSION_1_0)
+ {
+ ucValue[0] = rContext->dwSlot;
+ IFDSetCapabilities(rContext, TAG_IFD_SLOTNUM, 1, ucValue);
+ rv = IFD_Transmit_to_ICC(pioTxPci, (LPBYTE) pucTxBuffer,
+ dwTxLength, pucRxBuffer, pdwRxLength, pioRxPci);
+ }
+ else
+ rv = IFDHTransmitToICC(rContext->dwSlot, pioTxPci,
+ (LPBYTE) pucTxBuffer, dwTxLength,
+ pucRxBuffer, pdwRxLength, pioRxPci);
+#endif
+ SYS_MutexUnLock(rContext->mMutex);
+
+ /*
+ * END OF LOCKED REGION
+ */
+
+ /* log the returned status word */
+ DebugLogCategory(DEBUG_CATEGORY_SW, pucRxBuffer, *pdwRxLength);
+
+ if (rv == IFD_SUCCESS)
+ return SCARD_S_SUCCESS;
+ else
+ {
+ Log2(PCSC_LOG_ERROR, "Card not transacted: %ld", rv);
+
+ if (rv == IFD_NO_SUCH_DEVICE)
+ {
+ // SendHotplugSignal();
+ return SCARD_E_READER_UNAVAILABLE;
+ }
+
+ return SCARD_E_NOT_TRANSACTED;
+ }
+}
+
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/ifdwrapper.h
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/ifdwrapper.h (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/ifdwrapper.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,70 @@
+/*
+ * Copyright (c) 2000-2007 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * ifdwrapper.h
+ * SmartCardServices
+ */
+
+/*
+ * MUSCLE SmartCard Development ( http://www.linuxnet.com )
+ *
+ * Copyright (C) 1999-2004
+ * David Corcoran <corcoran at linuxnet.com>
+ * Ludovic Rousseau <ludovic.rouseau at free.fr>
+ *
+ * $Id: ifdwrapper.h 2151 2006-09-06 20:02:47Z rousseau $
+ */
+
+/**
+ * @file
+ * @brief This wraps the dynamic ifdhandler functions. The abstraction will
+ * eventually allow multiple card slots in the same terminal.
+ */
+
+#ifndef __ifdwrapper_h__
+#define __ifdwrapper_h__
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+
+ LONG IFDOpenIFD(PREADER_CONTEXT);
+ LONG IFDCloseIFD(PREADER_CONTEXT);
+ LONG IFDPowerICC(PREADER_CONTEXT, DWORD, const unsigned char *, PDWORD);
+ LONG IFDStatusICC(PREADER_CONTEXT, PDWORD, const unsigned char *, PDWORD);
+ LONG IFDControl_v2(PREADER_CONTEXT, PUCHAR, DWORD, PUCHAR, PDWORD);
+ LONG IFDControl(PREADER_CONTEXT, DWORD, LPCVOID, DWORD, LPVOID,
+ DWORD, LPDWORD);
+ LONG IFDTransmit(PREADER_CONTEXT, SCARD_IO_HEADER,
+ PUCHAR, DWORD, PUCHAR, PDWORD, PSCARD_IO_HEADER);
+ LONG IFDSetPTS(PREADER_CONTEXT, DWORD, UCHAR, UCHAR, UCHAR, UCHAR);
+ LONG IFDSetCapabilities(PREADER_CONTEXT, DWORD, DWORD, PUCHAR);
+ LONG IFDGetCapabilities(PREADER_CONTEXT, DWORD, PDWORD, PUCHAR);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __ifdwrapper_h__ */
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/mscdefines.h
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/mscdefines.h (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/mscdefines.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,186 @@
+/*
+ * Copyright (c) 2000 Apple Computer, Inc. All rights reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * The contents of this file constitute Original Code as defined in and
+ * are subject to the Apple Public Source License Version 1.1 (the
+ * "License"). You may not use this file except in compliance with the
+ * License. Please obtain a copy of the License at
+ * http://www.apple.com/publicsource and read it before using this file.
+ *
+ * This Original Code and all software distributed under the License are
+ * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the
+ * License for the specific language governing rights and limitations
+ * under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/******************************************************************
+
+ MUSCLE SmartCard Development ( http://www.linuxnet.com )
+ Title : mscdefines.h
+ Package: MuscleCard Framework
+ Author : David Corcoran
+ Date : 10/02/01
+ License: Copyright (C) 2001-2002 David Corcoran
+ <corcoran at linuxnet.com>
+ Purpose: This provides high level definitions for
+ data types, structures.
+
+ You may not remove this header from this file
+ without prior permission from the author.
+
+********************************************************************/
+
+#ifndef __mscdefines_h__
+#define __mscdefines_h__
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+
+#ifdef WIN32
+#include "../win32/win32_pcsclite.h"
+#else
+#include "pcsclite.h"
+#endif
+
+#ifndef __APPLE__
+#include <winscard.h>
+#else
+#include <PCSC/winscard.h>
+#endif
+
+#include <stdint.h>
+
+#ifdef MSC_ARCH_WIN32
+#define MAX_BUFFER_SIZE 265
+#endif
+
+ /*
+ * Some type defines used in MuscleCard
+ */
+
+ typedef uint32_t MSC_RV;
+ typedef char MSCChar8;
+ typedef uint8_t *MSCPUChar8;
+ typedef const uint8_t *MSCPCUChar8;
+ typedef uint8_t MSCUChar8;
+ typedef uint16_t *MSCPUShort16;
+ typedef uint16_t MSCUShort16;
+ typedef int16_t *MSCPShort16;
+ typedef int16_t MSCShort16;
+ typedef uint32_t *MSCPULong32;
+ typedef uint32_t MSCULong32;
+ typedef int32_t *MSCPLong32;
+ typedef int32_t MSCLong32;
+ typedef const void *MSCPCVoid32;
+ typedef void *MSCPVoid32;
+ typedef const char *MSCCString;
+ typedef char *MSCString;
+
+ typedef struct
+ {
+ MSCPVoid32 pvfWriteFramework;
+ MSCPVoid32 pvfInitializePlugin;
+ MSCPVoid32 pvfIdentifyToken;
+ MSCPVoid32 pvfFinalizePlugin;
+ MSCPVoid32 pvfGetStatus;
+ MSCPVoid32 pvfGetCapabilities;
+ MSCPVoid32 pvfExtendedFeature;
+ MSCPVoid32 pvfGenerateKeys;
+ MSCPVoid32 pvfImportKey;
+ MSCPVoid32 pvfExportKey;
+ MSCPVoid32 pvfComputeCrypt;
+ MSCPVoid32 pvfExtAuthenticate;
+ MSCPVoid32 pvfListKeys;
+ MSCPVoid32 pvfCreatePIN;
+ MSCPVoid32 pvfVerifyPIN;
+ MSCPVoid32 pvfChangePIN;
+ MSCPVoid32 pvfUnblockPIN;
+ MSCPVoid32 pvfListPINs;
+ MSCPVoid32 pvfCreateObject;
+ MSCPVoid32 pvfDeleteObject;
+ MSCPVoid32 pvfWriteObject;
+ MSCPVoid32 pvfReadObject;
+ MSCPVoid32 pvfListObjects;
+ MSCPVoid32 pvfLogoutAll;
+ MSCPVoid32 pvfGetChallenge;
+
+ }
+ CFDyLibPointers, *LPCFDyLibPointers;
+
+#define MSC_MAXSIZE_TOKENAME 150
+#define MSC_MAXSIZE_SVCPROV 200
+#define MSC_MAXSIZE_OBJID 16
+#define MSC_MAXSIZE_AID 64
+#define MSC_MAXSIZE_MAC 128
+#define MSC_MAXSIZE_LABEL 32
+#define MSC_MAXSIZE_CERT_ISSUER 512
+#define MSC_MAXSIZE_CERT_SUBJECT 512
+#define MSC_MAXSIZE_CERT_SERIAL 512
+#define MSC_MAXSIZE_BUFFER MAX_BUFFER_SIZE
+
+ typedef struct
+ {
+ MSCChar8 tokenName[MSC_MAXSIZE_TOKENAME]; /* Token name */
+ MSCChar8 slotName[MAX_READERNAME]; /* Slot/reader name */
+ MSCChar8 svProvider[MSC_MAXSIZE_SVCPROV]; /* Library */
+ MSCUChar8 tokenId[MAX_ATR_SIZE]; /* Token ID (ATR) */
+ MSCUChar8 tokenApp[MSC_MAXSIZE_AID]; /* Default app ID */
+ MSCULong32 tokenAppLen; /* Default AID Length */
+ MSCULong32 tokenIdLength; /* ID Length (ATR Length) */
+ MSCULong32 tokenState; /* State (dwEventState) */
+ MSCULong32 tokenType; /* Type - RFU */
+ MSCPVoid32 addParams; /* Additional Data */
+ MSCULong32 addParamsSize; /* Size of additional data */
+ }
+ MSCTokenInfo, *MSCLPTokenInfo;
+
+ /*
+ * Callback function definitions
+ */
+
+ typedef MSCULong32(*MSCCallBack) (MSCLPTokenInfo, MSCULong32,
+ MSCPVoid32);
+
+ typedef struct
+ {
+ MSCULong32 arraySize;
+ MSCLPTokenInfo tokenArray;
+ MSCPVoid32 appData;
+ MSCCallBack callBack;
+ }
+ MSCEventWaitInfo, *MSCLPEventWaitInfo;
+
+ typedef MSC_RV(*LPRWEventCallback) (MSCPVoid32, int);
+
+ typedef struct
+ {
+ MSCLong32 hContext; /* Handle to resource manager */
+ MSCLong32 hCard; /* Handle to the connection */
+ LPSCARD_IO_REQUEST ioType; /* Type of protocol */
+ MSCUChar8 pMac[MSC_MAXSIZE_MAC]; /* MAC code */
+ MSCULong32 macSize; /* Size of the MAC code */
+ MSCPVoid32 tokenLibHandle; /* Handle to token library */
+ CFDyLibPointers libPointers; /* Function pointers */
+ MSCTokenInfo tokenInfo; /* token information */
+ MSCUChar8 loggedIDs; /* Verification bit mask */
+ MSCULong32 shareMode; /* Sharing mode for this */
+ LPRWEventCallback rwCallback; /* Registered callback */
+ }
+ MSCTokenConnection, *MSCLPTokenConnection;
+
+#define MSC_OK MSC_SUCCESS
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __mscdefines_h__ */
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/musclecard.c
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/musclecard.c (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/musclecard.c 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,2285 @@
+/*
+ * Copyright (c) 2000-2002 Apple Computer, Inc. All Rights Reserved.
+ * The contents of this file constitute Original Code as defined in and are
+ * subject to the Apple Public Source License Version 1.2 (the 'License').
+ * You may not use this file except in compliance with the License. Please
+ * obtain a copy of the License at http://www.apple.com/publicsource and
+ * read it before using this file.
+ *
+ * This Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS
+ * FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please
+ * see the License for the specific language governing rights and
+ * limitations under the License.
+ */
+
+/******************************************************************
+
+ MUSCLE SmartCard Development ( http://www.linuxnet.com )
+ Title : musclecard.c
+ Package: MuscleCard Framework
+ Author : David Corcoran
+ Date : 09/26/01
+ License: Copyright (C) 2001-2002 David Corcoran
+ <corcoran at linuxnet.com>
+ Purpose: This loads MuscleCard plug-ins and provides
+ functions for applications.
+
+ You may not remove this header from this file without
+ prior permission from the author.
+
+********************************************************************/
+
+#ifndef WIN32
+#include "config.h"
+#else
+#include "../win32/win32_config.h"
+#endif
+
+#include "musclecard.h"
+#include "tokenfactory.h"
+#include "debuglog.h"
+
+#ifdef USE_THREAD_SAFETY
+#ifndef WIN32
+#include "wintypes.h"
+#endif
+#include "thread_generic.h"
+#include "sys_generic.h"
+#endif
+
+#ifdef USE_THREAD_SAFETY
+static PCSCLITE_MUTEX mcardMutex = PTHREAD_MUTEX_INITIALIZER;
+#endif
+
+#include <string.h>
+#include <stdlib.h>
+#include <stdio.h>
+
+static SCARDCONTEXT localHContext = 0;
+
+#ifdef USE_THREAD_SAFETY
+static PCSCLITE_THREAD_T callbackThread;
+#endif
+
+/*
+ * internal function
+ */
+MSC_RV pcscToMSC(MSCLong32);
+MSC_RV MSCReEstablishConnection(MSCLPTokenConnection);
+
+void mscLockThread()
+{
+#ifdef USE_THREAD_SAFETY
+ SYS_MutexLock(&mcardMutex);
+#endif
+}
+
+void mscUnLockThread()
+{
+#ifdef USE_THREAD_SAFETY
+ SYS_MutexUnLock(&mcardMutex);
+#endif
+}
+
+/**************** MSC Connection Functions **************************/
+
+MSC_RV MSCListTokens(MSCULong32 listScope, MSCLPTokenInfo tokenArray,
+ MSCPULong32 arrayLength)
+{
+
+ MSCLong32 rv;
+ SCARD_READERSTATE_A rgReaderStates;
+ MSCTokenInfo tokenInfo;
+ MSCLPTokenInfo currentToken;
+ MSCULong32 tokensFound;
+ MSCULong32 readerLength;
+ char *readerList;
+ int i, strLoc;
+
+ readerLength = 0;
+ tokensFound = 0;
+ readerList = 0;
+ strLoc = 0;
+ i = 0;
+
+ if (arrayLength == 0)
+ return MSC_INVALID_PARAMETER;
+ if (listScope != MSC_LIST_KNOWN &&
+ listScope != MSC_LIST_ALL && listScope != MSC_LIST_SLOTS)
+ {
+ return MSC_INVALID_PARAMETER;
+ }
+
+ mscLockThread();
+ if (localHContext == 0)
+ {
+ rv = SCardEstablishContext(SCARD_SCOPE_SYSTEM, 0, 0,
+ &localHContext);
+ if (pcscToMSC(rv) != MSC_SUCCESS)
+ {
+ localHContext = 0;
+ mscUnLockThread();
+ return pcscToMSC(rv);
+ }
+ }
+ mscUnLockThread();
+
+ /*
+ * Get the reader list size
+ */
+ rv = SCardListReaders(localHContext, 0, readerList, &readerLength);
+
+ if (pcscToMSC(rv) != MSC_SUCCESS)
+ {
+ return pcscToMSC(rv);
+ }
+
+ readerList = (char *) malloc(sizeof(char) * readerLength);
+
+ if (readerList == 0)
+ {
+ return MSC_INTERNAL_ERROR;
+ }
+
+ rv = SCardListReaders(localHContext, 0, readerList, &readerLength);
+
+ /*
+ * Now that we have the readers, lets check their status
+ */
+ for (i = 0; i < readerLength - 1; i++)
+ {
+ rgReaderStates.szReader = &readerList[i];
+ rgReaderStates.dwCurrentState = SCARD_STATE_UNAWARE;
+
+ rv = SCardGetStatusChange(localHContext, INFINITE,
+ &rgReaderStates,
+ 1);
+
+ if (pcscToMSC(rv) != MSC_SUCCESS)
+ {
+ if (readerList)
+ free(readerList);
+ return pcscToMSC(rv);
+ }
+
+ /*
+ * We only care about slots with a token unless stated
+ */
+ if ((rgReaderStates.dwEventState & SCARD_STATE_PRESENT) ||
+ (listScope == MSC_LIST_SLOTS))
+ {
+
+ if (rgReaderStates.dwEventState & SCARD_STATE_PRESENT)
+ {
+ /*
+ * We only care about supported tokens
+ */
+ rv = TPSearchBundlesForAtr(rgReaderStates.rgbAtr,
+ rgReaderStates.cbAtr, &tokenInfo);
+ }
+
+ /*
+ * Success for this function
+ */
+ if ((rv == 0) || (listScope == MSC_LIST_SLOTS) ||
+ (listScope == MSC_LIST_ALL))
+ {
+
+ /*
+ * We found something interesting to the application
+ */
+ tokensFound += 1;
+
+ if ((tokensFound <= *arrayLength) && (tokenArray != 0))
+ {
+ currentToken = &tokenArray[tokensFound - 1];
+ currentToken->addParams = 0;
+ currentToken->addParamsSize = 0;
+ currentToken->tokenType = 0; /* Vinnie 1693 */
+
+ if (rgReaderStates.dwEventState & SCARD_STATE_EMPTY)
+ {
+ currentToken->tokenType |= MSC_TOKEN_TYPE_REMOVED;
+ strncpy(currentToken->tokenName,
+ MSC_TOKEN_EMPTY_STR, MSC_MAXSIZE_TOKENAME);
+ } else if (rv == 0)
+ {
+ currentToken->tokenType |= MSC_TOKEN_TYPE_KNOWN;
+ strncpy(currentToken->tokenName,
+ tokenInfo.tokenName, MSC_MAXSIZE_TOKENAME);
+ } else
+ {
+ currentToken->tokenType |= MSC_TOKEN_TYPE_UNKNOWN;
+ strncpy(currentToken->tokenName,
+ MSC_TOKEN_UNKNOWN_STR, MSC_MAXSIZE_TOKENAME);
+ }
+
+ strncpy(currentToken->slotName,
+ rgReaderStates.szReader, MAX_READERNAME);
+
+ if (rgReaderStates.dwEventState & SCARD_STATE_PRESENT)
+ {
+ memcpy(currentToken->tokenId,
+ rgReaderStates.rgbAtr, rgReaderStates.cbAtr);
+ currentToken->tokenIdLength = rgReaderStates.cbAtr;
+ }
+ else
+ {
+ memset(currentToken->tokenId, 0x00, MAX_ATR_SIZE);
+ currentToken->tokenIdLength = 0x00;
+ }
+
+ if (rv == 0)
+ {
+ memcpy(currentToken->tokenApp,
+ tokenInfo.tokenApp, tokenInfo.tokenAppLen);
+ currentToken->tokenAppLen = tokenInfo.tokenAppLen;
+
+ strncpy(currentToken->svProvider,
+ tokenInfo.svProvider, MSC_MAXSIZE_SVCPROV);
+ } else
+ {
+ memset(currentToken->tokenApp, 0x00, MSC_MAXSIZE_AID);
+ currentToken->tokenAppLen = 0x00;
+ memset(currentToken->svProvider, 0x00, MSC_MAXSIZE_SVCPROV);
+ }
+
+ currentToken->tokenState = rgReaderStates.dwEventState;
+
+ }
+ }
+ /*
+ * End of TPSearch success
+ */
+ }
+ /*
+ * End of if token present
+ */
+ while (readerList[++i] != 0) ;
+ } /* End of for .. readers */
+
+ if (readerList)
+ free(readerList);
+
+ /*
+ * Application provides null requesting length
+ */
+ if (tokenArray == 0)
+ {
+ *arrayLength = tokensFound;
+ return MSC_SUCCESS;
+ }
+
+ /*
+ * Provided length is too small
+ */
+ if (*arrayLength < tokensFound)
+ {
+ *arrayLength = tokensFound;
+ return MSC_INSUFFICIENT_BUFFER;
+ }
+
+ *arrayLength = tokensFound;
+ return MSC_SUCCESS;
+}
+
+MSC_RV MSCEstablishConnection(MSCLPTokenInfo tokenStruct,
+ MSCULong32 sharingMode,
+ MSCPUChar8 applicationName,
+ MSCULong32 nameSize,
+ MSCLPTokenConnection pConnection)
+{
+ MSCLong32 rv;
+ MSCULong32 tokenSize;
+ MSCLPTokenInfo tokenList;
+ MSCPVoid32 vInitFunction;
+ MSCPVoid32 vIdFunction;
+ MSCLong32(*libPL_MSCInitializePlugin) (MSCLPTokenConnection);
+ MSCLong32(*libPL_MSCIdentifyToken) (MSCLPTokenConnection);
+ MSCULong32 dwActiveProtocol;
+ int selectedIFD;
+ char slotName[MAX_READERNAME];
+ MSCULong32 slotNameSize, slotState, slotProtocol;
+ MSCUChar8 tokenId[MAX_ATR_SIZE];
+ MSCULong32 tokenIdLength;
+
+ tokenSize = 0;
+ tokenList = 0;
+ tokenSize = 0;
+ selectedIFD = -1;
+ tokenIdLength = sizeof(tokenId);
+ slotState = 0;
+ slotProtocol = 0;
+ slotNameSize = sizeof(slotName);
+ vIdFunction = 0;
+ vInitFunction = 0;
+
+ if (pConnection == NULL)
+ return MSC_INVALID_PARAMETER;
+ if (tokenStruct == NULL)
+ return MSC_INVALID_PARAMETER;
+ if (nameSize > MSC_MAXSIZE_AID)
+ return MSC_INVALID_PARAMETER;
+
+ pConnection->tokenLibHandle = 0;
+ pConnection->hContext = 0;
+ pConnection->tokenInfo.tokenIdLength = 0;
+ pConnection->shareMode = 0;
+
+ /*
+ * Check the token name strings
+ */
+ if (sharingMode != MSC_SHARE_DIRECT)
+ {
+ if (strcmp(tokenStruct->tokenName, MSC_TOKEN_EMPTY_STR) == 0)
+ {
+ return MSC_TOKEN_REMOVED;
+ } else if (strcmp(tokenStruct->tokenName,
+ MSC_TOKEN_UNKNOWN_STR) == 0)
+ {
+ return MSC_UNRECOGNIZED_TOKEN;
+ }
+ }
+
+ /*
+ * Set up the initial connection to the resource manager
+ */
+
+ mscLockThread();
+ if (localHContext == 0)
+ {
+ rv = SCardEstablishContext(SCARD_SCOPE_SYSTEM, 0, 0,
+ &localHContext);
+#ifdef MSC_DEBUG
+ DebugLogB("SCardEstablishContext returns %s\n",
+ pcsc_stringify_error(rv));
+#endif
+ if (pcscToMSC(rv) != MSC_SUCCESS)
+ {
+ localHContext = 0;
+ mscUnLockThread();
+ return pcscToMSC(rv);
+ }
+
+ pConnection->hContext = localHContext;
+ } else
+ {
+ pConnection->hContext = localHContext;
+ }
+ mscUnLockThread();
+
+#ifdef WIN32
+ rv = SCardConnect(pConnection->hContext, tokenStruct->slotName,
+ SCARD_SHARE_SHARED, SCARD_PROTOCOL_T0 | SCARD_PROTOCOL_T1,
+ &pConnection->hCard, &dwActiveProtocol);
+#else
+ rv = SCardConnect(pConnection->hContext, tokenStruct->slotName,
+ sharingMode, SCARD_PROTOCOL_T0 | SCARD_PROTOCOL_T1,
+ &pConnection->hCard, &dwActiveProtocol);
+#endif
+
+#ifdef MSC_DEBUG
+ DebugLogB("SCardConnect returns %s\n", pcsc_stringify_error(rv));
+#endif
+
+ if (pcscToMSC(rv) != MSC_SUCCESS)
+ {
+ return pcscToMSC(rv);
+ }
+
+ /*
+ * Set the sendPCI value based on the ActiveProtocol
+ */
+ switch (dwActiveProtocol)
+ {
+ case SCARD_PROTOCOL_T0:
+ pConnection->ioType = SCARD_PCI_T0;
+ break;
+ case SCARD_PROTOCOL_T1:
+ pConnection->ioType = SCARD_PCI_T1;
+ break;
+ default:
+ pConnection->ioType = SCARD_PCI_RAW;
+ break;
+ }
+
+ /*
+ * Call SCardStatus, make sure the card information matches if it does
+ * not return an error. If it does, copy it
+ */
+
+ rv = SCardStatus(pConnection->hCard, slotName,
+ &slotNameSize, &slotState, &slotProtocol, tokenId, &tokenIdLength);
+
+#ifdef MSC_DEBUG
+ DebugLogB("SCardStatus returns %s\n", pcsc_stringify_error(rv));
+#endif
+
+ if (pcscToMSC(rv) != MSC_SUCCESS)
+ {
+ SCardDisconnect(pConnection->hCard, SCARD_LEAVE_CARD);
+ pConnection->hCard = 0;
+ return pcscToMSC(rv);
+ }
+
+ if ((sharingMode == MSC_SHARE_DIRECT) && (slotState & SCARD_ABSENT))
+ {
+
+ /*
+ * They asked for direct mode and no card is inserted so we are
+ * done with this
+ */
+ pConnection->shareMode = sharingMode;
+ return MSC_SUCCESS;
+ }
+
+ if ((tokenIdLength != tokenStruct->tokenIdLength) ||
+ (strcmp(slotName, tokenStruct->slotName) != 0) ||
+ (memcmp(tokenId, tokenStruct->tokenId, tokenIdLength) != 0))
+ {
+ DebugLogA("Internal inconsistent values, ID, slotName\n");
+ SCardDisconnect(pConnection->hCard, SCARD_LEAVE_CARD);
+ pConnection->hCard = 0;
+ return MSC_INCONSISTENT_STATUS;
+ }
+
+ memcpy(pConnection->tokenInfo.tokenId, tokenId, tokenIdLength);
+ pConnection->tokenInfo.tokenIdLength = tokenIdLength;
+ strncpy(pConnection->tokenInfo.slotName, tokenStruct->slotName,
+ MAX_READERNAME);
+ strncpy(pConnection->tokenInfo.tokenName, tokenStruct->tokenName,
+ MSC_MAXSIZE_TOKENAME);
+
+ /*
+ * Load the library for the token
+ */
+ rv = TPLoadToken(pConnection);
+
+#ifdef MSC_DEBUG
+ DebugLogB("TPLoadToken returns %s\n", pcsc_stringify_error(rv));
+#endif
+
+ if (rv != SCARD_S_SUCCESS)
+ {
+ SCardDisconnect(pConnection->hCard, SCARD_LEAVE_CARD);
+ pConnection->hCard = 0;
+ return pcscToMSC(rv);
+ }
+
+ /*
+ * Select the AID or initialization routine for the card
+ */
+ vInitFunction = pConnection->libPointers.pvfInitializePlugin;
+ vIdFunction = pConnection->libPointers.pvfIdentifyToken;
+
+ if (vInitFunction == 0)
+ {
+ DebugLogB("Error: Card service failure: %s\n",
+ "InitializePlugin function missing");
+ SCardDisconnect(pConnection->hCard, SCARD_LEAVE_CARD);
+ pConnection->hCard = 0;
+ return MSC_UNSUPPORTED_FEATURE;
+ }
+
+ if (vIdFunction == 0)
+ {
+ DebugLogB("Error: Card service failure: %s\n",
+ "IdentifyToken function missing");
+ SCardDisconnect(pConnection->hCard, SCARD_LEAVE_CARD);
+ pConnection->hCard = 0;
+ return MSC_UNSUPPORTED_FEATURE;
+ }
+
+ libPL_MSCInitializePlugin = (MSCLong32(*)(MSCLPTokenConnection))
+ vInitFunction;
+
+ libPL_MSCIdentifyToken = (MSCLong32(*)(MSCLPTokenConnection))
+ vIdFunction;
+
+ rv = (*libPL_MSCInitializePlugin) (pConnection);
+
+ if (rv != MSC_SUCCESS)
+ {
+ SCardDisconnect(pConnection->hCard, SCARD_LEAVE_CARD);
+ if (pConnection->tokenLibHandle != 0)
+ {
+ TPUnloadToken(pConnection);
+ pConnection->tokenLibHandle = 0;
+ }
+ pConnection->hCard = 0;
+ }
+
+ if (sharingMode != MSC_SHARE_DIRECT)
+ {
+
+ if ((applicationName == 0) || (nameSize == 0))
+ {
+ /*
+ * Use the default AID given by the Info.plist
+ */
+
+ rv = (*libPL_MSCIdentifyToken) (pConnection);
+ } else
+ {
+ pConnection->tokenInfo.tokenAppLen = nameSize;
+ memcpy(pConnection->tokenInfo.tokenApp,
+ applicationName, nameSize);
+ rv = (*libPL_MSCIdentifyToken) (pConnection);
+ }
+
+#ifdef MSC_DEBUG
+ DebugLogB("MSCIdentifyToken returns %s\n", msc_error(rv));
+#endif
+
+ if (rv != MSC_SUCCESS)
+ {
+ SCardDisconnect(pConnection->hCard, SCARD_LEAVE_CARD);
+ if (pConnection->tokenLibHandle != 0)
+ {
+ TPUnloadToken(pConnection);
+ pConnection->tokenLibHandle = 0;
+ }
+ pConnection->hCard = 0;
+
+ if (rv == MSC_SHARING_VIOLATION)
+ {
+ return rv;
+ } else
+ {
+ return MSC_UNRECOGNIZED_TOKEN;
+ }
+ }
+ }
+
+ pConnection->shareMode = sharingMode;
+ return MSC_SUCCESS;
+}
+
+MSC_RV MSCReleaseConnection(MSCLPTokenConnection pConnection,
+ MSCULong32 endAction)
+{
+
+ MSCLong32 rv = SCARD_S_SUCCESS;
+ MSCLong32(*libPL_MSCFinalizePlugin) (MSCLPTokenConnection);
+ MSCPVoid32 vFunction;
+
+ vFunction = 0;
+
+ if (pConnection == NULL)
+ return MSC_INVALID_PARAMETER;
+ if (pConnection->tokenLibHandle == 0 ||
+ pConnection->hContext == 0 || pConnection->hCard == 0)
+ {
+ return MSC_INVALID_HANDLE;
+ }
+
+ /*
+ * Select finalization routine for the token plugin
+ */
+ vFunction = pConnection->libPointers.pvfFinalizePlugin;
+
+ if (vFunction == 0)
+ {
+ DebugLogB("Error: Card service failure: %s\n",
+ "FinalizePlugin function missing");
+ return MSC_INTERNAL_ERROR;
+ }
+
+ libPL_MSCFinalizePlugin = (MSCLong32(*)(MSCLPTokenConnection))
+ vFunction;
+
+ /*
+ * Stop and clean up the plugin
+ */
+ rv = (*libPL_MSCFinalizePlugin) (pConnection);
+
+ /*
+ * Disconnect from the token
+ */
+ if (pConnection->hCard != 0)
+ {
+ rv = SCardDisconnect(pConnection->hCard, endAction);
+ if (pcscToMSC(rv) != MSC_SUCCESS)
+ {
+ return pcscToMSC(rv);
+ }
+ }
+
+ /*
+ * Unload the token driver
+ */
+ if (pConnection->tokenLibHandle != 0)
+ {
+ rv = TPUnloadToken(pConnection);
+ pConnection->tokenLibHandle = 0;
+ }
+
+ pConnection->tokenLibHandle = 0;
+ pConnection->hCard = 0;
+ pConnection->hContext = 0;
+ pConnection->shareMode = 0;
+
+ return MSC_SUCCESS;
+}
+
+MSC_RV MSCWaitForTokenEvent(MSCLPTokenInfo tokenArray,
+ MSCULong32 arraySize,
+ MSCULong32 timeoutValue)
+{
+
+ MSCLong32 rv, rt;
+ LPSCARD_READERSTATE_A rgReaderStates;
+ MSCTokenInfo tokenInfo;
+ int i;
+
+ rgReaderStates = 0;
+
+ /*
+ * Allocate array of SCARD_READERSTATE_A structures, set UNAWARE on
+ * all of the structures to get the current status and then send them
+ * to GetStatusChange for blocking event
+ */
+
+ if (arraySize == 0)
+ {
+ return MSC_SUCCESS;
+ } else if (arraySize > MSC_MAXSIZE_TOKENARRAY)
+ {
+ return MSC_INSUFFICIENT_BUFFER;
+ }
+
+ /*
+ * Set up the initial connection to the resource manager
+ */
+
+ mscLockThread();
+ if (localHContext == 0)
+ {
+ rv = SCardEstablishContext(SCARD_SCOPE_SYSTEM, 0, 0,
+ &localHContext);
+ if (pcscToMSC(rv) != MSC_SUCCESS)
+ {
+ localHContext = 0;
+ mscUnLockThread();
+ return pcscToMSC(rv);
+ }
+ }
+ mscUnLockThread();
+
+ rgReaderStates = (LPSCARD_READERSTATE_A)
+ malloc(sizeof(SCARD_READERSTATE_A) * arraySize);
+
+ if (rgReaderStates == 0)
+ {
+ return MSC_INTERNAL_ERROR;
+ }
+
+ for (i = 0; i < arraySize; i++)
+ {
+ /*
+ * Make sure they don't pass an empty structure
+ */
+ if (strlen(tokenArray[i].slotName) == 0)
+ {
+ free(rgReaderStates);
+ return MSC_INVALID_PARAMETER;
+ }
+
+ rgReaderStates[i].szReader = tokenArray[i].slotName;
+ rgReaderStates[i].dwCurrentState = SCARD_STATE_UNAWARE;
+ rgReaderStates[i].dwEventState = 0;
+ }
+
+ rv = SCardGetStatusChange(localHContext, timeoutValue,
+ rgReaderStates, arraySize);
+
+ if (rv != SCARD_S_SUCCESS)
+ {
+ free(rgReaderStates);
+ return pcscToMSC(rv);
+ }
+
+ for (i = 0; i < arraySize; i++)
+ {
+ if (tokenArray[i].tokenState == 0)
+ {
+ rgReaderStates[i].dwCurrentState =
+ rgReaderStates[i].dwEventState;
+ } else if (tokenArray[i].tokenState == MSC_STATE_UNAWARE)
+ {
+ rgReaderStates[i].dwCurrentState = SCARD_STATE_UNAWARE;
+ } else
+ {
+ rgReaderStates[i].dwCurrentState = tokenArray[i].tokenState;
+ }
+ rgReaderStates[i].dwEventState = 0;
+ }
+
+ rv = SCardGetStatusChange(localHContext, timeoutValue,
+ rgReaderStates, arraySize);
+
+ for (i = 0; i < arraySize; i++)
+ {
+ tokenArray[i].tokenState = rgReaderStates[i].dwEventState;
+
+ if (tokenArray[i].tokenState & MSC_STATE_CHANGED)
+ {
+ /*
+ * If it is removed, we need to update the names/etc
+ */
+ if (tokenArray[i].tokenState & MSC_STATE_EMPTY)
+ {
+ memset(tokenArray[i].tokenId, 0x00, MAX_ATR_SIZE);
+ tokenArray[i].tokenIdLength = 0;
+ tokenArray[i].tokenType = MSC_TOKEN_TYPE_REMOVED;
+ strncpy(tokenArray[i].tokenName, MSC_TOKEN_EMPTY_STR,
+ MSC_MAXSIZE_TOKENAME);
+ } else if (tokenArray[i].tokenState & MSC_STATE_PRESENT)
+ {
+ memcpy(tokenArray[i].tokenId, rgReaderStates[i].rgbAtr,
+ rgReaderStates[i].cbAtr);
+ tokenArray[i].tokenIdLength = rgReaderStates[i].cbAtr;
+
+ rt = TPSearchBundlesForAtr(rgReaderStates[i].rgbAtr,
+ rgReaderStates[i].cbAtr, &tokenInfo);
+ /*
+ * Successfully found
+ */
+ if (rt == 0)
+ {
+ tokenArray[i].tokenType = MSC_TOKEN_TYPE_KNOWN;
+ strncpy(tokenArray[i].tokenName, tokenInfo.tokenName,
+ MSC_MAXSIZE_TOKENAME);
+ } else
+ {
+ tokenArray[i].tokenType = MSC_TOKEN_TYPE_UNKNOWN;
+ strncpy(tokenArray[i].tokenName, MSC_TOKEN_UNKNOWN_STR,
+ MSC_MAXSIZE_TOKENAME);
+ }
+ }
+ }
+ }
+
+ free(rgReaderStates);
+ return pcscToMSC(rv);
+}
+
+MSC_RV MSCCancelEventWait(void)
+{
+
+ MSCLong32 rv;
+
+ rv = SCardCancel(localHContext);
+
+ return pcscToMSC(rv);
+}
+
+/************************ Start of Callbacks ****************************/
+#ifdef USE_THREAD_SAFETY
+void *_MSCEventThread(void *arg)
+{
+
+ MSCLong32 rv;
+ MSCLPEventWaitInfo evlist;
+ MSCLong32 curToken;
+
+ if (arg == NULL)
+ {
+ SYS_ThreadExit(NULL);
+ }
+
+ evlist = (MSCLPEventWaitInfo) arg;
+ blockingContext = MSC_BLOCKSTATUS_BLOCKING;
+
+ while (1)
+ {
+ rv = MSCWaitForTokenEvent(evlist->tokenArray,
+ evlist->arraySize,
+ MSC_NO_TIMEOUT);
+
+ if (rv == MSC_SUCCESS)
+ {
+ (evlist->callBack) (evlist->tokenArray,
+ evlist->arraySize,
+ evlist->appData);
+ } else {
+ break;
+
+ }
+
+ if (blockingContext == MSC_BLOCKSTATUS_CANCELLING)
+ {
+ break;
+ }
+ }
+
+ for (curToken = 0; curToken < evlist->arraySize; curToken++)
+ {
+ if (evlist->tokenArray[curToken].addParams)
+ {
+ free(evlist->tokenArray[curToken].addParams);
+ }
+ }
+
+
+ free(evlist);
+ blockingContext = MSC_BLOCKSTATUS_RESUME;
+ SYS_ThreadExit(&rv);
+
+ return NULL;
+}
+
+MSC_RV MSCCallbackForTokenEvent(MSCLPTokenInfo tokenArray,
+ MSCULong32 arraySize,
+ MSCCallBack callBack,
+ MSCPVoid32 appData)
+{
+ MSCLPEventWaitInfo evlist;
+ MSCULong32 curToken;
+
+ /*
+ * Create the event wait list
+ */
+ evlist = (MSCLPEventWaitInfo) malloc(sizeof(MSCEventWaitInfo));
+
+ if (evlist == NULL)
+ {
+ return MSC_INTERNAL_ERROR;
+ }
+
+ evlist->arraySize = arraySize;
+ evlist->tokenArray = malloc(sizeof(MSCTokenInfo) * arraySize);
+ evlist->appData = appData;
+ evlist->callBack = callBack;
+
+ if (evlist->tokenArray == NULL)
+ {
+ free(evlist);
+ return MSC_INTERNAL_ERROR;
+ }
+
+ mscLockThread();
+ memcpy(evlist->tokenArray, tokenArray,
+ sizeof(MSCTokenInfo) * arraySize);
+
+ /*
+ * Copy the "extra" data
+ */
+ for (curToken = 0; curToken < arraySize; curToken++)
+ {
+ if (tokenArray[curToken].addParams != NULL)
+ {
+ evlist->tokenArray[curToken].addParams =
+ malloc(evlist->tokenArray[curToken].addParamsSize);
+ memcpy((void *) (evlist->tokenArray[curToken].addParams),
+ &tokenArray[curToken],
+ evlist->tokenArray[curToken].addParamsSize);
+
+ }
+ }
+ mscUnLockThread();
+
+ if (SYS_ThreadCreate(&callbackThread, THREAD_ATTR_DEFAULT, _MSCEventThread,
+ (void *) evlist) == 0)
+ {
+ return MSC_INTERNAL_ERROR;
+ }
+
+ return MSC_SUCCESS;
+}
+
+MSC_RV MSCCallbackCancelEvent()
+{
+
+ LONG rv;
+
+ /* Release the thread and stop the GetStatusChange */
+ if (blockingContext == MSC_BLOCKSTATUS_BLOCKING)
+ {
+ blockingContext = MSC_BLOCKSTATUS_CANCELLING;
+ rv = MSCCancelEventWait();
+
+ SYS_ThreadJoin(&callbackThread, 0);
+
+ }
+
+ return MSC_SUCCESS;
+}
+
+#endif
+/************************** End of Callbacks *****************************/
+
+MSC_RV MSCBeginTransaction(MSCLPTokenConnection pConnection)
+{
+
+ MSCLong32 rv;
+ MSCLong32 ret;
+
+ if (localHContext == 0)
+ return MSC_INTERNAL_ERROR;
+
+ while (1)
+ {
+ rv = SCardBeginTransaction(pConnection->hCard);
+ ret = pcscToMSC(rv);
+
+ if (ret == MSC_SUCCESS)
+ break;
+ if (ret == MSC_TOKEN_RESET)
+ {
+ pConnection->tokenInfo.tokenType |=
+ MSC_TOKEN_TYPE_RESET;
+ ret = MSCReEstablishConnection(pConnection);
+ if (ret != MSC_SUCCESS)
+ break;
+ continue;
+ } else if (ret == MSC_TOKEN_REMOVED)
+ {
+ pConnection->tokenInfo.tokenType =
+ MSC_TOKEN_TYPE_REMOVED;
+ return ret;
+ }
+ }
+
+ return ret;
+}
+
+MSC_RV MSCEndTransaction(MSCLPTokenConnection pConnection,
+ MSCULong32 endAction)
+{
+
+ MSCLong32 rv;
+ MSCLong32 ret;
+
+ if (localHContext == 0)
+ return MSC_INTERNAL_ERROR;
+
+ while (1)
+ {
+ rv = SCardEndTransaction(pConnection->hCard, endAction);
+ ret = pcscToMSC(rv);
+
+ if (ret == MSC_SUCCESS)
+ break;
+ if (ret == MSC_TOKEN_RESET)
+ {
+ pConnection->tokenInfo.tokenType |=
+ MSC_TOKEN_TYPE_RESET;
+ ret = MSCReEstablishConnection(pConnection);
+ if (ret != MSC_SUCCESS)
+ break;
+ continue;
+ } else if (ret == MSC_TOKEN_REMOVED)
+ {
+ pConnection->tokenInfo.tokenType =
+ MSC_TOKEN_TYPE_REMOVED;
+ return ret;
+ }
+ }
+
+ return ret;
+}
+
+MSC_RV MSCWriteFramework(MSCLPTokenConnection pConnection,
+ MSCLPInitTokenParams pInitParams)
+{
+
+ MSCLong32 rv;
+ MSCPVoid32 vFunction;
+ MSCLong32(*libMSCWriteFramework) (MSCLPTokenConnection,
+ MSCLPInitTokenParams);
+
+ if (pConnection == NULL)
+ return MSC_INVALID_PARAMETER;
+ if (localHContext == 0)
+ return MSC_INTERNAL_ERROR;
+
+ vFunction = pConnection->libPointers.pvfWriteFramework;
+
+ if (vFunction != 0)
+ {
+ libMSCWriteFramework = (MSCLong32(*)(MSCLPTokenConnection,
+ MSCLPInitTokenParams)) vFunction;
+ rv = (*libMSCWriteFramework) (pConnection, pInitParams);
+
+ } else
+ {
+ return MSC_UNSUPPORTED_FEATURE;
+ }
+
+ return rv;
+}
+
+/*
+ * Real MSC functions
+ */
+
+MSC_RV MSCGetStatus(MSCLPTokenConnection pConnection,
+ MSCLPStatusInfo pStatusInfo)
+{
+ MSCLong32 rv;
+ MSCPVoid32 vFunction;
+ MSCLong32(*libMSCGetStatus) (MSCLPTokenConnection, MSCLPStatusInfo);
+
+ if (pConnection == NULL)
+ return MSC_INVALID_PARAMETER;
+ if (localHContext == 0)
+ return MSC_INTERNAL_ERROR;
+
+ vFunction = pConnection->libPointers.pvfGetStatus;
+
+ if (vFunction != 0)
+ {
+ libMSCGetStatus = (MSCLong32(*)(MSCLPTokenConnection,
+ MSCLPStatusInfo)) vFunction;
+ rv = (*libMSCGetStatus) (pConnection, pStatusInfo);
+
+ } else
+ {
+ return MSC_UNSUPPORTED_FEATURE;
+ }
+
+ return rv;
+}
+
+MSC_RV MSCGetCapabilities(MSCLPTokenConnection pConnection, MSCULong32 Tag,
+ MSCPUChar8 Value, MSCPULong32 Length)
+{
+ MSCLong32 rv;
+ MSCPVoid32 vFunction;
+ MSCLong32(*libMSCGetCapabilities) (MSCLPTokenConnection, MSCULong32,
+ MSCPUChar8, MSCPULong32);
+
+ if (pConnection == NULL)
+ return MSC_INVALID_PARAMETER;
+ if (localHContext == 0)
+ return MSC_INTERNAL_ERROR;
+
+ vFunction = pConnection->libPointers.pvfGetCapabilities;
+
+ if (vFunction != 0)
+ {
+ libMSCGetCapabilities =
+ (MSCLong32(*)(MSCLPTokenConnection, MSCULong32, MSCPUChar8,
+ MSCPULong32)) vFunction;
+ rv = (*libMSCGetCapabilities) (pConnection, Tag, Value, Length);
+
+ } else
+ {
+ return MSC_UNSUPPORTED_FEATURE;
+ }
+
+ return rv;
+}
+
+MSC_RV MSCExtendedFeature(MSCLPTokenConnection pConnection,
+ MSCULong32 extFeature, MSCPUChar8 outData,
+ MSCULong32 outLength, MSCPUChar8 inData, MSCPULong32 inLength)
+{
+ MSCLong32 rv;
+ MSCPVoid32 vFunction;
+ MSCLong32(*libMSCExtendedFeature) (MSCLPTokenConnection, MSCULong32,
+ MSCPUChar8, MSCULong32, MSCPUChar8, MSCPULong32);
+
+ if (pConnection == NULL)
+ return MSC_INVALID_PARAMETER;
+ if (localHContext == 0)
+ return MSC_INTERNAL_ERROR;
+
+ vFunction = pConnection->libPointers.pvfExtendedFeature;
+
+ if (vFunction != 0)
+ {
+ libMSCExtendedFeature =
+ (MSCLong32(*)(MSCLPTokenConnection, MSCULong32, MSCPUChar8,
+ MSCULong32, MSCPUChar8, MSCPULong32)) vFunction;
+ rv = (*libMSCExtendedFeature) (pConnection, extFeature, outData,
+ outLength, inData, inLength);
+
+ } else
+ {
+ return MSC_UNSUPPORTED_FEATURE;
+ }
+
+ return rv;
+}
+
+MSC_RV MSCGenerateKeys(MSCLPTokenConnection pConnection,
+ MSCUChar8 prvKeyNum, MSCUChar8 pubKeyNum, MSCLPGenKeyParams pParams)
+{
+ MSCLong32 rv;
+ MSCPVoid32 vFunction;
+ MSCLong32(*libMSCGenerateKeys) (MSCLPTokenConnection, MSCUChar8,
+ MSCUChar8, MSCLPGenKeyParams);
+
+ if (pConnection == NULL)
+ return MSC_INVALID_PARAMETER;
+ if (localHContext == 0)
+ return MSC_INTERNAL_ERROR;
+
+ vFunction = pConnection->libPointers.pvfGenerateKeys;
+
+ if (vFunction != 0)
+ {
+ libMSCGenerateKeys = (MSCLong32(*)(MSCLPTokenConnection,
+ MSCUChar8, MSCUChar8,
+ MSCLPGenKeyParams))
+ vFunction;
+ rv = (*libMSCGenerateKeys) (pConnection, prvKeyNum, pubKeyNum,
+ pParams);
+
+ } else
+ {
+ return MSC_UNSUPPORTED_FEATURE;
+ }
+
+ return rv;
+}
+
+MSC_RV MSCImportKey(MSCLPTokenConnection pConnection, MSCUChar8 keyNum,
+ MSCLPKeyACL pKeyACL, MSCPUChar8 pKeyBlob,MSCULong32 keyBlobSize,
+ MSCLPKeyPolicy keyPolicy, MSCPVoid32 pAddParams,
+ MSCUChar8 addParamsSize)
+{
+ MSCLong32 rv;
+ MSCPVoid32 vFunction;
+ MSCLong32(*libMSCImportKey) (MSCLPTokenConnection, MSCUChar8,
+ MSCLPKeyACL, MSCPUChar8,
+ MSCULong32, MSCLPKeyPolicy, MSCPVoid32,
+ MSCUChar8);
+
+ if (pConnection == NULL)
+ return MSC_INVALID_PARAMETER;
+ if (localHContext == 0)
+ return MSC_INTERNAL_ERROR;
+
+ vFunction = pConnection->libPointers.pvfImportKey;
+
+ if (vFunction != 0)
+ {
+ libMSCImportKey = (MSCLong32(*)(MSCLPTokenConnection,
+ MSCUChar8,
+ MSCLPKeyACL, MSCPUChar8,
+ MSCULong32, MSCLPKeyPolicy,
+ MSCPVoid32, MSCUChar8))
+ vFunction;
+
+ rv = (*libMSCImportKey) (pConnection, keyNum,
+ pKeyACL, pKeyBlob, keyBlobSize,
+ keyPolicy, pAddParams, addParamsSize);
+
+ } else
+ {
+ return MSC_UNSUPPORTED_FEATURE;
+ }
+
+ return rv;
+}
+
+MSC_RV MSCExportKey(MSCLPTokenConnection pConnection, MSCUChar8 keyNum,
+ MSCPUChar8 pKeyBlob, MSCPULong32 keyBlobSize,
+ MSCPVoid32 pAddParams, MSCUChar8 addParamsSize)
+{
+ MSCLong32 rv;
+ MSCPVoid32 vFunction;
+ MSCLong32(*libMSCExportKey) (MSCLPTokenConnection, MSCUChar8,
+ MSCPUChar8, MSCPULong32, MSCPVoid32, MSCUChar8);
+
+ if (pConnection == NULL)
+ return MSC_INVALID_PARAMETER;
+ if (localHContext == 0)
+ return MSC_INTERNAL_ERROR;
+
+ vFunction = pConnection->libPointers.pvfExportKey;
+
+ if (vFunction != 0)
+ {
+ libMSCExportKey = (MSCLong32(*)(MSCLPTokenConnection,
+ MSCUChar8, MSCPUChar8,
+ MSCPULong32, MSCPVoid32,
+ MSCUChar8)) vFunction;
+
+ rv = (*libMSCExportKey) (pConnection, keyNum, pKeyBlob,
+ keyBlobSize, pAddParams, addParamsSize);
+
+ } else
+ {
+ return MSC_UNSUPPORTED_FEATURE;
+ }
+
+ return rv;
+}
+
+MSC_RV MSCComputeCrypt(MSCLPTokenConnection pConnection,
+ MSCLPCryptInit cryptInit, MSCPUChar8 pInputData,
+ MSCULong32 inputDataSize, MSCPUChar8 pOutputData,
+ MSCPULong32 outputDataSize)
+{
+ MSCLong32 rv;
+ MSCPVoid32 vFunction;
+ MSCLong32(*libMSCComputeCrypt) (MSCLPTokenConnection, MSCLPCryptInit,
+ MSCPUChar8, MSCULong32, MSCPUChar8,
+ MSCPULong32);
+
+ if (pConnection == NULL)
+ return MSC_INVALID_PARAMETER;
+ if (localHContext == 0)
+ return MSC_INTERNAL_ERROR;
+
+ vFunction = pConnection->libPointers.pvfComputeCrypt;
+
+ if (vFunction != 0)
+ {
+ libMSCComputeCrypt =
+ (MSCLong32(*)(MSCLPTokenConnection, MSCLPCryptInit,
+ MSCPUChar8, MSCULong32, MSCPUChar8,
+ MSCPULong32)) vFunction;
+ rv = (*libMSCComputeCrypt) (pConnection, cryptInit, pInputData,
+ inputDataSize, pOutputData,
+ outputDataSize);
+
+ } else
+ {
+ return MSC_UNSUPPORTED_FEATURE;
+ }
+
+ return rv;
+}
+
+MSC_RV MSCExtAuthenticate(MSCLPTokenConnection pConnection,
+ MSCUChar8 keyNum, MSCUChar8 cipherMode,
+ MSCUChar8 cipherDirection,
+ MSCPUChar8 pData, MSCULong32 dataSize)
+{
+ MSCLong32 rv;
+ MSCPVoid32 vFunction;
+ MSCLong32(*libMSCExtAuthenticate) (MSCLPTokenConnection, MSCUChar8,
+ MSCUChar8, MSCUChar8, MSCPUChar8,
+ MSCULong32);
+
+ if (pConnection == NULL)
+ return MSC_INVALID_PARAMETER;
+ if (localHContext == 0)
+ return MSC_INTERNAL_ERROR;
+
+ vFunction = pConnection->libPointers.pvfExtAuthenticate;
+
+ if (vFunction != 0)
+ {
+ libMSCExtAuthenticate =
+ (MSCLong32(*)(MSCLPTokenConnection, MSCUChar8,
+ MSCUChar8, MSCUChar8, MSCPUChar8,
+ MSCULong32)) vFunction;
+ rv = (*libMSCExtAuthenticate) (pConnection, keyNum, cipherMode,
+ cipherDirection, pData, dataSize);
+ } else
+ {
+ return MSC_UNSUPPORTED_FEATURE;
+ }
+
+ return rv;
+}
+
+MSC_RV MSCListKeys(MSCLPTokenConnection pConnection, MSCUChar8 seqOption,
+ MSCLPKeyInfo pKeyInfo)
+{
+ MSCLong32 rv;
+ MSCPVoid32 vFunction;
+ MSCLong32(*libMSCListKeys) (MSCLPTokenConnection, MSCUChar8,
+ MSCLPKeyInfo);
+
+ if (pConnection == NULL)
+ return MSC_INVALID_PARAMETER;
+ if (localHContext == 0)
+ return MSC_INTERNAL_ERROR;
+
+ vFunction = pConnection->libPointers.pvfListKeys;
+
+ if (vFunction != 0)
+ {
+ libMSCListKeys = (MSCLong32(*)(MSCLPTokenConnection, MSCUChar8,
+ MSCLPKeyInfo)) vFunction;
+ rv = (*libMSCListKeys) (pConnection, seqOption, pKeyInfo);
+
+ } else
+ {
+ return MSC_UNSUPPORTED_FEATURE;
+ }
+
+ return rv;
+}
+
+MSC_RV MSCCreatePIN(MSCLPTokenConnection pConnection, MSCUChar8 pinNum,
+ MSCUChar8 pinAttempts, MSCPUChar8 pPinCode,
+ MSCULong32 pinCodeSize, MSCPUChar8 pUnblockCode,
+ MSCUChar8 unblockCodeSize)
+{
+ MSCLong32 rv;
+ MSCPVoid32 vFunction;
+ MSCLong32(*libMSCCreatePIN) (MSCLPTokenConnection, MSCUChar8,
+ MSCUChar8, MSCPUChar8, MSCULong32, MSCPUChar8, MSCUChar8);
+
+ if (pConnection == NULL)
+ return MSC_INVALID_PARAMETER;
+ if (localHContext == 0)
+ return MSC_INTERNAL_ERROR;
+
+ vFunction = pConnection->libPointers.pvfCreatePIN;
+
+ if (vFunction != 0)
+ {
+ libMSCCreatePIN = (MSCLong32(*)(MSCLPTokenConnection, MSCUChar8,
+ MSCUChar8, MSCPUChar8,
+ MSCULong32, MSCPUChar8, MSCUChar8)) vFunction;
+ rv = (*libMSCCreatePIN) (pConnection, pinNum, pinAttempts,
+ pPinCode, pinCodeSize, pUnblockCode, unblockCodeSize);
+
+ } else
+ {
+ return MSC_UNSUPPORTED_FEATURE;
+ }
+
+ return rv;
+}
+
+MSC_RV MSCVerifyPIN(MSCLPTokenConnection pConnection, MSCUChar8 pinNum,
+ MSCPUChar8 pPinCode, MSCULong32 pinCodeSize)
+{
+ MSCLong32 rv;
+ MSCPVoid32 vFunction;
+ MSCLong32(*libMSCVerifyPIN) (MSCLPTokenConnection, MSCUChar8,
+ MSCPUChar8, MSCULong32);
+
+ if (pConnection == NULL)
+ return MSC_INVALID_PARAMETER;
+ if (localHContext == 0)
+ return MSC_INTERNAL_ERROR;
+
+ vFunction = pConnection->libPointers.pvfVerifyPIN;
+
+ if (vFunction != 0)
+ {
+ libMSCVerifyPIN = (MSCLong32(*)(MSCLPTokenConnection, MSCUChar8,
+ MSCPUChar8, MSCULong32)) vFunction;
+ rv = (*libMSCVerifyPIN) (pConnection, pinNum, pPinCode,
+ pinCodeSize);
+
+ } else
+ {
+ return MSC_UNSUPPORTED_FEATURE;
+ }
+
+ return rv;
+}
+
+MSC_RV MSCChangePIN(MSCLPTokenConnection pConnection, MSCUChar8 pinNum,
+ MSCPUChar8 pOldPinCode, MSCUChar8 oldPinCodeSize,
+ MSCPUChar8 pNewPinCode, MSCUChar8 newPinCodeSize)
+{
+ MSCLong32 rv;
+ MSCPVoid32 vFunction;
+ MSCLong32(*libMSCChangePIN) (MSCLPTokenConnection, MSCUChar8,
+ MSCPUChar8, MSCUChar8, MSCPUChar8, MSCUChar8);
+
+ if (pConnection == NULL)
+ return MSC_INVALID_PARAMETER;
+ if (localHContext == 0)
+ return MSC_INTERNAL_ERROR;
+
+ vFunction = pConnection->libPointers.pvfChangePIN;
+
+ if (vFunction != 0)
+ {
+ libMSCChangePIN = (MSCLong32(*)(MSCLPTokenConnection, MSCUChar8,
+ MSCPUChar8, MSCUChar8, MSCPUChar8, MSCUChar8)) vFunction;
+ rv = (*libMSCChangePIN) (pConnection, pinNum, pOldPinCode,
+ oldPinCodeSize, pNewPinCode, newPinCodeSize);
+
+ } else
+ {
+ return MSC_UNSUPPORTED_FEATURE;
+ }
+
+ return rv;
+}
+
+MSC_RV MSCUnblockPIN(MSCLPTokenConnection pConnection, MSCUChar8 pinNum,
+ MSCPUChar8 pUnblockCode, MSCULong32 unblockCodeSize)
+{
+ MSCLong32 rv;
+ MSCPVoid32 vFunction;
+ MSCLong32(*libMSCUnblockPIN) (MSCLPTokenConnection, MSCUChar8,
+ MSCPUChar8, MSCULong32);
+
+ if (pConnection == NULL)
+ return MSC_INVALID_PARAMETER;
+ if (localHContext == 0)
+ return MSC_INTERNAL_ERROR;
+
+ vFunction = pConnection->libPointers.pvfUnblockPIN;
+
+ if (vFunction != 0)
+ {
+ libMSCUnblockPIN = (MSCLong32(*)(MSCLPTokenConnection,
+ MSCUChar8, MSCPUChar8, MSCULong32)) vFunction;
+ rv = (*libMSCUnblockPIN) (pConnection, pinNum, pUnblockCode,
+ unblockCodeSize);
+
+ } else
+ {
+ return MSC_UNSUPPORTED_FEATURE;
+ }
+
+ return rv;
+}
+
+MSC_RV MSCListPINs(MSCLPTokenConnection pConnection,
+ MSCPUShort16 pPinBitMask)
+{
+ MSCLong32 rv;
+ MSCPVoid32 vFunction;
+ MSCLong32(*libMSCListPINs) (MSCLPTokenConnection, MSCPUShort16);
+
+ if (pConnection == NULL)
+ return MSC_INVALID_PARAMETER;
+ if (localHContext == 0)
+ return MSC_INTERNAL_ERROR;
+
+ vFunction = pConnection->libPointers.pvfListPINs;
+
+ if (vFunction != 0)
+ {
+ libMSCListPINs = (MSCLong32(*)(MSCLPTokenConnection,
+ MSCPUShort16)) vFunction;
+ rv = (*libMSCListPINs) (pConnection, pPinBitMask);
+
+ } else
+ {
+ return MSC_UNSUPPORTED_FEATURE;
+ }
+
+ return rv;
+}
+
+MSC_RV MSCCreateObject(MSCLPTokenConnection pConnection,
+ MSCString objectID, MSCULong32 objectSize, MSCLPObjectACL pObjectACL)
+{
+ MSCLong32 rv;
+ MSCPVoid32 vFunction;
+ MSCLong32(*libMSCCreateObject) (MSCLPTokenConnection, MSCString,
+ MSCULong32, MSCLPObjectACL);
+
+ if (pConnection == NULL)
+ return MSC_INVALID_PARAMETER;
+ if (localHContext == 0)
+ return MSC_INTERNAL_ERROR;
+
+ vFunction = pConnection->libPointers.pvfCreateObject;
+
+ if (vFunction != 0)
+ {
+ libMSCCreateObject = (MSCLong32(*)(MSCLPTokenConnection, MSCString,
+ MSCULong32, MSCLPObjectACL)) vFunction;
+ rv = (*libMSCCreateObject) (pConnection, objectID, objectSize,
+ pObjectACL);
+ } else
+ {
+ return MSC_UNSUPPORTED_FEATURE;
+ }
+
+ return rv;
+}
+
+MSC_RV MSCDeleteObject(MSCLPTokenConnection pConnection,
+ MSCString objectID, MSCUChar8 zeroFlag)
+{
+ MSCLong32 rv;
+ MSCPVoid32 vFunction;
+ MSCLong32(*libMSCDeleteObject) (MSCLPTokenConnection, MSCString,
+ MSCUChar8);
+
+ if (pConnection == NULL)
+ return MSC_INVALID_PARAMETER;
+ if (localHContext == 0)
+ return MSC_INTERNAL_ERROR;
+
+ vFunction = pConnection->libPointers.pvfDeleteObject;
+
+ if (vFunction != 0)
+ {
+ libMSCDeleteObject = (MSCLong32(*)(MSCLPTokenConnection, MSCString,
+ MSCUChar8)) vFunction;
+ rv = (*libMSCDeleteObject) (pConnection, objectID, zeroFlag);
+
+ } else
+ {
+ return MSC_UNSUPPORTED_FEATURE;
+ }
+
+ return rv;
+}
+
+MSC_RV MSCWriteObject(MSCLPTokenConnection pConnection,
+ MSCString objectID, MSCULong32 offSet,
+ MSCPUChar8 pInputData, MSCULong32 dataSize,
+ LPRWEventCallback rwCallback, MSCPVoid32 addParams)
+{
+ MSC_RV rv = MSC_UNSPECIFIED_ERROR;
+ MSCULong32 objectSize;
+ int totalSteps, stepInterval;
+ MSC_RV(*callBackFunction) (void *, int);
+ MSCPVoid32 vFunction;
+ MSCLong32(*libMSCWriteObject) (MSCLPTokenConnection, MSCString,
+ MSCULong32, MSCPUChar8, MSCUChar8);
+ int i;
+
+ if (pConnection == NULL)
+ return MSC_INVALID_PARAMETER;
+ if (localHContext == 0)
+ return MSC_INTERNAL_ERROR;
+
+ vFunction = pConnection->libPointers.pvfWriteObject;
+ callBackFunction = (MSC_RV(*)(void *, int)) rwCallback;
+ objectSize = dataSize;
+
+ if (vFunction == 0)
+ {
+ return MSC_UNSUPPORTED_FEATURE;
+ }
+
+ libMSCWriteObject = (MSCLong32(*)(MSCLPTokenConnection, MSCString,
+ MSCULong32, MSCPUChar8, MSCUChar8))
+ vFunction;
+
+ /*
+ * Figure out the number of steps total and present this in a percent
+ * step basis
+ */
+
+ totalSteps = objectSize / MSC_SIZEOF_KEYPACKET + 1;
+ stepInterval = MSC_PERCENT_STEPSIZE / totalSteps;
+
+ for (i = 0; i < objectSize / MSC_SIZEOF_KEYPACKET; i++)
+ {
+ rv = (*libMSCWriteObject) (pConnection, objectID,
+ i * MSC_SIZEOF_KEYPACKET + offSet,
+ &pInputData[i * MSC_SIZEOF_KEYPACKET],
+ MSC_SIZEOF_KEYPACKET);
+ if (rv != MSC_SUCCESS)
+ {
+ return rv;
+ }
+
+ if (rwCallback)
+ {
+ if ((*callBackFunction) (addParams,
+ stepInterval * i) == MSC_CANCELLED)
+ {
+ return MSC_CANCELLED;
+ }
+ }
+ }
+
+ if (objectSize % MSC_SIZEOF_KEYPACKET)
+ {
+
+ rv = (*libMSCWriteObject) (pConnection, objectID,
+ i * MSC_SIZEOF_KEYPACKET + offSet,
+ &pInputData[i * MSC_SIZEOF_KEYPACKET],
+ objectSize % MSC_SIZEOF_KEYPACKET);
+
+ if (rv != MSC_SUCCESS)
+ {
+ return rv;
+ }
+ }
+
+ if (rwCallback)
+ {
+ (*callBackFunction) (addParams, MSC_PERCENT_STEPSIZE);
+ }
+
+ return rv;
+}
+
+MSC_RV MSCReadObject(MSCLPTokenConnection pConnection,
+ MSCString objectID, MSCULong32 offSet,
+ MSCPUChar8 pOutputData, MSCULong32 dataSize,
+ LPRWEventCallback rwCallback,
+ MSCPVoid32 addParams)
+{
+
+ MSC_RV rv = MSC_UNSPECIFIED_ERROR;
+ MSCULong32 objectSize;
+ int totalSteps, stepInterval;
+ MSC_RV(*callBackFunction) (void *, int);
+ MSCPVoid32 vFunction;
+ MSCLong32(*libMSCReadObject) (MSCLPTokenConnection, MSCString,
+ MSCULong32, MSCPUChar8, MSCUChar8);
+ int i;
+
+ if (pConnection == NULL)
+ return MSC_INVALID_PARAMETER;
+ if (localHContext == 0)
+ return MSC_INTERNAL_ERROR;
+
+ vFunction = pConnection->libPointers.pvfReadObject;
+ callBackFunction = (MSC_RV(*)(void *, int)) rwCallback;
+ objectSize = dataSize;
+
+ if (vFunction == 0)
+ {
+ return MSC_UNSUPPORTED_FEATURE;
+ }
+
+ libMSCReadObject = (MSCLong32(*)(MSCLPTokenConnection,
+ MSCString, MSCULong32,
+ MSCPUChar8, MSCUChar8))
+ vFunction;
+
+ /*
+ * Figure out the number of steps total and present this in a percent
+ * step basis
+ */
+
+ totalSteps = objectSize / MSC_SIZEOF_KEYPACKET + 1;
+ stepInterval = MSC_PERCENT_STEPSIZE / totalSteps;
+
+ for (i = 0; i < objectSize / MSC_SIZEOF_KEYPACKET; i++)
+ {
+ rv = (*libMSCReadObject) (pConnection, objectID,
+ i * MSC_SIZEOF_KEYPACKET + offSet,
+ &pOutputData[i * MSC_SIZEOF_KEYPACKET],
+ MSC_SIZEOF_KEYPACKET);
+
+ if (rv != MSC_SUCCESS)
+ {
+ return rv;
+ }
+
+ if (rwCallback)
+ {
+ if ((*callBackFunction) (addParams,
+ stepInterval * i) == MSC_CANCELLED)
+ {
+ return MSC_CANCELLED;
+ }
+ }
+ }
+
+ if (objectSize % MSC_SIZEOF_KEYPACKET)
+ {
+ rv = (*libMSCReadObject) (pConnection, objectID,
+ i * MSC_SIZEOF_KEYPACKET + offSet,
+ &pOutputData[i * MSC_SIZEOF_KEYPACKET],
+ objectSize % MSC_SIZEOF_KEYPACKET);
+
+ if (rv != MSC_SUCCESS)
+ {
+ return rv;
+ }
+ }
+
+ if (rwCallback)
+ {
+ (*callBackFunction) (addParams, MSC_PERCENT_STEPSIZE);
+ }
+
+ return rv;
+}
+
+MSC_RV MSCListObjects(MSCLPTokenConnection pConnection,
+ MSCUChar8 seqOption, MSCLPObjectInfo pObjectInfo)
+{
+ MSCLong32 rv;
+ MSCPVoid32 vFunction;
+ MSCLong32(*libMSCListObjects) (MSCLPTokenConnection, MSCUChar8,
+ MSCLPObjectInfo);
+
+ if (pConnection == NULL)
+ return MSC_INVALID_PARAMETER;
+ if (localHContext == 0)
+ return MSC_INTERNAL_ERROR;
+
+ vFunction = pConnection->libPointers.pvfListObjects;
+
+ if (vFunction != 0)
+ {
+ libMSCListObjects = (MSCLong32(*)(MSCLPTokenConnection, MSCUChar8,
+ MSCLPObjectInfo)) vFunction;
+ rv = (*libMSCListObjects) (pConnection, seqOption, pObjectInfo);
+
+ } else
+ {
+ return MSC_UNSUPPORTED_FEATURE;
+ }
+
+ return rv;
+}
+
+MSC_RV MSCLogoutAll(MSCLPTokenConnection pConnection)
+{
+
+ MSCLong32 rv;
+ MSCPVoid32 vFunction;
+ MSCLong32(*libMSCLogoutAll) (MSCLPTokenConnection);
+
+ if (pConnection == NULL)
+ return MSC_INVALID_PARAMETER;
+ if (localHContext == 0)
+ return MSC_INTERNAL_ERROR;
+
+ vFunction = pConnection->libPointers.pvfLogoutAll;
+
+ if (vFunction != 0)
+ {
+ libMSCLogoutAll = (MSCLong32(*)(MSCLPTokenConnection)) vFunction;
+ rv = (*libMSCLogoutAll) (pConnection);
+
+ } else
+ {
+ return MSC_UNSUPPORTED_FEATURE;
+ }
+
+ return rv;
+}
+
+MSC_RV MSCGetChallenge(MSCLPTokenConnection pConnection, MSCPUChar8 pSeed,
+ MSCUShort16 seedSize, MSCPUChar8 pRandomData,
+ MSCUShort16 randomDataSize)
+{
+ MSCLong32 rv;
+ MSCPVoid32 vFunction;
+ MSCLong32(*libMSCGetChallenge) (MSCLPTokenConnection, MSCPUChar8,
+ MSCUShort16, MSCPUChar8, MSCUShort16);
+
+ if (pConnection == NULL)
+ return MSC_INVALID_PARAMETER;
+ if (localHContext == 0)
+ return MSC_INTERNAL_ERROR;
+
+ vFunction = pConnection->libPointers.pvfGetChallenge;
+
+ if (vFunction != 0)
+ {
+ libMSCGetChallenge = (MSCLong32(*)(MSCLPTokenConnection,
+ MSCPUChar8, MSCUShort16,
+ MSCPUChar8, MSCUShort16)) vFunction;
+ rv = (*libMSCGetChallenge) (pConnection, pSeed, seedSize,
+ pRandomData, randomDataSize);
+
+ } else
+ {
+ return MSC_UNSUPPORTED_FEATURE;
+ }
+
+ return rv;
+}
+
+MSC_RV MSCGetKeyAttributes(MSCLPTokenConnection pConnection,
+ MSCUChar8 keyNumber, MSCLPKeyInfo pKeyInfo)
+{
+
+ MSC_RV rv;
+ MSCKeyInfo keyInfo;
+
+ if (pConnection == NULL)
+ return MSC_INVALID_PARAMETER;
+ if (localHContext == 0)
+ return MSC_INTERNAL_ERROR;
+
+ rv = MSCListKeys(pConnection, MSC_SEQUENCE_RESET, &keyInfo);
+
+ if (rv != MSC_SEQUENCE_END && rv != MSC_SUCCESS)
+ {
+ return rv;
+ }
+
+ if (rv == MSC_SEQUENCE_END)
+ {
+ return MSC_INVALID_PARAMETER;
+ }
+
+ if (keyNumber == keyInfo.keyNum)
+ {
+ pKeyInfo->keyNum = keyInfo.keyNum;
+ pKeyInfo->keyType = keyInfo.keyType;
+ pKeyInfo->keySize = keyInfo.keySize;
+
+ pKeyInfo->keyPolicy.cipherMode = keyInfo.keyPolicy.cipherMode;
+ pKeyInfo->keyPolicy.cipherDirection =
+ keyInfo.keyPolicy.cipherDirection;
+
+ pKeyInfo->keyACL.readPermission =
+ keyInfo.keyACL.readPermission;
+ pKeyInfo->keyACL.writePermission =
+ keyInfo.keyACL.writePermission;
+ pKeyInfo->keyACL.usePermission =
+ keyInfo.keyACL.usePermission;
+
+ return MSC_SUCCESS;
+ }
+
+ do
+ {
+ rv = MSCListKeys(pConnection, MSC_SEQUENCE_NEXT, &keyInfo);
+ if (keyNumber == keyInfo.keyNum)
+ break;
+ }
+ while (rv == MSC_SUCCESS);
+
+ if (rv != MSC_SEQUENCE_END && rv != MSC_SUCCESS)
+ {
+ return rv;
+ }
+
+ if (rv == MSC_SEQUENCE_END)
+ {
+ return MSC_INVALID_PARAMETER;
+ }
+
+ pKeyInfo->keyNum = keyInfo.keyNum;
+ pKeyInfo->keyType = keyInfo.keyType;
+ pKeyInfo->keySize = keyInfo.keySize;
+
+ pKeyInfo->keyPolicy.cipherMode = keyInfo.keyPolicy.cipherMode;
+ pKeyInfo->keyPolicy.cipherDirection =
+ keyInfo.keyPolicy.cipherDirection;
+
+ pKeyInfo->keyACL.readPermission = keyInfo.keyACL.readPermission;
+ pKeyInfo->keyACL.writePermission = keyInfo.keyACL.writePermission;
+ pKeyInfo->keyACL.usePermission = keyInfo.keyACL.usePermission;
+
+ return MSC_SUCCESS;
+}
+
+MSC_RV MSCGetObjectAttributes(MSCLPTokenConnection pConnection,
+ MSCString objectID, MSCLPObjectInfo pObjectInfo)
+{
+
+ MSC_RV rv;
+ MSCObjectInfo objInfo;
+
+ if (pConnection == NULL)
+ return MSC_INVALID_PARAMETER;
+ if (localHContext == 0)
+ return MSC_INTERNAL_ERROR;
+
+ rv = MSCListObjects(pConnection, MSC_SEQUENCE_RESET, &objInfo);
+
+ if (rv != MSC_SEQUENCE_END && rv != MSC_SUCCESS)
+ {
+ return rv;
+ }
+
+ if (rv == MSC_SEQUENCE_END)
+ {
+ return MSC_OBJECT_NOT_FOUND;
+ }
+
+ if (strncmp(objectID, objInfo.objectID, MSC_MAXSIZE_OBJID) == 0)
+ {
+ pObjectInfo->objectSize = objInfo.objectSize;
+ pObjectInfo->objectACL.readPermission =
+ objInfo.objectACL.readPermission;
+ pObjectInfo->objectACL.writePermission =
+ objInfo.objectACL.writePermission;
+ pObjectInfo->objectACL.deletePermission =
+ objInfo.objectACL.deletePermission;
+ strncpy(pObjectInfo->objectID, objectID, MSC_MAXSIZE_OBJID);
+ return MSC_SUCCESS;
+ }
+
+ do
+ {
+ rv = MSCListObjects(pConnection, MSC_SEQUENCE_NEXT, &objInfo);
+ if (strncmp(objectID, objInfo.objectID, MSC_MAXSIZE_OBJID) == 0)
+ break;
+ }
+ while (rv == MSC_SUCCESS);
+
+ if (rv != MSC_SEQUENCE_END && rv != MSC_SUCCESS)
+ {
+ return rv;
+ }
+
+ if (rv == MSC_SEQUENCE_END)
+ {
+ return MSC_OBJECT_NOT_FOUND;
+ }
+
+ pObjectInfo->objectSize = objInfo.objectSize;
+ pObjectInfo->objectACL.readPermission =
+ objInfo.objectACL.readPermission;
+ pObjectInfo->objectACL.writePermission =
+ objInfo.objectACL.writePermission;
+ pObjectInfo->objectACL.deletePermission =
+ objInfo.objectACL.deletePermission;
+ strncpy(pObjectInfo->objectID, objectID, MSC_MAXSIZE_OBJID);
+
+ return MSC_SUCCESS;
+}
+
+MSC_RV MSCReadAllocateObject(MSCLPTokenConnection pConnection,
+ MSCString objectID, MSCPUChar8 * pOutputData,
+ MSCPULong32 dataSize,
+ LPRWEventCallback rwCallback,
+ MSCPVoid32 addParams)
+{
+ MSC_RV rv;
+ MSCObjectInfo objInfo;
+ MSCULong32 objectSize;
+ MSCPUChar8 data = NULL;
+
+ if (pConnection == NULL)
+ return MSC_INVALID_PARAMETER;
+ if (localHContext == 0)
+ return MSC_INTERNAL_ERROR;
+
+ if (pOutputData == 0)
+ {
+ return MSC_INVALID_PARAMETER;
+ }
+
+ *dataSize = 0;
+ *pOutputData = 0;
+
+ rv = MSCGetObjectAttributes(pConnection, objectID, &objInfo);
+ if (rv == MSC_SUCCESS)
+ {
+ objectSize = objInfo.objectSize;
+ data = (MSCPUChar8) malloc(sizeof(MSCUChar8) * objectSize);
+ if(data)
+ {
+ rv = MSCReadObject(pConnection, objectID, 0, data,
+ objectSize, rwCallback, addParams);
+
+ if (rv == MSC_SUCCESS)
+ {
+ *dataSize = objectSize;
+ *pOutputData = data;
+ }
+ else
+ {
+ rv = MSC_INTERNAL_ERROR;
+ free(data);
+ }
+ }
+ }
+
+ return rv;
+}
+
+
+MSC_RV pcscToMSC(MSCLong32 pcscCode)
+{
+
+ switch (pcscCode)
+ {
+ case SCARD_S_SUCCESS:
+ return MSC_SUCCESS;
+ case SCARD_E_INVALID_HANDLE:
+ return MSC_INVALID_HANDLE;
+ case SCARD_E_SHARING_VIOLATION:
+ return MSC_SHARING_VIOLATION;
+ case SCARD_W_REMOVED_CARD:
+ return MSC_TOKEN_REMOVED;
+ case SCARD_E_NO_SMARTCARD:
+ return MSC_TOKEN_REMOVED;
+ case SCARD_W_RESET_CARD:
+ return MSC_TOKEN_RESET;
+ case SCARD_W_INSERTED_CARD:
+ return MSC_TOKEN_INSERTED;
+ case SCARD_E_NO_SERVICE:
+ return MSC_SERVICE_UNRESPONSIVE;
+ case SCARD_E_UNKNOWN_CARD:
+ case SCARD_W_UNSUPPORTED_CARD:
+ case SCARD_E_CARD_UNSUPPORTED:
+ return MSC_UNRECOGNIZED_TOKEN;
+ case SCARD_E_INVALID_PARAMETER:
+ case SCARD_E_INVALID_VALUE:
+ case SCARD_E_UNKNOWN_READER:
+ case SCARD_E_PROTO_MISMATCH:
+ case SCARD_E_READER_UNAVAILABLE:
+ return MSC_INVALID_PARAMETER;
+ case SCARD_E_CANCELLED:
+ return MSC_CANCELLED;
+ case SCARD_E_TIMEOUT:
+ return MSC_TIMEOUT_OCCURRED;
+
+ default:
+ return MSC_INTERNAL_ERROR;
+ }
+}
+
+char *msc_error(unsigned long int errorCode) //MSC_RV
+{
+
+ static char message[500];
+
+ switch (errorCode)
+ {
+ case MSC_SUCCESS:
+ strncpy(message, "Successful", sizeof(message));
+ break;
+ case MSC_NO_MEMORY_LEFT:
+ strncpy(message, "No more memory", sizeof(message));
+ break;
+ case MSC_AUTH_FAILED:
+ strncpy(message, "Authentication failed", sizeof(message));
+ break;
+ case MSC_OPERATION_NOT_ALLOWED:
+ strncpy(message, "Operation not allowed", sizeof(message));
+ break;
+ case MSC_INCONSISTENT_STATUS:
+ strncpy(message, "Inconsistent status", sizeof(message));
+ break;
+ case MSC_UNSUPPORTED_FEATURE:
+ strncpy(message, "Feature unsupported", sizeof(message));
+ break;
+ case MSC_UNAUTHORIZED:
+ strncpy(message, "Unauthorized usage", sizeof(message));
+ break;
+ case MSC_OBJECT_NOT_FOUND:
+ strncpy(message, "Object not found", sizeof(message));
+ break;
+ case MSC_OBJECT_EXISTS:
+ strncpy(message, "Object already exists", sizeof(message));
+ break;
+ case MSC_INCORRECT_ALG:
+ strncpy(message, "Incorrect algorithm", sizeof(message));
+ break;
+ case MSC_SIGNATURE_INVALID:
+ strncpy(message, "Invalid signature", sizeof(message));
+ break;
+ case MSC_IDENTITY_BLOCKED:
+ strncpy(message, "Identity is blocked", sizeof(message));
+ break;
+ case MSC_UNSPECIFIED_ERROR:
+ strncpy(message, "Unspecified error", sizeof(message));
+ break;
+ case MSC_TRANSPORT_ERROR:
+ strncpy(message, "Transport error", sizeof(message));
+ break;
+ case MSC_INVALID_PARAMETER:
+ strncpy(message, "Invalid parameter", sizeof(message));
+ break;
+ case MSC_SEQUENCE_END:
+ strncpy(message, "End of sequence", sizeof(message));
+ break;
+ case MSC_INTERNAL_ERROR:
+ strncpy(message, "Internal Error", sizeof(message));
+ break;
+ case MSC_CANCELLED:
+ strncpy(message, "Operation Cancelled", sizeof(message));
+ break;
+ case MSC_INSUFFICIENT_BUFFER:
+ strncpy(message, "Buffer is too small", sizeof(message));
+ break;
+ case MSC_UNRECOGNIZED_TOKEN:
+ strncpy(message, "Token is unsupported", sizeof(message));
+ break;
+ case MSC_SERVICE_UNRESPONSIVE:
+ strncpy(message, "Service is not running", sizeof(message));
+ break;
+ case MSC_TIMEOUT_OCCURRED:
+ strncpy(message, "Timeout has occurred", sizeof(message));
+ break;
+ case MSC_TOKEN_REMOVED:
+ strncpy(message, "Token was removed", sizeof(message));
+ break;
+ case MSC_TOKEN_RESET:
+ strncpy(message, "Token was reset", sizeof(message));
+ break;
+ case MSC_TOKEN_INSERTED:
+ strncpy(message, "Token was inserted", sizeof(message));
+ break;
+ case MSC_TOKEN_UNRESPONSIVE:
+ strncpy(message, "Token is unresponsive", sizeof(message));
+ break;
+ case MSC_INVALID_HANDLE:
+ strncpy(message, "Handle is invalid", sizeof(message));
+ break;
+ case MSC_SHARING_VIOLATION:
+ strncpy(message, "Sharing violation", sizeof(message));
+ break;
+
+ default:
+ sprintf(message, "Unknown SW: %04lu", errorCode);
+ break;
+ }
+
+ return message;
+}
+
+MSC_RV MSCReEstablishConnection(MSCLPTokenConnection pConnection)
+{
+
+ MSC_RV rv;
+ MSCPVoid32 vInitFunction, vFinFunction, vIdFunction;
+ MSCULong32 dwActiveProtocol;
+ MSCLong32(*libPL_MSCInitializePlugin) (MSCLPTokenConnection);
+ MSCLong32(*libPL_MSCFinalizePlugin) (MSCLPTokenConnection);
+ MSCLong32 (*libPL_MSCIdentifyToken)(MSCLPTokenConnection);
+
+ vInitFunction = 0;
+ vFinFunction = 0;
+ vIdFunction = 0;
+
+ /*
+ * Select the AID or initialization routine for the card
+ */
+ vInitFunction = pConnection->libPointers.pvfInitializePlugin;
+ vFinFunction = pConnection->libPointers.pvfFinalizePlugin;
+ vIdFunction = pConnection->libPointers.pvfIdentifyToken;
+
+ if (vInitFunction == 0)
+ {
+ DebugLogB("Error: Card service failure: %s\n",
+ "InitializePlugin function missing");
+ return MSC_INTERNAL_ERROR;
+ }
+
+ if (vFinFunction == 0)
+ {
+ DebugLogB("Error: Card service failure: %s\n",
+ "FinalizePlugin function missing");
+ return MSC_INTERNAL_ERROR;
+ }
+
+ if ( vIdFunction == 0 )
+ {
+ DebugLogB("Error: Card service failure: %s\n",
+ "IdentifyToken function missing");
+ return MSC_INTERNAL_ERROR;
+ }
+
+ libPL_MSCInitializePlugin = (MSCLong32(*)(MSCLPTokenConnection))
+ vInitFunction;
+
+ libPL_MSCFinalizePlugin = (MSCLong32(*)(MSCLPTokenConnection))
+ vFinFunction;
+
+ libPL_MSCIdentifyToken = (MSCLong32 (*)(MSCLPTokenConnection))
+ vIdFunction;
+
+ rv = SCardReconnect(pConnection->hCard, pConnection->shareMode,
+ SCARD_PROTOCOL_T0 | SCARD_PROTOCOL_T1,
+ SCARD_LEAVE_CARD, &dwActiveProtocol);
+
+ if (rv != SCARD_S_SUCCESS)
+ return pcscToMSC(rv);
+
+ /*
+ * Stop the plugin and start it up again
+ */
+ rv = (*libPL_MSCFinalizePlugin) (pConnection);
+
+ /*
+ * Use the default AID given by the Info.plist
+ */
+ rv = (*libPL_MSCInitializePlugin) (pConnection);
+
+ /*
+ * Use the default AID given by the Info.plist
+ */
+ rv = (*libPL_MSCIdentifyToken)(pConnection);
+
+ if (rv != MSC_SUCCESS)
+ return rv;
+
+ return MSC_SUCCESS;
+}
+
+MSCUChar8 MSCIsTokenReset(MSCLPTokenConnection pConnection)
+{
+ MSCULong32 rv;
+ char slotName[MAX_READERNAME];
+ MSCULong32 slotNameSize, slotState, slotProtocol;
+ MSCUChar8 tokenId[MAX_ATR_SIZE];
+ MSCULong32 tokenIdLength;
+
+ rv = SCardStatus(pConnection->hCard, slotName,
+ &slotNameSize, &slotState, &slotProtocol,
+ tokenId, &tokenIdLength);
+
+ if (rv == SCARD_W_RESET_CARD)
+ {
+ return 1;
+ }
+
+ if (pConnection->tokenInfo.tokenType & MSC_TOKEN_TYPE_RESET)
+ {
+ return 1;
+ } else
+ {
+ return 0;
+ }
+}
+
+MSCUChar8 MSCClearReset(MSCLPTokenConnection pConnection)
+{
+ pConnection->tokenInfo.tokenType &= ~MSC_TOKEN_TYPE_RESET;
+ return 1;
+}
+
+MSCUChar8 MSCIsTokenMoved(MSCLPTokenConnection pConnection)
+{
+ MSCULong32 rv;
+ char slotName[MAX_READERNAME];
+ MSCULong32 slotNameSize, slotState, slotProtocol;
+ MSCUChar8 tokenId[MAX_ATR_SIZE];
+ MSCULong32 tokenIdLength;
+
+
+ rv = SCardStatus(pConnection->hCard, slotName,
+ &slotNameSize, &slotState, &slotProtocol,
+ tokenId, &tokenIdLength);
+
+ if (rv == SCARD_W_REMOVED_CARD)
+ {
+ return 1;
+ } else if (rv == SCARD_W_INSERTED_CARD)
+ {
+ return 1;
+ } else if (slotState & SCARD_ABSENT)
+ {
+ return 1;
+ }
+
+
+ if (pConnection->tokenInfo.tokenType & MSC_TOKEN_TYPE_REMOVED)
+ {
+ return 1;
+ } else
+ {
+ return 0;
+ }
+}
+
+MSCUChar8 MSCIsTokenChanged(MSCLPTokenConnection pConnection)
+{
+ if (MSCIsTokenMoved(pConnection))
+ {
+ return 1;
+ } else if (MSCIsTokenReset(pConnection))
+ {
+ return 1;
+ } else {
+ return 0;
+ }
+}
+
+MSCUChar8 MSCIsTokenKnown(MSCLPTokenConnection pConnection)
+{
+ if (pConnection->tokenInfo.tokenType & MSC_TOKEN_TYPE_KNOWN)
+ {
+ return 1;
+ } else
+ {
+ return 0;
+ }
+}
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/musclecard.h
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/musclecard.h (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/musclecard.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,1050 @@
+/*
+ * Copyright (c) 2000 Apple Computer, Inc. All rights reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * The contents of this file constitute Original Code as defined in and
+ * are subject to the Apple Public Source License Version 1.1 (the
+ * "License"). You may not use this file except in compliance with the
+ * License. Please obtain a copy of the License at
+ * http://www.apple.com/publicsource and read it before using this file.
+ *
+ * This Original Code and all software distributed under the License are
+ * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the
+ * License for the specific language governing rights and limitations
+ * under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/******************************************************************
+
+ MUSCLE SmartCard Development ( http://www.linuxnet.com )
+ Title : musclecard.h
+ Package: MuscleCard Framework
+ Author : David Corcoran
+ Date : 11/28/01
+ License: Copyright (C) 2001 David Corcoran
+ <corcoran at linuxnet.com>
+ Purpose: This abstracts the MUSCLE Card Edge Inteface
+
+ You may not remove this header from this file
+ without prior permission from the author.
+
+********************************************************************/
+
+#ifndef __musclecard_h__
+#define __musclecard_h__
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+
+#ifdef WIN32
+#include "PCSC.h"
+#endif
+
+#ifndef __APPLE__
+#include <mscdefines.h>
+#else
+#include <PCSC/mscdefines.h>
+#endif
+
+ /****************
+ * Return codes *
+ ****************/
+
+ /** success */
+#define MSC_SUCCESS 0x9000
+
+ /** There have been memory problems on the card */
+#define MSC_NO_MEMORY_LEFT 0x9C01
+ /** Entered PIN is not correct */
+#define MSC_AUTH_FAILED 0x9C02
+ /** Required operation is not allowed in actual circumstances */
+#define MSC_OPERATION_NOT_ALLOWED 0x9C03
+ /** Required operation is inconsistent with memory contents */
+#define MSC_INCONSISTENT_STATUS 0x9C04
+ /** Required feature is not (yet) supported */
+#define MSC_UNSUPPORTED_FEATURE 0x9C05
+ /** Required operation was not authorized because of a lack of privileges */
+#define MSC_UNAUTHORIZED 0x9C06
+ /** Required object is missing */
+#define MSC_OBJECT_NOT_FOUND 0x9C07
+ /** New object ID already in use */
+#define MSC_OBJECT_EXISTS 0x9C08
+ /** Algorithm specified is not correct */
+#define MSC_INCORRECT_ALG 0x9C09
+
+ /** Verify operation detected an invalid signature */
+#define MSC_SIGNATURE_INVALID 0x9C0B
+ /** Operation has been blocked for security reason */
+#define MSC_IDENTITY_BLOCKED 0x9C0C
+ /** Unspecified error */
+#define MSC_UNSPECIFIED_ERROR 0x9C0D
+ /** PCSC and driver transport errors */
+#define MSC_TRANSPORT_ERROR 0x9C0E
+ /** Invalid parameter given */
+#define MSC_INVALID_PARAMETER 0x9C0F
+ /** Incorrect P1 parameter */
+#define MSC_INCORRECT_P1 0x9C10
+ /** Incorrect P2 parameter */
+#define MSC_INCORRECT_P2 0x9C11
+ /** End of sequence */
+#define MSC_SEQUENCE_END 0x9C12
+ /** For debugging purposes */
+#define MSC_INTERNAL_ERROR 0x9CFF
+
+ /*******************************************************/
+ /*
+ * These returns are beyond the protocol specification
+ */
+ /*
+ * and only exist here to provide return codes for the
+ */
+ /*
+ * additional functions provided by the MuscleCard API
+ */
+ /*
+ * beyond the protocol specification.
+ */
+ /*******************************************************/
+
+ /** A blocking event has been cancelled */
+#define MSC_CANCELLED 0x9C50
+ /*
+ * The buffer provided is too short
+ */
+#define MSC_INSUFFICIENT_BUFFER 0x9C51
+ /*
+ * The selected token is not recognized
+ */
+#define MSC_UNRECOGNIZED_TOKEN 0x9C52
+ /*
+ * The PC/SC services is not available
+ */
+#define MSC_SERVICE_UNRESPONSIVE 0x9C53
+ /*
+ * The action has timed out
+ */
+#define MSC_TIMEOUT_OCCURRED 0x9C54
+ /*
+ * The token has been removed
+ */
+#define MSC_TOKEN_REMOVED 0x9C55
+ /*
+ * The token has been reset
+ */
+#define MSC_TOKEN_RESET 0x9C56
+ /*
+ * The token has been inserted
+ */
+#define MSC_TOKEN_INSERTED 0x9C57
+ /*
+ * The token is unresponsive
+ */
+#define MSC_TOKEN_UNRESPONSIVE 0x9C58
+ /*
+ * The handle is invalid
+ */
+#define MSC_INVALID_HANDLE 0x9C59
+ /*
+ * Invalid sharing
+ */
+#define MSC_SHARING_VIOLATION 0x9C60
+
+
+#define MSC_BLOCKSTATUS_RESUME 0x0000
+#define MSC_BLOCKSTATUS_BLOCKING 0x0001
+#define MSC_BLOCKSTATUS_CANCELLING 0x0002
+
+ /*
+ * Some boundary defines
+ */
+#define MSC_MAX_KEYS 16
+#define MSC_MAX_PINS 8
+#define MSC_SIZEOF_KEYPACKET 200
+#define MSC_MAXSIZEOF_APDU_DATALEN 255
+#define MSC_PERCENT_STEPSIZE 1000
+#define MSC_SINGLE_READ_PACKET 255
+#define MSC_MAXSIZE_TOKENARRAY 255
+
+ /*
+ * KeyPair Generation algorithms
+ */
+#define MSC_GEN_ALG_RSA 0x00
+#define MSC_GEN_ALG_RSA_CRT 0x01
+#define MSC_GEN_ALG_DSA 0x02
+#define MSC_GEN_ALG_DES 0x03
+#define MSC_GEN_ALG_3DES 0x04
+#define MSC_GEN_ALG_3DES3 0x05
+
+ /*
+ * Blob encodings in KeyBlob structure
+ */
+#define MSC_BLOB_ENC_PLAIN 0x00
+#define MSC_BLOB_ENC_CRYPT 0x01
+
+ /*
+ * Key Type in Key Blobs
+ */
+#define MSC_KEY_RSA_PUBLIC 0x01
+#define MSC_KEY_RSA_PRIVATE 0x02
+#define MSC_KEY_RSA_PRIVATE_CRT 0x03
+#define MSC_KEY_DSA_PUBLIC 0x04
+#define MSC_KEY_DSA_PRIVATE 0x05
+#define MSC_KEY_DES 0x06
+#define MSC_KEY_3DES 0x07
+#define MSC_KEY_3DES3 0x08
+
+ /*
+ * Key generation options TODO: add other
+ */
+#define MSC_OPT_DEFAULT 0x00
+#define MSC_OPT_RSA_PUB_EXP 0x01
+#define MSC_OPT_DSA_GPQ 0x02
+
+ /*
+ * Cipher operations in ComputeCrypt()
+ */
+#define MSC_CIPHER_INIT 0x01
+#define MSC_CIPHER_PROCESS 0x02
+#define MSC_CIPHER_FINAL 0x03
+
+ /*
+ * Cipher modes in ComputeCrypt()
+ */
+#define MSC_MODE_RSA_NOPAD 0x00
+#define MSC_MODE_RSA_PAD_PKCS1 0x01
+#define MSC_MODE_DSA_SHA 0x10
+#define MSC_MODE_DES_CBC_NOPAD 0x20
+#define MSC_MODE_DES_ECB_NOPAD 0x21
+
+ /*
+ * Cipher directions
+ */
+#define MSC_DIR_SIGN 0x01
+#define MSC_DIR_VERIFY 0x02
+#define MSC_DIR_ENCRYPT 0x03
+#define MSC_DIR_DECRYPT 0x04
+
+ /*
+ * Sequence options in ListXXX()
+ */
+#define MSC_SEQUENCE_RESET 0x00
+#define MSC_SEQUENCE_NEXT 0x01
+
+ /*
+ * Zero flag in DeleteObject()
+ */
+#define MSC_ZF_DEFAULT 0x00
+#define MSC_ZF_WRITE_ZERO 0x01
+
+ /*
+ * Some defines for ID's Bitmask
+ */
+#define MSC_AUT_ALL 0x0000
+#define MSC_AUT_NONE 0xFFFF
+
+#define MSC_AUT_PIN_0 0x0001
+#define MSC_AUT_PIN_1 0x0002
+#define MSC_AUT_PIN_2 0x0004
+#define MSC_AUT_PIN_3 0x0008
+#define MSC_AUT_PIN_4 0x0010
+
+#define MSC_AUT_KEY_0 0x0100
+#define MSC_AUT_KEY_1 0x0200
+#define MSC_AUT_KEY_2 0x0400
+#define MSC_AUT_KEY_3 0x0800
+#define MSC_AUT_KEY_4 0x1000
+#define MSC_AUT_KEY_5 0x2000
+
+#define MSC_AUT_USR_0 0x4000
+#define MSC_AUT_USR_1 0x8000
+
+ /*
+ * This structure allows you to customize your MuscleCard. It is used
+ * in MSCWriteFramework to specify attributes you may want to set in
+ * this 'personalization' routine and will be getting new values in
+ * future revisions of the API
+ */
+
+#define MSC_INIT_DEFAULT_KEY 0x00 /* Use card's default transport
+ * key */
+#define MSC_INIT_IGNORE_KEY 0x01 /* Don't verify any key at all */
+#define MSC_INIT_USE_KEY 0x02 /* Use the key in this struct */
+
+ typedef struct
+ {
+ MSCUChar8 transportKey[MAX_BUFFER_SIZE];
+ MSCULong32 transportKeyLen;
+ MSCUChar8 transportBehavior;
+ MSCULong32 objectMemory;
+
+ MSCUChar8 newTransportKey[MAX_BUFFER_SIZE];
+ MSCULong32 newTransportKeyLen;
+
+ MSCUChar8 defaultCHV[MAX_BUFFER_SIZE];
+ MSCULong32 defaultCHVLen;
+ MSCUChar8 defaultCHVTries;
+
+ MSCUChar8 defaultCHVUnblock[MAX_BUFFER_SIZE];
+ MSCULong32 defaultCHVUnblockSize;
+ MSCUChar8 defaultCHVUnblockTries;
+
+ MSCUShort16 createObjectACL;
+ MSCUShort16 createKeysACL;
+ MSCUShort16 createPINsACL;
+
+ MSCUChar8 maxNumberKeys;
+ MSCUChar8 maxNumberPINs;
+ MSCUShort16 maxNumberObjects;
+
+ }
+ MSCInitTokenParams, *MSCLPInitTokenParams;
+
+ /*
+ * Direction policy bitmasks for MSCKeyPolicy
+ */
+#define MSC_KEYPOLICY_MODE_RSA_NOPAD 0x0001
+#define MSC_KEYPOLICY_MODE_RSA_PAD_PKCS1 0x0002
+#define MSC_KEYPOLICY_MODE_DSA_SHA 0x0004
+#define MSC_KEYPOLICY_MODE_DES_CBC_NOPAD 0x0008
+#define MSC_KEYPOLICY_MODE_DES_ECB_NOPAD 0x0010
+
+#define MSC_KEYPOLICY_DIR_SIGN 0x0100
+#define MSC_KEYPOLICY_DIR_VERIFY 0x0200
+#define MSC_KEYPOLICY_DIR_ENCRYPT 0x0400
+#define MSC_KEYPOLICY_DIR_DECRYPT 0x0800
+
+ typedef struct
+ {
+ MSCUShort16 cipherMode;
+ MSCUShort16 cipherDirection;
+ }
+ MSCKeyPolicy, *MSCLPKeyPolicy;
+
+ typedef struct
+ {
+ MSCUShort16 readPermission;
+ MSCUShort16 writePermission;
+ MSCUShort16 usePermission;
+ }
+ MSCKeyACL, *MSCLPKeyACL;
+
+ typedef struct
+ {
+ MSCUShort16 readPermission;
+ MSCUShort16 writePermission;
+ MSCUShort16 deletePermission;
+ }
+ MSCObjectACL, *MSCLPObjectACL, MSCCertACL, *MSCLPCertACL;
+
+ typedef struct
+ {
+ MSCUChar8 algoType;
+ MSCUShort16 keySize;
+ MSCKeyACL privateKeyACL;
+ MSCKeyACL publicKeyACL;
+ MSCKeyPolicy privateKeyPolicy;
+ MSCKeyPolicy publicKeyPolicy;
+ MSCUChar8 keyGenOptions;
+ MSCPUChar8 pOptParams;
+ MSCULong32 optParamsSize;
+ }
+ MSCGenKeyParams, *MSCLPGenKeyParams;
+
+ typedef MSCPUChar8 MSCLPKeyBlob;
+
+ typedef struct
+ {
+ MSCUChar8 keyNum;
+ MSCUChar8 keyType;
+ MSCUChar8 keyPartner; /* Do not use (deprecated) */
+ MSCUChar8 keyMapping; /* Do not use (deprecated) */
+ MSCUShort16 keySize;
+ MSCKeyPolicy keyPolicy;
+ MSCKeyACL keyACL;
+ }
+ MSCKeyInfo, *MSCLPKeyInfo;
+
+ typedef struct
+ {
+ MSCUChar8 keyNum;
+ MSCUChar8 cipherMode;
+ MSCUChar8 cipherDirection;
+ MSCPUChar8 optParams;
+ MSCUShort16 optParamsSize;
+ }
+ MSCCryptInit, *MSCLPCryptInit;
+
+ /*
+ * Scope definitions for MSCListTokens
+ */
+#define MSC_LIST_KNOWN 1 /* Lists known tokens only */
+#define MSC_LIST_SLOTS 2 /* Lists all slots, with or without tokens
+ */
+#define MSC_LIST_ALL 3 /* Lists all tokens, known or not */
+
+#define MSC_TOKEN_EMPTY_STR "Token Removed"
+#define MSC_TOKEN_UNKNOWN_STR "Token Unknown"
+
+#define MSC_TOKEN_TYPE_REMOVED 1 /* Token was removed at one point */
+#define MSC_TOKEN_TYPE_UNKNOWN 2 /* Token is unknown, state is fine */
+#define MSC_TOKEN_TYPE_KNOWN 4 /* Token is known, state is fine */
+#define MSC_TOKEN_TYPE_RESET 8 /* Token is known, was reset */
+
+ /*
+ * endAction definitions for MSCReleaseConnection
+ */
+#define MSC_LEAVE_TOKEN SCARD_LEAVE_CARD
+#define MSC_RESET_TOKEN SCARD_RESET_CARD
+#define MSC_EJECT_TOKEN SCARD_EJECT_CARD
+
+ /*
+ * sharingMode for MSCEstablishConnection
+ */
+#define MSC_SHARE_SHARED SCARD_SHARE_SHARED
+#define MSC_SHARE_EXCLUSIVE SCARD_SHARE_EXCLUSIVE
+#define MSC_SHARE_DIRECT SCARD_SHARE_DIRECT
+
+ /*
+ * tokenState for MSCWaitForTokenEvent
+ */
+#define MSC_STATE_UNAWARE 0x4000
+#define MSC_STATE_CHANGED SCARD_STATE_CHANGED
+#define MSC_STATE_UNKNOWN SCARD_STATE_UNKNOWN
+#define MSC_STATE_UNAVAILABLE SCARD_STATE_UNAVAILABLE
+#define MSC_STATE_EMPTY SCARD_STATE_EMPTY
+#define MSC_STATE_PRESENT SCARD_STATE_PRESENT
+#define MSC_STATE_EXCLUSIVE SCARD_STATE_EXCLUSIVE
+#define MSC_STATE_INUSE SCARD_STATE_INUSE
+#define MSC_STATE_MUTE SCARD_STATE_MUTE
+
+#define MSC_NO_TIMEOUT INFINITE
+
+/********************** TAGS for GetStatus ********************************/
+
+ /*
+ * high level tags
+ */
+#define MSC_TAG_SUPPORT_FUNCTIONS 101 /* Supported functions */
+#define MSC_TAG_SUPPORT_CRYPTOALG 102 /* Supported crypto algorithms
+ */
+
+ /*
+ * crypto related tags
+ */
+#define MSC_TAG_CAPABLE_RSA 103 /* RSA capabilities */
+#define MSC_TAG_CAPABLE_DSA 104 /* DSA capabilities */
+#define MSC_TAG_CAPABLE_ECURVE 105 /* Eliptic Curve capabilities */
+#define MSC_TAG_CAPABLE_ELGAMAL 106 /* El Gamal capabilities */
+
+#define MSC_TAG_CAPABLE_KEY_AUTH 180 /* Key import/gen AUT needed */
+
+#define MSC_TAG_CAPABLE_DES 201 /* DES capabilities */
+#define MSC_TAG_CAPABLE_3DES 202 /* Triple DES capabilities */
+#define MSC_TAG_CAPABLE_IDEA 203 /* IDEA capabilities */
+#define MSC_TAG_CAPABLE_AES 204 /* AES capabilities */
+#define MSC_TAG_CAPABLE_BLOWFISH 205 /* Blowfish capabilities */
+#define MSC_TAG_CAPABLE_TWOFISH 206 /* Twofish capabilities */
+
+#define MSC_TAG_CAPABLE_MD5 207 /* MD5 capabilities */
+#define MSC_TAG_CAPABLE_SHA1 208 /* SHA1 capabilities */
+
+ /*
+ * object related tags
+ */
+#define MSC_TAG_CAPABLE_OBJ_ATTR 301 /* returns general attributes */
+#define MSC_TAG_CAPABLE_OBJ_IDSIZE 302 /* returns size of object id */
+#define MSC_TAG_CAPABLE_OBJ_AUTH 303 /* return AUT needed for
+ * create */
+#define MSC_TAG_CAPABLE_OBJ_MAXNUM 304 /* maximum number of objects */
+
+ /*
+ * pin related tags
+ */
+#define MSC_TAG_CAPABLE_PIN_ATTR 401 /* returns general attributes */
+#define MSC_TAG_CAPABLE_PIN_MAXNUM 402 /* returns max number of pins */
+#define MSC_TAG_CAPABLE_PIN_MINSIZE 403 /* returns minimum pin size */
+#define MSC_TAG_CAPABLE_PIN_MAXSIZE 404 /* returns maximum pin size */
+#define MSC_TAG_CAPABLE_PIN_CHARSET 405 /* char set supported
+ * (bitmask) */
+#define MSC_TAG_CAPABLE_PIN_POLICY 406 /* returns pin policy
+ * (bitmask) */
+#define MSC_TAG_CAPABLE_PIN_AUTH 407 /* return AUT needed for
+ * create */
+
+#define MSC_TAG_CAPABLE_ID_STATE 501 /* returns state capability */
+
+#define MSC_TAG_CAPABLE_RANDOM 600 /* Random number capabilities */
+#define MSC_TAG_CAPABLE_RANDOM_MAX 601 /* Maximum random number */
+#define MSC_TAG_CAPABLE_RANDOM_MIN 602 /* Minimum random number */
+
+/********************************** END OF TAGS ***************************/
+
+ /*
+ * Bitmask for TAG MSC_TAG_SUPPORT_FUNCTIONS
+ */
+#define MSC_SUPPORT_GENKEYS 0x00000001
+#define MSC_SUPPORT_IMPORTKEY 0x00000002
+#define MSC_SUPPORT_EXPORTKEY 0x00000004
+#define MSC_SUPPORT_COMPUTECRYPT 0x00000008
+#define MSC_SUPPORT_EXTAUTH 0x00000010
+#define MSC_SUPPORT_LISTKEYS 0x00000020
+#define MSC_SUPPORT_CREATEPIN 0x00000040
+#define MSC_SUPPORT_VERIFYPIN 0x00000080
+#define MSC_SUPPORT_CHANGEPIN 0x00000100
+#define MSC_SUPPORT_UNBLOCKPIN 0x00000200
+#define MSC_SUPPORT_LISTPINS 0x00000400
+#define MSC_SUPPORT_CREATEOBJECT 0x00000800
+#define MSC_SUPPORT_DELETEOBJECT 0x00001000
+#define MSC_SUPPORT_WRITEOBJECT 0x00002000
+#define MSC_SUPPORT_READOBJECT 0x00004000
+#define MSC_SUPPORT_LISTOBJECTS 0x00008000
+#define MSC_SUPPORT_LOGOUTALL 0x00010000
+#define MSC_SUPPORT_GETCHALLENGE 0x00020000
+
+ /*
+ * Bitmask for MSC_TAG_SUPPORT_CRYPTOALG
+ */
+#define MSC_SUPPORT_RSA 0x00000001 /* Supports RSA */
+#define MSC_SUPPORT_DSA 0x00000002 /* Supports DSA */
+#define MSC_SUPPORT_ECURVE 0x00000004 /* Supports Eliptic Curve */
+#define MSC_SUPPORT_ELGAMAL 0x00000008 /* Supports El Gamal */
+
+#define MSC_SUPPORT_DES 0x00000010 /* Supports DES */
+#define MSC_SUPPORT_3DES 0x00000020 /* Supports Triple DES */
+#define MSC_SUPPORT_IDEA 0x00000040 /* Supports IDEA */
+#define MSC_SUPPORT_AES 0x00000080 /* Supports AES */
+#define MSC_SUPPORT_BLOWFISH 0x00000100 /* Supports Blowfish */
+#define MSC_SUPPORT_TWOFISH 0x00000200 /* Supports Twofish */
+#define MSC_SUPPORT_SHA1 0x00000400 /* Supports SHA1 */
+#define MSC_SUPPORT_MD5 0x00000800 /* Supports MD5 */
+
+ /*
+ * Bitmask for TAG MSC_TAG_CAPABLE_RSA
+ */
+#define MSC_CAPABLE_RSA_512 0x00000001 /* Supports 512 bit RSA */
+#define MSC_CAPABLE_RSA_768 0x00000002 /* Supports 768 bit RSA */
+#define MSC_CAPABLE_RSA_1024 0x00000004 /* Supports 1024 bit RSA */
+#define MSC_CAPABLE_RSA_2048 0x00000008 /* Supports 2048 bit RSA */
+#define MSC_CAPABLE_RSA_4096 0x00000010 /* Supports 4096 bit RSA */
+
+#define MSC_CAPABLE_RSA_KEYGEN 0x00001000 /* Support RSA key-gen */
+#define MSC_CAPABLE_RSA_NOPAD 0x00002000 /* Supports RSA NO PAD */
+#define MSC_CAPABLE_RSA_PKCS1 0x00004000 /* Supports PKCS padding */
+
+ /*
+ * Bitmask for TAG MSC_TAG_CAPABLE_DSA
+ */
+#define MSC_CAPABLE_DSA_512 0x00000001 /* Supports 512 bit DSA */
+#define MSC_CAPABLE_DSA_768 0x00000002 /* Supports 768 bit DSA */
+#define MSC_CAPABLE_DSA_1024 0x00000004 /* Supports 1024 bit DSA */
+#define MSC_CAPABLE_DSA_2048 0x00000008 /* Supports 2048 bit DSA */
+#define MSC_CAPABLE_DSA_4096 0x00000010 /* Supports 4096 bit DSA */
+#define MSC_CAPABLE_DSA_KEYGEN 0x00001000 /* Supports DSA key-gen */
+
+ /*
+ * Bitmask for TAG MSC_TAG_CAPABLE_DES
+ */
+#define MSC_CAPABLE_DES_KEYGEN 0x00001000 /* Supports DES key-gen */
+#define MSC_CAPABLE_DES_CBC 0x00002000 /* Supports DES CBC mode */
+#define MSC_CAPABLE_DES_EBC 0x00004000 /* Supports DES EBC mode */
+#define MSC_CAPABLE_DES_ECB 0x00008000 /* Supports DES ECB mode */
+
+ /*
+ * Bitmask for TAG MSC_TAG_CAPABLE_3DES
+ */
+#define MSC_CAPABLE_3DES_KEYGEN 0x00001000 /* Supports 3DES key-gen */
+#define MSC_CAPABLE_3DES_3KEY 0x00002000 /* Support 3 key 3DES */
+#define MSC_CAPABLE_3DES_CBC 0x00004000 /* Supports 3DES CBC mode */
+#define MSC_CAPABLE_3DES_EBC 0x00008000 /* Supports 3DES EBC mode */
+#define MSC_CAPABLE_3DES_ECB 0x00010000 /* Supports 3DES ECB mode */
+
+ /*
+ * Bitmask for TAG MSC_TAG_CAPABLE_IDEA
+ */
+#define MSC_CAPABLE_IDEA_KEYGEN 0x00001000 /* Supports IDEA key-gen */
+#define MSC_CAPABLE_IDEA_CBC 0x00002000 /* Supports IDEA CBC mode */
+#define MSC_CAPABLE_IDEA_ECB 0x00008000 /* Supports IDEA ECB mode */
+
+ /*
+ * Bitmask for TAG MSC_TAG_CAPABLE_AES
+ */
+#define MSC_CAPABLE_AES_KEYGEN 0x00001000 /* Supports AES key-gen */
+#define MSC_CAPABLE_AES_CBC 0x00002000 /* Supports AES CBC mode */
+#define MSC_CAPABLE_AES_ECB 0x00008000 /* Supports AES ECB mode */
+
+ /***********************************
+ Bitmasks for other crypto algorithms
+ will come in future releases
+ ************************************/
+
+ /*
+ * Bitmask for TAG MSC_TAG_CAPABLE_OBJ_ATTR
+ */
+#define MSC_CAPABLE_OBJ_ZERO 0x00010000 /* Supports zero on DEL */
+
+ /*
+ * Bitmask for TAG MSC_TAG_CAPABLE_PIN_ATTR
+ */
+#define MSC_CAPABLE_PIN_RESET 0x00000100 /* Unblock reset's pin */
+#define MSC_CAPABLE_PIN_LEAVE 0x00000200 /* Unblock leaves pin */
+
+ /*
+ * Bitmask for TAG MSC_TAG_CAPABLE_PIN_CHARSET
+ */
+#define MSC_CAPABLE_PIN_A_Z 0x00000001 /* Supports uppercase A-Z */
+#define MSC_CAPABLE_PIN_a_z 0x00000002 /* Supports lowercase a-z */
+#define MSC_CAPABLE_PIN_0_9 0x00000004 /* Supports numbers 0-9 */
+#define MSC_CAPABLE_PIN_SPACE 0x00000008 /* Supports spaces */
+#define MSC_CAPABLE_PIN_CALC 0x00000010 /* Supports + - / * % .= */
+#define MSC_CAPABLE_PIN_NONALPHA 0x00000020 /* Supports all other
+ * chars */
+
+ /*
+ * Bitmask for TAG MSC_TAG_CAPABLE_PIN_POLICY
+ */
+#define MSC_CAPABLE_PIN_A_Z 0x00000001 /* Requires uppercase A-Z */
+#define MSC_CAPABLE_PIN_a_z 0x00000002 /* Requires lowercase a-z */
+#define MSC_CAPABLE_PIN_0_9 0x00000004 /* Requires numbers 0-9 */
+#define MSC_CAPABLE_PIN_NONALPHA 0x00000020 /* Requires
+ * non-alphanumeric */
+#define MSC_CAPABLE_PIN_HISTORY 0x00001000 /* Checks pin history */
+
+ /*
+ * Bitmask for TAG MSC_TAG_CAPABLE_ID_STATE
+ */
+#define MSC_CAPABLE_ID_STATE 0x00000001 /* maintains logged id
+ * state */
+
+ /*
+ * Bitmask for TAG MSC_TAG_CAPABLE_RANDOM
+ */
+#define MSC_CAPABLE_RANDOM_SEED 0x00000001 /* Uses supplied seed */
+
+ /*
+ * Structure used in MSCGetStatus to return status and capability
+ * information about the inserted token
+ */
+
+ typedef struct
+ {
+ MSCUShort16 appVersion; /* Applet version number */
+ MSCUShort16 swVersion; /* Software version number */
+ MSCULong32 freeMemory; /* Free memory for objects */
+ MSCULong32 totalMemory; /* Total amount of memory */
+ MSCUChar8 usedPINs; /* Number of pins used */
+ MSCUChar8 usedKeys; /* Number of keys used */
+ MSCUShort16 loggedID; /* Bitmask of ID's verified */
+ }
+ MSCStatusInfo, *MSCLPStatusInfo;
+
+ typedef struct
+ {
+ MSCChar8 objectID[MSC_MAXSIZE_OBJID];
+ MSCULong32 objectSize;
+ MSCObjectACL objectACL;
+ }
+ MSCObjectInfo, *MSCLPObjectInfo;
+
+ /*******************************************************************/
+ /*
+ * Connection oriented functions
+ */
+ /*
+ * These functions do not coorespond to internal library funcions
+ */
+ /*
+ * but serve to connect to tokens. You can still use the internal
+ */
+ /*
+ * PC/SC calls to do this. These provide an abstract means.
+ */
+ /*******************************************************************/
+
+ /*
+ * Lists all known tokens on the system
+ */
+#ifdef WIN32
+ PCSC_API
+#endif
+ MSC_RV MSCListTokens(MSCULong32 listScope, /* defines the scope to
+ * return */
+ MSCLPTokenInfo tokenArray, /* token struct array */
+ MSCPULong32 arrayLength /* Length of array */
+ );
+
+ /*
+ * Establishes a connection to the specified token
+ */
+#ifdef WIN32
+ PCSC_API
+#endif
+ MSC_RV MSCEstablishConnection(MSCLPTokenInfo tokenStruct, /* The
+ * struct
+ * of
+ * token */
+ MSCULong32 sharingMode, /* Mode of sharing */
+ MSCPUChar8 applicationName, /* The applet ID/Name */
+ MSCULong32 nameSize, /* The ID/Name Size */
+ MSCLPTokenConnection pConnection /* Returned connection */
+ );
+
+ /*
+ * Releases a connection to the specified token
+ */
+#ifdef WIN32
+ PCSC_API
+#endif
+ MSC_RV MSCReleaseConnection(MSCLPTokenConnection pConnection, /* Connection
+ * handle
+ */
+ MSCULong32 endAction /* Action to perform */
+ );
+
+ /*
+ * Blocks for an event to occur on a token
+ */
+#ifdef WIN32
+ PCSC_API
+#endif
+ MSC_RV MSCWaitForTokenEvent(MSCLPTokenInfo tokenArray, /* Array of
+ * token
+ * structs */
+ MSCULong32 arraySize, /* Size of the array */
+ MSCULong32 timeoutValue /* Timeout */
+ );
+
+ /*
+ * Cancels a pending MSCWaitForTokenEvent
+ */
+#ifdef WIN32
+ PCSC_API
+#endif
+ MSC_RV MSCCancelEventWait(void /* No parameters */
+ );
+
+ /*
+ * Registers a callback function for event change
+ */
+#ifdef WIN32
+ PCSC_API
+#endif
+ MSC_RV MSCCallbackForTokenEvent(MSCLPTokenInfo tokenArray, /* Array
+ * of
+ * token
+ * structs
+ */
+ MSCULong32 arraySize, /* Size of the array */
+ MSCCallBack callBack, /* Callback function */
+ MSCPVoid32 appData /* Application data */
+ );
+
+ /*
+ * Cancels all callback registrations
+ */
+#ifdef WIN32
+ PCSC_API
+#endif
+ MSC_RV MSCCallbackCancelEvent();
+
+ /*
+ * Locks a transaction to the token
+ */
+#ifdef WIN32
+ PCSC_API
+#endif
+ MSC_RV MSCBeginTransaction(MSCLPTokenConnection pConnection /* Connection
+ * handle */
+ );
+
+ /*
+ * Releases a locked transaction to the token
+ */
+#ifdef WIN32
+ PCSC_API
+#endif
+ MSC_RV MSCEndTransaction(MSCLPTokenConnection pConnection, /* Connection
+ * handle */
+ MSCULong32 endAction /* Action to perform on token */
+ );
+
+ /*
+ * Selects applet - Not to be used by applications
+ */
+ MSC_RV MSCSelectAID(MSCLPTokenConnection pConnection,
+ MSCPUChar8 aidValue, MSCULong32 aidSize);
+
+ /*
+ * Pre-personalization function
+ */
+#ifdef WIN32
+ PCSC_API
+#endif
+ MSC_RV MSCWriteFramework(MSCLPTokenConnection pConnection,
+ MSCLPInitTokenParams pInitParams);
+
+ /*****************************************************************/
+ /*
+ * Core Musclecard functions
+ */
+ /*
+ * These functions coorespond directly to internal library
+ */
+ /*
+ * functions.
+ */
+ /*****************************************************************/
+
+#ifdef WIN32
+ PCSC_API
+#endif
+ MSC_RV MSCGetStatus(MSCLPTokenConnection pConnection,
+ MSCLPStatusInfo pStatusInfo);
+
+#ifdef WIN32
+ PCSC_API
+#endif
+ MSC_RV MSCGetCapabilities(MSCLPTokenConnection pConnection,
+ MSCULong32 Tag, MSCPUChar8 Value, MSCPULong32 Length);
+
+#ifdef WIN32
+ PCSC_API
+#endif
+ MSC_RV MSCExtendedFeature(MSCLPTokenConnection pConnection,
+ MSCULong32 extFeature,
+ MSCPUChar8 outData,
+ MSCULong32 outLength, MSCPUChar8 inData, MSCPULong32 inLength);
+
+#ifdef WIN32
+ PCSC_API
+#endif
+ MSC_RV MSCGenerateKeys(MSCLPTokenConnection pConnection,
+ MSCUChar8 prvKeyNum,
+ MSCUChar8 pubKeyNum, MSCLPGenKeyParams pParams);
+
+#ifdef WIN32
+ PCSC_API
+#endif
+ MSC_RV MSCImportKey(MSCLPTokenConnection pConnection,
+ MSCUChar8 keyNum,
+ MSCLPKeyACL pKeyACL,
+ MSCPUChar8 pKeyBlob,
+ MSCULong32 keyBlobSize,
+ MSCLPKeyPolicy keyPolicy,
+ MSCPVoid32 pAddParams, MSCUChar8 addParamsSize);
+
+#ifdef WIN32
+ PCSC_API
+#endif
+ MSC_RV MSCExportKey(MSCLPTokenConnection pConnection,
+ MSCUChar8 keyNum,
+ MSCPUChar8 pKeyBlob,
+ MSCPULong32 keyBlobSize,
+ MSCPVoid32 pAddParams, MSCUChar8 addParamsSize);
+
+#ifdef WIN32
+ PCSC_API
+#endif
+ MSC_RV MSCComputeCrypt(MSCLPTokenConnection pConnection,
+ MSCLPCryptInit cryptInit,
+ MSCPUChar8 pInputData,
+ MSCULong32 inputDataSize,
+ MSCPUChar8 pOutputData, MSCPULong32 outputDataSize);
+
+#ifdef WIN32
+ PCSC_API
+#endif
+ MSC_RV MSCExtAuthenticate(MSCLPTokenConnection pConnection,
+ MSCUChar8 keyNum,
+ MSCUChar8 cipherMode,
+ MSCUChar8 cipherDirection,
+ MSCPUChar8 pData,
+ MSCULong32 dataSize);
+
+#ifdef WIN32
+ PCSC_API
+#endif
+ MSC_RV MSCListKeys(MSCLPTokenConnection pConnection,
+ MSCUChar8 seqOption,
+ MSCLPKeyInfo pKeyInfo);
+
+#ifdef WIN32
+ PCSC_API
+#endif
+ MSC_RV MSCCreatePIN(MSCLPTokenConnection pConnection,
+ MSCUChar8 pinNum,
+ MSCUChar8 pinAttempts,
+ MSCPUChar8 pPinCode,
+ MSCULong32 pinCodeSize,
+ MSCPUChar8 pUnblockCode,
+ MSCUChar8 unblockCodeSize);
+
+#ifdef WIN32
+ PCSC_API
+#endif
+ MSC_RV MSCVerifyPIN(MSCLPTokenConnection pConnection,
+ MSCUChar8 pinNum,
+ MSCPUChar8 pPinCode,
+ MSCULong32 pinCodeSize);
+
+#ifdef WIN32
+ PCSC_API
+#endif
+ MSC_RV MSCChangePIN(MSCLPTokenConnection pConnection,
+ MSCUChar8 pinNum,
+ MSCPUChar8 pOldPinCode,
+ MSCUChar8 oldPinCodeSize,
+ MSCPUChar8 pNewPinCode, MSCUChar8 newPinCodeSize);
+
+#ifdef WIN32
+ PCSC_API
+#endif
+ MSC_RV MSCUnblockPIN(MSCLPTokenConnection pConnection,
+ MSCUChar8 pinNum,
+ MSCPUChar8 pUnblockCode, MSCULong32 unblockCodeSize);
+
+#ifdef WIN32
+ PCSC_API
+#endif
+ MSC_RV MSCListPINs(MSCLPTokenConnection pConnection,
+ MSCPUShort16 pPinBitMask);
+
+#ifdef WIN32
+ PCSC_API
+#endif
+ MSC_RV MSCCreateObject(MSCLPTokenConnection pConnection,
+ MSCString objectID,
+ MSCULong32 objectSize, MSCLPObjectACL pObjectACL);
+
+#ifdef WIN32
+ PCSC_API
+#endif
+ MSC_RV MSCDeleteObject(MSCLPTokenConnection pConnection,
+ MSCString objectID, MSCUChar8 zeroFlag);
+
+#ifdef WIN32
+ PCSC_API
+#endif
+ MSC_RV MSCWriteObject(MSCLPTokenConnection pConnection,
+ MSCString objectID, MSCULong32 offset,
+ MSCPUChar8 pInputData, MSCULong32 dataSize,
+ LPRWEventCallback rwCallback, MSCPVoid32 addParams);
+
+#ifdef WIN32
+ PCSC_API
+#endif
+ MSC_RV MSCReadObject(MSCLPTokenConnection pConnection,
+ MSCString objectID, MSCULong32 offset,
+ MSCPUChar8 pOutputData, MSCULong32 dataSize,
+ LPRWEventCallback rwCallback, MSCPVoid32 addParams);
+
+#ifdef WIN32
+ PCSC_API
+#endif
+ MSC_RV MSCReadAllocateObject(MSCLPTokenConnection pConnection,
+ MSCString objectID, MSCPUChar8 *pOutputData,
+ MSCPULong32 dataSize,
+ LPRWEventCallback rwCallback, MSCPVoid32 addParams);
+
+#ifdef WIN32
+ PCSC_API
+#endif
+ MSC_RV MSCListObjects(MSCLPTokenConnection pConnection,
+ MSCUChar8 seqOption, MSCLPObjectInfo pObjectInfo);
+
+#ifdef WIN32
+ PCSC_API
+#endif
+ MSC_RV MSCLogoutAll(MSCLPTokenConnection pConnection);
+
+#ifdef WIN32
+ PCSC_API
+#endif
+ MSC_RV MSCGetChallenge(MSCLPTokenConnection pConnection,
+ MSCPUChar8 pSeed,
+ MSCUShort16 seedSize,
+ MSCPUChar8 pRandomData, MSCUShort16 randomDataSize);
+
+ /*****************************************************************/
+ /*
+ * Extended Musclecard functions
+ */
+ /*
+ * These functions do not coorespond to internal library funcions
+ */
+ /*
+ * but rather use them to provide some extended functionality.
+ */
+ /*****************************************************************/
+
+#ifdef WIN32
+ PCSC_API
+#endif
+ MSC_RV MSCGetKeyAttributes(MSCLPTokenConnection pConnection,
+ MSCUChar8 keyNumber,
+ MSCLPKeyInfo pKeyInfo);
+
+#ifdef WIN32
+ PCSC_API
+#endif
+ MSC_RV MSCGetObjectAttributes(MSCLPTokenConnection pConnection,
+ MSCString objectID,
+ MSCLPObjectInfo pObjectInfo);
+
+#ifdef WIN32
+ PCSC_API
+#endif
+ char *msc_error(unsigned long int errorCode);
+
+ /*
+ * Was the token reset ?
+ */
+#ifdef WIN32
+ PCSC_API
+#endif
+ MSCUChar8 MSCIsTokenReset(MSCLPTokenConnection pConnection);
+
+ /*
+ * Clear the Reset state
+ */
+#ifdef WIN32
+ PCSC_API
+#endif
+ MSCUChar8 MSCClearReset(MSCLPTokenConnection pConnection);
+
+ /*
+ * Was the token moved (removed, removed/inserted) ?
+ */
+#ifdef WIN32
+ PCSC_API
+#endif
+ MSCUChar8 MSCIsTokenMoved(MSCLPTokenConnection pConnection);
+
+ /*
+ * Did any state change with the token ?
+ */
+#ifdef WIN32
+ PCSC_API
+#endif
+ MSCUChar8 MSCIsTokenChanged(MSCLPTokenConnection pConnection);
+
+ /*
+ * Is the token recognized ?
+ */
+#ifdef WIN32
+ PCSC_API
+#endif
+ MSCUChar8 MSCIsTokenKnown(MSCLPTokenConnection pConnection);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __musclecard_h__ */
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/muscletest.c
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/muscletest.c (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/muscletest.c 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,372 @@
+/*
+ * Copyright (c) 2000-2002 Apple Computer, Inc. All Rights Reserved.
+ * The contents of this file constitute Original Code as defined in and are
+ * subject to the Apple Public Source License Version 1.2 (the 'License').
+ * You may not use this file except in compliance with the License. Please
+ * obtain a copy of the License at http://www.apple.com/publicsource and
+ * read it before using this file.
+ *
+ * This Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS
+ * FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please
+ * see the License for the specific language governing rights and
+ * limitations under the License.
+ */
+
+/******************************************************************
+
+ MUSCLE SmartCard Development ( http://www.linuxnet.com )
+ Title : test.c
+ Package: card edge
+ Author : David Corcoran
+ Date : 10/04/01
+ License: Copyright (C) 2001 David Corcoran
+ <corcoran at linuxnet.com>
+ Purpose: This tests the virtual card edge
+
+
+********************************************************************/
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <winscard.h>
+#include <mscdefines.h>
+#include <musclecard.h>
+
+#define MY_OBJECT_ID "c1"
+#define MY_OBJECT_SIZE 50
+
+#ifdef MSC_ARCH_WIN32
+MSCString pcsc_stringify_error(MSCLong32 Error);
+#endif
+
+int main(int argc, char **argv)
+{
+
+ MSCLong32 rv;
+ MSCTokenConnection pConnection;
+ MSCStatusInfo statusInf;
+ MSCObjectACL objACL;
+ MSCObjectInfo objInfo;
+ MSCUChar8 pRandomData[20];
+ MSCUChar8 pSeed[8];
+ MSCUChar8 defaultPIN[16];
+ MSCUChar8 AID[6] = { 0xA0, 0x00, 0x00, 0x00, 0x01, 0x01 };
+ MSCUChar8 myData[] =
+ { 'M', 'U', 'S', 'C', 'L', 'E', ' ', 'V', 'I', 'R',
+ 'T', 'U', 'A', 'L', ' ', 'C', 'A', 'R', 'D', '.', 0
+ };
+ MSCUChar8 readData[50];
+ MSCLPTokenInfo tokenList;
+ MSCULong32 tokenSize;
+ int i, j;
+
+ printf("********************************************************\n");
+ printf("\n");
+
+ tokenList = 0;
+ tokenSize = 0;
+
+ rv = MSCListTokens(MSC_LIST_SLOTS, tokenList, &tokenSize);
+ if (rv != MSC_SUCCESS)
+ {
+ printf("MSCListTokens returns : %s\n", msc_error(rv));
+ return -1;
+ }
+
+ tokenList = (MSCLPTokenInfo) malloc(sizeof(MSCTokenInfo) * tokenSize);
+
+ rv = MSCListTokens(MSC_LIST_SLOTS, tokenList, &tokenSize);
+ if (rv != MSC_SUCCESS)
+ {
+ printf("MSCListTokens returns : %s\n", msc_error(rv));
+ return -1;
+ }
+
+ for (i = 0; i < tokenSize; i++)
+ {
+ printf("Token #%d\n", i);
+ printf("Token name : %s\n", tokenList[i].tokenName);
+ printf("Slot name : %s\n", tokenList[i].slotName);
+ printf("Token id : ");
+ for (j = 0; j < tokenList[i].tokenIdLength; j++)
+ {
+ printf("%02X", tokenList[i].tokenId[j]);
+ }
+ printf("\n");
+ printf("Token state : %ld\n", tokenList[i].tokenState);
+ printf("\n");
+
+ tokenList[i].tokenState = MSC_STATE_EMPTY;
+ }
+
+ printf("********************************************************\n");
+
+ rv = MSCWaitForTokenEvent(tokenList, tokenSize, MSC_NO_TIMEOUT);
+
+ for (i = 0; i < tokenSize; i++)
+ {
+ printf("Token #%d\n", i);
+ printf("Token name : %s\n", tokenList[i].tokenName);
+ printf("Slot name : %s\n", tokenList[i].slotName);
+ printf("Token id : ");
+ for (j = 0; j < tokenList[i].tokenIdLength; j++)
+ {
+ printf("%02X", tokenList[i].tokenId[j]);
+ }
+ printf("\n");
+ printf("Token state : %ld\n", tokenList[i].tokenState);
+ printf("\n");
+ }
+
+ rv = MSCEstablishConnection(&tokenList[0], MSC_SHARE_SHARED, AID,
+ 6, &pConnection);
+ if (rv != MSC_SUCCESS)
+ {
+ printf("EstablishConn returns : %s\n", msc_error(rv));
+ return -1;
+ }
+
+ rv = MSCBeginTransaction(&pConnection);
+ printf("BeginTransaction returns : %s\n", msc_error(rv));
+
+ rv = MSCGetStatus(&pConnection, &statusInf);
+ printf("GetStatus returns : %s\n", msc_error(rv));
+ printf("Protocol version : %04x\n", statusInf.appVersion);
+ printf("Applet version : %04x\n", statusInf.swVersion);
+ printf("Total object memory : %08ld\n", statusInf.totalMemory);
+ printf("Free object memory : %08ld\n", statusInf.freeMemory);
+ printf("Number of used PINs : %02d\n", statusInf.usedPINs);
+ printf("Number of used Keys : %02d\n", statusInf.usedKeys);
+ printf("Currently logged identities : %04x\n", statusInf.loggedID);
+
+ printf("Please enter the pin value\n");
+ fgets(defaultPIN, sizeof(defaultPIN), stdin);
+
+ rv = MSCVerifyPIN(&pConnection, 0, defaultPIN, strlen(defaultPIN) - 1);
+ printf("Verify default PIN : %s\n", msc_error(rv));
+
+ rv = MSCGetStatus(&pConnection, &statusInf);
+ printf("Currently logged identities : %04x\n", statusInf.loggedID);
+
+ objACL.readPermission = MSC_AUT_ALL;
+ objACL.writePermission = MSC_AUT_ALL;
+ objACL.deletePermission = MSC_AUT_ALL;
+
+ rv = MSCCreateObject(&pConnection, MY_OBJECT_ID, MY_OBJECT_SIZE,
+ &objACL);
+ printf("CreateObject returns : %s\n", msc_error(rv));
+
+ rv = MSCWriteObject(&pConnection, MY_OBJECT_ID, 0, myData,
+ sizeof(myData), 0, 0);
+ printf("WriteObject returns : %s\n", msc_error(rv));
+
+ rv = MSCReadObject(&pConnection, MY_OBJECT_ID, 0, readData, 25, 0, 0);
+ printf("ReadObject returns : %s\n", msc_error(rv));
+
+ if (rv == MSC_SUCCESS)
+ {
+ printf("Object data : %s\n", readData);
+ if (strcmp(readData, myData) == 0)
+ {
+ printf("Data comparison : Successful\n");
+ } else
+ {
+ printf("Data comparison : Data mismatch\n");
+ }
+ }
+
+ rv = MSCListObjects(&pConnection, MSC_SEQUENCE_RESET, &objInfo);
+
+ printf("\n");
+ printf("Listing objects : %s\n", msc_error(rv));
+ printf("------------------------------------------------------\n");
+ printf("%20s %12s %6s %6s %6s\n", "Object ID", "Object Size",
+ "READ", "WRITE", "DELETE");
+ printf(" ----------------- ----------- ---- ----- ------\n");
+
+ if (rv == MSC_SUCCESS)
+ {
+ printf("%20s %12d %04x %04x %04x\n", objInfo.objectID,
+ objInfo.objectSize,
+ objInfo.objectACL.readPermission,
+ objInfo.objectACL.writePermission,
+ objInfo.objectACL.deletePermission);
+ }
+
+ do
+ {
+ rv = MSCListObjects(&pConnection, MSC_SEQUENCE_NEXT, &objInfo);
+ if (rv == MSC_SUCCESS)
+ {
+ printf("%20s %12d %04x %04x %04x\n", objInfo.objectID,
+ objInfo.objectSize,
+ objInfo.objectACL.readPermission,
+ objInfo.objectACL.writePermission,
+ objInfo.objectACL.deletePermission);
+ } else
+ {
+ break;
+ }
+
+ }
+ while (1);
+
+ printf("------------------------------------------------------\n");
+ printf("\n");
+
+ rv = MSCGetStatus(&pConnection, &statusInf);
+ printf("Free object memory : %08ld\n", statusInf.freeMemory);
+
+ rv = MSCDeleteObject(&pConnection, MY_OBJECT_ID, MSC_ZF_DEFAULT);
+ printf("DeleteObject returns : %s\n", msc_error(rv));
+
+ rv = MSCGetStatus(&pConnection, &statusInf);
+ printf("Free object memory : %08ld\n", statusInf.freeMemory);
+
+ rv = MSCGetChallenge(&pConnection, pSeed, 0, pRandomData, 8);
+ printf("GetChallenge returns : %s\n", msc_error(rv));
+ printf("Random data : ");
+
+ for (i = 0; i < 8; i++)
+ {
+ printf("%x ", pRandomData[i]);
+ }
+ printf("\n");
+
+ rv = MSCLogoutAll(&pConnection);
+ printf("Logout all identities : %s\n", msc_error(rv));
+
+ rv = MSCGetStatus(&pConnection, &statusInf);
+ printf("Currently logged identities : %04x\n", statusInf.loggedID);
+
+ rv = MSCEndTransaction(&pConnection, SCARD_LEAVE_CARD);
+ printf("EndTransaction returns : %s\n", msc_error(rv));
+
+ MSCReleaseConnection(&pConnection, SCARD_LEAVE_CARD);
+ printf("ReleaseConn returns : %s\n", msc_error(rv));
+
+ return 0;
+}
+
+#ifdef MSC_ARCH_WIN32
+MSCString pcsc_stringify_error(MSCLong32 Error)
+{
+
+ static char strError[75];
+
+ switch (Error)
+ {
+ case SCARD_S_SUCCESS:
+ strcpy(strError, "Command successful.");
+ break;
+ case SCARD_E_CANCELLED:
+ strcpy(strError, "Command cancelled.");
+ break;
+ case SCARD_E_CANT_DISPOSE:
+ strcpy(strError, "Cannot dispose handle.");
+ break;
+ case SCARD_E_INSUFFICIENT_BUFFER:
+ strcpy(strError, "Insufficient buffer.");
+ break;
+ case SCARD_E_INVALID_ATR:
+ strcpy(strError, "Invalid ATR.");
+ break;
+ case SCARD_E_INVALID_HANDLE:
+ strcpy(strError, "Invalid handle.");
+ break;
+ case SCARD_E_INVALID_PARAMETER:
+ strcpy(strError, "Invalid parameter given.");
+ break;
+ case SCARD_E_INVALID_TARGET:
+ strcpy(strError, "Invalid target given.");
+ break;
+ case SCARD_E_INVALID_VALUE:
+ strcpy(strError, "Invalid value given.");
+ break;
+ case SCARD_E_NO_MEMORY:
+ strcpy(strError, "Not enough memory.");
+ break;
+ case SCARD_F_COMM_ERROR:
+ strcpy(strError, "RPC transport error.");
+ break;
+ case SCARD_F_INTERNAL_ERROR:
+ strcpy(strError, "Unknown internal error.");
+ break;
+ case SCARD_F_UNKNOWN_ERROR:
+ strcpy(strError, "Unknown internal error.");
+ break;
+ case SCARD_F_WAITED_TOO_MSCLong32:
+ strcpy(strError, "Waited too long.");
+ break;
+ case SCARD_E_UNKNOWN_READER:
+ strcpy(strError, "Unknown reader specified.");
+ break;
+ case SCARD_E_TIMEOUT:
+ strcpy(strError, "Command timeout.");
+ break;
+ case SCARD_E_SHARING_VIOLATION:
+ strcpy(strError, "Sharing violation.");
+ break;
+ case SCARD_E_NO_SMARTCARD:
+ strcpy(strError, "No smartcard inserted.");
+ break;
+ case SCARD_E_UNKNOWN_CARD:
+ strcpy(strError, "Unknown card.");
+ break;
+ case SCARD_E_PROTO_MISMATCH:
+ strcpy(strError, "Card protocol mismatch.");
+ break;
+ case SCARD_E_NOT_READY:
+ strcpy(strError, "Subsystem not ready.");
+ break;
+ case SCARD_E_SYSTEM_CANCELLED:
+ strcpy(strError, "System cancelled.");
+ break;
+ case SCARD_E_NOT_TRANSACTED:
+ strcpy(strError, "Transaction failed.");
+ break;
+ case SCARD_E_READER_UNAVAILABLE:
+ strcpy(strError, "Reader/s is unavailable.");
+ break;
+ case SCARD_W_UNSUPPORTED_CARD:
+ strcpy(strError, "Card is not supported.");
+ break;
+ case SCARD_W_UNRESPONSIVE_CARD:
+ strcpy(strError, "Card is unresponsive.");
+ break;
+ case SCARD_W_UNPOWERED_CARD:
+ strcpy(strError, "Card is unpowered.");
+ break;
+ case SCARD_W_RESET_CARD:
+ strcpy(strError, "Card was reset.");
+ break;
+ case SCARD_W_REMOVED_CARD:
+ strcpy(strError, "Card was removed.");
+ break;
+ case SCARD_E_PCI_TOO_SMALL:
+ strcpy(strError, "PCI struct too small.");
+ break;
+ case SCARD_E_READER_UNSUPPORTED:
+ strcpy(strError, "Reader is unsupported.");
+ break;
+ case SCARD_E_DUPLICATE_READER:
+ strcpy(strError, "Reader already exists.");
+ break;
+ case SCARD_E_CARD_UNSUPPORTED:
+ strcpy(strError, "Card is unsupported.");
+ break;
+ case SCARD_E_NO_SERVICE:
+ strcpy(strError, "Service not available.");
+ break;
+ case SCARD_E_SERVICE_STOPPED:
+ strcpy(strError, "Service was stopped.");
+ break;
+
+ };
+
+ return strError;
+}
+#endif
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/pcscdaemon.c
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/pcscdaemon.c (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/pcscdaemon.c 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,761 @@
+/*
+ * Copyright (c) 2000-2007 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * pcscdaemon.c
+ * SmartCardServices
+ */
+
+/*
+ * MUSCLE SmartCard Development ( http://www.linuxnet.com )
+ *
+ * Copyright (C) 1999-2005
+ * David Corcoran <corcoran at linuxnet.com>
+ * Ludovic Rousseau <ludovic.rousseau at free.fr>
+ *
+ * $Id: pcscdaemon.c 2377 2007-02-05 13:13:56Z rousseau $
+ */
+
+/**
+ * @file
+ * @brief This is the main pcscd daemon.
+ *
+ * The function \c main() starts up the communication environment.\n
+ * Then an endless loop is calld to look for Client connections. For each
+ * Client connection a call to \c CreateContextThread() is done.
+ */
+
+#include "config.h"
+#include <time.h>
+#include <syslog.h>
+#include <signal.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/errno.h>
+#include <stdio.h>
+#include <unistd.h>
+#include <stdlib.h>
+#include <string.h>
+#ifdef HAVE_GETOPT_H
+#include <getopt.h>
+#endif
+
+#include "wintypes.h"
+#include "pcsclite.h"
+#include "debuglog.h"
+#include "winscard_msg.h"
+#include "winscard_svc.h"
+#include "sys_generic.h"
+#include "thread_generic.h"
+#include "hotplug.h"
+#include "readerfactory.h"
+#include "configfile.h"
+#include "powermgt_generic.h"
+
+#include <security_utilities/debugging.h>
+
+char AraKiri = 0;
+int respawn = 0;
+static char Init = 1;
+int HPForceReaderPolling = 0;
+
+char **globalArgv;
+
+/*
+ * Some internal functions
+ */
+void SVCServiceRunLoop(void);
+void SVCClientCleanup(psharedSegmentMsg);
+void at_exit(void);
+void clean_temp_files(void);
+void signal_reload(int sig);
+void signal_respawn(int sig);
+void signal_trap(int);
+void print_version (void);
+void print_usage (char const * const);
+int ProcessHotplugRequest();
+void tryRespawn();
+
+PCSCLITE_MUTEX usbNotifierMutex;
+
+#ifdef USE_RUN_PID
+pid_t GetDaemonPid(void);
+pid_t GetDaemonPid(void)
+{
+ FILE *f;
+ pid_t pid;
+
+ /* pids are only 15 bits but 4294967296
+ * (32 bits in case of a new system use it) is on 10 bytes
+ */
+ if ((f = fopen(USE_RUN_PID, "rb")) != NULL)
+ {
+#define PID_ASCII_SIZE 11
+ char pid_ascii[PID_ASCII_SIZE];
+
+ fgets(pid_ascii, PID_ASCII_SIZE, f);
+ fclose(f);
+
+ pid = atoi(pid_ascii);
+ }
+ else
+ {
+ Log2(PCSC_LOG_CRITICAL, "Can't open " USE_RUN_PID ": %s",
+ strerror(errno));
+ return -1;
+ }
+
+ return pid;
+} /* GetDaemonPid */
+#endif
+
+int SendHotplugSignal(void)
+{
+#ifdef USE_RUN_PID
+ pid_t pid;
+
+ pid = GetDaemonPid();
+
+ if (pid != -1)
+ {
+ Log2(PCSC_LOG_INFO, "Send hotplug signal to pcscd (pid=%d)", pid);
+ if (kill(pid, SIGUSR1) < 0)
+ {
+ Log3(PCSC_LOG_CRITICAL, "Can't signal pcscd (pid=%d): %s",
+ pid, strerror(errno));
+ return EXIT_FAILURE ;
+ }
+ }
+#endif
+
+ return EXIT_SUCCESS;
+} /* SendHotplugSignal */
+
+int ProcessHotplugRequest()
+{
+#ifdef USE_RUN_PID
+
+ /* read the pid file to get the old pid and test if the old pcscd is
+ * still running
+ */
+ if (GetDaemonPid() != -1)
+ return SendHotplugSignal();
+
+ Log1(PCSC_LOG_CRITICAL, "file " USE_RUN_PID " does not exist");
+ Log1(PCSC_LOG_CRITICAL, "Perhaps pcscd is not running?");
+#else
+ struct stat tmpStat;
+ if (SYS_Stat(PCSCLITE_CSOCK_NAME, &tmpStat) == 0) // socket file exists, so maybe pcscd is running
+ return SendHotplugSignal();
+ Log1(PCSC_LOG_CRITICAL, "pcscd was not configured with --enable-runpid=FILE");
+#endif
+ Log1(PCSC_LOG_CRITICAL, "Hotplug failed");
+ return EXIT_FAILURE;
+}
+
+/*
+ * Cleans up messages still on the queue when a client dies
+ */
+void SVCClientCleanup(psharedSegmentMsg msgStruct)
+{
+ /*
+ * May be implemented in future releases
+ */
+}
+
+/**
+ * @brief The Server's Message Queue Listener function.
+ *
+ * An endless loop calls the function \c SHMProcessEventsServer() to check for
+ * messages sent by clients.
+ * If the message is valid, \c CreateContextThread() is called to serve this
+ * request.
+ */
+void SVCServiceRunLoop(void)
+{
+ int rsp;
+ LONG rv;
+ DWORD dwClientID; /* Connection ID used to reference the Client */
+
+ rsp = 0;
+ rv = 0;
+
+ /*
+ * Initialize the comm structure
+ */
+ rsp = SHMInitializeCommonSegment();
+
+ if (rsp == -1)
+ {
+ Log1(PCSC_LOG_CRITICAL, "Error initializing pcscd.");
+ exit(-1);
+ }
+
+ /*
+ * Initialize the contexts structure
+ */
+ rv = ContextsInitialize();
+
+ if (rv == -1)
+ {
+ Log1(PCSC_LOG_CRITICAL, "Error initializing pcscd.");
+ exit(-1);
+ }
+
+ /*
+ * Solaris sends a SIGALRM and it is annoying
+ */
+
+ signal(SIGALRM, SIG_IGN);
+ signal(SIGPIPE, SIG_IGN);
+ signal(SIGHUP, SIG_IGN); /* needed for Solaris. The signal is sent
+ * when the shell is existed */
+
+ /*
+ * This function always returns zero
+ */
+ rsp = SYS_MutexInit(&usbNotifierMutex);
+
+ /*
+ * Set up the search for USB/PCMCIA devices
+ */
+ HPSearchHotPluggables();
+ HPRegisterForHotplugEvents();
+
+ /*
+ * Set up the power management callback routine
+ */
+// PMRegisterForPowerEvents();
+
+ while (1)
+ {
+ switch (rsp = SHMProcessEventsServer(&dwClientID, 0))
+ {
+
+ case 0:
+ Log2(PCSC_LOG_DEBUG, "A new context thread creation is requested: %d", dwClientID);
+ rv = CreateContextThread(&dwClientID);
+
+ if (rv != SCARD_S_SUCCESS)
+ {
+ Log1(PCSC_LOG_ERROR, "Problem during the context thread creation");
+ AraKiri = 1;
+ }
+
+ break;
+
+ case 2:
+ /*
+ * timeout in SHMProcessEventsServer(): do nothing
+ * this is used to catch the Ctrl-C signal at some time when
+ * nothing else happens
+ */
+ break;
+
+ case -1:
+ Log1(PCSC_LOG_ERROR, "Error in SHMProcessEventsServer");
+ break;
+
+ case -2:
+ /* Nothing to do in case of a syscall interrupted
+ * It happens when SIGUSR1 (reload) or SIGINT (Ctrl-C) is received
+ * We just try again */
+ break;
+
+ default:
+ Log2(PCSC_LOG_ERROR, "SHMProcessEventsServer unknown retval: %d",
+ rsp);
+ break;
+ }
+
+ if (AraKiri)
+ {
+ /* stop the hotpug thread and waits its exit */
+ Log1(PCSC_LOG_ERROR, "Preparing to exit...");
+ HPStopHotPluggables();
+ SYS_Sleep(1);
+
+ /* now stop all the drivers */
+ int shouldExit = !respawn;
+ RFCleanupReaders(shouldExit);
+ }
+ if (respawn)
+ {
+ HPCancelHotPluggables();
+ HPJoinHotPluggables();
+ clean_temp_files();
+ tryRespawn();
+ }
+ }
+}
+
+int main(int argc, char **argv)
+{
+ int rv;
+ char setToForeground;
+ char HotPlug;
+ char *newReaderConfig;
+ struct stat fStatBuf;
+ int opt;
+#ifdef HAVE_GETOPT_LONG
+ int option_index = 0;
+ static struct option long_options[] = {
+ {"config", 1, 0, 'c'},
+ {"foreground", 0, 0, 'f'},
+ {"help", 0, 0, 'h'},
+ {"version", 0, 0, 'v'},
+ {"apdu", 0, 0, 'a'},
+ {"debug", 0, 0, 'd'},
+ {"info", 0, 0, 0},
+ {"error", 0, 0, 'e'},
+ {"critical", 0, 0, 'C'},
+ {"hotplug", 0, 0, 'H'},
+ {"force-reader-polling", optional_argument, 0, 0},
+ {0, 0, 0, 0}
+ };
+#endif
+#define OPT_STRING "c:fdhvaeCH"
+
+ rv = 0;
+ newReaderConfig = NULL;
+ setToForeground = 0;
+ HotPlug = 0;
+ globalArgv = argv;
+
+ /*
+ * test the version
+ */
+ if (strcmp(PCSCLITE_VERSION_NUMBER, VERSION) != 0)
+ {
+ printf("BUILD ERROR: The release version number PCSCLITE_VERSION_NUMBER\n");
+ printf(" in pcsclite.h (%s) does not match the release version number\n",
+ PCSCLITE_VERSION_NUMBER);
+ printf(" generated in config.h (%s) (see configure.in).\n", VERSION);
+
+ return EXIT_FAILURE;
+ }
+
+ /*
+ * By default we create a daemon (not connected to any output)
+ * The log will go to wherever securityd log output goes.
+ */
+ DebugLogSetLogType(DEBUGLOG_NO_DEBUG);
+
+ /*
+ * Handle any command line arguments
+ */
+#ifdef HAVE_GETOPT_LONG
+ while ((opt = getopt_long (argc, argv, OPT_STRING, long_options, &option_index)) != -1) {
+#else
+ while ((opt = getopt (argc, argv, OPT_STRING)) != -1) {
+#endif
+ switch (opt) {
+#ifdef HAVE_GETOPT_LONG
+ case 0:
+ if (strcmp(long_options[option_index].name,
+ "force-reader-polling") == 0)
+ HPForceReaderPolling = optarg ? abs(atoi(optarg)) : 1;
+ break;
+#endif
+ case 'c':
+ Log2(PCSC_LOG_INFO, "using new config file: %s", optarg);
+ newReaderConfig = optarg;
+ break;
+
+ case 'f':
+ setToForeground = 1;
+ /* debug to stderr instead of default syslog */
+ Log1(PCSC_LOG_INFO,
+ "pcscd set to foreground with debug send to stderr");
+ break;
+
+ case 'd':
+ DebugLogSetLogType(DEBUGLOG_STDERR_DEBUG);
+ DebugLogSetLevel(PCSC_LOG_DEBUG);
+ break;
+
+ case 'e':
+ DebugLogSetLogType(DEBUGLOG_STDERR_DEBUG);
+ DebugLogSetLevel(PCSC_LOG_ERROR);
+ break;
+
+ case 'C':
+ DebugLogSetLogType(DEBUGLOG_STDERR_DEBUG);
+ DebugLogSetLevel(PCSC_LOG_CRITICAL);
+ break;
+
+ case 'h':
+ print_usage (argv[0]);
+ return EXIT_SUCCESS;
+
+ case 'v':
+ print_version ();
+ return EXIT_SUCCESS;
+
+ case 'a':
+ DebugLogSetCategory(DEBUG_CATEGORY_APDU);
+ break;
+
+ case 'H':
+ /* debug to stderr instead of default syslog */
+ DebugLogSetLogType(DEBUGLOG_STDERR_DEBUG);
+ HotPlug = 1;
+ break;
+
+ default:
+ print_usage (argv[0]);
+ return EXIT_FAILURE;
+ }
+
+ }
+
+ if (argv[optind])
+ {
+ printf("Unknown option: %s\n\n", argv[optind]);
+ print_usage(argv[0]);
+ return EXIT_SUCCESS;
+ }
+
+ /*
+ If this run of pcscd has the hotplug option, just send a signal to the
+ running one and exit
+ */
+
+ if (HotPlug)
+ return ProcessHotplugRequest();
+
+ /*
+ * test the presence of /var/run/pcsc.comm
+ */
+
+ rv = SYS_Stat(PCSCLITE_CSOCK_NAME, &fStatBuf);
+
+ if (rv == 0)
+ {
+#ifdef USE_RUN_PID
+ pid_t pid;
+
+ /* read the pid file to get the old pid and test if the old pcscd is
+ * still running
+ */
+ pid = GetDaemonPid();
+
+ if (pid != -1)
+ {
+ if (kill(pid, 0) == 0)
+ {
+ Log2(PCSC_LOG_CRITICAL,
+ "Another pcscd (pid: %d) seems to be running.", pid);
+ Log1(PCSC_LOG_CRITICAL,
+ "Remove " USE_RUN_PID " if pcscd is not running to clear this message.");
+ return EXIT_FAILURE;
+ }
+ else
+ /* the old pcscd is dead. Do some cleanup */
+ clean_temp_files();
+ }
+#else
+ {
+ Log1(PCSC_LOG_CRITICAL,
+ "file " PCSCLITE_CSOCK_NAME " already exists.");
+ Log1(PCSC_LOG_CRITICAL,
+ "Maybe another pcscd is running?");
+ Log1(PCSC_LOG_CRITICAL,
+ "Remove " PCSCLITE_CSOCK_NAME "if pcscd is not running to clear this message.");
+ return EXIT_FAILURE;
+ }
+#endif
+ }
+
+ /*
+ * If this is set to one the user has asked it not to fork
+ */
+ if (!setToForeground)
+ {
+ if (SYS_Daemon(0, 0))
+ Log2(PCSC_LOG_CRITICAL, "SYS_Daemon() failed: %s",
+ strerror(errno));
+ }
+
+ /*
+ * cleanly remove /tmp/pcsc when exiting
+ */
+ signal(SIGQUIT, signal_trap);
+ signal(SIGTERM, signal_trap);
+ signal(SIGINT, signal_trap);
+ signal(SIGHUP, signal_trap);
+
+#ifdef USE_RUN_PID
+ /*
+ * Record our pid to make it easier
+ * to kill the correct pcscd
+ */
+ {
+ FILE *f;
+
+ if ((f = fopen(USE_RUN_PID, "wb")) != NULL)
+ {
+ fprintf(f, "%u\n", (unsigned) getpid());
+ fclose(f);
+ }
+ }
+#endif
+
+ /*
+ * If PCSCLITE_IPC_DIR does not exist then create it
+ */
+ rv = SYS_Stat(PCSCLITE_IPC_DIR, &fStatBuf);
+ if (rv < 0)
+ {
+ rv = SYS_Mkdir(PCSCLITE_IPC_DIR, S_ISVTX | S_IRWXO | S_IRWXG | S_IRWXU);
+ if (rv != 0)
+ {
+ Log2(PCSC_LOG_CRITICAL,
+ "cannot create " PCSCLITE_IPC_DIR ": %s", strerror(errno));
+ return EXIT_FAILURE;
+ }
+ }
+
+ /* cleanly remove /var/run/pcsc.* files when exiting */
+ if (atexit(at_exit))
+ Log2(PCSC_LOG_CRITICAL, "atexit() failed: %s", strerror(errno));
+
+ /*
+ * Allocate memory for reader structures
+ */
+ RFAllocateReaderSpace();
+
+ /*
+ Grab the information from the reader.conf. If a file has been specified
+ and there is any error, consider it fatal. If no file was explicitly
+ specified, ignore if file not present.
+
+ DBUpdateReaders returns:
+
+ 1 if config file can't be opened
+ -1 if config file is broken
+ 0 if all good
+
+ We skip this step if running in 64 bit mode, as serial readers are considered
+ legacy code.
+ */
+
+ rv = RFStartSerialReaders(newReaderConfig?newReaderConfig:PCSCLITE_READER_CONFIG);
+ if (rv == -1)
+ {
+ Log3(PCSC_LOG_CRITICAL, "invalid file %s: %s", newReaderConfig,
+ strerror(errno));
+ at_exit();
+ }
+ else
+ if ((rv == 1) && newReaderConfig)
+ {
+ Log3(PCSC_LOG_CRITICAL, "file %s can't be opened: %s",
+ newReaderConfig, strerror(errno));
+ at_exit();
+ }
+
+ /*
+ * Set the default globals
+ */
+ g_rgSCardT0Pci.dwProtocol = SCARD_PROTOCOL_T0;
+ g_rgSCardT1Pci.dwProtocol = SCARD_PROTOCOL_T1;
+ g_rgSCardRawPci.dwProtocol = SCARD_PROTOCOL_RAW;
+
+ Log1(PCSC_LOG_INFO, "pcsc-lite " VERSION " daemon ready.");
+
+ /*
+ * post initialistion
+ */
+ Init = 0;
+
+ /*
+ * signal_trap() does just set a global variable used by the main loop
+ */
+ signal(SIGQUIT, signal_trap);
+ signal(SIGTERM, signal_trap);
+ signal(SIGINT, signal_trap);
+ signal(SIGHUP, signal_trap);
+
+ signal(SIGUSR1, signal_reload);
+ signal(SIGUSR2, signal_respawn);
+
+ SVCServiceRunLoop();
+
+ Log1(PCSC_LOG_ERROR, "SVCServiceRunLoop returned");
+ return EXIT_FAILURE;
+}
+
+void at_exit(void)
+{
+ Log1(PCSC_LOG_INFO, "cleaning " PCSCLITE_IPC_DIR);
+
+ clean_temp_files();
+
+ SYS_Exit(EXIT_SUCCESS);
+}
+
+void clean_temp_files(void)
+{
+ int rv;
+
+ rv = SYS_Unlink(PCSCLITE_CSOCK_NAME);
+ if (rv != 0)
+ Log2(PCSC_LOG_ERROR, "Cannot unlink " PCSCLITE_CSOCK_NAME ": %s",
+ strerror(errno));
+
+#ifdef USE_RUN_PID
+ rv = SYS_Unlink(USE_RUN_PID);
+ if (rv != 0)
+ Log2(PCSC_LOG_ERROR, "Cannot unlink " USE_RUN_PID ": %s",
+ strerror(errno));
+#endif
+}
+
+void signal_reload(int sig)
+{
+ static int rescan_ongoing = 0;
+
+ if (AraKiri)
+ return;
+
+ Log1(PCSC_LOG_INFO, "Reload serial configuration");
+ if (rescan_ongoing)
+ {
+ Log1(PCSC_LOG_INFO, "Rescan already ongoing");
+ return;
+ }
+
+ rescan_ongoing = 0;
+
+ HPReCheckSerialReaders();
+
+ rescan_ongoing = 0;
+ Log1(PCSC_LOG_INFO, "End reload serial configuration");
+} /* signal_reload */
+
+void signal_trap(int sig)
+{
+ /* the signal handler is called several times for the same Ctrl-C */
+ if (AraKiri == 0)
+ {
+ Log1(PCSC_LOG_INFO, "Preparing for suicide");
+ AraKiri = 1;
+
+ /* if still in the init/loading phase the AraKiri will not be
+ * seen by the main event loop
+ */
+ if (Init)
+ {
+ Log1(PCSC_LOG_INFO, "Suicide during init");
+ at_exit();
+ }
+ }
+}
+
+void signal_respawn(int sig)
+{
+ Log1(PCSC_LOG_INFO, "Got signal to respawn in 32 bit mode");
+ AraKiri = 1;
+ respawn = 1;
+}
+
+#if MAX_OS_X_VERSION_MIN_REQUIRED <= MAX_OS_X_VERSION_10_5
+ #include <spawn.h>
+ #include <err.h>
+ #include <CoreFoundation/CFBundle.h>
+ #include <CoreFoundation/CFNumber.h>
+#endif
+
+extern char **environ;
+
+void tryRespawn()
+{
+#if MAX_OS_X_VERSION_MIN_REQUIRED <= MAX_OS_X_VERSION_10_5
+ /* now try respawn */
+ static cpu_type_t only32cpu[] = { CPU_TYPE_I386 };
+ const size_t only32cpuSize = (sizeof(only32cpu) / sizeof(cpu_type_t));
+
+ int rx;
+ posix_spawnattr_t attr;
+ if ((rx = posix_spawnattr_init(&attr)) != 0)
+ errc(1, rx, "posix_spawnattr_init");
+
+ if ((rx = posix_spawnattr_setflags(&attr, POSIX_SPAWN_SETEXEC)) != 0)
+ errc(1, rx, "posix_spawnattr_setflags");
+
+ size_t copied = 0;
+ if ((rx = posix_spawnattr_setbinpref_np(&attr, only32cpuSize, only32cpu, &copied)) != 0)
+ errc(1, rx, "posix_spawnattr_setbinpref_np");
+
+ if (copied != only32cpuSize)
+ errx(1, "posix_spawnattr_setbinpref_np only copied %d of %d", (int)copied, only32cpuSize);
+
+ pid_t pid = 0;
+ rx = posix_spawn(&pid, globalArgv[0], NULL, &attr, globalArgv, environ);
+ errc(1, rx, "posix_spawn: %s", globalArgv[0]);
+#else
+ /* we shouldn't get here, but if we do, we are in no state to continue */
+ Log1(PCSC_LOG_INFO, "Unexpected call to tryRespawn");
+ at_exit();
+#endif
+}
+
+void print_version (void)
+{
+ printf("%s version %s.\n", PACKAGE, VERSION);
+ printf("Copyright (C) 1999-2002 by David Corcoran <corcoran at linuxnet.com>.\n");
+ printf("Copyright (C) 2001-2005 by Ludovic Rousseau <ludovic.rousseau at free.fr>.\n");
+ printf("Copyright (C) 2003-2004 by Damien Sauveron <sauveron at labri.fr>.\n");
+ printf("Portions Copyright (C) 2000-2007 by Apple Inc.\n");
+ printf("Report bugs to <sclinux at linuxnet.com>.\n");
+}
+
+void print_usage (char const * const progname)
+{
+ printf("Usage: %s options\n", progname);
+ printf("Options:\n");
+#ifdef HAVE_GETOPT_LONG
+ printf(" -a, --apdu log APDU commands and results\n");
+ printf(" -c, --config path to reader.conf\n");
+ printf(" -f, --foreground run in foreground (no daemon),\n");
+ printf(" send logs to stderr instead of syslog\n");
+ printf(" -h, --help display usage information\n");
+ printf(" -H, --hotplug ask the daemon to rescan the available readers\n");
+ printf(" -v, --version display the program version number\n");
+ printf(" -d, --debug display lower level debug messages\n");
+ printf(" --info display info level debug messages (default level)\n");
+ printf(" -e --error display error level debug messages\n");
+ printf(" -C --critical display critical only level debug messages\n");
+ printf(" --force-reader-polling ignore the IFD_GENERATE_HOTPLUG reader capability\n");
+#else
+ printf(" -a log APDU commands and results\n");
+ printf(" -c path to reader.conf\n");
+ printf(" -f run in foreground (no daemon), send logs to stderr instead of syslog\n");
+ printf(" -d display debug messages. Output may be:\n");
+ printf(" -h display usage information\n");
+ printf(" -H ask the daemon to rescan the avaiable readers\n");
+ printf(" -v display the program version number\n");
+#endif
+}
+
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/pcscdmonitor.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/pcscdmonitor.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/pcscdmonitor.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,1177 @@
+/*
+ * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+
+//
+// pcscmonitor - use PCSC to monitor smartcard reader/card state for securityd
+//
+// PCSCDMonitor is the "glue" between PCSC and the securityd objects representing
+// smartcard-related things. Its job is to manage the daemon and translate real-world
+// events (such as card and device insertions) into the securityd object web.
+//
+// PCSCDMonitor uses multiple inheritance to the hilt. It is (among others)
+// (*) A notification listener, to listen to pcscd state notifications
+// (*) A MachServer::Timer, to handle timed actions
+// (*) A NotificationPort::Receiver, to get IOKit notifications of device insertions
+//
+
+#include "pcscdmonitor.h"
+#include <security_utilities/logging.h>
+#include <security_utilities/refcount.h>
+#include <IOKit/usb/IOUSBLib.h>
+#include <IOKit/IOMessage.h>
+#include <asl.h>
+//#include <Kernel/IOKit/pccard/IOPCCardBridge.h>
+//#include <Kernel/IOKit/pccard/cs.h>
+
+#ifndef _IOKIT_IOPCCARDBRIDGE_H
+// Avoid kernel header include
+#define kIOPCCardVersionOneMatchKey "VersionOneInfo"
+#define kIOPCCardFunctionNameMatchKey "FunctionName"
+#define kIOPCCardFunctionIDMatchKey "FunctionID"
+#define kIOPCCardVendorIDMatchKey "VendorID"
+#define kIOPCCardDeviceIDMatchKey "DeviceID"
+#define kIOPCCardFunctionExtensionMatchKey "FunctionExtension"
+#define kIOPCCardMemoryDeviceNameMatchKey "MemoryDeviceName"
+
+// this should be unique across the entire system
+#define sub_iokit_pccard err_sub(21)
+#define kIOPCCardCSEventMessage iokit_family_msg(sub_iokit_pccard, 1)
+#endif /* _IOKIT_IOPCCARDBRIDGE_H */
+
+// _LINUX_CS_H
+#define CS_EVENT_CARD_INSERTION 0x000004
+#define CS_EVENT_CARD_REMOVAL 0x000008
+#define CS_EVENT_EJECTION_REQUEST 0x010000
+
+// Locally defined string constants for IOKit values
+
+#define kzIOUSBSerialNumberKey "Serial Number"
+#define kzIOUSBVendorNameKey "USB Vendor Name"
+#define kzIOUSBProductNameKey "USB Product Name"
+#define kzIOUSBLocationIDKey "locationID"
+#define kzIOUSBbInterfaceClassKey "bInterfaceClass"
+#define kzIOUSBbDeviceClassKey "bDeviceClass"
+
+#define kzIOPCCardIONameKey "IOName"
+#define kzIOPCCardIODeviceMemoryKey "IODeviceMemory"
+#define kzIOPCCardParentKey "parent"
+#define kzIOPCCardAddressKey "address"
+
+#define kzIOPCCard16DeviceClassName "IOPCCard16Device"
+
+#define PTRPARAMCAST(X) (static_cast<unsigned int>(reinterpret_cast<uintptr_t>(X)))
+
+//
+// Fixed configuration parameters
+//
+static const Time::Interval PCSCD_IDLE_SHUTDOWN(120); // kill daemon if no devices present
+
+// Apple built-in iSight Device VendorID/ProductID: 0x05AC/0x8501
+
+static const uint32_t kVendorProductMask = 0x0000FFFF;
+static const uint32_t kVendorIDApple = 0x05AC;
+static const uint16_t kProductIDBuiltInISight = 0x8501;
+
+/*
+ Copied from USBVideoClass-230.2.3/Digitizers/USBVDC/Camera/USBClient/APW_VDO_USBVDC_USBClient.h
+*/
+
+enum {
+ kBuiltIniSightProductID = 0x8501,
+ kBuiltIniSightWave2ProductID = 0x8502,
+ kBuiltIniSightWave3ProductID = 0x8505,
+ kUSBWave4ProductID = 0x8507,
+ kUSBWave2InK29ProductID = 0x8508,
+ kUSBWaveReserved1ProductID = 0x8509,
+ kUSBWaveReserved2ProductID = 0x850a,
+ kExternaliSightProductID = 0x1111,
+ kLogitechVendorID = 0x046d
+};
+
+//static void dumpdictentry(const void *key, const void *value, void *context);
+
+#pragma mark -------------------- Class Methods --------------------
+
+//
+// Construct a PCSCDMonitor.
+// We strongly assume there's only one of us around here.
+//
+// Note that this constructor may well run before the server loop has started.
+// Don't call anything here that requires an active server loop (like Server::active()).
+// In fact, you should push all the hard work into a timer, so as not to hold up the
+// general startup process.
+//
+
+PCSCDMonitor::PCSCDMonitor(PCSCD::Server &server, PCSCD::DriverBundles &drivers) :
+ MachPlusPlus::MachServer::Timer(true), // "heavy" timer task
+ server(server),
+ drivers(drivers),
+ mAddDeviceCallback(NULL), mRemoveDeviceCallback(NULL),
+ mWillSleepCallback(NULL), mIsWakingCallback(NULL),
+ mTimerAction(&PCSCDMonitor::initialSetup),
+ mGoingToSleep(false),
+ mTerminationNoticeReceiver(*this),
+ mSleepWakePeriod(false),
+ mWakeConditionVariable(mWakeConditionLock)
+{
+ // do all the smartcard-related work once the event loop has started
+ secdebug("pcsc", "PCSCDMonitor server is %p", &server);
+ server.setTimer(this, Time::now()); // ASAP
+ // timer only used now to call initialSetup
+ mDevices.erase(mDevices.begin(),mDevices.end());
+}
+
+//
+// Power event notifications
+//
+void PCSCDMonitor::systemWillSleep()
+{
+ StLock<Mutex> _(mLock);
+ secdebug("pcsc", "setting sleep marker (%ld readers as of now)", mDevices.size());
+ mGoingToSleep = true;
+ server.clearTimer(this);
+ if (mWillSleepCallback)
+ {
+ uint32_t rx = (*mWillSleepCallback)();
+ secdebug("pcsc", " WillSleepCallback returned %d", rx);
+ }
+ setSystemIsAwakeCondition(false);
+}
+
+void PCSCDMonitor::systemIsWaking()
+{
+ StLock<Mutex> _(mLock);
+ secdebug("pcsc", "------------------ Waking from sleep ... ------------------ ");
+ secdebug("pcsc", "clearing sleep marker (%ld readers as of now)", mDevices.size());
+ mGoingToSleep = false;
+ // rescan here
+ if (mIsWakingCallback)
+ {
+ uint32_t rx = (*mIsWakingCallback)();
+ secdebug("pcsc", " IsWakingCallback returned %d", rx);
+ }
+ setSystemIsAwakeCondition(true);
+}
+
+void PCSCDMonitor::setSystemIsAwakeCondition(bool isAwake)
+{
+ secdebug("pcsc", " setSystemIsAwakeCondition %d", isAwake);
+ if (isAwake)
+ {
+ sleepWakePeriod(false);
+ mWakeConditionVariable.broadcast();
+ }
+ else
+ sleepWakePeriod(true);
+}
+
+bool PCSCDMonitor::isSleepWakePeriod() const
+{
+ StLock<Mutex> _(mSleepWakePeriodLock);
+ return mSleepWakePeriod;
+}
+
+void PCSCDMonitor::sleepWakePeriod(bool isASleepWakePeriod)
+{
+ StLock<Mutex> _(mSleepWakePeriodLock);
+ mSleepWakePeriod = isASleepWakePeriod;
+}
+
+void PCSCDMonitor::systemAwakeAndReadyCheck()
+{
+// const long sleepTimeMSec = 100; // 0.1s
+
+ StLock<Mutex> _(mWakeConditionLock);
+ while (isSleepWakePeriod())
+ {
+ secdebug("pcsc", "...### thread paused before waking ###...");
+ mWakeConditionVariable.wait();
+ secdebug("pcsc", "...### thread resume after waking ###...");
+ }
+}
+
+void PCSCDMonitor::action()
+{
+ // Timer action
+ StLock<Mutex> _(mLock);
+ secdebug("pcsc", "Calling PCSCDMonitor::action()");
+ (this->*mTimerAction)();
+ mTimerAction = &PCSCDMonitor::noDeviceTimeout;
+}
+
+void PCSCDMonitor::scheduleTimer(bool enable)
+{
+ // Update the timeout timer as requested (and indicated by context)
+}
+
+//
+// Perform the initial PCSC subsystem initialization.
+// This runs (shortly) after securityd is fully functional and the
+// server loop has started.
+//
+void PCSCDMonitor::initialSetup()
+{
+ secdebug("pcsc", "Calling PCSCDMonitor::initialSetup()");
+ // receive Mach-based IOKit notifications through mIOKitNotifier
+ server.add(mIOKitNotifier);
+
+ // receive power event notifications (through our IOPowerWatcher personality)
+ server.add(this);
+
+ AddIOKitNotifications();
+
+ PCSCDMonitor::postNotification(SecurityServer::kNotificationPCSCInitialized);
+}
+
+void PCSCDMonitor::AddIOKitNotifications()
+{
+ try
+ {
+ // ask for IOKit notifications for all new USB devices and process present ones
+ IOKit::DeviceMatch usbSelector(kIOUSBInterfaceClassName);
+ IOKit::DeviceMatch pcCardSelector(kzIOPCCard16DeviceClassName);
+ mIOKitNotifier.add(usbSelector, *this, kIOMatchedNotification); // this will scan existing USB devices
+ // mIOKitNotifier.add(usbSelector, mTerminationNoticeReceiver, kIOTerminatedNotification); // ditto for PC Card devices
+ mIOKitNotifier.add(pcCardSelector, *this, kIOMatchedNotification); // ditto for PC Card devices
+ mIOKitNotifier.add(pcCardSelector, mTerminationNoticeReceiver, kIOTerminatedNotification); // ditto for PC Card devices
+
+ // catch custom non-composite USB devices - they don't have IOServices attached
+ IOKit::DeviceMatch customUsbSelector(::IOServiceMatching(kIOUSBDeviceClassName));
+ mIOKitNotifier.add(customUsbSelector, *this, kIOMatchedNotification); // ditto for custom USB devices
+ // mIOKitNotifier.add(customUsbSelector, mTerminationNoticeReceiver, kIOTerminatedNotification);
+ }
+ catch (...)
+ {
+ secdebug("pcscd", "trouble adding IOKit notifications (ignored)");
+ }
+}
+
+void PCSCDMonitor::RemoveIOKitNotifications()
+{
+}
+
+
+void PCSCDMonitor::rescanExistingDevices()
+{
+ kern_return_t kr;
+ mach_port_t masterPort = ((IOKit::NotificationPort)mIOKitNotifier).port();
+// mach_port_t masterPort = port();
+ io_iterator_t iterator;
+
+ // Process existing USB devices
+ IOKit::DeviceMatch usbSelector(kIOUSBInterfaceClassName);
+ kr = IOServiceGetMatchingServices(masterPort, usbSelector, &iterator);
+ IOKit::DeviceIterator usbdev(iterator);
+ ioChange(usbdev);
+
+ // Process existing PC Card devices
+ IOKit::DeviceMatch pcCardSelector(kzIOPCCard16DeviceClassName);
+ kr = IOServiceGetMatchingServices(masterPort, pcCardSelector, &iterator);
+ IOKit::DeviceIterator pcdev(iterator);
+ ioChange(pcdev);
+
+ // catch custom non-composite USB devices - they don't have IOServices attached
+ IOKit::DeviceMatch customUsbSelector(::IOServiceMatching(kIOUSBDeviceClassName));
+ kr = IOServiceGetMatchingServices(masterPort, customUsbSelector, &iterator);
+ IOKit::DeviceIterator customusbdev(iterator);
+ ioChange(customusbdev);
+}
+
+void PCSCDMonitor::postNotification(const SecurityServer::NotificationEvent event)
+{
+ // send a change notification to securityd
+ // Either kNotificationPCSCStateChange or kNotificationPCSCInitialized
+ using namespace SecurityServer;
+ ClientSession session(Allocator::standard(), Allocator::standard());
+ try {
+ session.postNotification(kNotificationDomainPCSC, event, CssmData());
+ secdebug("pcscd", "notification sent");
+ } catch (const MachPlusPlus::Error &err) {
+ switch (err.error) {
+ case BOOTSTRAP_UNKNOWN_SERVICE: // securityd not yet available; this is not an error
+ secdebug("pcscd", "securityd not up; no notification sent");
+ break;
+#if !defined(NDEBUG)
+ // for debugging only, support a securityd restart. This is NOT thread-safe
+ case MACH_SEND_INVALID_DEST:
+ secdebug("pcscd", "resetting securityd connection for debugging");
+ session.reset();
+ try {
+ session.postNotification(kNotificationDomainPCSC,
+ kNotificationPCSCStateChange, CssmData());
+ } catch (...) {
+ secdebug("pcscd", "re-send attempt failed, punting");
+ }
+ break;
+#endif //NDEBUG
+ default:
+ secdebug("pcscd", "exception trying to send notification (ignored)");
+ }
+ } catch (...) {
+ secdebug("pcscd", "trouble sending security notification (ignored)");
+ }
+}
+
+//
+// This function is called (as a timer function) when there haven't been any (recognized)
+// smartcard devicees in the system for a while.
+//
+void PCSCDMonitor::noDeviceTimeout()
+{
+ secdebug("pcsc", "killing pcscd (no smartcard devices present for %g seconds)",
+ PCSCD_IDLE_SHUTDOWN.seconds());
+}
+
+void PCSCDMonitor::addInterestNotification()
+{
+ secdebug("pcsc", "Adding interest notification for service 0x%04X (this=%p)", mServiceOfInterest,this);
+ mIOKitNotifier.addInterestNotification(*this, mServiceOfInterest);
+}
+
+void PCSCDMonitor::scheduleAddInterestNotification(io_service_t serviceOfInterest)
+{
+ StLock<Mutex> _(mLock);
+ secdebug("pcsc", "Scheduling interest notification for service 0x%04X (this=%p)", serviceOfInterest, this);
+ mServiceOfInterest = serviceOfInterest;
+ mTimerAction = &PCSCDMonitor::addInterestNotification;
+ server.setTimer(this, Time::now()); // ASAP
+}
+
+//
+// IOKit device event notification.
+// Here we listen for newly inserted devices
+//
+void PCSCDMonitor::ioChange(IOKit::DeviceIterator &iterator)
+{
+ secdebug("pcsc", "Processing device event notification");
+ int def=0, pos=0, total=0;
+ // Always drain this iterator
+ while (IOKit::Device dev = iterator())
+ {
+ ++total;
+ displayPropertiesOfDevice(dev);
+ switch (deviceSupport(dev))
+ {
+ case definite:
+ ++def;
+ addDevice(dev);
+ break;
+ case possible:
+ ++pos;
+ addDevice(dev);
+ break;
+ case impossible:
+ break;
+ }
+ }
+
+ dumpDevices();
+ secdebug("pcsc", "Relevant devices: %d definite, %d possible, %d total", def, pos, total);
+}
+
+// IOKit device event notification.
+// Here we listen for newly removed devices
+//
+void PCSCDMonitor::ioServiceChange(void *refCon, io_service_t service,
+ natural_t messageType, void *messageArgument)
+{
+ uintptr_t messageArg = uintptr_t(messageArgument);
+ secdebug("pcsc", "Processing ioServiceChange notice: 0x%08X [refCon=0x%08lX, service=0x%08X, arg=0x%08lX]",
+ messageType, (uintptr_t)refCon, service, messageArg);
+
+ if (mGoingToSleep && isSleepWakePeriod()) // waking up but still drowsy
+ {
+ secdebug("pcsc", " ignoring ioServiceChange notice during wake up phase");
+ return;
+ }
+
+ PCSCDMonitor::displayPropertiesOfDevice(service);
+ // This is called since we asked for kIOGeneralInterest notices
+ // Usually it is the "device removed" notification
+ switch (messageType)
+ {
+ case kIOMessageServiceIsTerminated: // We get these when device is removed
+ {
+ uint32_t address;
+ if (deviceAddress(service, address))
+ {
+ secdebug("pcsc", " device removed notice: 0x%04X address: 0x%08X", service, address);
+ this->removeDevice(service, address);
+ }
+ else
+ secdebug("pcsc", " device removed notice, but failed to find address for service: 0x%04X", service);
+ }
+ break;
+ case kIOMessageServiceWasClosed: // We get these when the system sleeps
+ {
+#ifndef NDEBUG
+ uint32_t address;
+ deviceAddress(service, address);
+ secdebug("pcsc", " service was closed notice: 0x%04X address: 0x%08X", service, address);
+#endif
+ }
+ break;
+ case kIOPCCardCSEventMessage: // 0xE0054001 - not handled by mach_error_string
+ secdebug("pcsc", " pccard event message: service: 0x%04X, type: 0x%08X",
+ service, (unsigned int)messageArg);
+ // Card Services Events are defined in IOKit/pccard/cs.h
+ switch (messageArg)
+ {
+ case CS_EVENT_EJECTION_REQUEST:
+ secdebug("pcsc", " pccard event message: ejection request");
+ break;
+
+ case CS_EVENT_CARD_REMOVAL:
+ {
+ uint32_t address;
+ if (deviceMemoryAddress(service, address))
+ {
+ secdebug("pcsc", " device removed notice: 0x%04X address: 0x%08X", service, address);
+ this->removeDevice(service, address);
+ }
+ else
+ secdebug("pcsc", " device removed notice, but failed to find address for service: 0x%04X", service);
+ break;
+ }
+ }
+ break;
+ default:
+ secdebug("pcsc", " processing device general notice: 0x%08X", messageType);
+ break;
+ }
+}
+
+void PCSCDMonitor::addDevice(const IOKit::Device &dev)
+{
+ DeviceMap::iterator it;
+ if (!findDevice(dev,it)) // new device
+ {
+ io_service_t service = dev.ioObject();
+
+ RefPointer<PCSCD::Device> newDevice = new PCSCD::Device(service);
+ uint32_t address = 0;
+
+ if (deviceAddress(dev, address))
+ {
+ newDevice->setAddress(address);
+ secdebug("scsel", " Device address: 0x%08X [service: 0x%04X]", address, service);
+ setDeviceProperties(dev, *newDevice);
+ if (drivers.find(*newDevice))
+ {
+ secdebug("driver", " found matching driver for %s: %s", newDevice->name().c_str(), newDevice->path().c_str());
+ setDebugPropertiesForDevice(dev, newDevice);
+ insert(make_pair(address, newDevice));
+ if (mAddDeviceCallback)
+ {
+ // kPCSCLITE_HP_BASE_PORT
+ uint32_t rx = (*mAddDeviceCallback)(newDevice->name().c_str(), address, newDevice->path().c_str(), newDevice->name().c_str());
+ secdebug("pcsc", " AddDeviceCallback returned %d", rx);
+ if (rx != SCARD_S_SUCCESS && rx != SCARD_E_DUPLICATE_READER)
+ {
+ DeviceMap::iterator it = mDevices.find(address);
+ if (it != mDevices.end()) // found it
+ remove(it); // remove from reader map
+ return;
+ }
+ }
+ PCSCDMonitor::postNotification(SecurityServer::kNotificationPCSCStateChange);
+ secdebug("pcsc", " added to device map, address: 0x%08X, service: 0x%04X, [class @:%p]", address, service, newDevice.get());
+ }
+ else
+ {
+ secdebug("driver", " no matching driver found for %s: %s", newDevice->name().c_str(), newDevice->path().c_str());
+ // Add MessageTracer logging as per <rdar://problem/6432650>. If we get here, pcscd was launched
+ // for a device insertion, but the device is not a smartcard reader (or doesn't have a
+ // matching driver.
+ char buf[256];
+ aslmsg msg = asl_new(ASL_TYPE_MSG);
+ asl_set(msg, "com.apple.message.domain", "com.apple.security.smartcardservices.unknowndevice" );
+ asl_set(msg, "com.apple.message.signature", "Non-smartcard device launched pcscd");
+ snprintf(buf, sizeof(buf), "%u", newDevice->vendorid());
+ asl_set(msg, "com.apple.message.signature2", buf); // vendor ID
+ snprintf(buf, sizeof(buf), "%u", newDevice->productid());
+ asl_set(msg, "com.apple.message.signature3", buf); // product ID
+ snprintf(buf, sizeof(buf), "Non-smartcard device launched pcscd [Vendor: %#X, Product: %#X]",
+ newDevice->vendorid(), newDevice->productid());
+ asl_log(NULL, msg, ASL_LEVEL_NOTICE, buf);
+ asl_free(msg);
+ }
+ }
+ else
+ secdebug("pcsc", " device added notice, but failed to find address for service: 0x%04X", service);
+ }
+ else
+ {
+ PCSCD::Device *theDevice = static_cast<PCSCD::Device *>(it->second);
+ secdebug("scsel", " Already in map: Device address: 0x%08X [service: 0x%04X]",
+ theDevice->address(), dev.ioObject());
+ setDeviceProperties(dev, *theDevice);
+ setDebugPropertiesForDevice(dev, theDevice);
+ }
+
+ // We always try to add the interest notification. It may be that
+ // we added the device during a callback for a particular plane,
+ // but we didn't have the right information then to add the notification
+ io_service_t servicex = dev.ioObject();
+ mIOKitNotifier.addInterestNotification(*this, servicex);
+ dumpDevices();
+}
+
+bool PCSCDMonitor::findDevice(const IOKit::Device &dev, DeviceMap::iterator &it)
+{
+ uint32_t address = 0;
+ deviceAddress(dev, address);
+ it = mDevices.find(address);
+ return (it != mDevices.end());
+}
+
+bool PCSCDMonitor::findDeviceByName(const IOKit::Device &dev, DeviceMap::iterator &outit)
+{
+ CFRef<CFStringRef> ioName = dev.property<CFStringRef>(kzIOPCCardIONameKey);
+ if (!ioName)
+ return false;
+
+ std::string devname = cfString(ioName);
+ for (DeviceMap::iterator it = mDevices.begin(); it != mDevices.end(); ++it)
+ {
+ PCSCD::Device *theDevice = static_cast<PCSCD::Device *>(it->second);
+ if (theDevice->name() == devname)
+ {
+ outit = it;
+ return true;
+ }
+ }
+
+ return false;
+}
+
+void PCSCDMonitor::updateDevice(const IOKit::Device &dev)
+{
+ DeviceMap::iterator it;
+ if (findDevice(dev,it))
+ {
+ PCSCD::Device *theDevice = static_cast<PCSCD::Device *>(it->second);
+ setDeviceProperties(dev, *theDevice);
+ if (drivers.find(*theDevice))
+ secdebug("driver", " found matching driver for %s: %s", theDevice->name().c_str(), theDevice->path().c_str());
+ setDebugPropertiesForDevice(dev, theDevice);
+ }
+}
+
+bool PCSCDMonitor::hasLegacyDriver(const IOKit::Device &dev)
+{
+ PCSCD::Device tmpDevice(0); //dev.ioObject() - fake it
+ uint32_t address = 0;
+ if (deviceAddress(dev, address))
+ tmpDevice.setAddress(address);
+ setDeviceProperties(dev, tmpDevice);
+ if (drivers.find(tmpDevice))
+ {
+ secdebug("driver", " found matching driver for legacy device: %s", tmpDevice.path().c_str());
+ return true;
+ }
+
+ return false;
+}
+
+bool PCSCDMonitor::deviceIsPCCard(const IOKit::Device &dev)
+{
+ if (CFRef<CFStringRef> ioName = dev.property<CFStringRef>(kzIOPCCardIONameKey))
+ if (cfString(ioName).find("pccard", 0, 1) == 0)
+ return true;
+
+ return false;
+}
+
+bool PCSCDMonitor::deviceIsPCCard(io_service_t service)
+{
+ if (CFRef<CFStringRef> ioName = static_cast<CFStringRef>(::IORegistryEntryCreateCFProperty(
+ service, CFSTR(kzIOPCCardIONameKey), kCFAllocatorDefault, 0)))
+ if (cfString(ioName).find("pccard", 0, 1) == 0)
+ return true;
+
+ return false;
+}
+
+void PCSCDMonitor::getVendorAndProductID(const IOKit::Device &dev, uint32_t &vendorID, uint32_t &productID, bool &isPCCard)
+{
+ vendorID = productID = 0;
+ isPCCard = deviceIsPCCard(dev);
+
+ if (!isPCCard)
+ {
+ if (CFRef<CFNumberRef> cfVendorID = dev.property<CFNumberRef>(kUSBVendorID))
+ vendorID = cfNumber(cfVendorID);
+
+ if (CFRef<CFNumberRef> cfProductID = dev.property<CFNumberRef>(kUSBProductID))
+ productID = cfNumber(cfProductID);
+ }
+ else
+ {
+ if (CFRef<CFNumberRef> cfVendorID = dev.property<CFNumberRef>(kIOPCCardVendorIDMatchKey))
+ vendorID = cfNumber(cfVendorID);
+
+ if (CFRef<CFNumberRef> cfProductID = dev.property<CFNumberRef>(kIOPCCardDeviceIDMatchKey))
+ productID = cfNumber(cfProductID);
+
+ // One special case for legacy OmniKey CardMan 4040 support
+ CFRef<CFStringRef> ioName = dev.property<CFStringRef>(kzIOPCCardIONameKey);
+ if (ioName && CFEqual(ioName, CFSTR("pccard-no-cis")))
+ {
+ vendorID = 0x0223;
+ productID = 0x0200;
+ }
+ }
+}
+
+void PCSCDMonitor::setDeviceProperties(const IOKit::Device &dev, PCSCD::Device &device)
+{
+ uint32_t vendorID, productID;
+ bool isPCCard;
+
+ getVendorAndProductID(dev, vendorID, productID, isPCCard);
+
+ device.setIsPCCard(isPCCard);
+
+ if (CFRef<CFNumberRef> cfInterface = dev.property<CFNumberRef>(kzIOUSBbInterfaceClassKey))
+ device.setInterfaceClass(cfNumber(cfInterface));
+
+ if (CFRef<CFNumberRef> cfDevice = dev.property<CFNumberRef>(kzIOUSBbDeviceClassKey))
+ device.setDeviceClass(cfNumber(cfDevice));
+
+ device.setVendorid(vendorID);
+ device.setProductid(productID);
+
+ if (CFRef<CFStringRef> ioName = dev.property<CFStringRef>(kzIOPCCardIONameKey))
+ device.setName(cfString(ioName));
+}
+
+bool PCSCDMonitor::isExcludedDevice(const IOKit::Device &dev)
+{
+ uint32_t vendorID, productID;
+ bool isPCCard;
+
+ getVendorAndProductID(dev, vendorID, productID, isPCCard);
+
+ if ((vendorID & kVendorProductMask) != kVendorIDApple)
+ return false; // i.e. it is not an excluded device
+
+ // Since Apple does not manufacture smartcard readers, just exclude
+ // If we even start making them, we should make it a CCID reader anyway
+
+ return true;
+}
+
+void PCSCDMonitor::setDebugPropertiesForDevice(const IOKit::Device &dev, PCSCD::Device * newDevice)
+{
+ /*
+ Many of these properties are only defined on the "IOUSBDevice" plane, so
+ will be non-empty on the third iteration.
+ */
+ std::string vendorName, productName, serialNumber;
+
+ if (CFRef<CFStringRef> cfVendorString = dev.property<CFStringRef>(kzIOUSBVendorNameKey))
+ vendorName = cfString(cfVendorString);
+
+ if (CFRef<CFStringRef> cfProductString = dev.property<CFStringRef>(kzIOUSBProductNameKey))
+ productName = cfString(cfProductString);
+
+ if (CFRef<CFStringRef> cfSerialString = dev.property<CFStringRef>(kzIOUSBSerialNumberKey))
+ serialNumber = cfString(cfSerialString);
+
+ if (deviceIsPCCard(dev))
+ {
+ if (CFRef<CFArrayRef> cfVersionOne = dev.property<CFArrayRef>(kIOPCCardVersionOneMatchKey))
+ if (CFArrayGetCount(cfVersionOne) > 1)
+ {
+ CFStringRef cfVendorString = (CFStringRef)CFArrayGetValueAtIndex(cfVersionOne, 0);
+ if (cfVendorString)
+ vendorName = cfString(cfVendorString);
+
+ CFStringRef cfProductString = (CFStringRef)CFArrayGetValueAtIndex(cfVersionOne, 1);
+ if (cfProductString)
+ productName = cfString(cfProductString);
+ }
+ }
+
+ newDevice->setDebugParams(vendorName, productName, serialNumber);
+
+// secdebug("scsel", " deviceSupport: vendor/product: 0x%04X/0x%04X, vendor: %s, product: %s, serial: %s", vendorid, productid,
+// vendorName.c_str(), productName.c_str(), serialNumber.c_str());
+}
+
+void PCSCDMonitor::removeDevice(io_service_t service, uint32_t address)
+{
+ secdebug("pcsc", " Size of mDevices: %ld, service: 0x%04X", mDevices.size(), service);
+ if (!mDevices.empty())
+ {
+ secdebug("pcsc", " device removed notice: 0x%04X address: 0x%08X", service, address);
+ DeviceMap::iterator it = mDevices.find(address);
+ if (it != mDevices.end()) // found it
+ {
+ if (mRemoveDeviceCallback)
+ {
+ uint32_t rx = (*mRemoveDeviceCallback)((it->second)->name().c_str(), address);
+ secdebug("pcsc", " RemoveDeviceCallback returned %d", rx);
+ }
+ remove(it); // remove from reader map
+ }
+ else
+ secdebug("pcsc", " service: 0x%04X at address 0x%04X not found ??", service, address);
+ }
+ dumpDevices();
+ ::IOObjectRelease(service); // we don't want notifications here until re-added
+}
+
+void PCSCDMonitor::removeDeviceByName(const IOKit::Device &dev)
+{
+ io_service_t service = dev.ioObject();
+ secdebug("pcsc", " Size of mDevices: %ld, service: 0x%04X", mDevices.size(), service);
+ if (!mDevices.empty())
+ {
+ uint32_t address = 0;
+ deviceAddress(dev, address);
+ DeviceMap::iterator it;
+ if (findDeviceByName(dev, it)) // found it
+ {
+ if (mRemoveDeviceCallback)
+ {
+ uint32_t rx = (*mRemoveDeviceCallback)((it->second)->name().c_str(), address);
+ secdebug("pcsc", " RemoveDeviceCallback returned %d", rx);
+ }
+ remove(it); // remove from reader map
+ }
+ else
+ secdebug("pcsc", " service: 0x%04X at address 0x%04X not found ??", service, address);
+ }
+ dumpDevices();
+ ::IOObjectRelease(service); // we don't want notifications here until re-added
+}
+
+void PCSCDMonitor::removeAllDevices()
+{
+ secdebug("pcsc", ">>>>>> removeAllDevices: Size of mDevices: %ld", mDevices.size());
+ for (DeviceMap::iterator it = mDevices.begin(); it != mDevices.end(); ++it)
+ {
+ PCSCD::Device *dev = static_cast<PCSCD::Device *>(it->second);
+ uint32_t address = 0;
+ // PCSCDMonitor::deviceAddress(*dev, &address);
+ address = dev->address();
+ io_service_t service = dev->ioObject();
+ if (mRemoveDeviceCallback)
+ {
+ uint32_t rx = (*mRemoveDeviceCallback)(dev->name().c_str(), address);
+ secdebug("pcsc", " RemoveDeviceCallback returned %d", rx);
+ }
+ ::IOObjectRelease(service); // we don't want notifications here until re-added
+ remove(it); // remove from reader map
+ }
+ secdebug("pcsc", ">>>>>> removeAllDevices [end]: Size of mDevices: %ld", mDevices.size());
+}
+
+
+//
+// Check an IOKit device that's just come online to see if it's
+// a smartcard device of some sort.
+//
+PCSCDMonitor::DeviceSupport PCSCDMonitor::deviceSupport(const IOKit::Device &dev)
+{
+#ifndef NDEBUG
+ try
+ {
+ secdebug("scsel", "path: %s", dev.path().c_str()); // this can fail sometimes
+ }
+ catch (...)
+ {
+ secdebug("scsel", " exception while displaying device path - ignoring error");
+ }
+#endif
+
+ try
+ {
+ // composite USB device with interface class
+ if (CFRef<CFNumberRef> cfInterface = dev.property<CFNumberRef>(kzIOUSBbInterfaceClassKey))
+ switch (uint32_t clas = cfNumber(cfInterface))
+ {
+ case kUSBChipSmartCardInterfaceClass: // CCID smartcard reader - go
+ secdebug("scsel", " CCID smartcard reader recognized");
+ return definite;
+ case kUSBVendorSpecificInterfaceClass:
+ if (isExcludedDevice(dev))
+ {
+ secdebug("scsel", " interface class %d is not a smartcard device (excluded)", clas);
+ return impossible;
+ }
+ secdebug("scsel", " Vendor-specific interface - possible match");
+ return possible;
+ default:
+ if ((clas == 0) && hasLegacyDriver(dev))
+ {
+ secdebug("scsel", " Vendor-specific legacy driver - possible match");
+ return possible;
+ }
+ secdebug("scsel", " interface class %d is not a smartcard device", clas);
+ return impossible;
+ }
+
+ // noncomposite USB device
+ if (CFRef<CFNumberRef> cfDevice = dev.property<CFNumberRef>(kzIOUSBbDeviceClassKey))
+ if (cfNumber(cfDevice) == kUSBVendorSpecificClass)
+ {
+ if (isExcludedDevice(dev))
+ {
+ secdebug("scsel", " device class %d is not a smartcard device (excluded)", cfNumber(cfDevice));
+ return impossible;
+ }
+ secdebug("scsel", " Vendor-specific device - possible match");
+ return possible;
+ }
+
+ // PCCard (aka PCMCIA aka ...) interface (don't know how to recognize a reader here)
+ if (deviceIsPCCard(dev))
+ {
+ secdebug("scsel", " PCCard - possible match");
+ return possible;
+ }
+
+ return impossible;
+ }
+ catch (...)
+ {
+ secdebug("scsel", " exception while examining device - ignoring it");
+ return impossible;
+ }
+}
+
+#pragma mark -------------------- Static Methods --------------------
+
+bool PCSCDMonitor::deviceAddress(io_service_t service, uint32_t &address)
+{
+ if (CFRef<CFNumberRef> cfLocationID = static_cast<CFNumberRef>(::IORegistryEntryCreateCFProperty(
+ service, CFSTR(kzIOUSBLocationIDKey), kCFAllocatorDefault, 0)))
+ {
+ address = cfNumber(cfLocationID);
+ return true;
+ }
+
+ // don't bother to test if it is a pc card, just try looking
+ return deviceMemoryAddress(service, address);
+}
+
+bool PCSCDMonitor::deviceAddress(const IOKit::Device &dev, uint32_t &address)
+{
+ if (CFRef<CFNumberRef> cfLocationID = dev.property<CFNumberRef>(kzIOUSBLocationIDKey))
+ {
+ address = cfNumber(cfLocationID);
+ return true;
+ }
+
+ // don't bother to test if it is a pc card, just try looking
+ return deviceMemoryAddress(dev, address);
+}
+
+bool PCSCDMonitor::deviceMemoryAddress(const IOKit::Device &dev, uint32_t &address)
+{
+// CFRef<CFStringRef> ioName = dev.property<CFStringRef>(kzIOPCCardIONameKey);
+ CFRef<CFArrayRef> cfDeviceMemory = dev.property<CFArrayRef>(kzIOPCCardIODeviceMemoryKey);
+ return deviceMemoryAddressCore(cfDeviceMemory, dev.path(), address);
+}
+
+bool PCSCDMonitor::deviceMemoryAddress(io_service_t service, uint32_t &address)
+{
+// CFRef<CFStringRef> ioName = static_cast<CFStringRef>(::IORegistryEntryCreateCFProperty(
+// service, CFSTR(kzIOPCCardIONameKey), kCFAllocatorDefault, 0));
+ CFRef<CFArrayRef> cfDeviceMemory = static_cast<CFArrayRef>(::IORegistryEntryCreateCFProperty(
+ service, CFSTR(kzIOPCCardIODeviceMemoryKey), kCFAllocatorDefault, 0));
+ return deviceMemoryAddressCore(cfDeviceMemory, "", address);
+}
+
+bool PCSCDMonitor::deviceMemoryAddressCore(CFArrayRef cfDeviceMemory, std::string path, uint32_t &address)
+{
+ address = 0;
+ try
+ {
+ if (cfDeviceMemory)
+ {
+ if (CFRef<CFDictionaryRef> cfTempMem = (CFDictionaryRef)CFRetain(CFArrayGetValueAtIndex(cfDeviceMemory, 0)))
+ {
+ // CFDictionaryApplyFunction(cfTempMem, dumpdictentry, NULL);
+ if (CFRef<CFArrayRef> cfParent = (CFArrayRef)CFRetain(CFDictionaryGetValue(cfTempMem, CFSTR(kzIOPCCardParentKey))))
+ if (CFRef<CFDictionaryRef> cfTempMem2 = (CFDictionaryRef)CFRetain(CFArrayGetValueAtIndex(cfParent, 0)))
+ if (CFRef<CFNumberRef> cfAddress = (CFNumberRef)CFRetain(CFDictionaryGetValue((CFDictionaryRef)cfTempMem2, CFSTR(kzIOPCCardAddressKey))))
+ {
+ address = cfNumber(cfAddress);
+ secdebug("scsel", " address from device memory address property: 0x%08X", address);
+ return true;
+ }
+ }
+ }
+ else
+ if (!path.empty())
+ {
+ // std::string name = cfString(ioName);
+ // address = CFHash (ioName);
+ // address = 0xF2000000;
+ addressFromPath(path, address);
+ secdebug("scsel", " extracted address: 0x%08X for device [%s]", address, path.c_str());
+ return true;
+ }
+ }
+ catch (...)
+ {
+ secdebug("scsel", " exception while examining deviceMemoryAddress property");
+ }
+ return false;
+}
+
+bool PCSCDMonitor::addressFromPath(std::string path, uint32_t &address)
+{
+ /*
+ Try to extract the address from the path if the other keys are not present.
+ An example path is:
+
+ IOService:/MacRISC2PE/pci at f2000000/AppleMacRiscPCI/cardbus at 13/IOPCCardBridge/pccard2bd,1003 at 0,0
+
+ where e.g. the address is f2000000, the vendor is 0x2bd, and the product id is 0x1003
+ */
+ address = 0;
+ #define HEX_TO_INT(x) ((x) >= '0' &&(x) <= '9' ? (x) - '0' : (x) - ('a' - 10))
+
+ try
+ {
+ secdebug("scsel", "path: %s", path.c_str()); // this can fail sometimes
+
+ std::string lhs("/pci@");
+ std::string rhs("/");
+
+ std::string::size_type start = path.find(lhs)+lhs.length();
+ std::string::size_type end = path.find(rhs, start);
+
+ std::string addressString(path, start, end-start);
+
+ // now addressString should contain something like f2000000
+ uint32_t tmp = 0;
+ const char *px = addressString.c_str();
+ size_t len = strlen(px);
+ for (unsigned int ix=0;ix<len;ix++,px++)
+ {
+ tmp<<=4;
+ tmp += HEX_TO_INT(*px);
+ }
+
+ address = tmp;
+
+ secdebug("scsel", " address 0x%08X extracted from path", address);
+ }
+ catch (...)
+ {
+ secdebug("scsel", " exception while displaying device path - ignoring error");
+ return false;
+ }
+
+ return true;
+}
+
+#pragma mark -------------------- Termination Notice Receiver --------------------
+
+TerminationNoticeReceiver::~TerminationNoticeReceiver()
+{
+}
+
+void TerminationNoticeReceiver::ioChange(IOKit::DeviceIterator &iterator)
+{
+ secdebug("pcsc", "[TerminationNoticeReceiver] Processing ioChange notification");
+ // Always drain this iterator
+ while (IOKit::Device dev = iterator())
+ {
+ PCSCDMonitor::displayPropertiesOfDevice(dev);
+ parent().removeDeviceByName(dev);
+ }
+}
+
+void TerminationNoticeReceiver::ioServiceChange(void *refCon, io_service_t service,
+ natural_t messageType, void *messageArgument)
+{
+ uintptr_t messageArg = uintptr_t(messageArgument);
+ secdebug("pcsc", " [TerminationNoticeReceiver] processing ioServiceChange notice: 0x%08X [refCon=0x%08lX, service=0x%08X, arg=0x%08lX]",
+ messageType, (uintptr_t)refCon, service, messageArg);
+ parent().ioServiceChange(refCon, service, messageType, messageArgument);
+}
+
+#pragma mark -------------------- Debug Routines --------------------
+
+void PCSCDMonitor::displayPropertiesOfDevice(const IOKit::Device &dev)
+{
+ /*
+ Many of these properties are only defined on the "IOUSBDevice" plane, so
+ will be non-empty on the third iteration.
+ */
+ try
+ {
+ std::string vendorName, productName, serialNumber, name;
+
+ uint32_t vendorID, productID;
+ bool isPCCard;
+
+ CFRef<CFStringRef> ioName = dev.property<CFStringRef>(kzIOPCCardIONameKey);
+ if (ioName)
+ name = cfString(ioName);
+
+ getVendorAndProductID(dev, vendorID, productID, isPCCard);
+
+ if (CFRef<CFStringRef> cfSerialString = dev.property<CFStringRef>(kzIOUSBSerialNumberKey))
+ serialNumber = cfString(cfSerialString);
+
+ if (isPCCard)
+ {
+ if (CFRef<CFArrayRef> cfVersionOne = dev.property<CFArrayRef>(kIOPCCardVersionOneMatchKey))
+ if (CFArrayGetCount(cfVersionOne) > 1)
+ {
+ CFStringRef cfVendorString = (CFStringRef)CFArrayGetValueAtIndex(cfVersionOne, 0);
+ if (cfVendorString)
+ vendorName = cfString(cfVendorString);
+
+ CFStringRef cfProductString = (CFStringRef)CFArrayGetValueAtIndex(cfVersionOne, 1);
+ if (cfProductString)
+ productName = cfString(cfProductString);
+ }
+
+ uint32_t address;
+ deviceMemoryAddress(dev, address);
+ }
+ else
+ {
+ if (CFRef<CFStringRef> cfVendorString = dev.property<CFStringRef>(kzIOUSBVendorNameKey))
+ vendorName = cfString(cfVendorString);
+
+ if (CFRef<CFStringRef> cfProductString = dev.property<CFStringRef>(kzIOUSBProductNameKey))
+ productName = cfString(cfProductString);
+ }
+
+ secdebug("scsel", "--- properties: service: 0x%04X, name: %s, vendor/product: 0x%04X/0x%04X, vendor: %s, product: %s, serial: %s",
+ dev.ioObject(), name.c_str(), vendorID, productID,
+ vendorName.c_str(), productName.c_str(), serialNumber.c_str());
+ }
+ catch (...)
+ {
+ secdebug("scsel", " exception in displayPropertiesOfDevice - ignoring error");
+ }
+}
+
+void PCSCDMonitor::displayPropertiesOfDevice(io_service_t service)
+{
+ kern_return_t kr;
+ CFMutableDictionaryRef properties = NULL;
+
+ // get a copy of the in kernel registry object
+ kr = IORegistryEntryCreateCFProperties(service, &properties, kCFAllocatorDefault, 0);
+ if (kr != KERN_SUCCESS)
+ {
+ printf("IORegistryEntryCreateCFProperties failed with %x\n", kr);
+ }
+ else
+ if (properties)
+ {
+// CFShow(properties);
+ CFRelease(properties);
+ }
+
+ try
+ {
+ std::string vendorName, productName, serialNumber, name;
+
+ uint32_t vendorID, productID;
+ bool isPCCard;
+
+ CFRef<CFStringRef> ioName = static_cast<CFStringRef>(::IORegistryEntryCreateCFProperty(
+ service, CFSTR(kzIOPCCardIONameKey), kCFAllocatorDefault, 0));
+ if (ioName)
+ name = cfString(ioName);
+
+// getVendorAndProductID(dev, vendorID, productID, isPCCard);
+
+ CFRef<CFStringRef> cfSerialString = static_cast<CFStringRef>(::IORegistryEntryCreateCFProperty(
+ service, CFSTR(kzIOUSBSerialNumberKey), kCFAllocatorDefault, 0));
+ if (cfSerialString)
+ serialNumber = cfString(cfSerialString);
+
+ if (isPCCard)
+ {
+ CFRef<CFArrayRef> cfVersionOne = static_cast<CFArrayRef>(::IORegistryEntryCreateCFProperty(
+ service, CFSTR(kIOPCCardVersionOneMatchKey), kCFAllocatorDefault, 0));
+ if (cfVersionOne && (CFArrayGetCount(cfVersionOne) > 1))
+ {
+ CFStringRef cfVendorString = (CFStringRef)CFArrayGetValueAtIndex(cfVersionOne, 0);
+ if (cfVendorString)
+ vendorName = cfString(cfVendorString);
+
+ CFStringRef cfProductString = (CFStringRef)CFArrayGetValueAtIndex(cfVersionOne, 1);
+ if (cfProductString)
+ productName = cfString(cfProductString);
+ }
+
+ uint32_t address;
+ deviceMemoryAddress(service, address);
+ }
+ else
+ {
+ CFRef<CFStringRef> cfVendorString = static_cast<CFStringRef>(::IORegistryEntryCreateCFProperty(
+ service, CFSTR(kzIOUSBVendorNameKey), kCFAllocatorDefault, 0));
+ if (cfVendorString)
+ vendorName = cfString(cfVendorString);
+
+ CFRef<CFStringRef> cfProductString = static_cast<CFStringRef>(::IORegistryEntryCreateCFProperty(
+ service, CFSTR(kzIOUSBProductNameKey), kCFAllocatorDefault, 0));
+ if (cfProductString)
+ productName = cfString(cfProductString);
+ }
+
+ secdebug("scsel", "--- properties: service: 0x%04X, name: %s, vendor/product: 0x%04X/0x%04X, vendor: %s, product: %s, serial: %s",
+ service, name.c_str(), vendorID, productID,
+ vendorName.c_str(), productName.c_str(), serialNumber.c_str());
+ }
+ catch (...)
+ {
+ secdebug("scsel", " exception in displayPropertiesOfDevice - ignoring error");
+ }
+}
+
+void PCSCDMonitor::dumpDevices()
+{
+ secdebug("pcsc", "------------------ Device Map ------------------");
+ for (DeviceMap::iterator it = mDevices.begin();it!=mDevices.end();++it)
+ {
+ PCSCD::Device *dev = static_cast<PCSCD::Device *>(it->second);
+ dev->dump();
+ }
+ secdebug("pcsc", "------------------------------------------------");
+}
+
+#if 0
+static void dumpdictentry(const void *key, const void *value, void *context)
+{
+ secdebug("dumpd", " dictionary key: %s, val: %p, CFGetTypeID: %d", cfString((CFStringRef)key).c_str(), value, (int)CFGetTypeID(value));
+}
+#endif
+
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/pcscdmonitor.h
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/pcscdmonitor.h (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/pcscdmonitor.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,191 @@
+/*
+ * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+
+//
+// pcscmonitor - use PCSC to monitor smartcard reader/card state for securityd
+//
+#ifndef _H_PCSCDMONITOR
+#define _H_PCSCDMONITOR
+
+#include <security_utilities/powerwatch.h>
+#include <security_utilities/pcsc++.h>
+#include <security_utilities/refcount.h>
+#include <security_utilities/iodevices.h>
+#include <security_utilities/threading.h>
+#include <securityd_client/ssclient.h>
+
+#include "pcscdserver.h"
+#include "PCSCDevice.h"
+#include "PCSCDriverBundles.h"
+
+typedef int32_t (*addDeviceCallback)(const char *name, uint32_t address, const char *pathLibrary, const char *pathDevice);
+typedef int32_t (*removeDeviceCallback)(const char *name, uint32_t address);
+typedef int32_t (*willSleepCallback)();
+typedef int32_t (*isWakingCallback)();
+
+#if defined(__cplusplus)
+
+class PCSCDMonitor;
+
+class TerminationNoticeReceiver : public IOKit::NotificationPort::Receiver
+{
+public:
+ TerminationNoticeReceiver(PCSCDMonitor &parent) : mParent(parent) {}
+ virtual ~TerminationNoticeReceiver();
+
+ virtual void ioChange(IOKit::DeviceIterator &iterator);
+ virtual void ioServiceChange(void *refCon, io_service_t service, //IOServiceInterestCallback
+ natural_t messageType, void *messageArgument);
+
+ virtual PCSCDMonitor &parent() { return mParent; }
+
+private:
+ PCSCDMonitor &mParent;
+};
+
+//
+// A PCSCMonitor uses PCSC to monitor the state of smartcard readers and
+// tokens (cards) in the system, and dispatches messages and events to the
+// various related players in securityd. There should be at most one of these
+// objects active within securityd.
+//
+class PCSCDMonitor :
+ private MachPlusPlus::MachServer::Timer,
+ private IOKit::NotificationPort::Receiver,
+ private MachPlusPlus::PowerWatcher
+{
+public:
+
+ friend class TerminationNoticeReceiver;
+
+ PCSCDMonitor(PCSCD::Server &server, PCSCD::DriverBundles &drivers);
+ void setCallbacks(addDeviceCallback theAddDeviceCallback, removeDeviceCallback theRemoveDeviceCallback,
+ willSleepCallback theWillSleepCallback, isWakingCallback theIsWakingCallback)
+ { mAddDeviceCallback = theAddDeviceCallback; mRemoveDeviceCallback = theRemoveDeviceCallback;
+ mWillSleepCallback = theWillSleepCallback; mIsWakingCallback = theIsWakingCallback; }
+
+ static void postNotification(const SecurityServer::NotificationEvent event);
+
+ void systemAwakeAndReadyCheck();
+
+protected:
+
+ PCSCD::Server &server;
+ PCSCD::DriverBundles &drivers;
+ addDeviceCallback mAddDeviceCallback;
+ removeDeviceCallback mRemoveDeviceCallback;
+ willSleepCallback mWillSleepCallback;
+ isWakingCallback mIsWakingCallback;
+
+protected:
+ // MachServer::Timer
+ void action();
+
+ // NotificationPort::Receiver
+ void ioChange(IOKit::DeviceIterator &iterator);
+ void ioServiceChange(void *refCon, io_service_t service, natural_t messageType, void *messageArgument);
+
+ // PowerWatcher
+ void systemWillSleep();
+ void systemIsWaking();
+
+protected:
+ void scheduleTimer(bool enable);
+ void initialSetup();
+ void noDeviceTimeout();
+
+ enum DeviceSupport
+ {
+ impossible, // certain this is not a smartcard
+ definite, // definitely a smartcard device
+ possible // perhaps... we're not sure
+ };
+ DeviceSupport deviceSupport(const IOKit::Device &dev);
+
+ void addDevice(const IOKit::Device &dev);
+ void removeDevice(io_service_t service, uint32_t address);
+ void removeDeviceByName(const IOKit::Device &dev);
+ bool hasLegacyDriver(const IOKit::Device &dev);
+ bool isExcludedDevice(const IOKit::Device &dev);
+ void scheduleAddInterestNotification(io_service_t serviceOfInterest);
+ void addInterestNotification();
+ void removeAllDevices();
+ void AddIOKitNotifications();
+ void RemoveIOKitNotifications();
+ void rescanExistingDevices();
+
+ typedef std::map<uint32_t, RefPointer<PCSCD::Device> > DeviceMap;
+ DeviceMap mDevices;
+
+ mutable Mutex mDeviceMapLock;
+
+ void insert(pair<uint32_t, RefPointer<PCSCD::Device> > devicepair) { StLock<Mutex> _(mDeviceMapLock); mDevices.insert(devicepair); }
+ void remove(DeviceMap::iterator it) { StLock<Mutex> _(mDeviceMapLock); mDevices.erase(it); }
+
+private:
+ void (PCSCDMonitor::*mTimerAction)(); // what to do when our timer fires
+ bool mGoingToSleep; // between sleep and wakeup; special timer handling
+
+ mutable Mutex mLock;
+
+ IOKit::MachPortNotificationPort mIOKitNotifier; // IOKit connection
+ TerminationNoticeReceiver mTerminationNoticeReceiver;
+
+ io_object_t mRemoveNotification;
+ io_service_t mServiceOfInterest;
+
+ bool mSleepWakePeriod;
+ mutable Mutex mSleepWakePeriodLock;
+ mutable Mutex mWakeConditionLock;
+ Condition mWakeConditionVariable;
+ bool isSleepWakePeriod() const;
+ void sleepWakePeriod(bool isASleepWakePeriod);
+ void setSystemIsAwakeCondition(bool isAwake);
+
+ bool findDevice(const IOKit::Device &dev, DeviceMap::iterator &it);
+ bool findDeviceByName(const IOKit::Device &dev, DeviceMap::iterator &outit);
+ void updateDevice(const IOKit::Device &dev);
+ void setDeviceProperties(const IOKit::Device &dev, PCSCD::Device &device);
+
+ static void getVendorAndProductID(const IOKit::Device &dev, uint32_t &vendorID, uint32_t &productID, bool &isPCCard);
+ static bool deviceIsPCCard(const IOKit::Device &dev);
+ static bool deviceIsPCCard(io_service_t service);
+ static bool deviceAddress(io_service_t service, uint32_t &address);
+ static bool deviceAddress(const IOKit::Device &dev, uint32_t &address);
+ static bool deviceMemoryAddress(const IOKit::Device &dev, uint32_t &address);
+ static bool deviceMemoryAddress(io_service_t service, uint32_t &address);
+ static bool deviceMemoryAddressCore(CFArrayRef cfDeviceMemory, std::string path, uint32_t &address);
+ static bool addressFromPath(std::string path, uint32_t &address);
+
+ // debug
+ void setDebugPropertiesForDevice(const IOKit::Device &dev, PCSCD::Device* newDevice);
+ static void displayPropertiesOfDevice(const IOKit::Device &dev);
+ static void displayPropertiesOfDevice(io_service_t service);
+ void dumpDevices();
+};
+
+#endif /* __cplusplus__ */
+
+#endif //_H_PCSCDMONITOR
+
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/pcscdserver.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/pcscdserver.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/pcscdserver.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,137 @@
+/*
+ * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+//
+// server - pcscd main server object
+//
+#include "pcscdserver.h"
+#include <mach/mach_error.h>
+
+using namespace Security;
+using namespace MachPlusPlus;
+
+namespace PCSCD {
+
+Server::Server(const char *bootstrapName) : MachServer(bootstrapName),
+ mBootstrapName(bootstrapName)
+{
+ // Construct the server object
+ // engage the subsidiary port handler for sleep notifications
+ add(sleepWatcher);
+}
+
+Server::~Server()
+{
+ // Clean up the server object
+}
+
+void Server::run()
+{
+ // Run the server. This will not return until the server is forced to exit.
+ MachServer::run(0x10000,
+ MACH_RCV_TRAILER_TYPE(MACH_MSG_TRAILER_FORMAT_0) |
+ MACH_RCV_TRAILER_ELEMENTS(MACH_RCV_TRAILER_AUDIT));
+}
+
+//
+// Handle thread overflow. MachServer will call this if it has hit its thread
+// limit and yet still needs another thread.
+//
+void Server::threadLimitReached(UInt32 limit)
+{
+// Syslog::notice("pcscd has reached its thread limit (%ld) - service deadlock is possible",
+// limit);
+}
+
+void Server::notifyDeadName(Port port)
+{
+ // Handling dead-port notifications.
+ // This receives DPNs for all kinds of ports we're interested in.
+ StLock<Mutex> _(mLock);
+ secdebug("SSports", "port %d is dead", port.port());
+
+ // well, what IS IT?!
+ secdebug("server", "spurious dead port notification for port %d", port.port());
+}
+
+//
+// Handling no-senders notifications.
+// This is currently only used for (subsidiary) service ports
+//
+void Server::notifyNoSenders(Port port, mach_port_mscount_t)
+{
+ secdebug("SSports", "port %d no senders", port.port());
+// Session::destroy(port);
+}
+
+void Server::notifyIfDead(MachPlusPlus::Port port, bool doNotify) const
+{
+ secdebug("SSports", "port %d is dead", port.port());
+ MachServer::notifyIfDead(port, doNotify);
+}
+
+void Server::notifyIfUnused(MachPlusPlus::Port port, bool doNotify) const
+{
+ secdebug("SSports", "port %d is dead", port.port());
+ MachServer::notifyIfUnused(port, doNotify);
+}
+
+void Server::SleepWatcher::systemWillSleep()
+{
+ // Notifier for system sleep events
+ secdebug("SS", "sleep notification received");
+// Session::processSystemSleep();
+ secdebug("server", "distributing sleep event to %ld clients", mPowerClients.size());
+ for (set<PowerWatcher *>::const_iterator it = mPowerClients.begin(); it != mPowerClients.end(); it++)
+ (*it)->systemWillSleep();
+}
+
+void Server::SleepWatcher::systemIsWaking()
+{
+ secdebug("server", "distributing wakeup event to %ld clients", mPowerClients.size());
+ for (set<PowerWatcher *>::const_iterator it = mPowerClients.begin(); it != mPowerClients.end(); it++)
+ (*it)->systemIsWaking();
+}
+
+void Server::SleepWatcher::add(PowerWatcher *client)
+{
+ assert(mPowerClients.find(client) == mPowerClients.end());
+ mPowerClients.insert(client);
+}
+
+void Server::SleepWatcher::remove(PowerWatcher *client)
+{
+ assert(mPowerClients.find(client) != mPowerClients.end());
+ mPowerClients.erase(client);
+}
+
+boolean_t Server::handle(mach_msg_header_t *in, mach_msg_header_t *out)
+{
+ // The primary server run-loop function
+ secdebug("SSreq", "Server::handle(mach_msg_header_t *in, mach_msg_header_t *out)");
+ return false;
+}
+
+
+} // end namespace PCSCD
+
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/pcscdserver.h
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/pcscdserver.h (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/pcscdserver.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,101 @@
+/*
+ * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+//
+// pcscdserver - stripped down securityd main server object
+//
+#ifndef _H_PCSCDSERVER
+#define _H_PCSCDSERVER
+
+#include <security_utilities/machserver.h>
+#include <security_utilities/powerwatch.h>
+#include <map>
+
+#if defined(__cplusplus)
+
+namespace PCSCD {
+//
+// The server object itself. This is the "go to" object for anyone who wants
+// to access the server's global state. It runs the show.
+// There is only one Server, and its name is Server::active().
+//
+
+class Server : public MachPlusPlus::MachServer
+{
+public:
+ Server(const char *bootstrapName);
+ ~Server();
+
+ // run the server until it shuts down
+ void run();
+
+ //
+ // Retrieve pieces of the Server's object web.
+ // These are all static methods that use the active() Server of this thread.
+ //
+ static Server &active() { return safer_cast<Server &>(MachServer::active()); }
+ static const char *bootstrapName() { return active().mBootstrapName.c_str(); }
+
+protected:
+ // implementation methods of MachServer
+ boolean_t handle(mach_msg_header_t *in, mach_msg_header_t *out);
+ void notifyDeadName(MachPlusPlus::Port port);
+ void notifyNoSenders(MachPlusPlus::Port port, mach_port_mscount_t);
+ void threadLimitReached(UInt32 count);
+ // request port status notifications (override virtual methods below to receive)
+ virtual void notifyIfDead(MachPlusPlus::Port port, bool doNotify = true) const;
+ virtual void notifyIfUnused(MachPlusPlus::Port port, bool doNotify = true) const;
+
+private:
+ class SleepWatcher : public MachPlusPlus::PortPowerWatcher
+ {
+ public:
+ void systemWillSleep();
+ void systemIsWaking();
+
+ void add(PowerWatcher *client);
+ void remove(PowerWatcher *client);
+
+ private:
+ set<PowerWatcher *> mPowerClients;
+ };
+
+ SleepWatcher sleepWatcher;
+
+public:
+ using MachServer::add;
+ using MachServer::remove;
+ void add(MachPlusPlus::PowerWatcher *client) { StLock<Mutex> _(mLock); sleepWatcher.add(client); }
+ void remove(MachPlusPlus::PowerWatcher *client) { StLock<Mutex> _(mLock); sleepWatcher.remove(client); }
+
+private:
+ // mach bootstrap registration name
+ std::string mBootstrapName;
+ mutable Mutex mLock;
+};
+
+} // end namespace PCSCD
+
+#endif /* __cplusplus__ */
+
+#endif //_H_PCSCDSERVER
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/pcscexport.h
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/pcscexport.h (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/pcscexport.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,62 @@
+/*
+ * This handles GCC attributes
+ *
+ * MUSCLE SmartCard Development ( http://www.linuxnet.com )
+ *
+ * Copyright (C) 2005
+ * Ludovic Rousseau <ludovic.rousseau at free.fr>
+ *
+ * $Id: misc.h 2188 2006-10-19 11:29:29Z rousseau $
+ */
+
+#ifndef __misc_h__
+#define __misc_h__
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+
+/*
+ * Declare the function as internal to the library: the function name is
+ * not exported and can't be used by a program linked to the library
+ *
+ * see http://gcc.gnu.org/onlinedocs/gcc-3.3.5/gcc/Function-Attributes.html#Function-Attributes
+ * see http://www.nedprod.com/programs/gccvisibility.html
+ */
+#if defined __GNUC__ && (__GNUC__ >= 4 || (__GNUC__ == 3 && __GNUC_MINOR__ >= 3))
+#define INTERNAL __attribute__ ((visibility("hidden")))
+/*
+#define PCSC_API __attribute__ ((visibility("default")))
+We don't want to change how this was defined in previous versions*/
+#define PCSC_API
+#else
+#define INTERNAL
+#define PCSC_API
+#endif
+#define EXTERNAL PCSC_API
+
+#if defined __GNUC__
+
+/* GNU Compiler Collection (GCC) */
+#define CONSTRUCTOR __attribute__ ((constructor))
+#define DESTRUCTOR __attribute__ ((destructor))
+
+#else
+
+/* SUN C compiler does not use __attribute__ but #pragma init (function)
+ * We can't use a # inside a #define so it is not possible to use
+ * #define CONSTRUCTOR_DECLARATION(x) #pragma init (x)
+ * The #pragma is used directly where needed */
+
+/* any other */
+#define CONSTRUCTOR
+#define DESTRUCTOR
+
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __misc_h__ */
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/pcsclite.h
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/pcsclite.h (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/pcsclite.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,291 @@
+/*
+ * Copyright (c) 2000-2006 Apple Computer, Inc. All rights reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * The contents of this file constitute Original Code as defined in and
+ * are subject to the Apple Public Source License Version 1.1 (the
+ * "License"). You may not use this file except in compliance with the
+ * License. Please obtain a copy of the License at
+ * http://www.apple.com/publicsource and read it before using this file.
+ *
+ * This Original Code and all software distributed under the License are
+ * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the
+ * License for the specific language governing rights and limitations
+ * under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * MUSCLE SmartCard Development ( http://www.linuxnet.com )
+ *
+ * Copyright (C) 1999-2004
+ * David Corcoran <corcoran at linuxnet.com>
+ * Ludovic Rousseau <ludovic.rousseau at free.fr>
+ *
+ * $Id: pcsclite.h.in 2124 2006-08-07 14:18:52Z rousseau $
+ */
+
+/**
+ * @file
+ * @brief This keeps a list of defines for pcsc-lite.
+ */
+
+#ifndef __pcsclite_h__
+#define __pcsclite_h__
+
+#include <stdint.h>
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+
+typedef int32_t SCARDCONTEXT;
+typedef SCARDCONTEXT *PSCARDCONTEXT;
+typedef SCARDCONTEXT *LPSCARDCONTEXT;
+typedef int32_t SCARDHANDLE;
+typedef SCARDHANDLE *PSCARDHANDLE;
+typedef SCARDHANDLE *LPSCARDHANDLE;
+
+#define MAX_ATR_SIZE 33 /**< Maximum ATR size */
+
+/* Set structure elements aligment on bytes
+ * http://gcc.gnu.org/onlinedocs/gcc/Structure_002dPacking-Pragmas.html */
+#ifdef __APPLE__
+#pragma pack(1)
+#else
+#pragma pack(push, 1)
+#endif
+
+typedef struct
+{
+ const char *szReader;
+ void *pvUserData;
+ uint32_t dwCurrentState;
+ uint32_t dwEventState;
+ uint32_t cbAtr;
+ unsigned char rgbAtr[MAX_ATR_SIZE];
+}
+SCARD_READERSTATE_A;
+
+typedef SCARD_READERSTATE_A SCARD_READERSTATE, *PSCARD_READERSTATE_A,
+ *LPSCARD_READERSTATE_A;
+
+typedef struct _SCARD_IO_REQUEST
+{
+ uint32_t dwProtocol; /* Protocol identifier */
+ uint32_t cbPciLength; /* Protocol Control Inf Length */
+}
+SCARD_IO_REQUEST, *PSCARD_IO_REQUEST, *LPSCARD_IO_REQUEST;
+
+typedef const SCARD_IO_REQUEST *LPCSCARD_IO_REQUEST;
+
+extern SCARD_IO_REQUEST g_rgSCardT0Pci, g_rgSCardT1Pci,
+ g_rgSCardRawPci;
+
+/* restore default structure elements alignment */
+#ifdef __APPLE__
+#pragma pack()
+#else
+#pragma pack(pop)
+#endif
+
+#define SCARD_PCI_T0 (&g_rgSCardT0Pci)
+#define SCARD_PCI_T1 (&g_rgSCardT1Pci)
+#define SCARD_PCI_RAW (&g_rgSCardRawPci)
+
+#define SCARD_S_SUCCESS 0x00000000
+#define SCARD_E_CANCELLED 0x80100002
+#define SCARD_E_CANT_DISPOSE 0x8010000E
+#define SCARD_E_INSUFFICIENT_BUFFER 0x80100008
+#define SCARD_E_INVALID_ATR 0x80100015
+#define SCARD_E_INVALID_HANDLE 0x80100003
+#define SCARD_E_INVALID_PARAMETER 0x80100004
+#define SCARD_E_INVALID_TARGET 0x80100005
+#define SCARD_E_INVALID_VALUE 0x80100011
+#define SCARD_E_NO_MEMORY 0x80100006
+#define SCARD_F_COMM_ERROR 0x80100013
+#define SCARD_F_INTERNAL_ERROR 0x80100001
+#define SCARD_F_UNKNOWN_ERROR 0x80100014
+#define SCARD_F_WAITED_TOO_LONG 0x80100007
+#define SCARD_E_UNKNOWN_READER 0x80100009
+#define SCARD_E_TIMEOUT 0x8010000A
+#define SCARD_E_SHARING_VIOLATION 0x8010000B
+#define SCARD_E_NO_SMARTCARD 0x8010000C
+#define SCARD_E_UNKNOWN_CARD 0x8010000D
+#define SCARD_E_PROTO_MISMATCH 0x8010000F
+#define SCARD_E_NOT_READY 0x80100010
+#define SCARD_E_SYSTEM_CANCELLED 0x80100012
+#define SCARD_E_NOT_TRANSACTED 0x80100016
+#define SCARD_E_READER_UNAVAILABLE 0x80100017
+
+#define SCARD_W_UNSUPPORTED_CARD 0x80100065
+#define SCARD_W_UNRESPONSIVE_CARD 0x80100066
+#define SCARD_W_UNPOWERED_CARD 0x80100067
+#define SCARD_W_RESET_CARD 0x80100068
+#define SCARD_W_REMOVED_CARD 0x80100069
+
+#define SCARD_E_PCI_TOO_SMALL 0x80100019
+#define SCARD_E_READER_UNSUPPORTED 0x8010001A
+#define SCARD_E_DUPLICATE_READER 0x8010001B
+#define SCARD_E_CARD_UNSUPPORTED 0x8010001C
+#define SCARD_E_NO_SERVICE 0x8010001D
+#define SCARD_E_SERVICE_STOPPED 0x8010001E
+
+#define SCARD_SCOPE_USER 0x0000 /**< Scope in user space */
+#define SCARD_SCOPE_TERMINAL 0x0001 /**< Scope in terminal */
+#define SCARD_SCOPE_SYSTEM 0x0002 /**< Scope in system */
+
+#define SCARD_PROTOCOL_UNSET 0x0000 /**< protocol not set */
+#define SCARD_PROTOCOL_T0 0x0001 /**< T=0 active protocol. */
+#define SCARD_PROTOCOL_T1 0x0002 /**< T=1 active protocol. */
+#define SCARD_PROTOCOL_RAW 0x0004 /**< Raw active protocol. */
+#define SCARD_PROTOCOL_T15 0x0008 /**< T=15 protocol. */
+
+#define SCARD_PROTOCOL_ANY (SCARD_PROTOCOL_T0|SCARD_PROTOCOL_T1) /**< IFD determines prot. */
+
+#define SCARD_SHARE_EXCLUSIVE 0x0001 /**< Exclusive mode only */
+#define SCARD_SHARE_SHARED 0x0002 /**< Shared mode only */
+#define SCARD_SHARE_DIRECT 0x0003 /**< Raw mode only */
+
+#define SCARD_LEAVE_CARD 0x0000 /**< Do nothing on close */
+#define SCARD_RESET_CARD 0x0001 /**< Reset on close */
+#define SCARD_UNPOWER_CARD 0x0002 /**< Power down on close */
+#define SCARD_EJECT_CARD 0x0003 /**< Eject on close */
+
+#define SCARD_UNKNOWN 0x0001 /**< Unknown state */
+#define SCARD_ABSENT 0x0002 /**< Card is absent */
+#define SCARD_PRESENT 0x0004 /**< Card is present */
+#define SCARD_SWALLOWED 0x0008 /**< Card not powered */
+#define SCARD_POWERED 0x0010 /**< Card is powered */
+#define SCARD_NEGOTIABLE 0x0020 /**< Ready for PTS */
+#define SCARD_SPECIFIC 0x0040 /**< PTS has been set */
+
+#define SCARD_STATE_UNAWARE 0x0000 /**< App wants status */
+#define SCARD_STATE_IGNORE 0x0001 /**< Ignore this reader */
+#define SCARD_STATE_CHANGED 0x0002 /**< State has changed */
+#define SCARD_STATE_UNKNOWN 0x0004 /**< Reader unknown */
+#define SCARD_STATE_UNAVAILABLE 0x0008 /**< Status unavailable */
+#define SCARD_STATE_EMPTY 0x0010 /**< Card removed */
+#define SCARD_STATE_PRESENT 0x0020 /**< Card inserted */
+#define SCARD_STATE_ATRMATCH 0x0040 /**< ATR matches card */
+#define SCARD_STATE_EXCLUSIVE 0x0080 /**< Exclusive Mode */
+#define SCARD_STATE_INUSE 0x0100 /**< Shared Mode */
+#define SCARD_STATE_MUTE 0x0200 /**< Unresponsive card */
+#define SCARD_STATE_UNPOWERED 0x0400 /**< Unpowered card */
+
+/** PC/SC Lite specific extensions */
+#define SCARD_W_INSERTED_CARD 0x8010006A
+#define SCARD_E_UNSUPPORTED_FEATURE 0x8010001F
+
+#define SCARD_SCOPE_GLOBAL 0x0003 /**< Scope is global */
+
+#define SCARD_RESET 0x0001 /**< Card was reset */
+#define SCARD_INSERTED 0x0002 /**< Card was inserted */
+#define SCARD_REMOVED 0x0004 /**< Card was removed */
+
+#define BLOCK_STATUS_RESUME 0x00FF /**< Normal resume */
+#define BLOCK_STATUS_BLOCKING 0x00FA /**< Function is blocking */
+
+#define PCSCLITE_CONFIG_DIR "/etc"
+
+#ifndef USE_IPCDIR
+#define PCSCLITE_IPC_DIR "/var/run"
+#else
+#define PCSCLITE_IPC_DIR USE_IPCDIR
+#endif
+
+#define PCSCLITE_READER_CONFIG PCSCLITE_CONFIG_DIR "/reader.conf"
+#define PCSCLITE_PUBSHM_FILE PCSCLITE_IPC_DIR "/pcscd.pub"
+#define PCSCLITE_CSOCK_NAME PCSCLITE_IPC_DIR "/pcscd.comm"
+
+#define PCSCLITE_SVC_IDENTITY 0x01030000 /**< Service ID */
+
+#ifndef INFINITE
+#define INFINITE 0xFFFFFFFF /**< Infinite timeout */
+#endif
+#define PCSCLITE_INFINITE_TIMEOUT 4320000 /**< 50 day infinite t/o */
+
+#define PCSCLITE_VERSION_NUMBER "1.4.0" /**< Current version */
+#define PCSCLITE_CLIENT_ATTEMPTS 120 /**< Attempts to reach sv */
+#define PCSCLITE_MCLIENT_ATTEMPTS 20 /**< Attempts to reach sv */
+#define PCSCLITE_STATUS_POLL_RATE 400000 /**< Status polling rate */
+#define PCSCLITE_MSG_KEY_LEN 16 /**< App ID key length */
+#define PCSCLITE_RW_ATTEMPTS 100 /**< Attempts to rd/wrt */
+
+/** Maximum applications */
+#define PCSCLITE_MAX_APPLICATIONS 16
+/** Maximum contexts by application */
+#define PCSCLITE_MAX_APPLICATION_CONTEXTS 16
+/** Maximum of applications contexts that pcscd can accept */
+#define PCSCLITE_MAX_APPLICATIONS_CONTEXTS \
+ PCSCLITE_MAX_APPLICATIONS * PCSCLITE_MAX_APPLICATION_CONTEXTS
+/** Maximum channels on a reader context */
+#define PCSCLITE_MAX_READER_CONTEXT_CHANNELS 16
+/** Maximum channels on an application context */
+#define PCSCLITE_MAX_APPLICATION_CONTEXT_CHANNELS 16
+/** Maximum readers context (a slot is count as a reader) */
+#define PCSCLITE_MAX_READERS_CONTEXTS 16
+
+/* PCSCLITE_MAX_READERS is deprecated
+ * use PCSCLITE_MAX_READERS_CONTEXTS instead */
+/* extern int PCSCLITE_MAX_READERS __attribute__ ((deprecated)); */
+
+#define PCSCLITE_MAX_THREADS 16 /**< Stat change threads */
+#define PCSCLITE_STATUS_WAIT 200000 /**< Status Change Sleep */
+#define PCSCLITE_TRANSACTION_TIMEOUT 40 /**< Transaction timeout */
+#define MAX_READERNAME 52
+#define MAX_LIBNAME 100
+#define MAX_DEVICENAME 255
+
+#ifndef SCARD_ATR_LENGTH
+#define SCARD_ATR_LENGTH MAX_ATR_SIZE /**< Maximum ATR size */
+#endif
+
+/* These are deprecated */
+#define PCSCLITE_MAX_CHANNELS 16 /* Maximum channels */
+#define PCSCLITE_MAX_CONTEXTS 16 /* Maximum readers */
+#define PCSCLITE_MAX_COMSIZE 64 /* Maximum arg size */
+
+/*
+ * Enhanced messaging has been added to accomodate newer devices which have
+ * more advanced capabilites, such as dedicated secure co-processors which
+ * can stream and encrypt data over USB. In order to used enhanced messaging
+ * you must define PCSCLITE_ENHANCED_MESSAGING in the framework(library),
+ * the daemon, and your application
+ */
+
+/*
+ * The message and buffer sizes must be multiples of 16.
+ * The max message size must be at least large enough
+ * to accomodate the transmit_struct
+ */
+
+#ifndef PCSCLITE_ENHANCED_MESSAGING
+#define PCSCLITE_MAX_MESSAGE_SIZE 2048 /**< Transport msg len */
+#define MAX_BUFFER_SIZE 264 /**< Maximum Tx/Rx Buffer for short APDU */
+#define PCSCLITE_SERVER_ATTEMPTS 5 /**< Attempts to reach cl */
+#else
+#define PCSCLITE_MAX_MESSAGE_SIZE (1<<17) /* enhanced (128K) msg len */
+#define MAX_BUFFER_SIZE (1<<15) /* enhanced (32K) Tx/Rx Buffer */
+#define PCSCLITE_SERVER_ATTEMPTS 200 /* To allow larger data reads/writes */
+#endif
+
+#define MAX_BUFFER_SIZE_EXTENDED (4 + 3 + (1<<16) + 3) /**< enhanced (64K + APDU + Lc + Le) Tx/Rx Buffer */
+
+/*
+ * Gets a stringified error response
+ */
+char *pcsc_stringify_error(int32_t err);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
+
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/powermgt_generic.h
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/powermgt_generic.h (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/powermgt_generic.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,53 @@
+/*
+ * Copyright (c) 2000-2002 Apple Computer, Inc. All Rights Reserved.
+ * The contents of this file constitute Original Code as defined in and are
+ * subject to the Apple Public Source License Version 1.2 (the 'License').
+ * You may not use this file except in compliance with the License. Please
+ * obtain a copy of the License at http://www.apple.com/publicsource and
+ * read it before using this file.
+ *
+ * This Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS
+ * FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please
+ * see the License for the specific language governing rights and
+ * limitations under the License.
+ */
+
+/******************************************************************
+
+ MUSCLE SmartCard Development ( http://www.linuxnet.com )
+ Title : powermgt_generic.h
+ Package: pcsc lite
+ Author : David Corcoran
+ Date : 04/22/02
+ License: Copyright (C) 2002 David Corcoran
+ <corcoran at linuxnet.com>
+ Purpose: This handles power management routines.
+
+$Id: powermgt_generic.h,v 1.2 2003/02/13 20:06:28 ghoo Exp $
+
+********************************************************************/
+
+#ifndef __powermgt_generic_h__
+#define __powermgt_generic_h__
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+
+
+/*
+ * Registers for Power Management callbacks
+ */
+
+ULONG PMRegisterForPowerEvents();
+
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/powermgt_macosx.c
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/powermgt_macosx.c (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/powermgt_macosx.c 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,113 @@
+/*
+ * Copyright (c) 2000 Apple Computer, Inc. All rights reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * The contents of this file constitute Original Code as defined in and
+ * are subject to the Apple Public Source License Version 1.1 (the
+ * "License"). You may not use this file except in compliance with the
+ * License. Please obtain a copy of the License at
+ * http://www.apple.com/publicsource and read it before using this file.
+ *
+ * This Original Code and all software distributed under the License are
+ * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the
+ * License for the specific language governing rights and limitations
+ * under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+/*
+cc test2.c -o pm_callback -Wall -Wno-four-char-constants -framework IOKit -framework CoreFoundation
+*/
+
+#include <ctype.h>
+#include <stdlib.h>
+#include <stdio.h>
+
+#include <mach/mach_port.h>
+#include <mach/mach_interface.h>
+#include <mach/mach_init.h>
+
+#include <IOKit/pwr_mgt/IOPMLib.h>
+#include <IOKit/IOMessage.h>
+
+#include "config.h"
+#include "wintypes.h"
+#include "pcsclite.h"
+#include "debuglog.h"
+#include "readerfactory.h"
+#include "thread_generic.h"
+#include "hotplug.h"
+
+
+static io_connect_t root_port;
+static IONotificationPortRef notify;
+static io_object_t anIterator;
+
+PCSCLITE_THREAD_T pmgmtThread;
+extern PCSCLITE_MUTEX usbNotifierMutex;
+
+void PMPowerRegistrationThread();
+
+
+void PMPowerEventCallback(void * x,io_service_t y,natural_t messageType,void * messageArgument)
+{
+
+ switch ( messageType ) {
+ case kIOMessageCanSystemSleep:
+ IOAllowPowerChange(root_port,(long)messageArgument);
+ break;
+ case kIOMessageSystemWillSleep:
+ DebugLogA("PMPowerEventCallback: system will sleep");
+ SYS_MutexLock(&usbNotifierMutex);
+ // see WrapRFSuspendAllReaders
+ // RFSuspendAllReaders();
+ IOAllowPowerChange(root_port,(long)messageArgument);
+ DebugLogA("PMPowerEventCallback: system allowed to sleep");
+ break;
+ case kIOMessageSystemHasPoweredOn:
+ DebugLogA("PMPowerEventCallback: system has powered on");
+ // see WrapRFSuspendAllReaders
+ // HPSearchHotPluggables();
+ // RFAwakeAllReaders();
+ SYS_MutexUnLock(&usbNotifierMutex);
+ break;
+ case kIOMessageSystemWillPowerOn:
+ DebugLogA("PMPowerEventCallback: system will power on");
+ break;
+ default:
+ DebugLogB("PMPowerEventCallback: unknown event: %d", messageType);
+ break;
+ }
+
+}
+
+void PMPowerRegistrationThread() {
+
+ root_port = IORegisterForSystemPower (0,¬ify,PMPowerEventCallback,&anIterator);
+
+ if ( root_port == 0 ) {
+ printf("IORegisterForSystemPower failed\n");
+ return;
+ }
+
+ CFRunLoopAddSource(CFRunLoopGetCurrent(),
+ IONotificationPortGetRunLoopSource(notify),
+ kCFRunLoopDefaultMode);
+
+ CFRunLoopRun();
+}
+
+ULONG PMRegisterForPowerEvents()
+{
+ LONG rv;
+ DebugLogA("PMRegisterForPowerEvents");
+ rv = SYS_ThreadCreate(&pmgmtThread, THREAD_ATTR_DEFAULT, (LPVOID) PMPowerRegistrationThread, NULL);
+ return 0;
+}
+
+
+
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/prothandler.c
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/prothandler.c (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/prothandler.c 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,185 @@
+/*
+ * Copyright (c) 2000-2007 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * prothandler.c
+ * SmartCardServices
+ */
+
+/*
+ * MUSCLE SmartCard Development ( http://www.linuxnet.com )
+ *
+ * Copyright (C) 1999
+ * David Corcoran <corcoran at linuxnet.com>
+ * Copyright (C) 2004
+ * Ludovic Rousseau <ludovic.rousseau at free.fr>
+ *
+ * $Id: prothandler.c 2377 2007-02-05 13:13:56Z rousseau $
+ */
+
+/**
+ * @file
+ * @brief This handles protocol defaults, PTS, etc.
+ */
+
+#include "config.h"
+#include <string.h>
+
+#include "wintypes.h"
+#include "pcsclite.h"
+#include "ifdhandler.h"
+#include "debuglog.h"
+#include "readerfactory.h"
+#include "prothandler.h"
+#include "atrhandler.h"
+#include "ifdwrapper.h"
+#include "eventhandler.h"
+
+/*
+ * Function: PHGetDefaultProtocol Purpose : To get the default protocol
+ * used immediately after reset. This protocol is returned from the
+ * function.
+ */
+
+UCHAR PHGetDefaultProtocol(const unsigned char *pucAtr, DWORD dwLength)
+{
+ SMARTCARD_EXTENSION sSmartCard;
+
+ /*
+ * Zero out everything
+ */
+ memset(&sSmartCard, 0x00, sizeof(SMARTCARD_EXTENSION));
+
+ if (ATRDecodeAtr(&sSmartCard, pucAtr, dwLength))
+ return sSmartCard.CardCapabilities.CurrentProtocol;
+ else
+ return 0x00;
+}
+
+/*
+ * Function: PHGetAvailableProtocols Purpose : To get the protocols
+ * supported by the card. These protocols are returned from the function
+ * as bit masks.
+ */
+
+UCHAR PHGetAvailableProtocols(const unsigned char *pucAtr, DWORD dwLength)
+{
+ SMARTCARD_EXTENSION sSmartCard;
+
+ /*
+ * Zero out everything
+ */
+ memset(&sSmartCard, 0x00, sizeof(SMARTCARD_EXTENSION));
+
+ if (ATRDecodeAtr(&sSmartCard, pucAtr, dwLength))
+ return sSmartCard.CardCapabilities.AvailableProtocols;
+ else
+ return 0x00;
+}
+
+/*
+ * Function: PHSetProtocol Purpose : To determine which protocol to use.
+ * SCardConnect has a DWORD dwPreferredProtocols that is a bitmask of what
+ * protocols to use. Basically, if T=N where N is not zero will be used
+ * first if it is available in ucAvailable. Otherwise it will always
+ * default to T=0.
+ *
+ * IFDSetPTS() is _always_ called so that the driver can initialise its data
+ */
+
+DWORD PHSetProtocol(struct ReaderContext * rContext,
+ DWORD dwPreferred, UCHAR ucAvailable, UCHAR ucDefault)
+{
+ DWORD protocol;
+ LONG rv;
+ UCHAR ucChosen;
+
+ /* App has specified no protocol */
+ if (dwPreferred == 0)
+ return SET_PROTOCOL_WRONG_ARGUMENT;
+
+ /* requested protocol is not available */
+ if (! (dwPreferred & ucAvailable))
+ {
+ /* Note:
+ * dwPreferred must be either SCARD_PROTOCOL_T0 or SCARD_PROTOCOL_T1
+ * if dwPreferred == SCARD_PROTOCOL_T0 | SCARD_PROTOCOL_T1 the test
+ * (SCARD_PROTOCOL_T0 == dwPreferred) will not work as expected
+ * and the debug message will not be correct.
+ *
+ * This case may only occur if
+ * dwPreferred == SCARD_PROTOCOL_T0 | SCARD_PROTOCOL_T1
+ * and ucAvailable == 0 since we have (dwPreferred & ucAvailable) == 0
+ * and the case ucAvailable == 0 should never occur (the card is at
+ * least T=0 or T=1)
+ */
+ Log2(PCSC_LOG_ERROR, "Protocol T=%d requested but unsupported by the card",
+ (SCARD_PROTOCOL_T0 == dwPreferred) ? 0 : 1);
+ return SET_PROTOCOL_WRONG_ARGUMENT;
+ }
+
+ /* set default value */
+ protocol = ucDefault;
+
+ /* keep only the available protocols */
+ dwPreferred &= ucAvailable;
+
+ /* we try to use T=1 first */
+ if (dwPreferred & SCARD_PROTOCOL_T1)
+ ucChosen = SCARD_PROTOCOL_T1;
+ else
+ if (dwPreferred & SCARD_PROTOCOL_T0)
+ ucChosen = SCARD_PROTOCOL_T0;
+ else
+ /* App wants unsupported protocol */
+ return SET_PROTOCOL_WRONG_ARGUMENT;
+
+ Log2(PCSC_LOG_INFO, "Attempting PTS to T=%d",
+ (SCARD_PROTOCOL_T0 == ucChosen ? 0 : 1));
+ rv = IFDSetPTS(rContext, ucChosen, 0x00, 0x00, 0x00, 0x00);
+
+ if (IFD_SUCCESS == rv)
+ protocol = ucChosen;
+ else
+ if (IFD_NOT_SUPPORTED == rv)
+ Log2(PCSC_LOG_INFO, "PTS not supported by driver, using T=%d",
+ (SCARD_PROTOCOL_T0 == protocol) ? 0 : 1);
+ else
+ if (IFD_PROTOCOL_NOT_SUPPORTED == rv)
+ Log2(PCSC_LOG_INFO, "PTS protocol not supported, using T=%d",
+ (SCARD_PROTOCOL_T0 == protocol) ? 0 : 1);
+ else
+ {
+ Log3(PCSC_LOG_INFO, "PTS failed (%d), using T=%d", rv,
+ (SCARD_PROTOCOL_T0 == protocol) ? 0 : 1);
+
+ /* ISO 7816-3:1997 ch. 7.2 PPS protocol page 14
+ * - If the PPS exchange is unsuccessful, then the interface device
+ * shall either reset or reject the card.
+ */
+ return SET_PROTOCOL_PPS_FAILED;
+ }
+
+ return protocol;
+}
+
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/prothandler.h
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/prothandler.h (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/prothandler.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,64 @@
+/*
+ * Copyright (c) 2000-2007 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * prothandler.h
+ * SmartCardServices
+ */
+
+/*
+ * MUSCLE SmartCard Development ( http://www.linuxnet.com )
+ *
+ * Copyright (C) 1999
+ * David Corcoran <corcoran at linuxnet.com>
+ * Copyright (C) 2004
+ * Ludovic Rousseau <ludovic.rousseau at free.fr>
+ *
+ * $Id: prothandler.h 1421 2005-04-12 12:09:21Z rousseau $
+ */
+
+/**
+ * @file
+ * @brief This handles protocol defaults, PTS, etc.
+ */
+
+#ifndef __prothandler_h__
+#define __prothandler_h__
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+
+ UCHAR PHGetDefaultProtocol(const unsigned char *, DWORD);
+ UCHAR PHGetAvailableProtocols(const unsigned char *, DWORD);
+ DWORD PHSetProtocol(struct ReaderContext *, DWORD, UCHAR, UCHAR);
+
+#define SET_PROTOCOL_WRONG_ARGUMENT -1
+#define SET_PROTOCOL_PPS_FAILED -2
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __prothandler_h__ */
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/reader.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/reader.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/reader.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,165 @@
+/*
+ * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * reader.cpp
+ * SmartCardServices
+*/
+
+#include "reader.h"
+#include "eventhandler.h"
+#include "pcsclite.h"
+#include <security_utilities/debugging.h>
+
+static PCSCD::Readers *mReaders;
+
+namespace PCSCD {
+
+
+Readers::Readers()
+{
+}
+
+Readers::~Readers()
+{
+}
+
+bool Readers::find(const char *name, XReaderContext &rc) const
+{
+ return false;
+}
+
+bool Readers::find(uint32_t port, const char *name, XReaderContext &rc) const
+{
+ return false;
+}
+
+bool Readers::find(uint32_t id, XReaderContext &rc) const
+{
+ return false;
+}
+
+
+} // end namespace PCSCD
+
+#pragma mark ---------- C Interface ----------
+
+LONG XRFAllocateReaderSpace(DWORD dwAllocNum)
+{
+ try
+ {
+ mReaders = new PCSCD::Readers();
+ }
+ catch (...)
+ {
+ secdebug("pcscd", "failed to allocate Readers");
+ return -1;
+ }
+ return EHInitializeEventStructures();
+}
+
+LONG XRFReaderInfo(LPSTR lpcReader, PREADER_CONTEXT *sReader)
+{
+ // Find a reader given a name
+ PCSCD::XReaderContext rc; //>>>> use iterator instead
+ if (!sReader)
+ return SCARD_E_INVALID_PARAMETER;
+
+ if (!mReaders->find(lpcReader, rc))
+ return SCARD_E_UNKNOWN_READER;
+
+ *sReader = &rc; //>>>> WRONG - temporary var
+ return SCARD_S_SUCCESS;
+}
+
+LONG XRFReaderInfoNamePort(DWORD dwPort, LPSTR lpcReader, PREADER_CONTEXT *sReader)
+{
+ // Find a reader given a name
+ PCSCD::XReaderContext rc;
+ if (!sReader)
+ return SCARD_E_INVALID_PARAMETER;
+
+ if (!mReaders->find(dwPort, lpcReader, rc))
+ return SCARD_E_UNKNOWN_READER;
+
+ *sReader = &rc; //>>>> WRONG - temporary var
+ return SCARD_S_SUCCESS;
+}
+
+LONG XRFReaderInfoById(DWORD dwIdentity, PREADER_CONTEXT * sReader)
+{
+ // Find a reader given a handle
+ PCSCD::XReaderContext rc;
+ if (!sReader)
+ return SCARD_E_INVALID_PARAMETER;
+
+ if (!mReaders->find(dwIdentity, rc))
+ return SCARD_E_INVALID_VALUE;
+
+ *sReader = &rc; //>>>> WRONG - temporary var
+ return SCARD_S_SUCCESS;
+}
+
+LONG XRFCheckSharing(DWORD hCard)
+{
+ PCSCD::XReaderContext rc;
+ if (!mReaders->find(hCard, rc))
+ return SCARD_E_INVALID_VALUE;
+
+ return (rc.dwLockId == 0 || rc.dwLockId == hCard)?SCARD_S_SUCCESS:SCARD_E_SHARING_VIOLATION;
+}
+
+LONG XRFLockSharing(DWORD hCard)
+{
+ PCSCD::XReaderContext rc;
+ if (!mReaders->find(hCard, rc))
+ return SCARD_E_INVALID_VALUE;
+
+ if (rc.dwLockId != 0 && rc.dwLockId != hCard)
+ {
+ secdebug("pcscd", "XRFLockSharing: Lock ID invalid: %d", rc.dwLockId);
+ return SCARD_E_SHARING_VIOLATION;
+ }
+
+ EHSetSharingEvent(&rc, 1);
+ rc.dwLockId = hCard;
+ return SCARD_S_SUCCESS;
+}
+
+LONG XRFUnlockSharing(DWORD hCard)
+{
+ PCSCD::XReaderContext rc;
+ if (!mReaders->find(hCard, rc))
+ return SCARD_E_INVALID_VALUE;
+
+ if (rc.dwLockId != 0 && rc.dwLockId != hCard)
+ {
+ secdebug("pcscd", "XRFUnlockSharing: Lock ID invalid: %d", rc.dwLockId);
+ return SCARD_E_SHARING_VIOLATION;
+ }
+
+ EHSetSharingEvent(&rc, 0);
+ rc.dwLockId = 0;
+ return SCARD_S_SUCCESS;
+}
+
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/reader.h
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/reader.h (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/reader.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,147 @@
+/*
+ * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * reader.h
+ * SmartCardServices
+ */
+
+#ifndef _H_PCSCD_READER
+#define _H_PCSCD_READER
+
+#include "wintypes.h"
+#include "pcsclite.h"
+#include "readerfactory.h"
+#include <security_utilities/refcount.h>
+#include <security_cdsa_utilities/handleobject.h>
+#include <map>
+
+#if 0
+ struct ReaderContext
+ {
+ char lpcReader[MAX_READERNAME]; /* Reader Name */
+ char lpcLibrary[MAX_LIBNAME]; /* Library Path */
+ PCSCLITE_THREAD_T pthThread; /* Event polling thread */
+ PCSCLITE_MUTEX_T mMutex; /* Mutex for this connection */
+ RDR_CAPABILITIES psCapabilites; /* Structure of reader
+ capabilities */
+ PROT_OPTIONS psProtOptions; /* Structure of protocol options */
+ RDR_CLIHANDLES psHandles[PCSCLITE_MAX_CONTEXTS];
+ /* Structure of connected handles */
+ FCT_MAP psFunctions; /* Structure of function pointers */
+ UCHAR ucAtr[MAX_ATR_SIZE]; /* Atr for inserted card */
+ DWORD dwAtrLen; /* Size of the ATR */
+ LPVOID vHandle; /* Dlopen handle */
+ DWORD dwVersion; /* IFD Handler version number */
+ DWORD dwPort; /* Port ID */
+ DWORD dwProtocol; /* Currently used protocol */
+ DWORD dwSlot; /* Current Reader Slot */
+ DWORD dwBlockStatus; /* Current blocking status */
+ DWORD dwStatus; /* Current Status Mask */
+ DWORD dwLockId; /* Lock Id */
+ DWORD dwIdentity; /* Shared ID High Nibble */
+ DWORD dwContexts; /* Number of open contexts */
+ DWORD dwPublicID; /* Public id of public state struct */
+ PDWORD dwFeeds; /* Number of shared client to lib */
+ };
+#endif
+
+#if defined(__cplusplus)
+
+namespace PCSCD {
+
+//
+// The server object itself. This is the "go to" object for anyone who wants
+// to access the server's global state. It runs the show.
+// There is only one Server, and its name is Server::active().
+//
+
+//
+// A PODWrapper for the PCSC READER_CONTEXT structure
+//
+class XReaderContext : public PodWrapper<XReaderContext, READER_CONTEXT>
+{
+public:
+ void set(const char *name, unsigned long known = SCARD_STATE_UNAWARE);
+
+ const char *name() const { return lpcReader; }
+// void name(const char *s) { szReader = s; }
+
+// unsigned long lastKnown() const { return dwStatus; }
+ void lastKnown(unsigned long s);
+
+ unsigned long state() const { return 0; } //fix
+ bool state(unsigned long it) const { return state() & it; }
+ bool changed() const { return state(SCARD_STATE_CHANGED); }
+
+// template <class T>
+// T * &userData() { return reinterpret_cast<T * &>(pvUserData); }
+
+ // DataOid access to the ATR data
+// const void *data() const { return ucAtr; }
+// size_t length() const { return dwAtrLen; }
+ void setATR(const void *atr, size_t size);
+
+ IFDUMP(void dump());
+};
+
+
+class Reader : public HandleObject, public RefCount
+{
+public:
+ Reader(const char *bootstrapName);
+ ~Reader();
+private:
+ // mach bootstrap registration name
+ std::string mBootstrapName;
+ mutable Mutex mLock;
+};
+
+class Readers
+{
+public:
+ Readers();
+ ~Readers();
+
+ typedef std::map<uint32_t, RefPointer<PCSCD::Reader> > ReaderMap;
+ ReaderMap mReaders;
+
+ bool find(uint32_t id, XReaderContext &rc) const;
+ bool find(const char *name, XReaderContext &rc) const;
+ bool find(uint32_t port, const char *name, XReaderContext &rc) const;
+
+ mutable Mutex mReaderMapLock;
+
+ void insert(pair<uint32_t, RefPointer<PCSCD::Reader> > readerpair) { StLock<Mutex> _(mReaderMapLock); mReaders.insert(readerpair); }
+ void remove(ReaderMap::iterator it) { StLock<Mutex> _(mReaderMapLock); mReaders.erase(it); }
+
+private:
+ mutable Mutex mLock;
+};
+
+} // end namespace PCSCD
+
+#endif /* __cplusplus__ */
+
+#endif //_H_PCSCD_READER
+
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/readerfactory.c
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/readerfactory.c (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/readerfactory.c 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,1606 @@
+/*
+ * Copyright (c) 2000-2007 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * readerfactory.c
+ * SmartCardServices
+ */
+
+
+/******************************************************************
+
+ MUSCLE SmartCard Development ( http://www.linuxnet.com )
+ Title : readerfactory.c
+ Package: pcsc lite
+ Author : David Corcoran
+ Date : 7/27/99
+ License: Copyright (C) 1999 David Corcoran
+ <corcoran at linuxnet.com>
+ Purpose: This keeps track of a list of currently
+ available reader structures.
+
+$Id: readerfactory.c,v 1.3 2004/10/14 20:33:35 mb Exp $
+
+********************************************************************/
+
+#include "config.h"
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/errno.h>
+#include <fcntl.h>
+
+#include "wintypes.h"
+#include "pcsclite.h"
+#include "ifdhandler.h"
+#include "debuglog.h"
+#include "thread_generic.h"
+#include "readerfactory.h"
+#include "dyn_generic.h"
+#include "sys_generic.h"
+#include "eventhandler.h"
+#include "ifdwrapper.h"
+#include "readerState.h"
+
+#include <security_utilities/debugging.h>
+
+/*
+ 64 bit
+ */
+
+#include <mach/machine.h>
+#include <sys/sysctl.h>
+
+static cpu_type_t architectureForPid(pid_t pid);
+
+#ifndef PCSCLITE_HP_BASE_PORT
+#define PCSCLITE_HP_BASE_PORT 0x200000
+#endif /* PCSCLITE_HP_BASE_PORT */
+
+static LONG RFLoadReader(PREADER_CONTEXT);
+static LONG RFUnBindFunctions(PREADER_CONTEXT);
+static LONG RFUnloadReader(PREADER_CONTEXT);
+
+static PREADER_CONTEXT sReadersContexts[PCSCLITE_MAX_READERS_CONTEXTS];
+static DWORD dwNumReadersContexts = 0;
+static DWORD lastLockID = 0;
+static PCSCLITE_MUTEX_T sReadersContextsLock = NULL;
+
+static int ReaderContextConstructor(PREADER_CONTEXT ctx, LPCSTR lpcReader,
+ DWORD dwPort, LPCSTR lpcLibrary, LPCSTR lpcDevice);
+static void ReaderContextDestructor(PREADER_CONTEXT ctx);
+static void ReaderContextFree(PREADER_CONTEXT ctx);
+static void ReaderContextClear(PREADER_CONTEXT ctx);
+static int ReaderContextInsert(PREADER_CONTEXT ctx);
+static int ReaderContextRemove(PREADER_CONTEXT ctx);
+static int ReaderContextCheckDuplicateReader(LPCSTR lpcReader, DWORD dwPort);
+static int ReaderSlotCount(PREADER_CONTEXT ctx);
+static BOOL ReaderDriverIsThreadSafe(PREADER_CONTEXT ctx, BOOL testSlot);
+static BOOL ReaderNameMatchForIndex(DWORD dwPort, LPCSTR lpcReader, int index);
+static void ReaderContextDuplicateSlot(PREADER_CONTEXT ctxBase, PREADER_CONTEXT ctxSlot, int slotNumber, BOOL baseIsThreadSafe);
+static int ReaderCheckForClone(PREADER_CONTEXT ctx, LPCSTR lpcReader,
+ DWORD dwPort, LPCSTR lpcLibrary);
+
+static int ReaderCheckArchitecture(LPCSTR lpcLibrary);
+static cpu_type_t architectureForPid(pid_t pid);
+static int architectureMatch(const char *name);
+
+extern int DBUpdateReaders(char *readerconf);
+
+
+LONG RFAllocateReaderSpace()
+{
+ int i;
+
+ sReadersContextsLock = (PCSCLITE_MUTEX_T) malloc(sizeof(PCSCLITE_MUTEX));
+ SYS_MutexInit(sReadersContextsLock);
+
+ /*
+ * Allocate each reader structure
+ */
+ for (i = 0; i < PCSCLITE_MAX_READERS_CONTEXTS; i++)
+ sReadersContexts[i] = (PREADER_CONTEXT) calloc(1, sizeof(READER_CONTEXT));
+
+ /*
+ * Create public event structures
+ */
+ return EHInitializeEventStructures();
+}
+
+LONG RFAddReader(LPSTR lpcReader, DWORD dwPort, LPSTR lpcLibrary, LPSTR lpcDevice)
+{
+ int slotCount;
+ LONG rv = SCARD_E_NO_MEMORY;
+ int slot;
+ PREADER_CONTEXT baseContext = NULL;
+
+ if ((lpcReader == NULL) || (lpcLibrary == NULL) || (lpcDevice == NULL))
+ return SCARD_E_INVALID_VALUE;
+
+ /* Reader name too long? */
+ if (strlen(lpcReader) >= MAX_READERNAME)
+ {
+ Log3(PCSC_LOG_ERROR, "Reader name too long: %d chars instead of max %d",
+ strlen(lpcReader), MAX_READERNAME);
+ return SCARD_E_INVALID_VALUE;
+ }
+
+ /* Library name too long? */
+ if (strlen(lpcLibrary) >= MAX_LIBNAME)
+ {
+ Log3(PCSC_LOG_ERROR, "Library name too long: %d chars instead of max %d",
+ strlen(lpcLibrary), MAX_LIBNAME);
+ return SCARD_E_INVALID_VALUE;
+ }
+
+ /* Device name too long? */
+ if (strlen(lpcDevice) >= MAX_DEVICENAME)
+ {
+ Log3(PCSC_LOG_ERROR, "Device name too long: %d chars instead of max %d",
+ strlen(lpcDevice), MAX_DEVICENAME);
+ return SCARD_E_INVALID_VALUE;
+ }
+
+ rv = ReaderContextCheckDuplicateReader(lpcReader, dwPort);
+ if (rv)
+ return rv;
+
+ // Make sure we have an empty slot to put the reader structure
+ rv = ReaderContextInsert(NULL);
+ if (rv != SCARD_S_SUCCESS)
+ return rv;
+
+ // Allocate a temporary reader context struct
+ baseContext = (PREADER_CONTEXT) calloc(1, sizeof(READER_CONTEXT));
+
+ rv = ReaderContextConstructor(baseContext, lpcReader, dwPort, lpcLibrary, lpcDevice);
+ if (rv != SCARD_S_SUCCESS)
+ goto xit;
+
+ rv = ReaderCheckForClone(baseContext, lpcReader, dwPort, lpcLibrary);
+ if (rv != SCARD_S_SUCCESS)
+ goto xit;
+
+ rv = ReaderCheckArchitecture(lpcLibrary);
+ if (rv != SCARD_S_SUCCESS)
+ goto xit;
+
+ rv = RFInitializeReader(baseContext);
+ if (rv != SCARD_S_SUCCESS)
+ goto xit;
+
+ rv = ReaderContextInsert(baseContext);
+ if (rv != SCARD_S_SUCCESS)
+ goto xit;
+
+ rv = EHSpawnEventHandler(baseContext);
+ if (rv != SCARD_S_SUCCESS)
+ goto xit;
+
+ slotCount = ReaderSlotCount(baseContext);
+ if (slotCount <= 1)
+ return SCARD_S_SUCCESS;
+
+ /*
+ * Check the number of slots and create a different
+ * structure for each one accordingly
+ */
+
+ BOOL baseIsThreadSafe = ReaderDriverIsThreadSafe(baseContext, 1);
+
+ for (slot = 1; slot < slotCount; slot++)
+ {
+ // Make sure we have an empty slot to put the reader structure
+ // If not, we remove the whole reader
+ rv = ReaderContextInsert(NULL);
+ if (rv != SCARD_S_SUCCESS)
+ {
+ rv = RFRemoveReader(lpcReader, dwPort);
+ return rv;
+ }
+
+ // Allocate a temporary reader context struct
+ PREADER_CONTEXT ctxSlot = (PREADER_CONTEXT) calloc(1, sizeof(READER_CONTEXT));
+
+ rv = ReaderContextConstructor(ctxSlot, lpcReader, dwPort, lpcLibrary, lpcDevice);
+ if (rv != SCARD_S_SUCCESS)
+ {
+ ReaderContextDestructor(ctxSlot);
+ free(ctxSlot);
+ return rv;
+ }
+
+ ReaderContextDuplicateSlot(baseContext, ctxSlot, slot, baseIsThreadSafe);
+
+ rv = RFInitializeReader(ctxSlot);
+ if (rv != SCARD_S_SUCCESS)
+ {
+ Log2(PCSC_LOG_ERROR, "%s init failed.", lpcReader);
+ ReaderContextDestructor(ctxSlot);
+ free(ctxSlot);
+ return rv;
+ }
+
+ rv = ReaderContextInsert(ctxSlot);
+ if (rv != SCARD_S_SUCCESS)
+ return rv;
+
+ rv = EHSpawnEventHandler(ctxSlot);
+ if (rv != SCARD_S_SUCCESS)
+ return rv;
+ EHSpawnEventHandler(ctxSlot);
+ }
+
+xit:
+ if (rv != SCARD_S_SUCCESS)
+ {
+ // Cannot connect to reader, so exit gracefully
+ Log3(PCSC_LOG_ERROR, "RFAddReader: %s init failed: %d", lpcReader, rv);
+ ReaderContextDestructor(baseContext);
+ free(baseContext);
+ }
+
+ return rv;
+}
+
+LONG RFRemoveReader(LPSTR lpcReader, DWORD dwPort)
+{
+ LONG rv;
+ PREADER_CONTEXT tmpContext = NULL;
+
+ if (lpcReader == 0)
+ return SCARD_E_INVALID_VALUE;
+
+ secdebug("pcscd", "RFRemoveReader: removing %s", lpcReader);
+ while ((rv = RFReaderInfoNamePort(dwPort, lpcReader, &tmpContext)) == SCARD_S_SUCCESS)
+ {
+ // Try to destroy the thread
+ rv = EHDestroyEventHandler(tmpContext);
+
+ rv = RFUnInitializeReader(tmpContext);
+ if (rv != SCARD_S_SUCCESS)
+ return rv;
+
+ ReaderContextRemove(tmpContext);
+ }
+
+ return SCARD_S_SUCCESS;
+}
+
+LONG RFSetReaderName(PREADER_CONTEXT rContext, LPCSTR readerName,
+ LPCSTR libraryName, DWORD dwPort, DWORD dwSlot)
+{
+ LONG parent = -1; /* reader number of the parent of the clone */
+ DWORD valueLength;
+ int currentDigit = -1;
+ int supportedChannels = 0;
+ int usedDigits[PCSCLITE_MAX_READERS_CONTEXTS] = {0,};
+ int i;
+
+ if ((0 == dwSlot) && (dwNumReadersContexts != 0))
+ {
+ for (i = 0; i < PCSCLITE_MAX_READERS_CONTEXTS; i++)
+ {
+ if (sReadersContexts[i] == NULL)
+ continue;
+ if ((sReadersContexts[i])->vHandle != 0)
+ {
+ if (strcmp((sReadersContexts[i])->lpcLibrary, libraryName) == 0)
+ {
+ UCHAR tagValue[1];
+ LONG ret;
+
+ /*
+ * Ask the driver if it supports multiple channels
+ */
+ valueLength = sizeof(tagValue);
+ ret = IFDGetCapabilities((sReadersContexts[i]),
+ TAG_IFD_SIMULTANEOUS_ACCESS,
+ &valueLength, tagValue);
+
+ if ((ret == IFD_SUCCESS) && (valueLength == 1) &&
+ (tagValue[0] > 1))
+ {
+ supportedChannels = tagValue[0];
+ Log2(PCSC_LOG_INFO,
+ "Support %d simultaneous readers", tagValue[0]);
+ }
+ else
+ supportedChannels = 1;
+
+ /*
+ * Check to see if it is a hotplug reader and
+ * different
+ */
+ if (((((sReadersContexts[i])->dwPort & 0xFFFF0000) ==
+ PCSCLITE_HP_BASE_PORT)
+ && ((sReadersContexts[i])->dwPort != dwPort))
+ || (supportedChannels > 1))
+ {
+ char *lpcReader = sReadersContexts[i]->lpcReader;
+
+ /*
+ * tells the caller who the parent of this
+ * clone is so it can use it's shared
+ * resources like mutex/etc.
+ */
+ parent = i;
+
+ /*
+ * If the same reader already exists and it is
+ * hotplug then we must look for others and
+ * enumerate the readername
+ */
+ currentDigit = strtol(lpcReader + strlen(lpcReader) - 5, NULL, 16);
+
+ /*
+ * This spot is taken
+ */
+ usedDigits[currentDigit] = 1;
+ }
+ }
+ }
+ }
+
+ }
+
+ /* default value */
+ i = 0;
+
+ /* Other identical readers exist on the same bus */
+ if (currentDigit != -1)
+ {
+ for (i = 0; i < PCSCLITE_MAX_READERS_CONTEXTS; i++)
+ {
+ /* get the first free digit */
+ if (usedDigits[i] == 0)
+ break;
+ }
+
+ if (i == PCSCLITE_MAX_READERS_CONTEXTS)
+ {
+ Log2(PCSC_LOG_ERROR, "Max number of readers reached: %d", PCSCLITE_MAX_READERS_CONTEXTS);
+ return -2;
+ }
+
+ if (i >= supportedChannels)
+ {
+ Log3(PCSC_LOG_ERROR, "Driver %s does not support more than "
+ "%d reader(s). Maybe the driver should support "
+ "TAG_IFD_SIMULTANEOUS_ACCESS", libraryName, supportedChannels);
+ return -2;
+ }
+ }
+
+ sprintf(rContext->lpcReader, "%s %02X %02X", readerName, i, dwSlot);
+
+ /*
+ * Set the slot in 0xDDDDCCCC
+ */
+ rContext->dwSlot = (i << 16) + dwSlot;
+
+ return parent;
+}
+
+LONG RFReaderInfo(LPSTR lpcReader, PREADER_CONTEXT * sReader)
+{
+ int i;
+ LONG rv = SCARD_E_UNKNOWN_READER;
+
+ if (lpcReader == 0)
+ return SCARD_E_UNKNOWN_READER;
+
+ SYS_MutexLock(sReadersContextsLock);
+ for (i = 0; i < PCSCLITE_MAX_READERS_CONTEXTS; i++)
+ {
+ if ((sReadersContexts[i]!=NULL) && ((sReadersContexts[i])->vHandle != 0))
+ {
+ if (strcmp(lpcReader, (sReadersContexts[i])->lpcReader) == 0)
+ {
+ *sReader = sReadersContexts[i];
+ rv = SCARD_S_SUCCESS;
+ break;
+ }
+ }
+ }
+ SYS_MutexUnLock(sReadersContextsLock);
+
+ return rv;
+}
+
+LONG RFReaderInfoNamePort(DWORD dwPort, LPSTR lpcReader,
+ PREADER_CONTEXT * sReader)
+{
+ int ix;
+ LONG rv = SCARD_E_INVALID_VALUE;
+
+ SYS_MutexLock(sReadersContextsLock);
+ for (ix = 0; ix < PCSCLITE_MAX_READERS_CONTEXTS; ix++)
+ {
+ if ((sReadersContexts[ix]!=NULL) && ((sReadersContexts[ix])->vHandle != 0) &&
+ ReaderNameMatchForIndex(dwPort, lpcReader, ix))
+ {
+ *sReader = sReadersContexts[ix];
+ rv = SCARD_S_SUCCESS;
+ break;
+ }
+ }
+ SYS_MutexUnLock(sReadersContextsLock);
+
+ return rv;
+}
+
+LONG RFReaderInfoById(DWORD dwIdentity, PREADER_CONTEXT * sReader)
+{
+ int i;
+ LONG rv = SCARD_E_INVALID_VALUE;
+
+ /*
+ * Strip off the lower nibble and get the identity
+ */
+ dwIdentity = dwIdentity >> (sizeof(DWORD) / 2) * 8;
+ dwIdentity = dwIdentity << (sizeof(DWORD) / 2) * 8;
+
+ SYS_MutexLock(sReadersContextsLock);
+ for (i = 0; i < PCSCLITE_MAX_READERS_CONTEXTS; i++)
+ {
+ if ((sReadersContexts[i]!=NULL) && (dwIdentity == (sReadersContexts[i])->dwIdentity))
+ {
+ *sReader = sReadersContexts[i];
+ rv = SCARD_S_SUCCESS;
+ break;
+ }
+ }
+ SYS_MutexUnLock(sReadersContextsLock);
+
+ return rv;
+}
+
+static LONG RFLoadReader(PREADER_CONTEXT rContext)
+{
+ if (rContext->vHandle != 0)
+ {
+ Log1(PCSC_LOG_ERROR, "Warning library pointer not NULL");
+ /*
+ * Another reader exists with this library loaded
+ */
+ return SCARD_S_SUCCESS;
+ }
+
+ return DYN_LoadLibrary(&rContext->vHandle, rContext->lpcLibrary);
+}
+
+LONG RFBindFunctions(PREADER_CONTEXT rContext)
+{
+ int rv1, rv2, rv3;
+ void *f;
+
+ /*
+ * Use this function as a dummy to determine the IFD Handler version
+ * type 1.0/2.0/3.0. Suppress error messaging since it can't be 1.0,
+ * 2.0 and 3.0.
+ */
+
+ Log1(PCSC_LOG_INFO, "Binding driver functions");
+
+// DebugLogSuppress(DEBUGLOG_IGNORE_ENTRIES);
+
+ rv1 = DYN_GetAddress(rContext->vHandle, &f, "IO_Create_Channel");
+ rv2 = DYN_GetAddress(rContext->vHandle, &f, "IFDHCreateChannel");
+ rv3 = DYN_GetAddress(rContext->vHandle, &f, "IFDHCreateChannelByName");
+
+// DebugLogSuppress(DEBUGLOG_LOG_ENTRIES);
+
+ if (rv1 != SCARD_S_SUCCESS && rv2 != SCARD_S_SUCCESS && rv3 != SCARD_S_SUCCESS)
+ {
+ /*
+ * Neither version of the IFD Handler was found - exit
+ */
+ Log1(PCSC_LOG_CRITICAL, "IFDHandler functions missing");
+
+ exit(1);
+ } else if (rv1 == SCARD_S_SUCCESS)
+ {
+ /*
+ * Ifd Handler 1.0 found
+ */
+ rContext->dwVersion = IFD_HVERSION_1_0;
+ } else if (rv3 == SCARD_S_SUCCESS)
+ {
+ /*
+ * Ifd Handler 3.0 found
+ */
+ rContext->dwVersion = IFD_HVERSION_3_0;
+ }
+ else
+ {
+ /*
+ * Ifd Handler 2.0 found
+ */
+ rContext->dwVersion = IFD_HVERSION_2_0;
+ }
+
+ /*
+ * The following binds version 1.0 of the IFD Handler specs
+ */
+
+ if (rContext->dwVersion == IFD_HVERSION_1_0)
+ {
+ Log1(PCSC_LOG_INFO, "Loading IFD Handler 1.0");
+
+#define GET_ADDRESS_OPTIONALv1(field, function, code) \
+{ \
+ void *f1 = NULL; \
+ if (SCARD_S_SUCCESS != DYN_GetAddress(rContext->vHandle, &f1, "IFD_" #function)) \
+ { \
+ code \
+ } \
+ rContext->psFunctions.psFunctions_v1.pvf ## field = f1; \
+}
+
+#define GET_ADDRESSv1(field, function) \
+ GET_ADDRESS_OPTIONALv1(field, function, \
+ Log1(PCSC_LOG_CRITICAL, "IFDHandler functions missing: " #function ); \
+ exit(1); )
+
+ DYN_GetAddress(rContext->vHandle, &f, "IO_Create_Channel");
+ rContext->psFunctions.psFunctions_v1.pvfCreateChannel = f;
+
+ if (SCARD_S_SUCCESS != DYN_GetAddress(rContext->vHandle, &f,
+ "IO_Close_Channel"))
+ {
+ Log1(PCSC_LOG_CRITICAL, "IFDHandler functions missing");
+ exit(1);
+ }
+ rContext->psFunctions.psFunctions_v1.pvfCloseChannel = f;
+
+ GET_ADDRESSv1(GetCapabilities, Get_Capabilities)
+ GET_ADDRESSv1(SetCapabilities, Set_Capabilities)
+ GET_ADDRESSv1(PowerICC, Power_ICC)
+ GET_ADDRESSv1(TransmitToICC, Transmit_to_ICC)
+ GET_ADDRESSv1(ICCPresence, Is_ICC_Present)
+
+ GET_ADDRESS_OPTIONALv1(SetProtocolParameters, Set_Protocol_Parameters, )
+ }
+ else if (rContext->dwVersion == IFD_HVERSION_2_0)
+ {
+ /*
+ * The following binds version 2.0 of the IFD Handler specs
+ */
+
+#define GET_ADDRESS_OPTIONALv2(s, code) \
+{ \
+ void *f1 = NULL; \
+ if (SCARD_S_SUCCESS != DYN_GetAddress(rContext->vHandle, &f1, "IFDH" #s)) \
+ { \
+ code \
+ } \
+ rContext->psFunctions.psFunctions_v2.pvf ## s = f1; \
+}
+
+#define GET_ADDRESSv2(s) \
+ GET_ADDRESS_OPTIONALv2(s, \
+ Log1(PCSC_LOG_CRITICAL, "IFDHandler functions missing: " #s ); \
+ exit(1); )
+
+ Log1(PCSC_LOG_INFO, "Loading IFD Handler 2.0");
+
+ GET_ADDRESSv2(CreateChannel)
+ GET_ADDRESSv2(CloseChannel)
+ GET_ADDRESSv2(GetCapabilities)
+ GET_ADDRESSv2(SetCapabilities)
+ GET_ADDRESSv2(PowerICC)
+ GET_ADDRESSv2(TransmitToICC)
+ GET_ADDRESSv2(ICCPresence)
+ GET_ADDRESS_OPTIONALv2(SetProtocolParameters, )
+
+ GET_ADDRESSv2(Control)
+ }
+ else if (rContext->dwVersion == IFD_HVERSION_3_0)
+ {
+ /*
+ * The following binds version 3.0 of the IFD Handler specs
+ */
+
+#define GET_ADDRESS_OPTIONALv3(s, code) \
+{ \
+ void *f1 = NULL; \
+ if (SCARD_S_SUCCESS != DYN_GetAddress(rContext->vHandle, &f1, "IFDH" #s)) \
+ { \
+ code \
+ } \
+ rContext->psFunctions.psFunctions_v3.pvf ## s = f1; \
+}
+
+#define GET_ADDRESSv3(s) \
+ GET_ADDRESS_OPTIONALv3(s, \
+ Log1(PCSC_LOG_CRITICAL, "IFDHandler functions missing: " #s ); \
+ exit(1); )
+
+ Log1(PCSC_LOG_INFO, "Loading IFD Handler 3.0");
+
+ GET_ADDRESSv2(CreateChannel)
+ GET_ADDRESSv2(CloseChannel)
+ GET_ADDRESSv2(GetCapabilities)
+ GET_ADDRESSv2(SetCapabilities)
+ GET_ADDRESSv2(PowerICC)
+ GET_ADDRESSv2(TransmitToICC)
+ GET_ADDRESSv2(ICCPresence)
+ GET_ADDRESS_OPTIONALv2(SetProtocolParameters, )
+
+ GET_ADDRESSv3(CreateChannelByName)
+ GET_ADDRESSv3(Control)
+ }
+ else
+ {
+ /*
+ * Who knows what could have happenned for it to get here.
+ */
+ Log1(PCSC_LOG_CRITICAL, "IFD Handler not 1.0/2.0 or 3.0");
+ exit(1);
+ }
+
+ return SCARD_S_SUCCESS;
+}
+
+static LONG RFUnBindFunctions(PREADER_CONTEXT rContext)
+{
+ /*
+ * Zero out everything
+ */
+
+ Log1(PCSC_LOG_INFO, "Unbinding driver functions");
+ memset(&rContext->psFunctions, 0, sizeof(rContext->psFunctions));
+
+ return SCARD_S_SUCCESS;
+}
+
+static LONG RFUnloadReader(PREADER_CONTEXT rContext)
+{
+ /*
+ * Make sure no one else is using this library
+ */
+
+ Log1(PCSC_LOG_INFO, "Unloading reader driver.");
+ if (*rContext->pdwFeeds == 1)
+ {
+ Log1(PCSC_LOG_INFO, "--- closing dynamic library");
+ DYN_CloseLibrary(&rContext->vHandle);
+ }
+
+ rContext->vHandle = 0;
+
+ return SCARD_S_SUCCESS;
+}
+
+LONG RFCheckSharing(DWORD hCard)
+{
+ LONG rv;
+ PREADER_CONTEXT rContext = NULL;
+
+ rv = RFReaderInfoById(hCard, &rContext);
+
+ if (rv != SCARD_S_SUCCESS)
+ return rv;
+
+ if (rContext->dwLockId == 0 || rContext->dwLockId == hCard)
+ return SCARD_S_SUCCESS;
+ else
+ {
+ secdebug("pcscd", "RFCheckSharing: sharing violation, dwLockId: 0x%02X", rContext->dwLockId);
+ return SCARD_E_SHARING_VIOLATION;
+ }
+}
+
+LONG RFLockSharing(DWORD hCard)
+{
+ PREADER_CONTEXT rContext = NULL;
+
+ RFReaderInfoById(hCard, &rContext);
+
+ if (RFCheckSharing(hCard) == SCARD_S_SUCCESS)
+ {
+ EHSetSharingEvent(rContext, 1);
+ rContext->dwLockId = hCard;
+ }
+ else
+ return SCARD_E_SHARING_VIOLATION;
+
+ return SCARD_S_SUCCESS;
+}
+
+LONG RFUnlockSharing(DWORD hCard)
+{
+ PREADER_CONTEXT rContext = NULL;
+ LONG rv;
+
+ rv = RFReaderInfoById(hCard, &rContext);
+ if (rv != SCARD_S_SUCCESS)
+ return rv;
+
+ rv = RFCheckSharing(hCard);
+ if (rv != SCARD_S_SUCCESS)
+ return rv;
+
+ EHSetSharingEvent(rContext, 0);
+ rContext->dwLockId = 0;
+
+ return SCARD_S_SUCCESS;
+}
+
+LONG RFUnblockContext(SCARDCONTEXT hContext)
+{
+ int i;
+
+ SYS_MutexLock(sReadersContextsLock);
+ for (i = 0; i < PCSCLITE_MAX_READERS_CONTEXTS; i++)
+ if (sReadersContexts[i])
+ (sReadersContexts[i])->dwBlockStatus = hContext;
+ SYS_MutexUnLock(sReadersContextsLock);
+
+ return SCARD_S_SUCCESS;
+}
+
+LONG RFUnblockReader(PREADER_CONTEXT rContext)
+{
+ rContext->dwBlockStatus = BLOCK_STATUS_RESUME;
+ return SCARD_S_SUCCESS;
+}
+
+LONG RFInitializeReader(PREADER_CONTEXT rContext)
+{
+ LONG rv;
+
+ /*
+ * Spawn the event handler thread
+ */
+ Log3(PCSC_LOG_INFO, "Attempting startup of %s using %s",
+ rContext->lpcReader, rContext->lpcLibrary);
+
+ /******************************************/
+ /*
+ * This section loads the library
+ */
+ /******************************************/
+ rv = RFLoadReader(rContext);
+ if (rv != SCARD_S_SUCCESS)
+ {
+ Log2(PCSC_LOG_ERROR, "RFLoadReader failed: %X", rv);
+ return rv;
+ }
+
+ /*******************************************/
+ /*
+ * This section binds the functions
+ */
+ /*******************************************/
+ rv = RFBindFunctions(rContext);
+
+ if (rv != SCARD_S_SUCCESS)
+ {
+ Log2(PCSC_LOG_ERROR, "RFBindFunctions failed: %X", rv);
+ RFUnloadReader(rContext);
+ return rv;
+ }
+
+ /*******************************************/
+ /*
+ * This section tries to open the port
+ */
+ /*******************************************/
+
+ rv = IFDOpenIFD(rContext);
+
+ if (rv != IFD_SUCCESS)
+ {
+ Log3(PCSC_LOG_CRITICAL, "Open Port %X Failed (%s)",
+ rContext->dwPort, rContext->lpcDevice);
+ RFUnBindFunctions(rContext);
+ RFUnloadReader(rContext);
+ return SCARD_E_INVALID_TARGET;
+ }
+
+ return SCARD_S_SUCCESS;
+}
+
+LONG RFUnInitializeReader(PREADER_CONTEXT rContext)
+{
+ Log2(PCSC_LOG_INFO, "Attempting shutdown of %s.",
+ rContext->lpcReader);
+
+ /*
+ * Close the port, unbind the functions, and unload the library
+ */
+
+ /*
+ * If the reader is getting uninitialized then it is being unplugged
+ * so I can't send a IFDPowerICC call to it
+ *
+ * IFDPowerICC( rContext, IFD_POWER_DOWN, Atr, &AtrLen );
+ */
+ IFDCloseIFD(rContext);
+ RFUnBindFunctions(rContext);
+ RFUnloadReader(rContext);
+
+ return SCARD_S_SUCCESS;
+}
+
+SCARDHANDLE RFCreateReaderHandle(PREADER_CONTEXT rContext)
+{
+ USHORT randHandle;
+
+ /*
+ * Create a random handle with 16 bits check to see if it already is
+ * used.
+ */
+ randHandle = SYS_Random(SYS_GetSeed(), 10, 65000);
+
+ while (1)
+ {
+ int i;
+
+ SYS_MutexLock(sReadersContextsLock);
+ for (i = 0; i < PCSCLITE_MAX_READERS_CONTEXTS; i++)
+ {
+ if ((sReadersContexts[i]!=NULL) && ((sReadersContexts[i])->vHandle != 0))
+ {
+ int j;
+
+ for (j = 0; j < PCSCLITE_MAX_READER_CONTEXT_CHANNELS; j++)
+ {
+ if ((rContext->dwIdentity + randHandle) ==
+ (sReadersContexts[i])->psHandles[j].hCard)
+ {
+ /*
+ * Get a new handle and loop again
+ */
+ randHandle = SYS_Random(randHandle, 10, 65000);
+ continue;
+ }
+ }
+ }
+ }
+ SYS_MutexUnLock(sReadersContextsLock);
+
+ /*
+ * Once the for loop is completed w/o restart a good handle was
+ * found and the loop can be exited.
+ */
+
+ if (i == PCSCLITE_MAX_READERS_CONTEXTS)
+ break;
+ }
+
+ return rContext->dwIdentity + randHandle;
+}
+
+LONG RFFindReaderHandle(SCARDHANDLE hCard)
+{
+ int i;
+ LONG rv = SCARD_E_INVALID_HANDLE;
+
+ SYS_MutexLock(sReadersContextsLock);
+ for (i = 0; i < PCSCLITE_MAX_READERS_CONTEXTS; i++)
+ {
+ if ((sReadersContexts[i]!=NULL) && ((sReadersContexts[i])->vHandle != 0))
+ {
+ int j;
+
+ for (j = 0; j < PCSCLITE_MAX_READER_CONTEXT_CHANNELS; j++)
+ {
+ if (hCard == (sReadersContexts[i])->psHandles[j].hCard)
+ {
+ rv = SCARD_S_SUCCESS;
+ goto xit;
+ }
+ }
+ }
+ }
+xit:
+ SYS_MutexUnLock(sReadersContextsLock);
+
+ return rv;
+}
+
+LONG RFDestroyReaderHandle(SCARDHANDLE hCard)
+{
+ return SCARD_S_SUCCESS;
+}
+
+LONG RFAddReaderHandle(PREADER_CONTEXT rContext, SCARDHANDLE hCard)
+{
+ int i;
+
+ for (i = 0; i < PCSCLITE_MAX_READER_CONTEXT_CHANNELS; i++)
+ {
+ if (rContext->psHandles[i].hCard == 0)
+ {
+ rContext->psHandles[i].hCard = hCard;
+ rContext->psHandles[i].dwEventStatus = 0;
+ break;
+ }
+ }
+
+ if (i == PCSCLITE_MAX_READER_CONTEXT_CHANNELS)
+ /* List is full */
+ return SCARD_E_INSUFFICIENT_BUFFER;
+
+ return SCARD_S_SUCCESS;
+}
+
+LONG RFRemoveReaderHandle(PREADER_CONTEXT rContext, SCARDHANDLE hCard)
+{
+ int i;
+
+ for (i = 0; i < PCSCLITE_MAX_READER_CONTEXT_CHANNELS; i++)
+ {
+ if (rContext->psHandles[i].hCard == hCard)
+ {
+ rContext->psHandles[i].hCard = 0;
+ rContext->psHandles[i].dwEventStatus = 0;
+ break;
+ }
+ }
+
+ if (i == PCSCLITE_MAX_READER_CONTEXT_CHANNELS)
+ /* Not Found */
+ return SCARD_E_INVALID_HANDLE;
+
+ return SCARD_S_SUCCESS;
+}
+
+LONG RFSetReaderEventState(PREADER_CONTEXT rContext, DWORD dwEvent)
+{
+ int i;
+
+ /*
+ * Set all the handles for that reader to the event
+ */
+ for (i = 0; i < PCSCLITE_MAX_READER_CONTEXT_CHANNELS; i++)
+ {
+ if (rContext->psHandles[i].hCard != 0)
+ rContext->psHandles[i].dwEventStatus = dwEvent;
+ }
+
+ return SCARD_S_SUCCESS;
+}
+
+LONG RFCheckReaderEventState(PREADER_CONTEXT rContext, SCARDHANDLE hCard)
+{
+ int i;
+
+ for (i = 0; i < PCSCLITE_MAX_READER_CONTEXT_CHANNELS; i++)
+ {
+ if (rContext->psHandles[i].hCard == hCard)
+ {
+ if (rContext->psHandles[i].dwEventStatus == SCARD_REMOVED)
+ return SCARD_W_REMOVED_CARD;
+ else
+ {
+ if (rContext->psHandles[i].dwEventStatus == SCARD_RESET)
+ return SCARD_W_RESET_CARD;
+ else
+ {
+ if (rContext->psHandles[i].dwEventStatus == 0)
+ return SCARD_S_SUCCESS;
+ else
+ return SCARD_E_INVALID_VALUE;
+ }
+ }
+ }
+ }
+
+ return SCARD_E_INVALID_HANDLE;
+}
+
+LONG RFClearReaderEventState(PREADER_CONTEXT rContext, SCARDHANDLE hCard)
+{
+ int i;
+
+ for (i = 0; i < PCSCLITE_MAX_READER_CONTEXT_CHANNELS; i++)
+ {
+ if (rContext->psHandles[i].hCard == hCard)
+ rContext->psHandles[i].dwEventStatus = 0;
+ }
+
+ if (i == PCSCLITE_MAX_READER_CONTEXT_CHANNELS)
+ /* Not Found */
+ return SCARD_E_INVALID_HANDLE;
+
+ return SCARD_S_SUCCESS;
+}
+
+LONG RFCheckReaderStatus(PREADER_CONTEXT rContext)
+{
+ LONG rx = 0;
+ rx = ((rContext == NULL) || (rContext->readerState == NULL) ||
+ (SharedReaderState_State(rContext->readerState) & SCARD_UNKNOWN))?SCARD_E_READER_UNAVAILABLE:SCARD_S_SUCCESS;
+ return rx;
+}
+
+void RFCleanupReaders(int shouldExit)
+{
+ int i;
+
+ Log1(PCSC_LOG_INFO, "entering cleaning function");
+ for (i = 0; i < PCSCLITE_MAX_READERS_CONTEXTS; i++)
+ {
+ if ((sReadersContexts[i]!=NULL) && (sReadersContexts[i]->vHandle != 0))
+ {
+ LONG rv;
+ char lpcStripReader[MAX_READERNAME];
+
+ Log2(PCSC_LOG_INFO, "Stopping reader: %s",
+ sReadersContexts[i]->lpcReader);
+
+ strncpy(lpcStripReader, (sReadersContexts[i])->lpcReader,
+ sizeof(lpcStripReader));
+ /*
+ * strip the 6 last char ' 00 00'
+ */
+ lpcStripReader[strlen(lpcStripReader) - 6] = '\0';
+
+ rv = RFRemoveReader(lpcStripReader, sReadersContexts[i]->dwPort);
+
+ if (rv != SCARD_S_SUCCESS)
+ Log2(PCSC_LOG_ERROR, "RFRemoveReader error: 0x%08X", rv);
+ }
+ }
+
+ secdebug("pcscd", "RFCleanupReaders: exiting cleaning function");
+ /*
+ * exit() will call at_exit()
+ */
+
+ if (shouldExit)
+ exit(0);
+}
+
+int RFStartSerialReaders(const char *readerconf)
+{
+ return DBUpdateReaders((char *)readerconf);
+}
+
+void RFReCheckReaderConf(void)
+{
+}
+
+void RFSuspendAllReaders()
+{
+ int ix;
+ secdebug("pcscd", "RFSuspendAllReaders");
+ Log1(PCSC_LOG_DEBUG, "zzzzz zzzzz zzzzz zzzzz RFSuspendAllReaders zzzzz zzzzz zzzzz zzzzz ");
+
+ // @@@ We still need code to mark state first as "trying to sleep", in case
+ // not all of it gets done before we sleep
+ for (ix = 0; ix < PCSCLITE_MAX_READERS_CONTEXTS; ix++)
+ {
+ if ((sReadersContexts[ix]!=NULL) && ((sReadersContexts[ix])->vHandle != 0))
+ {
+ EHDestroyEventHandler(sReadersContexts[ix]);
+ IFDCloseIFD(sReadersContexts[ix]);
+ }
+ }
+}
+
+void RFAwakeAllReaders(void)
+{
+ LONG rv = IFD_SUCCESS;
+ int i;
+
+ secdebug("pcscd", "RFAwakeAllReaders");
+ Log1(PCSC_LOG_DEBUG, "----- ----- ----- ----- RFAwakeAllReaders ----- ----- ----- ----- ");
+ for (i = 0; i < PCSCLITE_MAX_READERS_CONTEXTS; i++)
+ {
+ if (sReadersContexts[i]==NULL)
+ continue;
+ /* If the library is loaded and the event handler is not running */
+ if ( ((sReadersContexts[i])->vHandle != 0) &&
+ ((sReadersContexts[i])->pthThread == 0) )
+ {
+ int jx;
+ int alreadyInitializedFlag = 0;
+
+ // If a clone of this already did the initialization,
+ // set flag so we don't do again
+ for (jx=0; jx < i; jx++)
+ {
+ if (((sReadersContexts[jx])->vHandle == (sReadersContexts[i])->vHandle)&&
+ ((sReadersContexts[jx])->dwPort == (sReadersContexts[i])->dwPort))
+ {
+ alreadyInitializedFlag = 1;
+ }
+ }
+
+ if (!alreadyInitializedFlag)
+ {
+ SYS_USleep(100000L); // 0.1s (in microseconds)
+ rv = IFDOpenIFD(sReadersContexts[i]);
+ }
+
+ RFSetReaderEventState(sReadersContexts[i], SCARD_RESET);
+ if (rv != IFD_SUCCESS)
+ {
+ Log3(PCSC_LOG_ERROR, "Open Port %X Failed (%s)",
+ (sReadersContexts[i])->dwPort, (sReadersContexts[i])->lpcDevice);
+ Log2(PCSC_LOG_ERROR, " with error 0x%08X", rv);
+ continue;
+ }
+
+ EHSpawnEventHandler(sReadersContexts[i]);
+ }
+ }
+}
+
+#pragma mark ---------- Context Share Lock Tracking ----------
+
+void ReaderContextLock(PREADER_CONTEXT rContext)
+{
+ if (rContext)
+ {
+ secdebug("pcscd", "===> ReaderContextLock [was: %02X]", rContext->dwLockId);
+ rContext->dwLockId = 0xFFFF;
+ lastLockID = -3; // something different
+ }
+}
+
+void ReaderContextUnlock(PREADER_CONTEXT rContext)
+{
+ if (rContext)
+ {
+ secdebug("pcscd", "<=== ReaderContextUnlock [was: %02X]", rContext->dwLockId);
+ rContext->dwLockId = 0;
+ lastLockID = -2; // something different
+ }
+}
+
+int ReaderContextIsLocked(PREADER_CONTEXT rContext)
+{
+ if (rContext)
+ {
+ if (rContext->dwLockId && (rContext->dwLockId != lastLockID)) // otherwise too many messages
+ {
+ lastLockID = rContext->dwLockId;
+ secdebug("pcscd", ".... ReaderContextLock state: %02X", rContext->dwLockId);
+ }
+ return (rContext->dwLockId == 0xFFFF)?1:0;
+ }
+ else
+ return 0;
+}
+
+#pragma mark ---------- Reader Context Management ----------
+
+static int ReaderContextConstructor(PREADER_CONTEXT ctx, LPCSTR lpcReader,
+ DWORD dwPort, LPCSTR lpcLibrary, LPCSTR lpcDevice)
+{
+ // We assume the struct was created with a calloc, so we don't call ReaderContextClear
+ if (!ctx)
+ return SCARD_E_NO_MEMORY;
+
+ strlcpy(ctx->lpcLibrary, lpcLibrary, sizeof(ctx->lpcLibrary));
+ strlcpy(ctx->lpcDevice, lpcDevice, sizeof(ctx->lpcDevice));
+ ctx->dwPort = dwPort;
+
+ /*
+ Initialize pdwFeeds to 1, otherwise multiple cloned readers will cause
+ pcscd to crash when RFUnloadReader unloads the driver library
+ and there are still devices attached using it
+ */
+ ctx->pdwFeeds = malloc(sizeof(DWORD));
+ *ctx->pdwFeeds = 1;
+
+ ctx->mMutex = (PCSCLITE_MUTEX_T) malloc(sizeof(PCSCLITE_MUTEX));
+ SYS_MutexInit(ctx->mMutex);
+
+ ctx->pdwMutex = malloc(sizeof(DWORD));
+ *ctx->pdwMutex = 1;
+
+ return SCARD_S_SUCCESS;
+}
+
+static int ReaderCheckForClone(PREADER_CONTEXT ctx, LPCSTR lpcReader,
+ DWORD dwPort, LPCSTR lpcLibrary)
+{
+ // Check and set the readername to see if it must be enumerated
+ // A parentNode of -2 or less indicates fatal error
+
+ LONG parentNode = RFSetReaderName(ctx, lpcReader, lpcLibrary, dwPort, 0);
+ if (parentNode < -1)
+ return SCARD_E_NO_MEMORY;
+
+ // If a clone to this reader exists take some values from that clone
+ if ((parentNode >= 0) && (parentNode < PCSCLITE_MAX_READERS_CONTEXTS)
+ && sReadersContexts[parentNode])
+ {
+ SYS_MutexLock(sReadersContextsLock);
+ ctx->pdwFeeds = (sReadersContexts[parentNode])->pdwFeeds;
+ *ctx->pdwFeeds += 1;
+ ctx->vHandle = (sReadersContexts[parentNode])->vHandle;
+ ctx->mMutex = (sReadersContexts[parentNode])->mMutex;
+ ctx->pdwMutex = (sReadersContexts[parentNode])->pdwMutex;
+ SYS_MutexUnLock(sReadersContextsLock);
+
+ if (0 && ReaderDriverIsThreadSafe(sReadersContexts[parentNode], 0))
+ {
+ ctx->mMutex = 0;
+ ctx->pdwMutex = NULL;
+ }
+ else
+ *ctx->pdwMutex += 1;
+ }
+
+ return SCARD_S_SUCCESS;
+}
+
+static void ReaderContextDestructor(PREADER_CONTEXT ctx)
+{
+ ReaderContextFree(ctx);
+}
+
+static void ReaderContextFree(PREADER_CONTEXT ctx)
+{
+ if (!ctx)
+ return;
+
+ // Destroy and free the mutex
+ if (ctx->pdwMutex)
+ {
+ if (*ctx->pdwMutex == 1)
+ {
+ SYS_MutexDestroy(ctx->mMutex);
+ free(ctx->mMutex);
+ }
+ *ctx->pdwMutex -= 1;
+ }
+
+ // Destroy and free the mutex counter
+ if (ctx->pdwMutex && (*ctx->pdwMutex == 0))
+ {
+ free(ctx->pdwMutex);
+ ctx->pdwMutex = NULL;
+ }
+
+ if (ctx->pdwFeeds)
+ {
+ *ctx->pdwFeeds -= 1;
+ if (*ctx->pdwFeeds == 0)
+ {
+ free(ctx->pdwFeeds);
+ ctx->pdwFeeds = NULL;
+ }
+ }
+
+ // zero out everything else
+ ReaderContextClear(ctx);
+}
+
+static void ReaderContextClear(PREADER_CONTEXT ctx)
+{
+ // This assumes that ReaderContextFree has already been called if necessary
+ if (ctx)
+ memset(ctx, 0, sizeof(READER_CONTEXT));
+}
+
+static int ReaderContextInsert(PREADER_CONTEXT ctx)
+{
+ // Find an empty slot to put the reader structure, and copy it in
+ // If NULL is passed in, just return whether a spot is available or not
+
+ int ix, rv = SCARD_E_NO_MEMORY;
+
+ SYS_MutexLock(sReadersContextsLock);
+ for (ix = 0; ix < PCSCLITE_MAX_READERS_CONTEXTS; ix++)
+ {
+ if ((sReadersContexts[ix] == NULL) || (sReadersContexts[ix])->vHandle == 0)
+ {
+ if (ctx)
+ {
+ if (sReadersContexts[ix])
+ free(sReadersContexts[ix]);
+ sReadersContexts[ix] = ctx;
+ (sReadersContexts[ix])->dwIdentity = (ix + 1) << (sizeof(DWORD) / 2) * 8;
+ dwNumReadersContexts += 1;
+ }
+ rv = SCARD_S_SUCCESS;
+ break;
+ }
+ }
+ SYS_MutexUnLock(sReadersContextsLock);
+ return rv;
+}
+
+static int ReaderContextRemove(PREADER_CONTEXT ctx)
+{
+ int ix, rv = SCARD_E_UNKNOWN_READER;
+ PREADER_CONTEXT ctxToRemove = NULL;
+ DWORD dwPort = ctx->dwPort;
+ LPSTR lpcReader = ctx->lpcReader;
+ SYS_MutexLock(sReadersContextsLock);
+ for (ix = 0; ix < PCSCLITE_MAX_READERS_CONTEXTS; ix++)
+ {
+ if (!ReaderNameMatchForIndex(dwPort, lpcReader, ix))
+ continue;
+
+ ctxToRemove = sReadersContexts[ix];
+ sReadersContexts[ix] = NULL;
+ dwNumReadersContexts -= 1;
+ rv = SCARD_S_SUCCESS;
+ break;
+ }
+ SYS_MutexUnLock(sReadersContextsLock);
+ // We can do this cleanup outside the lock
+ if (ctxToRemove)
+ {
+ ReaderContextDestructor(ctxToRemove);
+ free(ctxToRemove);
+ }
+ return rv;
+}
+
+static int ReaderContextCheckDuplicateReader(LPCSTR lpcReader, DWORD dwPort)
+{
+ // Readers with the same name and same port cannot be used
+
+ if (dwNumReadersContexts == 0)
+ return SCARD_S_SUCCESS;
+
+ int ix, rv = SCARD_S_SUCCESS;
+ SYS_MutexLock(sReadersContextsLock);
+ for (ix = 0; ix < PCSCLITE_MAX_READERS_CONTEXTS; ix++)
+ {
+ if ((sReadersContexts[ix]==NULL) || ((sReadersContexts[ix])->vHandle == 0))
+ continue;
+
+ if (ReaderNameMatchForIndex(dwPort, lpcReader, ix))
+ {
+ Log1(PCSC_LOG_ERROR, "Duplicate reader found.");
+ rv = SCARD_E_DUPLICATE_READER;
+ break;
+ }
+ }
+ SYS_MutexUnLock(sReadersContextsLock);
+ return rv;
+}
+
+static int ReaderSlotCount(PREADER_CONTEXT ctx)
+{
+ // Call on the driver to see if there are multiple slots
+ // If we encounter errors, pretend it is just a single slot reader
+
+ UCHAR ucGetData[1];
+ DWORD dwGetSize = sizeof(ucGetData);
+ int rv = IFDGetCapabilities(ctx, TAG_IFD_SLOTS_NUMBER, &dwGetSize, ucGetData);
+
+ //Reader does not have this defined, so assume a single slot
+ if (rv != IFD_SUCCESS || dwGetSize != 1 || ucGetData[0] == 0)
+ return 1;
+
+ // Reader has this defined and it only has one slot
+ if (rv == IFD_SUCCESS && dwGetSize == 1 && ucGetData[0] == 1)
+ return 1;
+
+ return (int)ucGetData[0];
+}
+
+static BOOL ReaderDriverIsThreadSafe(PREADER_CONTEXT ctx, BOOL testSlot)
+{
+ // Call on the driver to see if it is thread safe
+ UCHAR ucThread[1];
+ DWORD dwGetSize = sizeof(ucThread);
+ int rv = IFDGetCapabilities(ctx, testSlot?TAG_IFD_SLOT_THREAD_SAFE:TAG_IFD_THREAD_SAFE,
+ &dwGetSize, ucThread);
+ if (rv == IFD_SUCCESS && dwGetSize == 1 && ucThread[0] == 1)
+ {
+ Log1(PCSC_LOG_INFO, "Driver is thread safe");
+ return 1;
+ }
+ else
+ {
+ Log1(PCSC_LOG_INFO, "Driver is not thread safe");
+ return 0;
+ }
+}
+
+static BOOL ReaderNameMatchForIndex(DWORD dwPort, LPCSTR lpcReader, int index)
+{
+ // "index" is index in sReadersContexts
+ char lpcStripReader[MAX_READERNAME];
+ int tmplen;
+
+ if (sReadersContexts[index]==NULL)
+ return 0;
+
+ strncpy(lpcStripReader, (sReadersContexts[index])->lpcReader, sizeof(lpcStripReader));
+ tmplen = strlen(lpcStripReader);
+ lpcStripReader[tmplen - 6] = 0;
+
+ return ((strcmp(lpcReader, lpcStripReader) == 0) && (dwPort == (sReadersContexts[index])->dwPort))?1:0;
+}
+
+static void ReaderContextDuplicateSlot(PREADER_CONTEXT ctxBase, PREADER_CONTEXT ctxSlot, int slotNumber, BOOL baseIsThreadSafe)
+{
+ // Copy the previous reader name and set the slot number
+ // The slot number for the base is 0
+
+ int ix;
+ char *tmpReader = ctxSlot->lpcReader;
+ strlcpy(tmpReader, ctxBase->lpcReader, sizeof(ctxSlot->lpcReader));
+ sprintf(tmpReader + strlen(tmpReader) - 2, "%02X", slotNumber);
+
+ strlcpy(ctxSlot->lpcLibrary, ctxBase->lpcLibrary, sizeof(ctxSlot->lpcLibrary));
+ strlcpy(ctxSlot->lpcDevice, ctxBase->lpcDevice, sizeof(ctxSlot->lpcDevice));
+
+ ctxSlot->dwVersion = ctxBase->dwVersion;
+ ctxSlot->dwPort = ctxBase->dwPort;
+ ctxSlot->vHandle = ctxBase->vHandle;
+ ctxSlot->mMutex = ctxBase->mMutex;
+ ctxSlot->pdwMutex = ctxBase->pdwMutex;
+ ctxSlot->dwSlot = ctxBase->dwSlot + slotNumber;
+
+ ctxSlot->pdwFeeds = ctxBase->pdwFeeds;
+
+ *ctxSlot->pdwFeeds += 1;
+
+ ctxSlot->dwBlockStatus = 0;
+ ctxSlot->dwContexts = 0;
+ ctxSlot->dwLockId = 0;
+ ctxSlot->readerState = NULL;
+ ctxSlot->dwIdentity = (slotNumber + 1) << (sizeof(DWORD) / 2) * 8;
+
+ for (ix = 0; ix < PCSCLITE_MAX_READER_CONTEXT_CHANNELS; ix++)
+ ctxSlot->psHandles[ix].hCard = 0;
+
+ if (!ctxSlot->pdwMutex)
+ ctxSlot->pdwMutex = malloc(sizeof(DWORD));
+ if (baseIsThreadSafe)
+ {
+ ctxSlot->mMutex = malloc(sizeof(PCSCLITE_MUTEX));
+ SYS_MutexInit(ctxSlot->mMutex);
+ *ctxSlot->pdwMutex = 1;
+ }
+ else
+ *ctxSlot->pdwMutex += 1;
+}
+
+#pragma mark ---------- 64 bit routines ----------
+
+/*
+ This section contains code needed to determine which architecture we are on.
+ */
+
+#include <spawn.h>
+#include <err.h>
+#include <CoreFoundation/CFBundle.h>
+#include <CoreFoundation/CFNumber.h>
+#include <signal.h>
+
+extern char **environ;
+extern char **globalArgv;
+
+static cpu_type_t architectureForPid(pid_t pid)
+{
+ // pid_t mypid = getpid(); // current process
+
+ cpu_type_t cpuType = CPU_TYPE_ANY;
+ int mib[CTL_MAXNAME]={0,};
+ size_t len = CTL_MAXNAME;
+ if (sysctlnametomib("sysctl.proc_cputype", mib, &len) != -1)
+ {
+ mib[len] = pid;
+ len++;
+
+ size_t cputypelen = sizeof(cpuType);
+ if (sysctl(mib, len, &cpuType, &cputypelen, 0, 0) == -1)
+ {
+ cpuType = CPU_TYPE_ANY;
+ }
+ }
+ return cpuType;
+}
+
+static int ReaderCheckArchitecture(LPCSTR lpcLibrary)
+{
+#if MAX_OS_X_VERSION_MIN_REQUIRED <= MAX_OS_X_VERSION_10_5
+ /*
+ Get architecture for current process. If we are already in 32-bit mode,
+ just keep going to avoid reswpaning ourselves over and over again.
+ */
+ cpu_type_t cputype = architectureForPid(getpid());
+ if (! (cputype & CPU_ARCH_ABI64))
+ return SCARD_S_SUCCESS;
+
+ /*
+ Check to see if the driver has an architecture that matches how we are
+ running now. If it doesn't, we will try to relaunch in 32 bit mode.
+ */
+ if (architectureMatch(lpcLibrary))
+ return SCARD_S_SUCCESS;
+
+ pid_t pid = getpid();
+
+ Log2(PCSC_LOG_INFO, "Send respawn signal to pcscd (pid=%d)", pid);
+ if (kill(pid, SIGUSR2) < 0)
+ {
+ Log3(PCSC_LOG_CRITICAL, "Can't signal pcscd (pid=%d): %s",
+ pid, strerror(errno));
+ }
+ void *value_ptr;
+ pthread_exit(value_ptr);
+ return SCARD_E_SERVICE_STOPPED;
+#else
+ return SCARD_S_SUCCESS;
+#endif
+}
+
+static int architectureMatch(const char *name)
+{
+ int rx = false;
+ const Boolean isDirectory = true;
+ cpu_type_t cputype;
+ CFArrayRef pluginArchitectures = NULL;
+
+ CFURLRef exurl = CFURLCreateWithFileSystemPath(kCFAllocatorDefault,
+ CFStringCreateWithCString(kCFAllocatorDefault, name, kCFStringEncodingUTF8), kCFURLPOSIXPathStyle, isDirectory);
+ if (!exurl)
+ return false;
+
+ CFBundleRef theBundle = CFBundleCreate(kCFAllocatorDefault, exurl);
+ if (theBundle == NULL)
+ goto xit;
+
+ pluginArchitectures = CFBundleCopyExecutableArchitectures(theBundle);
+ if (pluginArchitectures == NULL)
+ goto xit;
+
+ cputype = architectureForPid(getpid());
+
+ int ix;
+ for (ix = CFArrayGetCount(pluginArchitectures); --ix >= 0; )
+ {
+ CFNumberRef cfarch = (CFNumberRef)CFArrayGetValueAtIndex(pluginArchitectures, ix);
+ UInt32 arch;
+ CFNumberGetValue(cfarch, kCFNumberSInt32Type, &arch);
+ if (cputype == arch)
+ {
+ rx = true;
+ break;
+ }
+ }
+
+xit:
+
+ if (exurl)
+ CFRelease(exurl);
+ if (theBundle)
+ CFRelease(theBundle);
+ if (pluginArchitectures)
+ CFRelease(pluginArchitectures);
+
+ return rx;
+}
+
+
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/readerfactory.h
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/readerfactory.h (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/readerfactory.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,256 @@
+/*
+ * Copyright (c) 2000-2007 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * readerfactory.h
+ * SmartCardServices
+ */
+
+/*
+ * MUSCLE SmartCard Development ( http://www.linuxnet.com )
+ *
+ * Copyright (C) 1999
+ * David Corcoran <corcoran at linuxnet.com>
+ * Copyright (C) 2004
+ * Ludovic Rousseau <ludovic.rousseau at free.fr>
+ *
+ * $Id: readerfactory.h 2330 2007-01-11 16:54:16Z rousseau $
+ */
+
+/**
+ * @file
+ * @brief This keeps track of a list of currently available reader structures.
+ */
+
+#ifndef __readerfactory_h__
+#define __readerfactory_h__
+
+#include <inttypes.h>
+
+#include "thread_generic.h"
+#include "ifdhandler.h"
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+
+ typedef struct
+ {
+ char *pcFriendlyname;
+ char *pcDevicename;
+ char *pcLibpath;
+ int dwChannelId;
+ } SerialReader;
+
+ struct FctMap_V1
+ {
+ RESPONSECODE (*pvfCreateChannel)(DWORD);
+ RESPONSECODE (*pvfCloseChannel)(void);
+ RESPONSECODE (*pvfGetCapabilities)(DWORD, PUCHAR);
+ RESPONSECODE (*pvfSetCapabilities)(DWORD, PUCHAR);
+ RESPONSECODE (*pvfSetProtocolParameters)(DWORD, UCHAR, UCHAR, UCHAR,
+ UCHAR);
+ RESPONSECODE (*pvfPowerICC)(DWORD);
+ RESPONSECODE (*pvfTransmitToICC)(SCARD_IO_HEADER, PUCHAR, DWORD,
+ PUCHAR, PDWORD, PSCARD_IO_HEADER);
+ RESPONSECODE (*pvfICCPresence)(void);
+ };
+
+ typedef struct FctMap_V1 FCT_MAP_V1, *PFCT_MAP_V1;
+
+ struct FctMap_V2
+ {
+ /* shared with API 3.0 */
+ RESPONSECODE (*pvfCreateChannel)(DWORD, DWORD);
+ RESPONSECODE (*pvfCloseChannel)(DWORD);
+ RESPONSECODE (*pvfGetCapabilities)(DWORD, DWORD, PDWORD, PUCHAR);
+ RESPONSECODE (*pvfSetCapabilities)(DWORD, DWORD, DWORD, PUCHAR);
+ RESPONSECODE (*pvfSetProtocolParameters)(DWORD, DWORD, UCHAR, UCHAR,
+ UCHAR, UCHAR);
+ RESPONSECODE (*pvfPowerICC)(DWORD, DWORD, PUCHAR, PDWORD);
+ RESPONSECODE (*pvfTransmitToICC)(DWORD, SCARD_IO_HEADER, PUCHAR,
+ DWORD, PUCHAR, PDWORD, PSCARD_IO_HEADER);
+ RESPONSECODE (*pvfICCPresence)(DWORD);
+
+ /* API v2.0 only */
+ RESPONSECODE (*pvfControl)(DWORD, PUCHAR, DWORD, PUCHAR, PDWORD);
+ };
+
+ typedef struct FctMap_V2 FCT_MAP_V2, *PFCT_MAP_V2;
+
+ struct FctMap_V3
+ {
+ /* the common fields SHALL be in the same order as in FctMap_V2 */
+ RESPONSECODE (*pvfCreateChannel)(DWORD, DWORD);
+ RESPONSECODE (*pvfCloseChannel)(DWORD);
+ RESPONSECODE (*pvfGetCapabilities)(DWORD, DWORD, PDWORD, PUCHAR);
+ RESPONSECODE (*pvfSetCapabilities)(DWORD, DWORD, DWORD, PUCHAR);
+ RESPONSECODE (*pvfSetProtocolParameters)(DWORD, DWORD, UCHAR, UCHAR,
+ UCHAR, UCHAR);
+ RESPONSECODE (*pvfPowerICC)(DWORD, DWORD, PUCHAR, PDWORD);
+ RESPONSECODE (*pvfTransmitToICC)(DWORD, SCARD_IO_HEADER, PUCHAR,
+ DWORD, PUCHAR, PDWORD, PSCARD_IO_HEADER);
+ RESPONSECODE (*pvfICCPresence)(DWORD);
+
+ /* API V3.0 only */
+ RESPONSECODE (*pvfControl)(DWORD, DWORD, LPCVOID, DWORD, LPVOID,
+ DWORD, LPDWORD);
+ RESPONSECODE (*pvfCreateChannelByName)(DWORD, LPSTR);
+ };
+
+ typedef struct FctMap_V3 FCT_MAP_V3, *PFCT_MAP_V3;
+
+ /*
+ * The following is not currently used but in place if needed
+ */
+
+ struct RdrCapabilities
+ {
+ DWORD dwAsynch_Supported; /* Asynchronous Support */
+ DWORD dwDefault_Clock; /* Default Clock Rate */
+ DWORD dwMax_Clock; /* Max Clock Rate */
+ DWORD dwDefault_Data_Rate; /* Default Data Rate */
+ DWORD dwMax_Data_Rate; /* Max Data Rate */
+ DWORD dwMax_IFSD; /* Maximum IFSD Size */
+ DWORD dwSynch_Supported; /* Synchronous Support */
+ DWORD dwPower_Mgmt; /* Power Mgmt Features */
+ DWORD dwCard_Auth_Devices; /* Card Auth Devices */
+ DWORD dwUser_Auth_Device; /* User Auth Devices */
+ DWORD dwMechanics_Supported; /* Machanics Supported */
+ DWORD dwVendor_Features; /* User Defined. */
+ };
+
+ typedef struct RdrCapabilities RDR_CAPABILITIES, *PRDR_CAPABILITIES;
+
+ struct ProtOptions
+ {
+ DWORD dwProtocol_Type; /* Protocol Type */
+ DWORD dwCurrent_Clock; /* Current Clock */
+ DWORD dwCurrent_F; /* Current F */
+ DWORD dwCurrent_D; /* Current D */
+ DWORD dwCurrent_N; /* Current N */
+ DWORD dwCurrent_W; /* Current W */
+ DWORD dwCurrent_IFSC; /* Current IFSC */
+ DWORD dwCurrent_IFSD; /* Current IFSD */
+ DWORD dwCurrent_BWT; /* Current BWT */
+ DWORD dwCurrent_CWT; /* Current CWT */
+ DWORD dwCurrent_EBC; /* Current EBC */
+ };
+
+ typedef struct ProtOptions PROT_OPTIONS, *PPROT_OPTIONS;
+
+ struct RdrCliHandles
+ {
+ SCARDHANDLE hCard; /* hCard for this connection */
+ DWORD dwEventStatus; /* Recent event that must be sent */
+ };
+
+ typedef struct RdrCliHandles RDR_CLIHANDLES, *PRDR_CLIHANDLES;
+
+ struct ReaderContext
+ {
+ char lpcReader[MAX_READERNAME]; /* Reader Name */
+ char lpcLibrary[MAX_LIBNAME]; /* Library Path */
+ char lpcDevice[MAX_DEVICENAME]; /* Device Name */
+ PCSCLITE_THREAD_T pthThread; /* Event polling thread */
+ PCSCLITE_MUTEX_T mMutex; /* Mutex for this connection */
+ RDR_CLIHANDLES psHandles[PCSCLITE_MAX_READER_CONTEXT_CHANNELS];
+ /* Structure of connected handles */
+ union
+ {
+ FCT_MAP_V1 psFunctions_v1; /* API V1.0 */
+ FCT_MAP_V2 psFunctions_v2; /* API V2.0 */
+ FCT_MAP_V3 psFunctions_v3; /* API V3.0 */
+ } psFunctions;
+
+ LPVOID vHandle; /* Dlopen handle */
+ DWORD dwVersion; /* IFD Handler version number */
+ DWORD dwPort; /* Port ID */
+ DWORD dwSlot; /* Current Reader Slot */
+ DWORD dwBlockStatus; /* Current blocking status */
+ DWORD dwLockId; /* Lock Id */
+ DWORD dwIdentity; /* Shared ID High Nibble */
+ int32_t dwContexts; /* Number of open contexts */
+ PDWORD pdwFeeds; /* Number of shared client to lib */
+ PDWORD pdwMutex; /* Number of client to mutex */
+
+ struct pubReaderStatesList *readerState; /* link to the reader state */
+ /* we can't use PREADER_STATE here since eventhandler.h can't be
+ * included because of circular dependencies */
+
+ /* these structures are unused */
+#if 0
+ RDR_CAPABILITIES psCapabilites; /* Structure of reader
+ capabilities */
+ PROT_OPTIONS psProtOptions; /* Structure of protocol options */
+#endif
+ };
+
+ typedef struct ReaderContext READER_CONTEXT, *PREADER_CONTEXT;
+
+ LONG RFAllocateReaderSpace(void);
+ LONG RFAddReader(LPSTR, DWORD, LPSTR, LPSTR);
+ LONG RFRemoveReader(LPSTR, DWORD);
+ LONG RFSetReaderName(PREADER_CONTEXT, LPCSTR, LPCSTR, DWORD, DWORD);
+ LONG RFListReaders(LPSTR, LPDWORD);
+ LONG RFReaderInfo(LPSTR, struct ReaderContext **);
+ LONG RFReaderInfoNamePort(DWORD, LPSTR, struct ReaderContext **);
+ LONG RFReaderInfoById(DWORD, struct ReaderContext **);
+ LONG RFCheckSharing(DWORD);
+ LONG RFLockSharing(DWORD);
+ LONG RFUnlockSharing(DWORD);
+ LONG RFUnblockReader(PREADER_CONTEXT);
+ LONG RFUnblockContext(SCARDCONTEXT);
+#if 0
+ LONG RFLoadReader(PREADER_CONTEXT);
+ LONG RFBindFunctions(PREADER_CONTEXT);
+ LONG RFUnBindFunctions(PREADER_CONTEXT);
+ LONG RFUnloadReader(PREADER_CONTEXT);
+#endif
+ LONG RFInitializeReader(PREADER_CONTEXT);
+ LONG RFUnInitializeReader(PREADER_CONTEXT);
+ SCARDHANDLE RFCreateReaderHandle(PREADER_CONTEXT);
+ LONG RFDestroyReaderHandle(SCARDHANDLE hCard);
+ LONG RFAddReaderHandle(PREADER_CONTEXT, SCARDHANDLE);
+ LONG RFFindReaderHandle(SCARDHANDLE);
+ LONG RFRemoveReaderHandle(PREADER_CONTEXT, SCARDHANDLE);
+ LONG RFSetReaderEventState(PREADER_CONTEXT, DWORD);
+ LONG RFCheckReaderEventState(PREADER_CONTEXT, SCARDHANDLE);
+ LONG RFClearReaderEventState(PREADER_CONTEXT, SCARDHANDLE);
+ LONG RFCheckReaderStatus(PREADER_CONTEXT);
+ void RFCleanupReaders(int);
+ int RFStartSerialReaders(const char *readerconf);
+ void RFReCheckReaderConf(void);
+ void RFSuspendAllReaders(void);
+ void RFAwakeAllReaders(void);
+
+ void ReaderContextLock(PREADER_CONTEXT rContext);
+ void ReaderContextUnlock(PREADER_CONTEXT rContext);
+ int ReaderContextIsLocked(PREADER_CONTEXT rContext);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/readerstate.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/readerstate.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/readerstate.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,108 @@
+/*
+ * Copyright (c) 2007 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * readerstate.cpp
+ * SmartCardServices
+*/
+
+#include "readerstate.h"
+#include "pcsclite.h"
+#include "eventhandler.h"
+#include <security_utilities/debugging.h>
+
+DWORD SharedReaderState_State(READER_STATE *rs)
+{
+ PCSCD::SharedReaderState *srs = PCSCD::SharedReaderState::overlay(rs);
+ return srs->xreaderState();
+}
+
+DWORD SharedReaderState_Protocol(READER_STATE *rs)
+{
+ PCSCD::SharedReaderState *srs = PCSCD::SharedReaderState::overlay(rs);
+ return srs->xcardProtocol();
+}
+
+DWORD SharedReaderState_Sharing(READER_STATE *rs)
+{
+ PCSCD::SharedReaderState *srs = PCSCD::SharedReaderState::overlay(rs);
+ return srs->sharing();
+}
+
+size_t SharedReaderState_CardAtrLength(READER_STATE *rs)
+{
+ PCSCD::SharedReaderState *srs = PCSCD::SharedReaderState::overlay(rs);
+ return srs->xcardAtrLength();
+}
+
+LONG SharedReaderState_ReaderID(READER_STATE *rs)
+{
+ PCSCD::SharedReaderState *srs = PCSCD::SharedReaderState::overlay(rs);
+ return srs->xreaderID();
+}
+
+const unsigned char *SharedReaderState_CardAtr(READER_STATE *rs)
+{
+ PCSCD::SharedReaderState *srs = PCSCD::SharedReaderState::overlay(rs);
+ return srs->xcardAtr();
+}
+
+const char *SharedReaderState_ReaderName(READER_STATE *rs)
+{
+ PCSCD::SharedReaderState *srs = PCSCD::SharedReaderState::overlay(rs);
+ return srs->xreaderName();
+}
+
+int SharedReaderState_ReaderNameIsEqual(READER_STATE *rs, const char *otherName)
+{
+ if (otherName)
+ {
+ PCSCD::SharedReaderState *srs = PCSCD::SharedReaderState::overlay(rs);
+ return (strcmp(otherName, srs->xreaderName()) == 0);
+ }
+ else
+ return 0;
+}
+
+void SharedReaderState_SetState(READER_STATE *rs, DWORD state)
+{
+ PCSCD::SharedReaderState *srs = PCSCD::SharedReaderState::overlay(rs);
+ srs->xreaderState(state);
+}
+
+void SharedReaderState_SetProtocol(READER_STATE *rs, DWORD newprotocol)
+{
+ PCSCD::SharedReaderState *srs = PCSCD::SharedReaderState::overlay(rs);
+ srs->xcardProtocol(newprotocol);
+}
+
+void SharedReaderState_SetCardAtrLength(READER_STATE *rs, size_t len)
+{
+ PCSCD::SharedReaderState *srs = PCSCD::SharedReaderState::overlay(rs);
+ srs->xcardAtrLength(len);
+}
+
+
+#pragma mark ---------- C Interface ----------
+
+
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/readerstate.h
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/readerstate.h (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/readerstate.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,116 @@
+/*
+ * Copyright (c) 2007 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * readerstate.h
+ * SmartCardServices
+ */
+
+#ifndef _H_PCSCD_READER_STATE
+#define _H_PCSCD_READER_STATE
+
+#include "wintypes.h"
+#include "pcsclite.h"
+#include "readerfactory.h"
+#include "eventhandler.h"
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+
+DWORD SharedReaderState_State(READER_STATE *rs);
+DWORD SharedReaderState_Protocol(READER_STATE *rs);
+DWORD SharedReaderState_Sharing(READER_STATE *rs);
+size_t SharedReaderState_CardAtrLength(READER_STATE *rs);
+LONG SharedReaderState_ReaderID(READER_STATE *rs);
+const unsigned char *SharedReaderState_CardAtr(READER_STATE *rs);
+const char *SharedReaderState_ReaderName(READER_STATE *rs);
+int SharedReaderState_ReaderNameIsEqual(READER_STATE *rs, const char *otherName);
+void SharedReaderState_SetState(READER_STATE *rs, DWORD state);
+void SharedReaderState_SetProtocol(READER_STATE *rs, DWORD newprotocol);
+void SharedReaderState_SetCardAtrLength(READER_STATE *rs, size_t len);
+
+#ifdef __cplusplus
+}
+#endif
+
+
+#if defined(__cplusplus)
+
+#include <security_utilities/threading.h>
+
+namespace PCSCD {
+
+//
+// NB: We are using the fact that on our systems, mutexes provide read/write
+// memory barrier as a side effect to avoid having to flush the shared memory
+// region to disk
+//
+
+
+//
+// A PODWrapper for the PCSC ReaderState structure
+//
+class SharedReaderState : public PodWrapper<SharedReaderState, READER_STATE>
+{
+public:
+
+ LONG xreaderID() const { Atomic<int>::barrier(); return ntohl(readerID); }
+ void xreaderID(LONG rid) { Atomic<int>::barrier(); readerID = htonl(rid); }
+
+ DWORD xreaderState() const { Atomic<int>::barrier(); return ntohl(readerState); }
+ void xreaderState(DWORD state) { Atomic<int>::barrier(); readerState = htonl(state); }
+
+ DWORD sharing() const { Atomic<int>::barrier(); return ntohl(readerSharing); }
+ void sharing(DWORD sharing) { Atomic<int>::barrier(); readerSharing = htonl(sharing); }
+
+ DWORD xlockState() const { Atomic<int>::barrier(); return ntohl(lockState); }
+ void xlockState(DWORD state) { Atomic<int>::barrier(); lockState = htonl(state); }
+
+ DWORD xcardProtocol() const { Atomic<int>::barrier(); return ntohl(cardProtocol); }
+ void xcardProtocol(DWORD prot) { Atomic<int>::barrier(); cardProtocol = htonl(prot); }
+
+ // strings
+ const char *xreaderName() const { Atomic<int>::barrier(); return readerName; }
+ void xreaderName(const char *rname, size_t len = MAX_READERNAME) { Atomic<int>::barrier(); strlcpy(readerName, rname, len); }
+ size_t readerNameLength() const { return strlen(readerName); }
+ void xreaderNameClear() { Atomic<int>::barrier(); memset(readerName, 0, sizeof(readerName)); }
+
+ const unsigned char *xcardAtr() const { Atomic<int>::barrier(); return cardAtr; }
+ unsigned char *xcardAtr() { Atomic<int>::barrier(); return cardAtr; }
+ void xcardAtr(const unsigned char *atr, size_t len) { Atomic<int>::barrier();
+ memcpy((char *)&cardAtr[0], (const char *)atr, len); cardAtrLength = htonl(len); }
+ size_t xcardAtrLength() const { Atomic<int>::barrier(); return ntohl(cardAtrLength); }
+ void xcardAtrLength(DWORD len) { Atomic<int>::barrier(); cardAtrLength = htonl(len); }
+ void xcardAtrClear() { Atomic<int>::barrier(); memset(cardAtr, 0, sizeof(cardAtr)); }
+};
+
+
+
+} // end namespace PCSCD
+
+#endif /* __cplusplus__ */
+
+#endif //_H_PCSCD_READER_STATE
+
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/sys_generic.h
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/sys_generic.h (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/sys_generic.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,115 @@
+/*
+ * Copyright (c) 2000-2007 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * sys_generic.h
+ * SmartCardServices
+ */
+
+/*
+ * MUSCLE SmartCard Development ( http://www.linuxnet.com )
+ *
+ * Copyright (C) 1999
+ * David Corcoran <corcoran at linuxnet.com>
+ *
+ * $Id: sys_generic.h 2264 2006-12-03 13:15:03Z rousseau $
+ */
+
+/**
+ * @file
+ * @brief This handles abstract system level calls.
+ */
+
+#ifndef __sys_generic_h__
+#define __sys_generic_h__
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+
+#include <sys/stat.h>
+
+ int SYS_Initialize(void);
+
+ int SYS_Mkdir(const char *, int);
+
+ int SYS_GetPID(void);
+
+ int SYS_Sleep(int);
+
+ int SYS_USleep(int);
+
+ int SYS_OpenFile(const char *, int, int);
+
+ int SYS_CloseFile(int);
+
+ int SYS_RemoveFile(const char *);
+
+ int SYS_Chmod(const char *, int);
+
+ int SYS_Chdir(const char *);
+
+ int SYS_GetUID(void);
+
+ int SYS_GetGID(void);
+
+ int SYS_ChangePermissions(const char *, int);
+
+ int SYS_SeekFile(int, int);
+
+ int SYS_ReadFile(int, char *, int);
+
+ int SYS_WriteFile(int, const char *, int);
+
+ int SYS_GetPageSize(void);
+
+ void *SYS_MemoryMap(int, int, int);
+
+ void *SYS_PublicMemoryMap(int, int, int);
+
+ void SYS_PublicMemoryUnmap(void *, int);
+
+ int SYS_MMapSynchronize(void *, int);
+
+ int SYS_Fork(void);
+
+ int SYS_Daemon(int, int);
+
+ int SYS_Stat(const char *pcFile, struct stat *psStatus);
+
+ int SYS_Fstat(int);
+
+ int SYS_Random(int, float, float);
+
+ int SYS_GetSeed();
+
+ void SYS_Exit(int);
+
+ int SYS_Unlink(const char *pcFile);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __sys_generic_h__ */
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/sys_macosx.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/sys_macosx.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/sys_macosx.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,374 @@
+/*
+ * Copyright (c) 2000-2004 Apple Computer, Inc. All Rights Reserved.
+ * The contents of this file constitute Original Code as defined in and are
+ * subject to the Apple Public Source License Version 1.2 (the 'License').
+ * You may not use this file except in compliance with the License. Please
+ * obtain a copy of the License at http://www.apple.com/publicsource and
+ * read it before using this file.
+ *
+ * This Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS
+ * FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please
+ * see the License for the specific language governing rights and
+ * limitations under the License.
+ */
+
+/******************************************************************
+
+ MUSCLE SmartCard Development ( http://www.linuxnet.com )
+ Title : sys_unix.c
+ Package: pcsc lite
+ Author : David Corcoran
+ Date : 11/8/99
+ License: Copyright (C) 1999 David Corcoran
+ <corcoran at linuxnet.com>
+ Purpose: This handles abstract system level calls.
+
+$Id: sys_macosx.cpp,v 1.5.40.1 2005/06/17 22:40:12 mb Exp $
+
+********************************************************************/
+
+#include <sys_generic.h>
+#include <sys/types.h>
+#include <sys/mman.h>
+#include <sys/stat.h>
+#include <sys/wait.h>
+#include <sys/time.h>
+#include <sys/file.h>
+#include <fcntl.h>
+#include <errno.h>
+#include <unistd.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <signal.h>
+#include <time.h>
+#include "pcscexport.h"
+#include "debug.h"
+
+#include "pcscdmonitor.h"
+#include <securityd_client/ssclient.h>
+//#include <security_utilities/debugging.h>
+
+#include "config.h"
+
+
+extern "C" {
+
+int SYS_Initialize()
+{
+ /*
+ * Nothing special for OS X and Linux
+ */
+ return 0;
+}
+
+/**
+ * @brief Attempts to create a directory with some permissions.
+ *
+ * @param[in] path Path of the directory to be created.
+ * @param[in] perms Permissions to the new directory.
+ *
+ * @return Eror code.
+ * @retval 0 Success.
+ * @retval -1 An error occurred.
+ */
+INTERNAL int SYS_Mkdir(const char *path, int perms)
+{
+ return mkdir(path, perms);
+}
+
+/**
+ * @brief Gets the running process's ID.
+ *
+ * @return PID.
+ */
+INTERNAL int SYS_GetPID(void)
+{
+ return getpid();
+}
+
+/**
+ * @brief Makes the current process sleep for some seconds.
+ *
+ * @param[in] iTimeVal Number of seconds to sleep.
+ */
+INTERNAL int SYS_Sleep(int iTimeVal)
+{
+#ifdef HAVE_NANOSLEEP
+ struct timespec mrqtp;
+ mrqtp.tv_sec = iTimeVal;
+ mrqtp.tv_nsec = 0;
+
+ return nanosleep(&mrqtp, NULL);
+#else
+ return sleep(iTimeVal);
+#endif
+}
+
+/**
+ * @brief Makes the current process sleep for some microseconds.
+ *
+ * @param[in] iTimeVal Number of microseconds to sleep.
+ */
+INTERNAL int SYS_USleep(int iTimeVal)
+{
+#ifdef HAVE_NANOSLEEP
+ struct timespec mrqtp;
+ mrqtp.tv_sec = iTimeVal/1000000;
+ mrqtp.tv_nsec = (iTimeVal - (mrqtp.tv_sec * 1000000)) * 1000;
+
+ return nanosleep(&mrqtp, NULL);
+#else
+ usleep(iTimeVal);
+ return iTimeVal;
+#endif
+}
+
+/**
+ * @brief Opens/creates a file.
+ *
+ * @param[in] pcFile path to the file.
+ * @param[in] flags Open and read/write choices.
+ * @param[in] mode Permissions to the file.
+ *
+ * @return File descriptor.
+ * @retval >0 The file descriptor.
+ * @retval -1 An error ocurred.
+ */
+INTERNAL int SYS_OpenFile(const char *pcFile, int flags, int mode)
+{
+ return open(pcFile, flags, mode);
+}
+
+/**
+ * @brief Opens/creates a file.
+ *
+ * @param[in] iHandle File descriptor.
+ *
+ * @return Error code.
+ * @retval 0 Success.
+ * @retval -1 An error ocurred.
+ */
+INTERNAL int SYS_CloseFile(int iHandle)
+{
+ return close(iHandle);
+}
+
+/**
+ * @brief Removes a file.
+ *
+ * @param[in] pcFile path to the file.
+ *
+ * @return Error code.
+ * @retval 0 Success.
+ * @retval -1 An error ocurred.
+ */
+INTERNAL int SYS_RemoveFile(const char *pcFile)
+{
+ return remove(pcFile);
+}
+
+INTERNAL int SYS_Chmod(const char *path, int mode)
+{
+ return chmod(path, mode);
+}
+
+INTERNAL int SYS_Chdir(const char *path)
+{
+ return chdir(path);
+}
+
+int SYS_Mkfifo(const char *path, int mode)
+{
+ return mkfifo(path, mode);
+}
+
+int SYS_Mknod(const char *path, int mode, int dev)
+{
+ return mknod(path, mode, dev);
+}
+
+int SYS_GetUID()
+{
+ return getuid();
+}
+
+INTERNAL int SYS_GetGID(void)
+{
+ return getgid();
+}
+
+INTERNAL int SYS_SeekFile(int iHandle, int iSeekLength)
+{
+ int iOffset;
+ iOffset = lseek(iHandle, iSeekLength, SEEK_SET);
+ return iOffset;
+}
+
+INTERNAL int SYS_ReadFile(int iHandle, char *pcBuffer, int iLength)
+{
+ return read(iHandle, pcBuffer, iLength);
+}
+
+INTERNAL int SYS_WriteFile(int iHandle, const char *pcBuffer, int iLength)
+{
+ return write(iHandle, pcBuffer, iLength);
+}
+
+/**
+ * @brief Gets the memory page size.
+ *
+ * The page size is used when calling the \c SYS_MemoryMap() and
+ * \c SYS_PublicMemoryMap() functions.
+ *
+ * @return Number of bytes per page.
+ */
+INTERNAL int SYS_GetPageSize(void)
+{
+ return getpagesize();
+}
+
+/**
+ * @brief Map the file \p iFid in memory for reading and writing.
+ *
+ * @param[in] iSize Size of the memmory mapped.
+ * @param[in] iFid File which will be mapped in memory.
+ * @param[in] iOffset Start point of the file to be mapped in memory.
+ *
+ * @return Address of the memory map.
+ * @retval MAP_FAILED in case of error
+ */
+INTERNAL void *SYS_MemoryMap(int iSize, int iFid, int iOffset)
+{
+
+ void *vAddress;
+
+ vAddress = 0;
+ vAddress = mmap(0, iSize, PROT_READ | PROT_WRITE,
+ MAP_SHARED, iFid, iOffset);
+
+ /*
+ * Here are some common error types: switch( errno ) { case EINVAL:
+ * printf("EINVAL"); case EBADF: printf("EBADF"); break; case EACCES:
+ * printf("EACCES"); break; case EAGAIN: printf("EAGAIN"); break; case
+ * ENOMEM: printf("ENOMEM"); break; }
+ */
+
+ return vAddress;
+}
+
+/**
+ * @brief Map the file \p iFid in memory only for reading.
+ *
+ * @param[in] iSize Size of the memmory mapped.
+ * @param[in] iFid File which will be mapped in memory.
+ * @param[in] iOffset Start point of the file to be mapped in memory.
+ *
+ * @return Address of the memory map.
+ */
+INTERNAL void *SYS_PublicMemoryMap(int iSize, int iFid, int iOffset)
+{
+
+ void *vAddress;
+
+ vAddress = 0;
+ vAddress = mmap(0, iSize, PROT_READ, MAP_SHARED, iFid, iOffset);
+ if (vAddress == (void*)-1) /* mmap returns -1 on error */
+ {
+ Log2(PCSC_LOG_CRITICAL, "SYS_PublicMemoryMap() failed: %s",
+ strerror(errno));
+ vAddress = NULL;
+ }
+
+ return vAddress;
+}
+
+int SYS_MMapSynchronize(void *begin, int length)
+{
+ int rc = msync(begin, length, MS_SYNC | MS_INVALIDATE);
+
+ PCSCDMonitor::postNotification(SecurityServer::kNotificationPCSCStateChange);
+
+ return rc;
+}
+
+int SYS_MUnmap(void *begin, int length)
+{
+ return munmap(begin, length);
+}
+
+INTERNAL int SYS_Fork(void)
+{
+ return fork();
+}
+
+#ifdef HAVE_DAEMON
+int SYS_Daemon(int nochdir, int noclose)
+{
+ return daemon(nochdir, noclose);
+}
+#endif
+
+int SYS_Wait(int iPid, int iWait)
+{
+ return waitpid(-1, 0, WNOHANG);
+}
+
+INTERNAL int SYS_Stat(const char *pcFile, struct stat *psStatus)
+{
+ return stat(pcFile, psStatus);
+}
+
+int SYS_Fstat(int iFd)
+{
+ struct stat sStatus;
+ return fstat(iFd, &sStatus);
+}
+
+int SYS_Random(int iSeed, float fStart, float fEnd)
+{
+
+ int iRandNum = 0;
+
+ if (iSeed != 0)
+ {
+ srand(iSeed);
+ }
+
+ iRandNum = 1 + (int) (fEnd * rand() / (RAND_MAX + fStart));
+ srand(iRandNum);
+
+ return iRandNum;
+}
+
+INTERNAL int SYS_GetSeed(void)
+{
+ struct timeval tv;
+ struct timezone tz;
+ long myseed = 0;
+
+ tz.tz_minuteswest = 0;
+ tz.tz_dsttime = 0;
+ if (gettimeofday(&tv, &tz) == 0)
+ {
+ myseed = tv.tv_usec;
+ } else
+ {
+ myseed = (long) time(NULL);
+ }
+ return myseed;
+}
+
+INTERNAL void SYS_Exit(int iRetVal)
+{
+ _exit(iRetVal);
+}
+
+INTERNAL int SYS_Unlink(const char *pcFile)
+{
+ return unlink(pcFile);
+}
+
+} // extern "C"
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/sys_unix.c
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/sys_unix.c (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/sys_unix.c 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,404 @@
+/*
+ * Copyright (c) 2000-2007 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * sys_unix.c
+ * SmartCardServices
+ */
+
+/*
+ * This handles abstract system level calls.
+ *
+ * MUSCLE SmartCard Development ( http://www.linuxnet.com )
+ *
+ * Copyright (C) 1999
+ * David Corcoran <corcoran at linuxnet.com>
+ *
+ * $Id: sys_unix.c 2353 2007-01-23 10:31:50Z rousseau $
+ */
+
+/**
+ * @file
+ * @brief This handles abstract system level calls.
+ */
+
+#include <sys_generic.h>
+#include <sys/types.h>
+#include <sys/mman.h>
+#include <sys/stat.h>
+#include <sys/wait.h>
+#include <sys/time.h>
+#include <sys/file.h>
+#include <fcntl.h>
+#include <errno.h>
+#include <unistd.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <signal.h>
+#include <time.h>
+#include <string.h>
+#include "debug.h"
+
+#include "config.h"
+#include "pcscexport.h"
+
+#include <security_utilities/debugging.h>
+
+/**
+ * @brief Make system wide initialization.
+ *
+ * @return Eror code.
+ * @retval 0 Success.
+ */
+INTERNAL int SYS_Initialize(void)
+{
+ /*
+ * Nothing special for OS X and Linux
+ */
+ return 0;
+}
+
+/**
+ * @brief Attempts to create a directory with some permissions.
+ *
+ * @param[in] path Path of the directory to be created.
+ * @param[in] perms Permissions to the new directory.
+ *
+ * @return Eror code.
+ * @retval 0 Success.
+ * @retval -1 An error occurred.
+ */
+INTERNAL int SYS_Mkdir(const char *path, int perms)
+{
+ return mkdir(path, perms);
+}
+
+/**
+ * @brief Gets the running process's ID.
+ *
+ * @return PID.
+ */
+INTERNAL int SYS_GetPID(void)
+{
+ return getpid();
+}
+
+/**
+ * @brief Makes the current process sleep for some seconds.
+ *
+ * @param[in] iTimeVal Number of seconds to sleep.
+ */
+INTERNAL int SYS_Sleep(int iTimeVal)
+{
+#ifdef HAVE_NANOSLEEP
+ struct timespec mrqtp;
+ mrqtp.tv_sec = iTimeVal;
+ mrqtp.tv_nsec = 0;
+
+ return nanosleep(&mrqtp, NULL);
+#else
+ return sleep(iTimeVal);
+#endif
+}
+
+/**
+ * @brief Makes the current process sleep for some microseconds.
+ *
+ * @param[in] iTimeVal Number of microseconds to sleep.
+ */
+INTERNAL int SYS_USleep(int iTimeVal)
+{
+#ifdef HAVE_NANOSLEEP
+ struct timespec mrqtp;
+ mrqtp.tv_sec = iTimeVal/1000000;
+ mrqtp.tv_nsec = (iTimeVal - (mrqtp.tv_sec * 1000000)) * 1000;
+
+ return nanosleep(&mrqtp, NULL);
+#else
+ usleep(iTimeVal);
+ return iTimeVal;
+#endif
+}
+
+/**
+ * @brief Opens/creates a file.
+ *
+ * @param[in] pcFile path to the file.
+ * @param[in] flags Open and read/write choices.
+ * @param[in] mode Permissions to the file.
+ *
+ * @return File descriptor.
+ * @retval >0 The file descriptor.
+ * @retval -1 An error ocurred.
+ */
+INTERNAL int SYS_OpenFile(const char *pcFile, int flags, int mode)
+{
+ return open(pcFile, flags, mode);
+}
+
+/**
+ * @brief Opens/creates a file.
+ *
+ * @param[in] iHandle File descriptor.
+ *
+ * @return Error code.
+ * @retval 0 Success.
+ * @retval -1 An error ocurred.
+ */
+INTERNAL int SYS_CloseFile(int iHandle)
+{
+ return close(iHandle);
+}
+
+/**
+ * @brief Removes a file.
+ *
+ * @param[in] pcFile path to the file.
+ *
+ * @return Error code.
+ * @retval 0 Success.
+ * @retval -1 An error ocurred.
+ */
+INTERNAL int SYS_RemoveFile(const char *pcFile)
+{
+ return remove(pcFile);
+}
+
+INTERNAL int SYS_Chmod(const char *path, int mode)
+{
+ return chmod(path, mode);
+}
+
+INTERNAL int SYS_Chdir(const char *path)
+{
+ return chdir(path);
+}
+
+INTERNAL int SYS_GetUID(void)
+{
+ return getuid();
+}
+
+INTERNAL int SYS_GetGID(void)
+{
+ return getgid();
+}
+
+INTERNAL int SYS_SeekFile(int iHandle, int iSeekLength)
+{
+ int iOffset;
+ iOffset = lseek(iHandle, iSeekLength, SEEK_SET);
+ return iOffset;
+}
+
+INTERNAL int SYS_ReadFile(int iHandle, char *pcBuffer, int iLength)
+{
+ return read(iHandle, pcBuffer, iLength);
+}
+
+INTERNAL int SYS_WriteFile(int iHandle, const char *pcBuffer, int iLength)
+{
+ return write(iHandle, pcBuffer, iLength);
+}
+
+/**
+ * @brief Gets the memory page size.
+ *
+ * The page size is used when calling the \c SYS_MemoryMap() and
+ * \c SYS_PublicMemoryMap() functions.
+ *
+ * @return Number of bytes per page.
+ */
+INTERNAL int SYS_GetPageSize(void)
+{
+ return getpagesize();
+}
+
+/**
+ * @brief Map the file \p iFid in memory for reading and writing.
+ *
+ * @param[in] iSize Size of the memmory mapped.
+ * @param[in] iFid File which will be mapped in memory.
+ * @param[in] iOffset Start point of the file to be mapped in memory.
+ *
+ * @return Address of the memory map.
+ * @retval MAP_FAILED in case of error
+ */
+INTERNAL void *SYS_MemoryMap(int iSize, int iFid, int iOffset)
+{
+
+ void *vAddress;
+
+ vAddress = 0;
+ vAddress = mmap(0, iSize, PROT_READ | PROT_WRITE,
+ MAP_SHARED, iFid, iOffset);
+
+ /*
+ * Here are some common error types: switch( errno ) { case EINVAL:
+ * printf("EINVAL"); case EBADF: printf("EBADF"); break; case EACCES:
+ * printf("EACCES"); break; case EAGAIN: printf("EAGAIN"); break; case
+ * ENOMEM: printf("ENOMEM"); break; }
+ */
+
+ return vAddress;
+}
+
+/**
+ * @brief Map the file \p iFid in memory only for reading.
+ *
+ * @param[in] iSize Size of the memmory mapped.
+ * @param[in] iFid File which will be mapped in memory.
+ * @param[in] iOffset Start point of the file to be mapped in memory.
+ *
+ * @return Address of the memory map.
+ */
+INTERNAL void *SYS_PublicMemoryMap(int iSize, int iFid, int iOffset)
+{
+
+ void *vAddress;
+
+ vAddress = 0;
+ vAddress = mmap(0, iSize, PROT_READ, MAP_SHARED, iFid, iOffset);
+ if (vAddress == (void*)-1) /* mmap returns -1 on error */
+ {
+ Log2(PCSC_LOG_CRITICAL, "SYS_PublicMemoryMap() failed: %s",
+ strerror(errno));
+ vAddress = NULL;
+ }
+
+ return vAddress;
+}
+
+/**
+ * @brief Unmap a memory segment
+ *
+ * @param ptr pointer returned by SYS_PublicMemoryMap()
+ * @param iSize size of the memory segment
+ */
+INTERNAL void SYS_PublicMemoryUnmap(void * ptr, int iSize)
+{
+ munmap(ptr, iSize);
+}
+
+/**
+ * @brief Writes the changes made in a memory map to the disk mapped file.
+ *
+ * @param[in] begin Start of the block to be written
+ * @param[in] length Lenght of the block to be written
+ *
+ * @return Error code.
+ * @retval 0 Success.
+ * @retval -1 An error ocurred.
+ */
+INTERNAL int SYS_MMapSynchronize(void *begin, int length)
+{
+ int flags = 0;
+
+#ifdef MS_INVALIDATE
+ flags |= MS_INVALIDATE;
+#endif
+ return msync(begin, length, MS_SYNC | flags);
+}
+
+INTERNAL int SYS_Fork(void)
+{
+ return fork();
+}
+
+/**
+ * @brief put the process to run in the background.
+ *
+ * @param[in] nochdir if zero, change the current directory to "/".
+ * @param[in] noclose if zero, redirect standard imput/output/error to /dev/nulll.
+ *
+ * @return error code.
+ * @retval 0 success.
+ * @retval -1 an error ocurred.
+ */
+INTERNAL int SYS_Daemon(int nochdir, int noclose)
+{
+#ifdef HAVE_DAEMON
+ return daemon(nochdir, noclose);
+}
+#endif
+
+int SYS_Wait(int iPid, int iWait)
+{
+ return waitpid(-1, 0, WNOHANG);
+}
+
+INTERNAL int SYS_Stat(const char *pcFile, struct stat *psStatus)
+{
+ return stat(pcFile, psStatus);
+}
+
+int SYS_Fstat(int iFd)
+{
+ struct stat sStatus;
+ return fstat(iFd, &sStatus);
+}
+
+int SYS_Random(int iSeed, float fStart, float fEnd)
+{
+
+ int iRandNum = 0;
+
+ if (iSeed != 0)
+ {
+ srand(iSeed);
+ }
+
+ iRandNum = 1 + (int) (fEnd * rand() / (RAND_MAX + fStart));
+ srand(iRandNum);
+
+ return iRandNum;
+}
+
+INTERNAL int SYS_GetSeed(void)
+{
+ struct timeval tv;
+ struct timezone tz;
+ long myseed = 0;
+
+ tz.tz_minuteswest = 0;
+ tz.tz_dsttime = 0;
+ if (gettimeofday(&tv, &tz) == 0)
+ {
+ myseed = tv.tv_usec;
+ } else
+ {
+ myseed = (long) time(NULL);
+ }
+ return myseed;
+}
+
+INTERNAL void SYS_Exit(int iRetVal)
+{
+ _exit(iRetVal);
+}
+
+INTERNAL int SYS_Unlink(const char *pcFile)
+{
+ return unlink(pcFile);
+}
+
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/testpcsc.c
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/testpcsc.c (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/testpcsc.c 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,236 @@
+/*
+ * Copyright (c) 2000-2002 Apple Computer, Inc. All Rights Reserved.
+ * The contents of this file constitute Original Code as defined in and are
+ * subject to the Apple Public Source License Version 1.2 (the 'License').
+ * You may not use this file except in compliance with the License. Please
+ * obtain a copy of the License at http://www.apple.com/publicsource and
+ * read it before using this file.
+ *
+ * This Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS
+ * FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please
+ * see the License for the specific language governing rights and
+ * limitations under the License.
+ */
+
+
+/******************************************************************
+
+ MUSCLE SmartCard Development ( http://www.linuxnet.com )
+ Title : test.c
+ Package: pcsc lite
+ Author : David Corcoran
+ Date : 7/27/99
+ License: Copyright (C) 1999 David Corcoran
+ <corcoran at linuxnet.com>
+ Purpose: This is a test program for pcsc-lite.
+
+********************************************************************/
+
+#include <stdio.h>
+#include <stdlib.h>
+
+#include "config.h"
+#include "pcsclite.h"
+#include "winscard.h"
+
+/*
+ * #define REPEAT_TEST 1
+ */
+
+int main(int argc, char **argv)
+{
+ SCARDHANDLE hCard;
+ SCARDCONTEXT hContext;
+ SCARD_READERSTATE_A rgReaderStates[1];
+ uint32_t dwReaderLen, dwState, dwProt, dwAtrLen;
+ // unsigned long dwSendLength, dwRecvLength;
+ uint32_t dwPref, dwReaders;
+ char *pcReaders, *mszReaders;
+ unsigned char pbAtr[MAX_ATR_SIZE];
+ const char *mszGroups;
+ long rv;
+ int i, p, iReader;
+ int iList[16];
+
+ int t = 0;
+
+ printf("\nMUSCLE PC/SC Lite Test Program\n\n");
+
+doInit:
+ printf("Testing SCardEstablishContext : ");
+ rv = SCardEstablishContext(SCARD_SCOPE_SYSTEM, NULL, NULL, &hContext);
+
+ printf("%s\n", pcsc_stringify_error(rv));
+
+ if (rv != SCARD_S_SUCCESS)
+ {
+ return -1;
+ }
+
+ printf("Testing SCardGetStatusChange \n");
+ printf("Please insert a working reader : ");
+ rv = SCardGetStatusChange(hContext, INFINITE, 0, 0);
+
+ printf("%s\n", pcsc_stringify_error(rv));
+
+ if (rv != SCARD_S_SUCCESS)
+ {
+ SCardReleaseContext(hContext);
+ return -1;
+ }
+
+ printf("Testing SCardListReaders : ");
+
+ mszGroups = 0;
+ rv = SCardListReaders(hContext, mszGroups, 0, &dwReaders);
+
+ printf("%s\n", pcsc_stringify_error(rv));
+
+ if (rv != SCARD_S_SUCCESS)
+ {
+ SCardReleaseContext(hContext);
+ return -1;
+ }
+
+ mszReaders = (char *) malloc(sizeof(char) * dwReaders);
+ rv = SCardListReaders(hContext, mszGroups, mszReaders, &dwReaders);
+
+ if (rv != SCARD_S_SUCCESS)
+ {
+ SCardReleaseContext(hContext);
+ return -1;
+ }
+
+ /*
+ * Have to understand the multi-string here
+ */
+ p = 0;
+ for (i = 0; i < dwReaders - 1; i++)
+ {
+ ++p;
+ printf("Reader %02d: %s\n", p, &mszReaders[i]);
+ iList[p] = i;
+ while (mszReaders[++i] != 0) ;
+ }
+
+#ifdef REPEAT_TEST
+ if (t == 0)
+ {
+#endif
+
+ do
+ {
+ /* scanf doesn't provide a friendly way to 'throw away' the garbage input
+ * so we grab a line and then try to parse it */
+ size_t iScanLength;
+ char *sLine;
+ printf("Enter the reader number : ");
+ sLine = fgetln(stdin, &iScanLength);
+ if(sLine == NULL) /* EOF */
+ return 0;
+ /* Null terminate by replacing \n w/ \0*/
+ sLine[iScanLength - 1] = '\0';
+ iReader = atoi(sLine);
+ /* Since 0 is invalid input, no need to test errno */
+ if(iReader > p || iReader <= 0) {
+ printf("Invalid Value - try again\n");
+ }
+ }
+ while (iReader > p || iReader <= 0);
+
+#ifdef REPEAT_TEST
+ t = 1;
+ }
+#endif
+
+ rgReaderStates[0].szReader = &mszReaders[iList[iReader]];
+ rgReaderStates[0].dwCurrentState = SCARD_STATE_EMPTY;
+
+ printf("Waiting for card insertion \n");
+ rv = SCardGetStatusChange(hContext, INFINITE, rgReaderStates, 1);
+
+ printf(" : %s\n",
+ pcsc_stringify_error(rv));
+
+ if (rv != SCARD_S_SUCCESS)
+ {
+ SCardReleaseContext(hContext);
+ return -1;
+ }
+
+// printf(" context handle: %d [0x%08X]\n", hContext, hContext);
+ printf("Testing SCardConnect : ");
+ rv = SCardConnect(hContext, &mszReaders[iList[iReader]],
+ SCARD_SHARE_SHARED, SCARD_PROTOCOL_T0 | SCARD_PROTOCOL_T1,
+ &hCard, &dwPref);
+
+ printf("%s\n", pcsc_stringify_error(rv));
+
+ if (rv != SCARD_S_SUCCESS)
+ {
+ SCardReleaseContext(hContext);
+ return -1;
+ }
+
+ printf("Testing SCardStatus : ");
+
+ dwReaderLen = MAX_READERNAME;
+ pcReaders = (char *) malloc(sizeof(char) * MAX_READERNAME);
+ dwAtrLen = MAX_ATR_SIZE;
+
+ rv = SCardStatus(hCard, pcReaders, &dwReaderLen, &dwState, &dwProt,
+ pbAtr, &dwAtrLen);
+
+ printf("%s\n", pcsc_stringify_error(rv));
+
+ printf("Current Reader Name : %s\n", pcReaders);
+ printf("Current Reader State : 0x%X\n", dwState);
+ printf("Current Reader Protocol : 0x%X\n", dwProt - 1);
+ printf("Current Reader ATR Size : %d (0x%x)\n", dwAtrLen, dwAtrLen);
+ printf("Current Reader ATR Value : ");
+
+ for (i = 0; i < dwAtrLen; i++)
+ {
+ printf("%02X ", pbAtr[i]);
+ }
+ printf("\n");
+
+ if (rv != SCARD_S_SUCCESS)
+ {
+ SCardDisconnect(hCard, SCARD_RESET_CARD);
+ SCardReleaseContext(hContext);
+ }
+
+ printf("Testing SCardDisconnect : ");
+ rv = SCardDisconnect(hCard, SCARD_UNPOWER_CARD);
+
+ printf("%s\n", pcsc_stringify_error(rv));
+
+ if (rv != SCARD_S_SUCCESS)
+ {
+ SCardReleaseContext(hContext);
+ return -1;
+ }
+
+ printf("Testing SCardReleaseContext : ");
+ rv = SCardReleaseContext(hContext);
+
+ printf("%s\n", pcsc_stringify_error(rv));
+
+ if (rv != SCARD_S_SUCCESS)
+ {
+ return -1;
+ }
+ if(t == 0) {
+ t = 1;
+ goto doInit;
+ }
+
+ printf("\n");
+ printf("PC/SC Test Completed Successfully !\n");
+
+ return 0;
+}
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/thread_generic.h
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/thread_generic.h (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/thread_generic.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,73 @@
+/*
+ * Copyright (c) 2000-2002 Apple Computer, Inc. All Rights Reserved.
+ * The contents of this file constitute Original Code as defined in and are
+ * subject to the Apple Public Source License Version 1.2 (the 'License').
+ * You may not use this file except in compliance with the License. Please
+ * obtain a copy of the License at http://www.apple.com/publicsource and
+ * read it before using this file.
+ *
+ * This Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS
+ * FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please
+ * see the License for the specific language governing rights and
+ * limitations under the License.
+ */
+
+/******************************************************************
+
+ MUSCLE SmartCard Development ( http://www.linuxnet.com )
+ Title : thread_generic.h
+ Package: pcsc lite
+ Author : David Corcoran
+ Date : 3/24/00
+ License: Copyright (C) 2000 David Corcoran
+ <corcoran at linuxnet.com>
+ Purpose: This provides system specific thread calls.
+
+********************************************************************/
+
+#ifndef __thread_generic_h__
+#define __thread_generic_h__
+
+#include <pthread.h>
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+
+#ifdef WIN32
+#define PCSCLITE_THREAD_T HANDLE
+#define PCSCLITE_MUTEX CRITICAL_SECTION
+#define PCSCLITE_MUTEX_T CRITICAL_SECTION*
+#define PCSCLITE_THREAD_FUNCTION(f) void *(*f)(void *)
+#else
+#define PCSCLITE_THREAD_T pthread_t
+#define PCSCLITE_MUTEX pthread_mutex_t
+#define PCSCLITE_MUTEX_T pthread_mutex_t*
+#define PCSCLITE_THREAD_FUNCTION(f) void *(*f)(void *)
+#endif
+
+/* thread attributes */
+#define THREAD_ATTR_DEFAULT 0
+#define THREAD_ATTR_DETACHED 1
+
+ int SYS_MutexInit(PCSCLITE_MUTEX_T);
+ int SYS_MutexDestroy(PCSCLITE_MUTEX_T);
+ int SYS_MutexLock(PCSCLITE_MUTEX_T);
+ int SYS_MutexUnLock(PCSCLITE_MUTEX_T);
+ int SYS_ThreadCreate(PCSCLITE_THREAD_T *, int, PCSCLITE_THREAD_FUNCTION( ), LPVOID);
+ int SYS_ThreadCancel(PCSCLITE_THREAD_T *);
+ int SYS_ThreadDetach(PCSCLITE_THREAD_T);
+ int SYS_ThreadJoin(PCSCLITE_THREAD_T *, LPVOID*);
+ int SYS_ThreadExit(LPVOID);
+ PCSCLITE_THREAD_T SYS_ThreadSelf(void);
+ int SYS_ThreadEqual(PCSCLITE_THREAD_T *, PCSCLITE_THREAD_T *);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __thread_generic_h__ */
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/thread_macosx.c
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/thread_macosx.c (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/thread_macosx.c 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,134 @@
+/*
+ * Copyright (c) 2000-2002 Apple Computer, Inc. All Rights Reserved.
+ * The contents of this file constitute Original Code as defined in and are
+ * subject to the Apple Public Source License Version 1.2 (the 'License').
+ * You may not use this file except in compliance with the License. Please
+ * obtain a copy of the License at http://www.apple.com/publicsource and
+ * read it before using this file.
+ *
+ * This Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS
+ * FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please
+ * see the License for the specific language governing rights and
+ * limitations under the License.
+ */
+
+/******************************************************************
+
+ MUSCLE SmartCard Development ( http://www.linuxnet.com )
+ Title : thread_macosx.c
+ Package: pcsc lite
+ Author : David Corcoran
+ Date : 7/6/00
+ License: Copyright (C) 2000 David Corcoran
+ <corcoran at linuxnet.com>
+ Purpose: This handles thread function abstraction.
+
+********************************************************************/
+
+#include "config.h"
+#include "wintypes.h"
+#include "pcsclite.h"
+#include "thread_generic.h"
+
+#define PCSC_MUTEX_LOCKED 1
+#define PCSC_MUTEX_UNLOCKED 0
+
+int SYS_MutexInit(PCSCLITE_MUTEX_T mMutex)
+{
+ int retval;
+ retval = pthread_mutex_init(mMutex, NULL);
+ return retval;
+}
+
+int SYS_MutexDestroy(PCSCLITE_MUTEX_T mMutex)
+{
+ int retval;
+ retval = pthread_mutex_destroy(mMutex);
+ return retval;
+}
+
+int SYS_MutexLock(PCSCLITE_MUTEX_T mMutex)
+{
+ int retval;
+ retval = pthread_mutex_lock(mMutex);
+ return retval;
+}
+
+int SYS_MutexUnLock(PCSCLITE_MUTEX_T mMutex)
+{
+ int retval;
+ retval = pthread_mutex_unlock(mMutex);
+ return retval;
+}
+
+int SYS_ThreadCreate(PCSCLITE_THREAD_T * pthThread, int attributes,
+ PCSCLITE_THREAD_FUNCTION(pvFunction), LPVOID pvArg)
+{
+ pthread_attr_t attr;
+ int rx;
+
+ if (0 != pthread_attr_init(&attr))
+ return 0;
+
+ if (attributes & THREAD_ATTR_DETACHED)
+ if (0 != pthread_attr_setdetachstate(&attr, PTHREAD_CREATE_DETACHED))
+ {
+ pthread_attr_destroy(&attr);
+ return 0;
+ }
+
+ rx = pthread_create(pthThread, &attr, pvFunction, pvArg);
+
+ pthread_attr_destroy(&attr);
+
+ return (0 == rx); // return 1 if success, 0 otherwise
+}
+
+int SYS_ThreadCancel(PCSCLITE_THREAD_T * pthThread)
+{
+
+ int retval;
+ retval = pthread_cancel(*pthThread);
+
+ if (retval == 0)
+ {
+ return 1;
+ } else
+ {
+ return 0;
+ }
+}
+
+int SYS_ThreadDetach(PCSCLITE_THREAD_T pthThread)
+{
+ // Returns 1 (true) if thread detached OK, 0 (false) otherwise
+ if (pthThread)
+ return (pthread_detach(pthThread) == 0); // 0 result is success
+
+ return 0;
+}
+
+int SYS_ThreadJoin(PCSCLITE_THREAD_T *pthThread, LPVOID* pvRetVal)
+{
+
+ int retval;
+ retval = pthread_join(*pthThread, pvRetVal);
+
+ if (retval == 0)
+ {
+ return 1;
+ } else
+ {
+ return 0;
+ }
+}
+
+int SYS_ThreadExit(LPVOID pvRetVal)
+{
+
+ pthread_exit(pvRetVal);
+ return 1;
+}
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/tokenfactory.c
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/tokenfactory.c (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/tokenfactory.c 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,787 @@
+/*
+ * Copyright (c) 2000-2002 Apple Computer, Inc. All Rights Reserved.
+ * The contents of this file constitute Original Code as defined in and are
+ * subject to the Apple Public Source License Version 1.2 (the 'License').
+ * You may not use this file except in compliance with the License. Please
+ * obtain a copy of the License at http://www.apple.com/publicsource and
+ * read it before using this file.
+ *
+ * This Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS
+ * FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please
+ * see the License for the specific language governing rights and
+ * limitations under the License.
+ */
+
+/******************************************************************
+
+ MUSCLE SmartCard Development ( http://www.linuxnet.com )
+ Title : tokenfactory.c
+ Package: pcsc lite
+ Author : David Corcoran
+ Date : 01/01/00
+ Purpose: This handles card abstraction attachment.
+
+ $Id: tokenfactory.c,v 1.3 2004/09/21 02:43:57 mb Exp $
+
+*******************************************************************/
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/types.h>
+
+#ifndef WIN32
+#include <dirent.h>
+#include "config.h"
+#else
+#include "../win32/win32_config.h"
+#endif
+
+#include "debuglog.h"
+#include "dyn_generic.h"
+#include "tokenfactory.h"
+
+#define MSC_MANUMSC_KEY_NAME "spVendorName"
+#define MSC_PRODMSC_KEY_NAME "spProductName"
+#define MSC_ATRMSC_KEY_NAME "spAtrValue"
+#define MSC_LIBRMSC_KEY_NAME "CFBundleExecutable"
+#define MSC_DEFAULTAPP_NAME "spDefaultApplication"
+
+extern int LTPBundleFindValueWithKey(char *, char *, char *, int);
+
+int atrToString(MSCPUChar8 Atr, MSCULong32 Length, char *outAtr)
+{
+
+ int i;
+ int j;
+
+ j = 0;
+
+ for (i = 0; i < Length; i++)
+ {
+ if ((Atr[i] / 16) > 9)
+ {
+ outAtr[j] = ((Atr[i] / 16) - 10) + 'A';
+ } else
+ {
+ outAtr[j] = (Atr[i] / 16) + '0';
+ }
+
+ j += 1;
+
+ if ((Atr[i] % 16) > 9)
+ {
+ outAtr[j] = ((Atr[i] % 16) - 10) + 'A';
+ } else
+ {
+ outAtr[j] = (Atr[i] % 16) + '0';
+ }
+
+ j += 1;
+
+ }
+
+ outAtr[j] = 0; /* Add the NULL */
+
+ return 0;
+}
+
+int stringToBytes(char *inStr, MSCPUChar8 Buffer, MSCPULong32 Length)
+{
+
+ int i;
+ int j;
+ int inLen;
+
+ j = 0;
+ inLen = 0;
+
+ inLen = strlen(inStr);
+
+ if (inLen > MSC_MAXSIZE_AID)
+ {
+ return -1;
+ }
+
+ for (i = 0; i < inLen; i += 2)
+ {
+ if (inStr[i] <= '9' && inStr[i] >= '0')
+ {
+ Buffer[j] = (inStr[i] - '0') * 16;
+ } else if (inStr[i] <= 'F' && inStr[i] >= 'A')
+ {
+ Buffer[j] = (inStr[i] - 'A' + 10) * 16;
+ }
+
+ if (inStr[i + 1] <= '9' && inStr[i + 1] >= '0')
+ {
+ Buffer[j] += inStr[i + 1] - '0';
+ } else if (inStr[i + 1] <= 'F' && inStr[i + 1] >= 'A')
+ {
+ Buffer[j] += inStr[i + 1] - 'A' + 10;
+ }
+
+ j += 1;
+ }
+
+ *Length = j;
+
+ return 0;
+}
+
+MSCLong32 TPSearchBundlesForAtr(MSCPUChar8 Atr, MSCULong32 Length,
+ MSCLPTokenInfo tokenInfo)
+{
+
+ MSCLong32 rv;
+
+#ifndef WIN32
+ DIR *hpDir = 0;
+ struct dirent *currFP = 0;
+#else
+ HANDLE hFind;
+ WIN32_FIND_DATA findData;
+ char findPath[200];
+#endif
+
+ char atrString[100];
+ char fullPath[200];
+ char fullLibPath[250];
+ char keyValue[200];
+ int atrIndex;
+
+ rv = 0;
+ atrIndex = 0;
+
+ atrToString(Atr, Length, atrString);
+
+#ifndef WIN32
+
+ hpDir = opendir(MSC_SVC_DROPDIR);
+
+ if (hpDir == 0)
+#else
+ sprintf(findPath, "%s\\*.bundle", MSC_SVC_DROPDIR);
+ hFind = FindFirstFile(findPath, &findData);
+
+ if (hFind == INVALID_HANDLE_VALUE)
+#endif
+ {
+ DebugLogA("Cannot open PC/SC token drivers directory.\n");
+
+ return -1;
+ }
+
+#ifndef WIN32
+ while ((currFP = readdir(hpDir)) != 0)
+ {
+ if (strstr(currFP->d_name, ".bundle") != 0)
+#else
+ do
+ {
+ if (strstr(findData.cFileName, ".bundle") != 0)
+#endif
+ {
+
+ /*
+ * The bundle exists - let's form a full path name and get the
+ * vendor and product ID's for this particular bundle
+ */
+#ifndef WIN32
+ sprintf(fullPath, "%s%s%s", MSC_SVC_DROPDIR, currFP->d_name,
+ "/Contents/Info.plist");
+#else
+ sprintf(fullPath, "%s%s%s", MSC_SVC_DROPDIR, findData.cFileName,
+ "\\Contents\\Info.plist");
+#endif
+
+ atrIndex = 0;
+
+#ifdef MSC_DEBUG
+ DebugLogB("ATR comparison: FILE: %s\n", fullPath);
+ DebugLogB("ATR comparison: Target Match: %s\n", atrString);
+#endif
+
+ while (1)
+ {
+ rv = LTPBundleFindValueWithKey(fullPath,
+ MSC_ATRMSC_KEY_NAME, keyValue, atrIndex);
+ if (rv != 0)
+ {
+ break; /* No aliases found, break out of search
+ * aliases loop */
+ }
+#ifdef MSC_DEBUG
+ DebugLogB("ATR comparison: Source: %s\n", keyValue);
+#endif
+
+ if (strcmp(keyValue, atrString) != 0)
+ {
+ /*
+ * Go back and see if there are any aliases
+ */
+ atrIndex += 1;
+ continue;
+ }
+#ifdef MSC_DEBUG
+ DebugLogB("Match found at ATR alias %d\n", atrIndex);
+#endif
+
+ /*
+ * See if this bundle has a special name for this ATR
+ */
+ rv = LTPBundleFindValueWithKey(fullPath,
+ MSC_PRODMSC_KEY_NAME, keyValue, atrIndex);
+ if (rv != 0)
+ {
+ rv = LTPBundleFindValueWithKey(fullPath,
+ MSC_PRODMSC_KEY_NAME, keyValue, 0);
+ if (rv != 0)
+ {
+ DebugLogA
+ ("Match found, failed due to no product name.\n");
+#ifndef WIN32
+ closedir(hpDir);
+#endif
+ return -1;
+ }
+ }
+#ifdef MSC_DEBUG
+ DebugLogB("Product name: %s\n", keyValue);
+#endif
+ strcpy(tokenInfo->tokenName, keyValue);
+
+ /*
+ * See if this bundle has a special driver for this card
+ */
+ rv = LTPBundleFindValueWithKey(fullPath,
+ MSC_LIBRMSC_KEY_NAME, keyValue, atrIndex);
+ if (rv != 0)
+ {
+ rv = LTPBundleFindValueWithKey(fullPath,
+ MSC_LIBRMSC_KEY_NAME, keyValue, 0);
+ if (rv != 0)
+ {
+ DebugLogA
+ ("Match found, failed due to no library path.\n");
+#ifndef WIN32
+ closedir(hpDir);
+#endif
+ return -1;
+ }
+ }
+#ifdef WIN32
+ sprintf(fullLibPath, "%s%s%s%s", MSC_SVC_DROPDIR,
+ findData.cFileName, "\\Contents\\Win32\\", keyValue);
+#else
+#ifdef MSC_TARGET_LINUX
+ sprintf(fullLibPath, "%s%s%s%s", MSC_SVC_DROPDIR,
+ currFP->d_name, "/Contents/Linux/", keyValue);
+#else
+#ifdef MSC_TARGET_OSX
+ sprintf(fullLibPath, "%s%s", MSC_SVC_DROPDIR,
+ currFP->d_name);
+
+#else
+#ifdef MSC_TARGET_BSD
+ sprintf(fullLibPath, "%s%s%s%s", MSC_SVC_DROPDIR,
+ currFP->d_name, "/Contents/BSD/", keyValue);
+
+#else
+#ifdef MSC_TARGET_SOLARIS
+ sprintf(fullLibPath, "%s%s%s%s", MSC_SVC_DROPDIR,
+ currFP->d_name, "/Contents/Solaris/", keyValue);
+
+#else
+#ifdef MSC_TARGET_HPUX
+ sprintf(fullLibPath, "%s%s%s%s", MSC_SVC_DROPDIR,
+ currFP->d_name, "/Contents/HPUX/", keyValue);
+
+#else
+#ifdef MSC_TARGET_TRU64
+ sprintf(fullLibPath, "%s%s%s%s", MSC_SVC_DROPDIR,
+ currFP->d_name, "/Contents/Tru64/", keyValue);
+
+#else
+#ifdef MSC_TARGET_CYGWIN
+ sprintf(fullLibPath, "%s%s%s%s", MSC_SVC_DROPDIR,
+ currFP->d_name, "/Contents/CygWin/", keyValue);
+#endif
+#endif
+#endif
+#endif
+#endif
+#endif
+#endif
+#endif
+
+ if (fullLibPath == NULL)
+ {
+ DebugLogA("No path to bundle library found !\n");
+ return -1;
+ }
+
+ /*
+ * Copy the library path and return successfully
+ */
+ strcpy(tokenInfo->svProvider, fullLibPath);
+
+ /*
+ * See if this bundle has a default AID
+ */
+ rv = LTPBundleFindValueWithKey(fullPath,
+ MSC_DEFAULTAPP_NAME, keyValue, atrIndex);
+ if (rv != 0)
+ {
+ rv = LTPBundleFindValueWithKey(fullPath,
+ MSC_DEFAULTAPP_NAME, keyValue, 0);
+ }
+
+ if (rv == 0)
+ {
+#ifdef MSC_DEBUG
+ DebugLogB("Default AID name: %s\n", keyValue);
+#endif
+ rv = stringToBytes(keyValue, tokenInfo->tokenApp,
+ &tokenInfo->tokenAppLen);
+ if (rv != 0)
+ {
+ DebugLogA
+ ("Match found, failed due to malformed aid string.\n");
+#ifndef WIN32
+ closedir(hpDir);
+#endif
+ return -1;
+ }
+
+ } else
+ {
+ DebugLogA("No AID specified in bundle\n");
+ tokenInfo->tokenAppLen = 0;
+ }
+
+#ifndef WIN32
+ closedir(hpDir);
+#endif
+ return 0;
+
+ } /* do ... while */
+ } /* if .bundle */
+ } /* while readdir */
+#ifdef WIN32
+ // This is part of a Do..While loop (see above)
+ while (FindNextFile(hFind, &findData) != 0);
+#endif
+
+#ifndef WIN32
+ closedir(hpDir);
+#endif
+ return -1;
+}
+
+const char *TPSvcDropdir(void)
+{
+ const char *dropDir = getenv(MSC_SVC_DROPDIR_ENV);
+ if (dropDir)
+ return dropDir;
+
+ return MSC_SVC_DROPDIR_DEFAULT;
+}
+
+MSCLong32 TPLoadToken(MSCLPTokenConnection pConnection)
+{
+
+ MSCLong32 rv;
+
+ pConnection->libPointers.pvfWriteFramework = 0;
+ pConnection->libPointers.pvfInitializePlugin = 0;
+ pConnection->libPointers.pvfFinalizePlugin = 0;
+ pConnection->libPointers.pvfGetStatus = 0;
+ pConnection->libPointers.pvfGetCapabilities = 0;
+ pConnection->libPointers.pvfExtendedFeature = 0;
+ pConnection->libPointers.pvfGenerateKeys = 0;
+ pConnection->libPointers.pvfImportKey = 0;
+ pConnection->libPointers.pvfExportKey = 0;
+ pConnection->libPointers.pvfComputeCrypt = 0;
+ pConnection->libPointers.pvfExtAuthenticate = 0;
+ pConnection->libPointers.pvfListKeys = 0;
+ pConnection->libPointers.pvfCreatePIN = 0;
+ pConnection->libPointers.pvfVerifyPIN = 0;
+ pConnection->libPointers.pvfChangePIN = 0;
+ pConnection->libPointers.pvfUnblockPIN = 0;
+ pConnection->libPointers.pvfListPINs = 0;
+ pConnection->libPointers.pvfCreateObject = 0;
+ pConnection->libPointers.pvfDeleteObject = 0;
+ pConnection->libPointers.pvfWriteObject = 0;
+ pConnection->libPointers.pvfReadObject = 0;
+ pConnection->libPointers.pvfListObjects = 0;
+ pConnection->libPointers.pvfLogoutAll = 0;
+ pConnection->libPointers.pvfGetChallenge = 0;
+
+ /*
+ * Find the Card's Library
+ */
+
+ rv = TPSearchBundlesForAtr(pConnection->tokenInfo.tokenId,
+ pConnection->tokenInfo.tokenIdLength, &pConnection->tokenInfo);
+
+ if (rv != 0)
+ {
+ DebugLogA("Error: Matching Token ATR Not Found.\n");
+ log_xxd(PCSC_LOG_INFO, "ATR : ", pConnection->tokenInfo.tokenId,
+ pConnection->tokenInfo.tokenIdLength);
+
+ return SCARD_E_CARD_UNSUPPORTED;
+ }
+
+ /*
+ * Load that library and store the handle in the SCARDCHANNEL
+ * structure
+ */
+
+ rv = DYN_LoadLibrary(&pConnection->tokenLibHandle,
+ pConnection->tokenInfo.svProvider);
+
+ if (rv != SCARD_S_SUCCESS)
+ {
+ DebugLogA("Error: Could not load service library\n");
+ DebugLogB("->> %s\n", pConnection->tokenInfo.svProvider);
+ return SCARD_E_INVALID_TARGET;
+ } else
+ {
+ DebugLogB("Loading service library %s\n",
+ pConnection->tokenInfo.svProvider);
+ }
+
+ rv = TPBindFunctions(pConnection);
+
+ return rv;
+}
+
+MSCLong32 TPUnloadToken(MSCLPTokenConnection pConnection)
+{
+
+ MSCLong32 rv;
+
+ if (pConnection->tokenLibHandle == 0)
+ {
+ return SCARD_E_INVALID_VALUE;
+ }
+
+ rv = DYN_CloseLibrary(&pConnection->tokenLibHandle);
+
+ if (rv != SCARD_S_SUCCESS)
+ {
+ return rv;
+ }
+
+ pConnection->tokenLibHandle = 0;
+ return TPUnbindFunctions(pConnection);
+}
+
+MSCLong32 TPBindFunctions(MSCLPTokenConnection pConnection)
+{
+
+ MSCLong32 rv;
+
+ if (pConnection->tokenLibHandle == 0)
+ {
+ return SCARD_E_INVALID_TARGET;
+ }
+
+ rv = DYN_GetAddress(pConnection->tokenLibHandle,
+ &pConnection->libPointers.pvfWriteFramework,
+ "PL_MSCWriteFramework");
+
+ if (rv != SCARD_S_SUCCESS)
+ {
+ pConnection->libPointers.pvfWriteFramework = 0;
+ DebugLogA("TPBindFunctions: Missing functions");
+ /*
+ * No big deal - this feature is just not supported
+ */
+ }
+
+ rv = DYN_GetAddress(pConnection->tokenLibHandle,
+ &pConnection->libPointers.pvfIdentifyToken, "PL_MSCIdentifyToken");
+
+ if (rv != SCARD_S_SUCCESS)
+ {
+ pConnection->libPointers.pvfIdentifyToken = 0;
+ DebugLogA("TPBindFunctions: Missing functions");
+ return SCARD_F_INTERNAL_ERROR;
+ }
+
+ rv = DYN_GetAddress(pConnection->tokenLibHandle,
+ &pConnection->libPointers.pvfInitializePlugin,
+ "PL_MSCInitializePlugin");
+
+ if (rv != SCARD_S_SUCCESS)
+ {
+ pConnection->libPointers.pvfInitializePlugin = 0;
+ DebugLogA("TPBindFunctions: Missing functions");
+ return SCARD_F_INTERNAL_ERROR;
+ }
+
+ rv = DYN_GetAddress(pConnection->tokenLibHandle,
+ &pConnection->libPointers.pvfFinalizePlugin,
+ "PL_MSCFinalizePlugin");
+
+ if (rv != SCARD_S_SUCCESS)
+ {
+ pConnection->libPointers.pvfFinalizePlugin = 0;
+ DebugLogA("TPBindFunctions: Missing functions");
+ return SCARD_F_INTERNAL_ERROR;
+ }
+
+ rv = DYN_GetAddress(pConnection->tokenLibHandle,
+ &pConnection->libPointers.pvfGetStatus, "PL_MSCGetStatus");
+
+ if (rv != SCARD_S_SUCCESS)
+ {
+ pConnection->libPointers.pvfGetStatus = 0;
+ DebugLogA("TPBindFunctions: Missing functions");
+ return SCARD_F_INTERNAL_ERROR;
+ }
+
+ rv = DYN_GetAddress(pConnection->tokenLibHandle,
+ &pConnection->libPointers.pvfGetCapabilities,
+ "PL_MSCGetCapabilities");
+
+ if (rv != SCARD_S_SUCCESS)
+ {
+ pConnection->libPointers.pvfGetCapabilities = 0;
+ DebugLogA("TPBindFunctions: Missing functions");
+ return SCARD_F_INTERNAL_ERROR;
+ }
+
+ rv = DYN_GetAddress(pConnection->tokenLibHandle,
+ &pConnection->libPointers.pvfExtendedFeature,
+ "PL_MSCExtendedFeature");
+
+ if (rv != SCARD_S_SUCCESS)
+ {
+ pConnection->libPointers.pvfExtendedFeature = 0;
+ DebugLogA("TPBindFunctions: Missing functions");
+ /*
+ * No big deal - there are no extended features
+ */
+ }
+
+ rv = DYN_GetAddress(pConnection->tokenLibHandle,
+ &pConnection->libPointers.pvfGenerateKeys, "PL_MSCGenerateKeys");
+
+ if (rv != SCARD_S_SUCCESS)
+ {
+ pConnection->libPointers.pvfGenerateKeys = 0;
+ DebugLogA("TPBindFunctions: Missing functions");
+ return SCARD_F_INTERNAL_ERROR;
+ }
+
+ rv = DYN_GetAddress(pConnection->tokenLibHandle,
+ &pConnection->libPointers.pvfImportKey, "PL_MSCImportKey");
+
+ if (rv != SCARD_S_SUCCESS)
+ {
+ pConnection->libPointers.pvfImportKey = 0;
+ DebugLogA("TPBindFunctions: Missing functions");
+ return SCARD_F_INTERNAL_ERROR;
+ }
+
+ rv = DYN_GetAddress(pConnection->tokenLibHandle,
+ &pConnection->libPointers.pvfExportKey, "PL_MSCExportKey");
+
+ if (rv != SCARD_S_SUCCESS)
+ {
+ pConnection->libPointers.pvfExportKey = 0;
+ DebugLogA("TPBindFunctions: Missing functions");
+ return SCARD_F_INTERNAL_ERROR;
+ }
+
+ rv = DYN_GetAddress(pConnection->tokenLibHandle,
+ &pConnection->libPointers.pvfComputeCrypt, "PL_MSCComputeCrypt");
+
+ if (rv != SCARD_S_SUCCESS)
+ {
+ pConnection->libPointers.pvfComputeCrypt = 0;
+ DebugLogA("TPBindFunctions: Missing functions");
+ return SCARD_F_INTERNAL_ERROR;
+ }
+
+ rv = DYN_GetAddress(pConnection->tokenLibHandle,
+ &pConnection->libPointers.pvfExtAuthenticate,
+ "PL_MSCExtAuthenticate");
+
+ if (rv != SCARD_S_SUCCESS)
+ {
+ pConnection->libPointers.pvfExtAuthenticate = 0;
+ DebugLogA("TPBindFunctions: Missing functions");
+ return SCARD_F_INTERNAL_ERROR;
+ }
+
+ rv = DYN_GetAddress(pConnection->tokenLibHandle,
+ &pConnection->libPointers.pvfListKeys, "PL_MSCListKeys");
+
+ if (rv != SCARD_S_SUCCESS)
+ {
+ pConnection->libPointers.pvfListKeys = 0;
+ DebugLogA("TPBindFunctions: Missing functions");
+ return SCARD_F_INTERNAL_ERROR;
+ }
+
+ rv = DYN_GetAddress(pConnection->tokenLibHandle,
+ &pConnection->libPointers.pvfCreatePIN, "PL_MSCCreatePIN");
+
+ if (rv != SCARD_S_SUCCESS)
+ {
+ pConnection->libPointers.pvfCreatePIN = 0;
+ DebugLogA("TPBindFunctions: Missing functions");
+ return SCARD_F_INTERNAL_ERROR;
+ }
+
+ rv = DYN_GetAddress(pConnection->tokenLibHandle,
+ &pConnection->libPointers.pvfVerifyPIN, "PL_MSCVerifyPIN");
+
+ if (rv != SCARD_S_SUCCESS)
+ {
+ pConnection->libPointers.pvfVerifyPIN = 0;
+ DebugLogA("TPBindFunctions: Missing functions");
+ return SCARD_F_INTERNAL_ERROR;
+ }
+
+ rv = DYN_GetAddress(pConnection->tokenLibHandle,
+ &pConnection->libPointers.pvfChangePIN, "PL_MSCChangePIN");
+
+ if (rv != SCARD_S_SUCCESS)
+ {
+ pConnection->libPointers.pvfChangePIN = 0;
+ DebugLogA("TPBindFunctions: Missing functions");
+ return SCARD_F_INTERNAL_ERROR;
+ }
+
+ rv = DYN_GetAddress(pConnection->tokenLibHandle,
+ &pConnection->libPointers.pvfUnblockPIN, "PL_MSCUnblockPIN");
+
+ if (rv != SCARD_S_SUCCESS)
+ {
+ pConnection->libPointers.pvfUnblockPIN = 0;
+ DebugLogA("TPBindFunctions: Missing functions");
+ return SCARD_F_INTERNAL_ERROR;
+ }
+
+ rv = DYN_GetAddress(pConnection->tokenLibHandle,
+ &pConnection->libPointers.pvfListPINs, "PL_MSCListPINs");
+
+ if (rv != SCARD_S_SUCCESS)
+ {
+ pConnection->libPointers.pvfListPINs = 0;
+ DebugLogA("TPBindFunctions: Missing functions");
+ return SCARD_F_INTERNAL_ERROR;
+ }
+
+ rv = DYN_GetAddress(pConnection->tokenLibHandle,
+ &pConnection->libPointers.pvfCreateObject, "PL_MSCCreateObject");
+
+ if (rv != SCARD_S_SUCCESS)
+ {
+ pConnection->libPointers.pvfCreateObject = 0;
+ DebugLogA("TPBindFunctions: Missing functions");
+ return SCARD_F_INTERNAL_ERROR;
+ }
+
+ rv = DYN_GetAddress(pConnection->tokenLibHandle,
+ &pConnection->libPointers.pvfDeleteObject, "PL_MSCDeleteObject");
+
+ if (rv != SCARD_S_SUCCESS)
+ {
+ pConnection->libPointers.pvfDeleteObject = 0;
+ DebugLogA("TPBindFunctions: Missing functions");
+ return SCARD_F_INTERNAL_ERROR;
+ }
+
+ rv = DYN_GetAddress(pConnection->tokenLibHandle,
+ &pConnection->libPointers.pvfWriteObject, "PL_MSCWriteObject");
+
+ if (rv != SCARD_S_SUCCESS)
+ {
+ pConnection->libPointers.pvfWriteObject = 0;
+ DebugLogA("TPBindFunctions: Missing functions");
+ return SCARD_F_INTERNAL_ERROR;
+ }
+
+ rv = DYN_GetAddress(pConnection->tokenLibHandle,
+ &pConnection->libPointers.pvfReadObject, "PL_MSCReadObject");
+
+ if (rv != SCARD_S_SUCCESS)
+ {
+ pConnection->libPointers.pvfReadObject = 0;
+ DebugLogA("TPBindFunctions: Missing functions");
+ return SCARD_F_INTERNAL_ERROR;
+ }
+
+ rv = DYN_GetAddress(pConnection->tokenLibHandle,
+ &pConnection->libPointers.pvfListObjects, "PL_MSCListObjects");
+
+ if (rv != SCARD_S_SUCCESS)
+ {
+ pConnection->libPointers.pvfListObjects = 0;
+ DebugLogA("TPBindFunctions: Missing functions");
+ return SCARD_F_INTERNAL_ERROR;
+ }
+
+ rv = DYN_GetAddress(pConnection->tokenLibHandle,
+ &pConnection->libPointers.pvfLogoutAll, "PL_MSCLogoutAll");
+
+ if (rv != SCARD_S_SUCCESS)
+ {
+ pConnection->libPointers.pvfLogoutAll = 0;
+ DebugLogA("TPBindFunctions: Missing functions");
+ return SCARD_F_INTERNAL_ERROR;
+ }
+
+ rv = DYN_GetAddress(pConnection->tokenLibHandle,
+ &pConnection->libPointers.pvfGetChallenge, "PL_MSCGetChallenge");
+
+ if (rv != SCARD_S_SUCCESS)
+ {
+ pConnection->libPointers.pvfGetChallenge = 0;
+ DebugLogA("TPBindFunctions: Missing functions");
+ return SCARD_F_INTERNAL_ERROR;
+ }
+
+ return SCARD_S_SUCCESS;
+}
+
+MSCLong32 TPUnbindFunctions(MSCLPTokenConnection pConnection)
+{
+
+ pConnection->libPointers.pvfWriteFramework = 0;
+ pConnection->libPointers.pvfInitializePlugin = 0;
+ pConnection->libPointers.pvfFinalizePlugin = 0;
+ pConnection->libPointers.pvfGetStatus = 0;
+ pConnection->libPointers.pvfGetCapabilities = 0;
+ pConnection->libPointers.pvfExtendedFeature = 0;
+ pConnection->libPointers.pvfGenerateKeys = 0;
+ pConnection->libPointers.pvfImportKey = 0;
+ pConnection->libPointers.pvfExportKey = 0;
+ pConnection->libPointers.pvfComputeCrypt = 0;
+ pConnection->libPointers.pvfExtAuthenticate = 0;
+ pConnection->libPointers.pvfListKeys = 0;
+ pConnection->libPointers.pvfCreatePIN = 0;
+ pConnection->libPointers.pvfVerifyPIN = 0;
+ pConnection->libPointers.pvfChangePIN = 0;
+ pConnection->libPointers.pvfUnblockPIN = 0;
+ pConnection->libPointers.pvfListPINs = 0;
+ pConnection->libPointers.pvfCreateObject = 0;
+ pConnection->libPointers.pvfDeleteObject = 0;
+ pConnection->libPointers.pvfWriteObject = 0;
+ pConnection->libPointers.pvfReadObject = 0;
+ pConnection->libPointers.pvfListObjects = 0;
+ pConnection->libPointers.pvfLogoutAll = 0;
+ pConnection->libPointers.pvfGetChallenge = 0;
+
+ return SCARD_S_SUCCESS;
+}
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/tokenfactory.h
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/tokenfactory.h (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/tokenfactory.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,61 @@
+/*
+ * Copyright (c) 2000-2002 Apple Computer, Inc. All Rights Reserved.
+ * The contents of this file constitute Original Code as defined in and are
+ * subject to the Apple Public Source License Version 1.2 (the 'License').
+ * You may not use this file except in compliance with the License. Please
+ * obtain a copy of the License at http://www.apple.com/publicsource and
+ * read it before using this file.
+ *
+ * This Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS
+ * FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please
+ * see the License for the specific language governing rights and
+ * limitations under the License.
+ */
+
+/******************************************************************
+
+ MUSCLE SmartCard Development ( http://www.linuxnet.com )
+ Title : tokenfactory.h
+ Package: pcsc-lite
+ Author : David Corcoran
+ Date : 01/01/00
+ Purpose: This handles card abstraction attachment.
+
+********************************************************************/
+
+#ifndef __cardfactory_h__
+#define __cardfactory_h__
+
+#include "mscdefines.h"
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+
+#ifndef WIN32
+#ifndef MSC_SVC_DROPDIR
+#define MSC_SVC_DROPDIR TPSvcDropdir()
+#define MSC_SVC_DROPDIR_DEFAULT "/usr/libexec/SmartCardServices/services/"
+#define MSC_SVC_DROPDIR_ENV "MSC_SVC_DROPDIR"
+#endif
+#else
+#define MSC_SVC_DROPDIR "C:\\Program Files\\Muscle\\Services\\"
+#endif
+
+ const char *TPSvcDropdir(void);
+ MSCLong32 TPLoadToken(MSCLPTokenConnection);
+ MSCLong32 TPUnloadToken(MSCLPTokenConnection);
+ MSCLong32 TPBindFunctions(MSCLPTokenConnection);
+ MSCLong32 TPUnbindFunctions(MSCLPTokenConnection);
+ MSCLong32 TPSearchBundlesForAtr(MSCPUChar8 Atr, MSCULong32 Length,
+ MSCLPTokenInfo tokenInfo);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* __cardfactory_h__ */
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/tokenparser.c
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/tokenparser.c (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/tokenparser.c 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,1775 @@
+/*
+ * Copyright (c) 2000-2002 Apple Computer, Inc. All Rights Reserved.
+ * The contents of this file constitute Original Code as defined in and are
+ * subject to the Apple Public Source License Version 1.2 (the 'License').
+ * You may not use this file except in compliance with the License. Please
+ * obtain a copy of the License at http://www.apple.com/publicsource and
+ * read it before using this file.
+ *
+ * This Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS
+ * FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please
+ * see the License for the specific language governing rights and
+ * limitations under the License.
+ */
+
+#ifdef WIN32
+#include <malloc.h>
+#include <stdlib.h>
+#endif
+
+#define yy_create_buffer tp_create_buffer
+#define yy_delete_buffer tp_delete_buffer
+#define yy_scan_buffer tp_scan_buffer
+#define yy_scan_string tp_scan_string
+#define yy_scan_bytes tp_scan_bytes
+#define yy_flex_debug tp_flex_debug
+#define yy_init_buffer tp_init_buffer
+#define yy_flush_buffer tp_flush_buffer
+#define yy_load_buffer_state tp_load_buffer_state
+#define yy_switch_to_buffer tp_switch_to_buffer
+#define yyin tpin
+#define yyleng tpleng
+#define yylex tplex
+#define yyout tpout
+#define yyrestart tprestart
+#define yytext tptext
+#define yywrap tpwrap
+
+/*
+ * A lexical scanner generated by flex
+ */
+
+/*
+ * Scanner skeleton version: $Header:
+ * /home/cvsroot/muscle/PCSC/src/tokenparser.c,v 1.2 2002/03/30 20:59:07
+ * corcoran Exp $
+ */
+
+#define FLEX_SCANNER
+#define YY_FLEX_MAJOR_VERSION 2
+#define YY_FLEX_MINOR_VERSION 5
+
+#include <stdio.h>
+
+/*
+ * cfront 1.2 defines "c_plusplus" instead of "__cplusplus"
+ */
+#ifdef c_plusplus
+#ifndef __cplusplus
+#define __cplusplus
+#endif
+#endif
+
+#ifdef __cplusplus
+
+#include <stdlib.h>
+#include <unistd.h>
+
+/*
+ * Use prototypes in function declarations.
+ */
+#define YY_USE_PROTOS
+
+/*
+ * The "const" storage-class-modifier is valid.
+ */
+#define YY_USE_CONST
+
+#else /* ! __cplusplus */
+
+#if __STDC__
+
+#define YY_USE_PROTOS
+#define YY_USE_CONST
+
+#endif /* __STDC__ */
+#endif /* ! __cplusplus */
+
+#ifdef __TURBOC__
+#pragma warn -rch
+#pragma warn -use
+#include <io.h>
+#include <stdlib.h>
+#define YY_USE_CONST
+#define YY_USE_PROTOS
+#endif
+
+#ifdef YY_USE_CONST
+#define yyconst const
+#else
+#define yyconst
+#endif
+
+#ifdef YY_USE_PROTOS
+#define YY_PROTO(proto) proto
+#else
+#define YY_PROTO(proto) ()
+#endif
+
+/*
+ * Returned upon end-of-file.
+ */
+#define YY_NULL 0
+
+/*
+ * Promotes a possibly negative, possibly signed char to an unsigned
+ * integer for use as an array index. If the signed char is negative, we
+ * want to instead treat it as an 8-bit unsigned char, hence the double
+ * cast.
+ */
+#define YY_SC_TO_UI(c) ((unsigned int) (unsigned char) c)
+
+/*
+ * Enter a start condition. This macro really ought to take a parameter,
+ * but we do it the disgusting crufty way forced on us by the ()-less
+ * definition of BEGIN.
+ */
+#define BEGIN yy_start = 1 + 2 *
+
+/*
+ * Translate the current start state into a value that can be later handed
+ * to BEGIN to return to the state. The YYSTATE alias is for lex
+ * compatibility.
+ */
+#define YY_START ((yy_start - 1) / 2)
+#define YYSTATE YY_START
+
+/*
+ * Action number for EOF rule of a given start state.
+ */
+#define YY_STATE_EOF(state) (YY_END_OF_BUFFER + state + 1)
+
+/*
+ * Special action meaning "start processing a new file".
+ */
+#define YY_NEW_FILE yyrestart( yyin )
+
+#define YY_END_OF_BUFFER_CHAR 0
+
+/*
+ * Size of default input buffer.
+ */
+#define YY_BUF_SIZE 16384
+
+typedef struct yy_buffer_state *YY_BUFFER_STATE;
+
+extern int yyleng;
+extern FILE *yyin, *yyout;
+
+#define EOB_ACT_CONTINUE_SCAN 0
+#define EOB_ACT_END_OF_FILE 1
+#define EOB_ACT_LAST_MATCH 2
+
+/*
+ * The funky do-while in the following #define is used to turn the
+ * definition int a single C statement (which needs a semi-colon
+ * terminator). This avoids problems with code like: if (
+ * condition_holds ) yyless( 5 ); else do_something_else(); Prior to
+ * using the do-while the compiler would get upset at the "else" because
+ * it interpreted the "if" statement as being all done when it reached the
+ * ';' after the yyless() call.
+ */
+
+/*
+ * Return all but the first 'n' matched characters back to the input
+ * stream.
+ */
+
+#define yyless(n) \
+ do \
+ { \
+ /* Undo effects of setting up yytext. */ \
+ *yy_cp = yy_hold_char; \
+ YY_RESTORE_YY_MORE_OFFSET \
+ yy_c_buf_p = yy_cp = yy_bp + n - YY_MORE_ADJ; \
+ YY_DO_BEFORE_ACTION; /* set up yytext again */ \
+ } \
+ while ( 0 )
+
+#define unput(c) yyunput( c, yytext_ptr )
+
+/*
+ * The following is because we cannot portably get our hands on size_t
+ * (without autoconf's help, which isn't available because we want
+ * flex-generated scanners to compile on their own).
+ */
+typedef unsigned int yy_size_t;
+
+struct yy_buffer_state
+{
+ FILE *yy_input_file;
+
+ char *yy_ch_buf; /* input buffer */
+ char *yy_buf_pos; /* current position in input buffer */
+
+ /*
+ * Size of input buffer in bytes, not including room for EOB
+ * characters.
+ */
+ yy_size_t yy_buf_size;
+
+ /*
+ * Number of characters read into yy_ch_buf, not including EOB
+ * characters.
+ */
+ int yy_n_chars;
+
+ /*
+ * Whether we "own" the buffer - i.e., we know we created it, and can
+ * realloc() it to grow it, and should free() it to delete it.
+ */
+ int yy_is_our_buffer;
+
+ /*
+ * Whether this is an "interactive" input source; if so, and if we're
+ * using stdio for input, then we want to use getc() instead of
+ * fread(), to make sure we stop fetching input after each newline.
+ */
+ int yy_is_interactive;
+
+ /*
+ * Whether we're considered to be at the beginning of a line. If so,
+ * '^' rules will be active on the next match, otherwise not.
+ */
+ int yy_at_bol;
+
+ /*
+ * Whether to try to fill the input buffer when we reach the end of
+ * it.
+ */
+ int yy_fill_buffer;
+
+ int yy_buffer_status;
+#define YY_BUFFER_NEW 0
+#define YY_BUFFER_NORMAL 1
+ /*
+ * When an EOF's been seen but there's still some text to process then
+ * we mark the buffer as YY_EOF_PENDING, to indicate that we shouldn't
+ * try reading from the input source any more. We might still have a
+ * bunch of tokens to match, though, because of possible backing-up.
+ * When we actually see the EOF, we change the status to "new" (via
+ * yyrestart()), so that the user can continue scanning by just
+ * pointing yyin at a new input file.
+ */
+#define YY_BUFFER_EOF_PENDING 2
+};
+
+static YY_BUFFER_STATE yy_current_buffer = 0;
+
+/*
+ * We provide macros for accessing buffer states in case in the future we
+ * want to put the buffer states in a more general "scanner state".
+ */
+#define YY_CURRENT_BUFFER yy_current_buffer
+
+/*
+ * yy_hold_char holds the character lost when yytext is formed.
+ */
+static char yy_hold_char;
+
+static int yy_n_chars; /* number of characters read into
+ * yy_ch_buf */
+
+int yyleng;
+
+/*
+ * Points to current character in buffer.
+ */
+static char *yy_c_buf_p = (char *) 0;
+static int yy_init = 1; /* whether we need to initialize */
+static int yy_start = 0; /* start state number */
+
+/*
+ * Flag which is used to allow yywrap()'s to do buffer switches instead of
+ * setting up a fresh yyin. A bit of a hack ...
+ */
+static int yy_did_buffer_switch_on_eof;
+
+void yyrestart YY_PROTO((FILE * input_file));
+
+void yy_switch_to_buffer YY_PROTO((YY_BUFFER_STATE new_buffer));
+void yy_load_buffer_state YY_PROTO((void));
+YY_BUFFER_STATE yy_create_buffer YY_PROTO((FILE * file, int size));
+void yy_delete_buffer YY_PROTO((YY_BUFFER_STATE b));
+void yy_init_buffer YY_PROTO((YY_BUFFER_STATE b, FILE * file));
+void yy_flush_buffer YY_PROTO((YY_BUFFER_STATE b));
+#define YY_FLUSH_BUFFER yy_flush_buffer( yy_current_buffer )
+
+YY_BUFFER_STATE yy_scan_buffer YY_PROTO((char *base, yy_size_t size));
+YY_BUFFER_STATE yy_scan_string YY_PROTO((yyconst char *yy_str));
+YY_BUFFER_STATE yy_scan_bytes YY_PROTO((yyconst char *bytes, int len));
+
+static void *yy_flex_alloc YY_PROTO((yy_size_t));
+static void *yy_flex_realloc YY_PROTO((void *, yy_size_t));
+static void yy_flex_free YY_PROTO((void *));
+
+#define yy_new_buffer yy_create_buffer
+
+#define yy_set_interactive(is_interactive) \
+ { \
+ if ( ! yy_current_buffer ) \
+ yy_current_buffer = yy_create_buffer( yyin, YY_BUF_SIZE ); \
+ yy_current_buffer->yy_is_interactive = is_interactive; \
+ }
+
+#define yy_set_bol(at_bol) \
+ { \
+ if ( ! yy_current_buffer ) \
+ yy_current_buffer = yy_create_buffer( yyin, YY_BUF_SIZE ); \
+ yy_current_buffer->yy_at_bol = at_bol; \
+ }
+
+#define YY_AT_BOL() (yy_current_buffer->yy_at_bol)
+
+typedef unsigned char YY_CHAR;
+FILE *yyin = (FILE *) 0, *yyout = (FILE *) 0;
+typedef int yy_state_type;
+extern char *yytext;
+#define yytext_ptr yytext
+
+static yy_state_type yy_get_previous_state YY_PROTO((void));
+static yy_state_type yy_try_NUL_trans YY_PROTO((yy_state_type
+ current_state));
+static int yy_get_next_buffer YY_PROTO((void));
+static void yy_fatal_error YY_PROTO((yyconst char msg[]));
+
+/*
+ * Done after the current pattern has been matched and before the
+ * corresponding action - sets up yytext.
+ */
+#define YY_DO_BEFORE_ACTION \
+ yytext_ptr = yy_bp; \
+ yyleng = (int) (yy_cp - yy_bp); \
+ yy_hold_char = *yy_cp; \
+ *yy_cp = '\0'; \
+ yy_c_buf_p = yy_cp;
+
+#define YY_NUM_RULES 7
+#define YY_END_OF_BUFFER 8
+static yyconst short int yy_accept[39] = { 0,
+ 0, 0, 8, 6, 4, 2, 1, 6, 1, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
+ 0, 0, 0, 0, 0, 0, 0, 0, 0, 3,
+ 0, 0, 0, 0, 0, 0, 5, 0
+};
+
+static yyconst int yy_ec[256] = { 0,
+ 1, 1, 1, 1, 1, 1, 1, 1, 2, 3,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 2, 4, 4, 5, 4, 4, 4, 4, 4,
+ 4, 4, 4, 4, 4, 4, 6, 7, 7, 7,
+ 7, 7, 7, 7, 7, 7, 7, 4, 1, 8,
+ 4, 9, 4, 4, 10, 10, 10, 10, 10, 10,
+ 10, 10, 10, 10, 10, 10, 10, 10, 10, 10,
+ 10, 10, 10, 10, 10, 10, 10, 10, 10, 10,
+ 1, 1, 1, 4, 4, 1, 11, 11, 11, 11,
+
+ 12, 11, 13, 11, 14, 11, 15, 11, 11, 16,
+ 11, 11, 11, 17, 18, 19, 11, 11, 11, 11,
+ 20, 11, 1, 1, 1, 4, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
+ 1, 1, 1, 1, 1
+};
+
+static yyconst int yy_meta[21] = { 0,
+ 1, 2, 3, 4, 4, 4, 2, 1, 1, 2,
+ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2
+};
+
+static yyconst short int yy_base[43] = { 0,
+ 0, 7, 49, 50, 50, 50, 0, 1, 0, 36,
+ 28, 26, 28, 35, 29, 0, 26, 33, 27, 33,
+ 29, 22, 0, 24, 27, 14, 27, 23, 13, 50,
+ 10, 9, 4, 1, 0, 2, 50, 50, 19, 23,
+ 2, 26
+};
+
+static yyconst short int yy_def[43] = { 0,
+ 39, 39, 38, 38, 38, 38, 40, 38, 40, 38,
+ 38, 38, 38, 38, 38, 41, 38, 41, 38, 38,
+ 38, 38, 42, 38, 42, 38, 38, 38, 38, 38,
+ 38, 38, 38, 38, 38, 38, 38, 0, 38, 38,
+ 38, 38
+};
+
+static yyconst short int yy_nxt[71] = { 0,
+ 38, 5, 6, 18, 7, 38, 38, 8, 5, 6,
+ 37, 7, 36, 38, 8, 10, 35, 34, 11, 4,
+ 4, 4, 4, 9, 9, 33, 9, 25, 32, 25,
+ 31, 30, 29, 28, 27, 26, 24, 23, 22, 21,
+ 20, 19, 17, 16, 15, 14, 13, 12, 38, 3,
+ 38, 38, 38, 38, 38, 38, 38, 38, 38, 38,
+ 38, 38, 38, 38, 38, 38, 38, 38, 38, 38
+};
+
+static yyconst short int yy_chk[71] = { 0,
+ 0, 1, 1, 41, 1, 0, 0, 1, 2, 2,
+ 36, 2, 35, 0, 2, 8, 34, 33, 8, 39,
+ 39, 39, 39, 40, 40, 32, 40, 42, 31, 42,
+ 29, 28, 27, 26, 25, 24, 22, 21, 20, 19,
+ 18, 17, 15, 14, 13, 12, 11, 10, 3, 38,
+ 38, 38, 38, 38, 38, 38, 38, 38, 38, 38,
+ 38, 38, 38, 38, 38, 38, 38, 38, 38, 38
+};
+
+static yy_state_type yy_last_accepting_state;
+static char *yy_last_accepting_cpos;
+
+/*
+ * The intent behind this definition is that it'll catch any uses of
+ * REJECT which flex missed.
+ */
+#define REJECT reject_used_but_not_detected
+#define yymore() yymore_used_but_not_detected
+#define YY_MORE_ADJ 0
+#define YY_RESTORE_YY_MORE_OFFSET
+char *yytext;
+#line 1 "tokenparser.l"
+#define INITIAL 0
+/*****************************************************************
+
+ File : configfile.ll
+ Author : David Corcoran
+ Date : February 12, 1999 modified 7/28/99
+ Purpose: Reads lexical config files and updates database.
+ See http://www.linuxnet.com for more information.
+ License: Copyright (C) 1999 David Corcoran
+ <corcoran at linuxnet.com>
+
+******************************************************************/
+#line 14 "tokenparser.l"
+
+void tpevalToken(char *pcToken, int tokType);
+
+static char *pcDesiredKey = 0;
+static char pcKey[200];
+static char pcValue[200];
+static char pcFinValue[200];
+static int valueIndex = 0;
+static int desiredIndex = 0;
+
+void tperrorCheck(char *pcToken_error);
+
+#line 429 "lex.tp.c"
+
+/*
+ * Macros after this point can all be overridden by user definitions in
+ * section 1.
+ */
+
+#ifndef YY_SKIP_YYWRAP
+#ifdef __cplusplus
+extern "C" int yywrap YY_PROTO((void));
+#else
+extern int yywrap YY_PROTO((void));
+#endif
+#endif
+
+#ifndef YY_NO_UNPUT
+static void yyunput YY_PROTO((int c, char *buf_ptr));
+#endif
+
+#ifndef yytext_ptr
+static void yy_flex_strncpy YY_PROTO((char *, yyconst char *, int));
+#endif
+
+#ifdef YY_NEED_STRLEN
+static int yy_flex_strlen YY_PROTO((yyconst char *));
+#endif
+
+#ifndef YY_NO_INPUT
+#ifdef __cplusplus
+static int yyinput YY_PROTO((void));
+#else
+static int input YY_PROTO((void));
+#endif
+#endif
+
+#if YY_STACK_USED
+static int yy_start_stack_ptr = 0;
+static int yy_start_stack_depth = 0;
+static int *yy_start_stack = 0;
+#ifndef YY_NO_PUSH_STATE
+static void yy_push_state YY_PROTO((int new_state));
+#endif
+#ifndef YY_NO_POP_STATE
+static void yy_pop_state YY_PROTO((void));
+#endif
+#ifndef YY_NO_TOP_STATE
+static int yy_top_state YY_PROTO((void));
+#endif
+
+#else
+#define YY_NO_PUSH_STATE 1
+#define YY_NO_POP_STATE 1
+#define YY_NO_TOP_STATE 1
+#endif
+
+#ifdef YY_MALLOC_DECL
+YY_MALLOC_DECL
+#else
+#if __STDC__
+#ifndef __cplusplus
+#include <stdlib.h>
+#endif
+#else
+/*
+ * Just try to get by without declaring the routines. This will fail
+ * miserably on non-ANSI systems for which sizeof(size_t) != sizeof(int)
+ * or sizeof(void*) != sizeof(int).
+ */
+#endif
+#endif
+
+/*
+ * Amount of stuff to slurp up with each read.
+ */
+#ifndef YY_READ_BUF_SIZE
+#define YY_READ_BUF_SIZE 8192
+#endif
+
+/*
+ * Copy whatever the last rule matched to the standard output.
+ */
+
+#ifndef ECHO
+/*
+ * This used to be an fputs(), but since the string might contain NUL's,
+ * we now use fwrite().
+ */
+#define ECHO (void) fwrite( yytext, yyleng, 1, yyout )
+#endif
+
+/*
+ * Gets input and stuffs it into "buf". number of characters read, or
+ * YY_NULL, is returned in "result".
+ */
+#ifndef YY_INPUT
+#define YY_INPUT(buf,result,max_size) \
+ if ( yy_current_buffer->yy_is_interactive ) \
+ { \
+ int c = '*', n; \
+ for ( n = 0; n < max_size && \
+ (c = getc( yyin )) != EOF && c != '\n'; ++n ) \
+ buf[n] = (char) c; \
+ if ( c == '\n' ) \
+ buf[n++] = (char) c; \
+ if ( c == EOF && ferror( yyin ) ) \
+ YY_FATAL_ERROR( "input in flex scanner failed" ); \
+ result = n; \
+ } \
+ else if ( ((result = fread( buf, 1, max_size, yyin )) == 0) \
+ && ferror( yyin ) ) \
+ YY_FATAL_ERROR( "input in flex scanner failed" );
+#endif
+
+/*
+ * No semi-colon after return; correct usage is to write "yyterminate();"
+ * - we don't want an extra ';' after the "return" because that will cause
+ * some compilers to complain about unreachable statements.
+ */
+#ifndef yyterminate
+#define yyterminate() return YY_NULL
+#endif
+
+/*
+ * Number of entries by which start-condition stack grows.
+ */
+#ifndef YY_START_STACK_INCR
+#define YY_START_STACK_INCR 25
+#endif
+
+/*
+ * Report a fatal error.
+ */
+#ifndef YY_FATAL_ERROR
+#define YY_FATAL_ERROR(msg) yy_fatal_error( msg )
+#endif
+
+/*
+ * Default declaration of generated scanner - a define so the user can
+ * easily add parameters.
+ */
+#ifndef YY_DECL
+#define YY_DECL int yylex YY_PROTO(( void ))
+#endif
+
+/*
+ * Code executed at the beginning of each rule, after yytext and yyleng
+ * have been set up.
+ */
+#ifndef YY_USER_ACTION
+#define YY_USER_ACTION
+#endif
+
+/*
+ * Code executed at the end of each rule.
+ */
+#ifndef YY_BREAK
+#define YY_BREAK break;
+#endif
+
+#define YY_RULE_SETUP \
+ YY_USER_ACTION
+
+YY_DECL
+{
+ register yy_state_type yy_current_state;
+ register char *yy_cp, *yy_bp;
+ register int yy_act;
+
+#line 28 "tokenparser.l"
+
+#line 583 "lex.tp.c"
+
+ if (yy_init)
+ {
+ yy_init = 0;
+
+#ifdef YY_USER_INIT
+ YY_USER_INIT;
+#endif
+
+ if (!yy_start)
+ yy_start = 1; /* first start state */
+
+ if (!yyin)
+ yyin = stdin;
+
+ if (!yyout)
+ yyout = stdout;
+
+ if (!yy_current_buffer)
+ yy_current_buffer = yy_create_buffer(yyin, YY_BUF_SIZE);
+
+ yy_load_buffer_state();
+ }
+
+ while (1) /* loops until end-of-file is reached */
+ {
+ yy_cp = yy_c_buf_p;
+
+ /*
+ * Support of yytext.
+ */
+ *yy_cp = yy_hold_char;
+
+ /*
+ * yy_bp points to the position in yy_ch_buf of the start of the
+ * current run.
+ */
+ yy_bp = yy_cp;
+
+ yy_current_state = yy_start;
+ yy_match:
+ do
+ {
+ register YY_CHAR yy_c = yy_ec[YY_SC_TO_UI(*yy_cp)];
+ if (yy_accept[yy_current_state])
+ {
+ yy_last_accepting_state = yy_current_state;
+ yy_last_accepting_cpos = yy_cp;
+ }
+ while (yy_chk[yy_base[yy_current_state] + yy_c] !=
+ yy_current_state)
+ {
+ yy_current_state = (int) yy_def[yy_current_state];
+ if (yy_current_state >= 39)
+ yy_c = yy_meta[(unsigned int) yy_c];
+ }
+ yy_current_state =
+ yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c];
+ ++yy_cp;
+ }
+ while (yy_base[yy_current_state] != 50);
+
+ yy_find_action:
+ yy_act = yy_accept[yy_current_state];
+ if (yy_act == 0)
+ { /* have to back up */
+ yy_cp = yy_last_accepting_cpos;
+ yy_current_state = yy_last_accepting_state;
+ yy_act = yy_accept[yy_current_state];
+ }
+
+ YY_DO_BEFORE_ACTION;
+
+ do_action: /* This label is used only to access EOF actions. */
+
+ switch (yy_act)
+ { /* beginning of action switch */
+ case 0: /* must back up */
+ /*
+ * undo the effects of YY_DO_BEFORE_ACTION
+ */
+ *yy_cp = yy_hold_char;
+ yy_cp = yy_last_accepting_cpos;
+ yy_current_state = yy_last_accepting_state;
+ goto yy_find_action;
+
+ case 1:
+ YY_RULE_SETUP
+#line 30 "tokenparser.l"
+ {
+ }
+ YY_BREAK case 2:
+ YY_RULE_SETUP
+#line 31 "tokenparser.l"
+ {
+ }
+ YY_BREAK case 3:
+ YY_RULE_SETUP
+#line 32 "tokenparser.l"
+ {
+ valueIndex = 0;
+ tpevalToken(yytext, 1);
+ }
+ YY_BREAK case 4:
+ YY_RULE_SETUP
+#line 33 "tokenparser.l"
+ {
+ }
+ YY_BREAK case 5:
+ YY_RULE_SETUP
+#line 34 "tokenparser.l"
+ {
+ tpevalToken(yytext, 2);
+ valueIndex += 1;
+ }
+ YY_BREAK case 6:
+ YY_RULE_SETUP
+#line 35 "tokenparser.l"
+ {
+ tperrorCheck(yytext);
+ }
+ YY_BREAK case 7:
+ YY_RULE_SETUP
+#line 36 "tokenparser.l"
+ ECHO;
+ YY_BREAK
+#line 701 "lex.tp.c"
+ case YY_STATE_EOF(INITIAL):
+ yyterminate();
+
+ case YY_END_OF_BUFFER:
+ {
+ /*
+ * Amount of text matched not including the EOB char.
+ */
+ int yy_amount_of_matched_text =
+ (int) (yy_cp - yytext_ptr) - 1;
+
+ /*
+ * Undo the effects of YY_DO_BEFORE_ACTION.
+ */
+ *yy_cp = yy_hold_char;
+ YY_RESTORE_YY_MORE_OFFSET
+ if (yy_current_buffer->yy_buffer_status ==
+ YY_BUFFER_NEW)
+ {
+ /*
+ * We're scanning a new file or input source. It's
+ * possible that this happened because the user just
+ * pointed yyin at a new source and called yylex().
+ * If so, then we have to assure consistency between
+ * yy_current_buffer and our globals. Here is the
+ * right place to do so, because this is the first
+ * action (other than possibly a back-up) that will
+ * match for the new input source.
+ */
+ yy_n_chars = yy_current_buffer->yy_n_chars;
+ yy_current_buffer->yy_input_file = yyin;
+ yy_current_buffer->yy_buffer_status = YY_BUFFER_NORMAL;
+ }
+
+ /*
+ * Note that here we test for yy_c_buf_p "<=" to the
+ * position of the first EOB in the buffer, since
+ * yy_c_buf_p will already have been incremented past the
+ * NUL character (since all states make transitions on EOB
+ * to the end-of-buffer state). Contrast this with the
+ * test in input().
+ */
+ if (yy_c_buf_p <=
+ &yy_current_buffer->yy_ch_buf[yy_n_chars])
+ { /* This was really a NUL. */
+ yy_state_type yy_next_state;
+
+ yy_c_buf_p = yytext_ptr + yy_amount_of_matched_text;
+
+ yy_current_state = yy_get_previous_state();
+
+ /*
+ * Okay, we're now positioned to make the NUL
+ * transition. We couldn't have
+ * yy_get_previous_state() go ahead and do it for us
+ * because it doesn't know how to deal with the
+ * possibility of jamming (and we don't want to build
+ * jamming into it because then it will run more
+ * slowly).
+ */
+
+ yy_next_state = yy_try_NUL_trans(yy_current_state);
+
+ yy_bp = yytext_ptr + YY_MORE_ADJ;
+
+ if (yy_next_state)
+ {
+ /*
+ * Consume the NUL.
+ */
+ yy_cp = ++yy_c_buf_p;
+ yy_current_state = yy_next_state;
+ goto yy_match;
+ }
+
+ else
+ {
+ yy_cp = yy_c_buf_p;
+ goto yy_find_action;
+ }
+ }
+
+ else
+ switch (yy_get_next_buffer())
+ {
+ case EOB_ACT_END_OF_FILE:
+ {
+ yy_did_buffer_switch_on_eof = 0;
+
+ if (yywrap())
+ {
+ /*
+ * Note: because we've taken care in
+ * yy_get_next_buffer() to have set up
+ * yytext, we can now set up yy_c_buf_p so
+ * that if some total hoser (like flex
+ * itself) wants to call the scanner after
+ * we return the YY_NULL, it'll still work
+ * - another YY_NULL will get returned.
+ */
+ yy_c_buf_p = yytext_ptr + YY_MORE_ADJ;
+
+ yy_act = YY_STATE_EOF(YY_START);
+ goto do_action;
+ }
+
+ else
+ {
+ if (!yy_did_buffer_switch_on_eof)
+ YY_NEW_FILE;
+ }
+ break;
+ }
+
+ case EOB_ACT_CONTINUE_SCAN:
+ yy_c_buf_p =
+ yytext_ptr + yy_amount_of_matched_text;
+
+ yy_current_state = yy_get_previous_state();
+
+ yy_cp = yy_c_buf_p;
+ yy_bp = yytext_ptr + YY_MORE_ADJ;
+ goto yy_match;
+
+ case EOB_ACT_LAST_MATCH:
+ yy_c_buf_p =
+ &yy_current_buffer->yy_ch_buf[yy_n_chars];
+
+ yy_current_state = yy_get_previous_state();
+
+ yy_cp = yy_c_buf_p;
+ yy_bp = yytext_ptr + YY_MORE_ADJ;
+ goto yy_find_action;
+ }
+ break;
+ }
+
+ default:
+ YY_FATAL_ERROR
+ ("fatal flex scanner internal error--no action found");
+ } /* end of action switch */
+ } /* end of scanning one token */
+} /* end of yylex */
+
+/*
+ * yy_get_next_buffer - try to read in a new buffer Returns a code
+ * representing an action: EOB_ACT_LAST_MATCH - EOB_ACT_CONTINUE_SCAN -
+ * continue scanning from current position EOB_ACT_END_OF_FILE - end of
+ * file
+ */
+
+static int yy_get_next_buffer()
+{
+ register char *dest = yy_current_buffer->yy_ch_buf;
+ register char *source = yytext_ptr;
+ register int number_to_move, i;
+ int ret_val;
+
+ if (yy_c_buf_p > &yy_current_buffer->yy_ch_buf[yy_n_chars + 1])
+ YY_FATAL_ERROR
+ ("fatal flex scanner internal error--end of buffer missed");
+
+ if (yy_current_buffer->yy_fill_buffer == 0)
+ { /* Don't try to fill the buffer, so this is an EOF. */
+ if (yy_c_buf_p - yytext_ptr - YY_MORE_ADJ == 1)
+ {
+ /*
+ * We matched a single character, the EOB, so treat this as a
+ * final EOF.
+ */
+ return EOB_ACT_END_OF_FILE;
+ }
+
+ else
+ {
+ /*
+ * We matched some text prior to the EOB, first process it.
+ */
+ return EOB_ACT_LAST_MATCH;
+ }
+ }
+
+ /*
+ * Try to read more data.
+ */
+
+ /*
+ * First move last chars to start of buffer.
+ */
+ number_to_move = (int) (yy_c_buf_p - yytext_ptr) - 1;
+
+ for (i = 0; i < number_to_move; ++i)
+ *(dest++) = *(source++);
+
+ if (yy_current_buffer->yy_buffer_status == YY_BUFFER_EOF_PENDING)
+ /*
+ * don't do the read, it's not guaranteed to return an EOF, just
+ * force an EOF
+ */
+ yy_current_buffer->yy_n_chars = yy_n_chars = 0;
+
+ else
+ {
+ int num_to_read =
+ yy_current_buffer->yy_buf_size - number_to_move - 1;
+
+ while (num_to_read <= 0)
+ { /* Not enough room in the buffer - grow it. */
+#ifdef YY_USES_REJECT
+ YY_FATAL_ERROR
+ ("input buffer overflow, can't enlarge buffer because scanner uses REJECT");
+#else
+
+ /*
+ * just a shorter name for the current buffer
+ */
+ YY_BUFFER_STATE b = yy_current_buffer;
+
+ int yy_c_buf_p_offset = (int) (yy_c_buf_p - b->yy_ch_buf);
+
+ if (b->yy_is_our_buffer)
+ {
+ int new_size = b->yy_buf_size * 2;
+
+ if (new_size <= 0)
+ b->yy_buf_size += b->yy_buf_size / 8;
+ else
+ b->yy_buf_size *= 2;
+
+ b->yy_ch_buf = (char *)
+ /*
+ * Include room in for 2 EOB chars.
+ */
+ yy_flex_realloc((void *) b->yy_ch_buf,
+ b->yy_buf_size + 2);
+ } else
+ /*
+ * Can't grow it, we don't own it.
+ */
+ b->yy_ch_buf = 0;
+
+ if (!b->yy_ch_buf)
+ YY_FATAL_ERROR
+ ("fatal error - scanner input buffer overflow");
+
+ yy_c_buf_p = &b->yy_ch_buf[yy_c_buf_p_offset];
+
+ num_to_read = yy_current_buffer->yy_buf_size -
+ number_to_move - 1;
+#endif
+ }
+
+ if (num_to_read > YY_READ_BUF_SIZE)
+ num_to_read = YY_READ_BUF_SIZE;
+
+ /*
+ * Read in more data.
+ */
+ YY_INPUT((&yy_current_buffer->yy_ch_buf[number_to_move]),
+ yy_n_chars, num_to_read);
+
+ yy_current_buffer->yy_n_chars = yy_n_chars;
+ }
+
+ if (yy_n_chars == 0)
+ {
+ if (number_to_move == YY_MORE_ADJ)
+ {
+ ret_val = EOB_ACT_END_OF_FILE;
+ yyrestart(yyin);
+ }
+
+ else
+ {
+ ret_val = EOB_ACT_LAST_MATCH;
+ yy_current_buffer->yy_buffer_status = YY_BUFFER_EOF_PENDING;
+ }
+ }
+
+ else
+ ret_val = EOB_ACT_CONTINUE_SCAN;
+
+ yy_n_chars += number_to_move;
+ yy_current_buffer->yy_ch_buf[yy_n_chars] = YY_END_OF_BUFFER_CHAR;
+ yy_current_buffer->yy_ch_buf[yy_n_chars + 1] = YY_END_OF_BUFFER_CHAR;
+
+ yytext_ptr = &yy_current_buffer->yy_ch_buf[0];
+
+ return ret_val;
+}
+
+/*
+ * yy_get_previous_state - get the state just before the EOB char was
+ * reached
+ */
+
+static yy_state_type yy_get_previous_state()
+{
+ register yy_state_type yy_current_state;
+ register char *yy_cp;
+
+ yy_current_state = yy_start;
+
+ for (yy_cp = yytext_ptr + YY_MORE_ADJ; yy_cp < yy_c_buf_p; ++yy_cp)
+ {
+ register YY_CHAR yy_c = (*yy_cp ? yy_ec[YY_SC_TO_UI(*yy_cp)] : 1);
+ if (yy_accept[yy_current_state])
+ {
+ yy_last_accepting_state = yy_current_state;
+ yy_last_accepting_cpos = yy_cp;
+ }
+ while (yy_chk[yy_base[yy_current_state] + yy_c] !=
+ yy_current_state)
+ {
+ yy_current_state = (int) yy_def[yy_current_state];
+ if (yy_current_state >= 39)
+ yy_c = yy_meta[(unsigned int) yy_c];
+ }
+ yy_current_state =
+ yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c];
+ }
+
+ return yy_current_state;
+}
+
+/*
+ * yy_try_NUL_trans - try to make a transition on the NUL character
+ * synopsis next_state = yy_try_NUL_trans( current_state );
+ */
+
+#ifdef YY_USE_PROTOS
+static yy_state_type yy_try_NUL_trans(yy_state_type yy_current_state)
+#else
+static yy_state_type yy_try_NUL_trans(yy_current_state)
+ yy_state_type yy_current_state;
+#endif
+{
+ register int yy_is_jam;
+ register char *yy_cp = yy_c_buf_p;
+
+ register YY_CHAR yy_c = 1;
+ if (yy_accept[yy_current_state])
+ {
+ yy_last_accepting_state = yy_current_state;
+ yy_last_accepting_cpos = yy_cp;
+ }
+ while (yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state)
+ {
+ yy_current_state = (int) yy_def[yy_current_state];
+ if (yy_current_state >= 39)
+ yy_c = yy_meta[(unsigned int) yy_c];
+ }
+ yy_current_state =
+ yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c];
+ yy_is_jam = (yy_current_state == 38);
+
+ return yy_is_jam ? 0 : yy_current_state;
+}
+
+#ifndef YY_NO_UNPUT
+#ifdef YY_USE_PROTOS
+static void yyunput(int c, register char *yy_bp)
+#else
+static void yyunput(c, yy_bp)
+ int c;
+ register char *yy_bp;
+#endif
+{
+ register char *yy_cp = yy_c_buf_p;
+
+ /*
+ * undo effects of setting up yytext
+ */
+ *yy_cp = yy_hold_char;
+
+ if (yy_cp < yy_current_buffer->yy_ch_buf + 2)
+ { /* need to shift things up to make room */
+ /*
+ * +2 for EOB chars.
+ */
+ register int number_to_move = yy_n_chars + 2;
+ register char *dest =
+ &yy_current_buffer->yy_ch_buf[yy_current_buffer->yy_buf_size +
+ 2];
+ register char *source =
+ &yy_current_buffer->yy_ch_buf[number_to_move];
+
+ while (source > yy_current_buffer->yy_ch_buf)
+ *--dest = *--source;
+
+ yy_cp += (int) (dest - source);
+ yy_bp += (int) (dest - source);
+ yy_current_buffer->yy_n_chars =
+ yy_n_chars = yy_current_buffer->yy_buf_size;
+
+ if (yy_cp < yy_current_buffer->yy_ch_buf + 2)
+ YY_FATAL_ERROR("flex scanner push-back overflow");
+ }
+
+ *--yy_cp = (char) c;
+
+ yytext_ptr = yy_bp;
+ yy_hold_char = *yy_cp;
+ yy_c_buf_p = yy_cp;
+}
+#endif /* ifndef YY_NO_UNPUT */
+
+#ifdef __cplusplus
+static int yyinput()
+#else
+static int input()
+#endif
+{
+ int c;
+
+ *yy_c_buf_p = yy_hold_char;
+
+ if (*yy_c_buf_p == YY_END_OF_BUFFER_CHAR)
+ {
+ /*
+ * yy_c_buf_p now points to the character we want to return. If
+ * this occurs *before* the EOB characters, then it's a valid NUL;
+ * if not, then we've hit the end of the buffer.
+ */
+ if (yy_c_buf_p < &yy_current_buffer->yy_ch_buf[yy_n_chars])
+ /*
+ * This was really a NUL.
+ */
+ *yy_c_buf_p = '\0';
+
+ else
+ { /* need more input */
+ int offset = yy_c_buf_p - yytext_ptr;
+ ++yy_c_buf_p;
+
+ switch (yy_get_next_buffer())
+ {
+ case EOB_ACT_LAST_MATCH:
+ /*
+ * This happens because yy_g_n_b() sees that we've
+ * accumulated a token and flags that we need to try
+ * matching the token before proceeding. But for input(),
+ * there's no matching to consider. So convert the
+ * EOB_ACT_LAST_MATCH to EOB_ACT_END_OF_FILE.
+ */
+
+ /*
+ * Reset buffer status.
+ */
+ yyrestart(yyin);
+
+ /*
+ * fall through
+ */
+
+ case EOB_ACT_END_OF_FILE:
+ {
+ if (yywrap())
+ return EOF;
+
+ if (!yy_did_buffer_switch_on_eof)
+ YY_NEW_FILE;
+#ifdef __cplusplus
+ return yyinput();
+#else
+ return input();
+#endif
+ }
+
+ case EOB_ACT_CONTINUE_SCAN:
+ yy_c_buf_p = yytext_ptr + offset;
+ break;
+ }
+ }
+ }
+
+ c = *(unsigned char *) yy_c_buf_p; /* cast for 8-bit char's */
+ *yy_c_buf_p = '\0'; /* preserve yytext */
+ yy_hold_char = *++yy_c_buf_p;
+
+ return c;
+}
+
+#ifdef YY_USE_PROTOS
+void yyrestart(FILE * input_file)
+#else
+void yyrestart(input_file)
+ FILE *input_file;
+#endif
+{
+ if (!yy_current_buffer)
+ yy_current_buffer = yy_create_buffer(yyin, YY_BUF_SIZE);
+
+ yy_init_buffer(yy_current_buffer, input_file);
+ yy_load_buffer_state();
+}
+
+#ifdef YY_USE_PROTOS
+void yy_switch_to_buffer(YY_BUFFER_STATE new_buffer)
+#else
+void yy_switch_to_buffer(new_buffer)
+ YY_BUFFER_STATE new_buffer;
+#endif
+{
+ if (yy_current_buffer == new_buffer)
+ return;
+
+ if (yy_current_buffer)
+ {
+ /*
+ * Flush out information for old buffer.
+ */
+ *yy_c_buf_p = yy_hold_char;
+ yy_current_buffer->yy_buf_pos = yy_c_buf_p;
+ yy_current_buffer->yy_n_chars = yy_n_chars;
+ }
+
+ yy_current_buffer = new_buffer;
+ yy_load_buffer_state();
+
+ /*
+ * We don't actually know whether we did this switch during EOF
+ * (yywrap()) processing, but the only time this flag is looked at is
+ * after yywrap() is called, so it's safe to go ahead and always set
+ * it.
+ */
+ yy_did_buffer_switch_on_eof = 1;
+}
+
+#ifdef YY_USE_PROTOS
+void yy_load_buffer_state(void)
+#else
+void yy_load_buffer_state()
+#endif
+{
+ yy_n_chars = yy_current_buffer->yy_n_chars;
+ yytext_ptr = yy_c_buf_p = yy_current_buffer->yy_buf_pos;
+ yyin = yy_current_buffer->yy_input_file;
+ yy_hold_char = *yy_c_buf_p;
+}
+
+#ifdef YY_USE_PROTOS
+YY_BUFFER_STATE yy_create_buffer(FILE * file, int size)
+#else
+YY_BUFFER_STATE yy_create_buffer(file, size)
+ FILE *file;
+ int size;
+#endif
+{
+ YY_BUFFER_STATE b;
+
+ b = (YY_BUFFER_STATE) yy_flex_alloc(sizeof(struct yy_buffer_state));
+ if (!b)
+ YY_FATAL_ERROR("out of dynamic memory in yy_create_buffer()");
+
+ b->yy_buf_size = size;
+
+ /*
+ * yy_ch_buf has to be 2 characters longer than the size given because
+ * we need to put in 2 end-of-buffer characters.
+ */
+ b->yy_ch_buf = (char *) yy_flex_alloc(b->yy_buf_size + 2);
+ if (!b->yy_ch_buf)
+ YY_FATAL_ERROR("out of dynamic memory in yy_create_buffer()");
+
+ b->yy_is_our_buffer = 1;
+
+ yy_init_buffer(b, file);
+
+ return b;
+}
+
+#ifdef YY_USE_PROTOS
+void yy_delete_buffer(YY_BUFFER_STATE b)
+#else
+void yy_delete_buffer(b)
+ YY_BUFFER_STATE b;
+#endif
+{
+ if (!b)
+ return;
+
+ if (b == yy_current_buffer)
+ yy_current_buffer = (YY_BUFFER_STATE) 0;
+
+ if (b->yy_is_our_buffer)
+ yy_flex_free((void *) b->yy_ch_buf);
+
+ yy_flex_free((void *) b);
+}
+
+#ifndef YY_ALWAYS_INTERACTIVE
+#ifndef YY_NEVER_INTERACTIVE
+extern int isatty YY_PROTO((int));
+#endif
+#endif
+
+#ifdef YY_USE_PROTOS
+void yy_init_buffer(YY_BUFFER_STATE b, FILE * file)
+#else
+void yy_init_buffer(b, file)
+ YY_BUFFER_STATE b;
+ FILE *file;
+#endif
+
+{
+ yy_flush_buffer(b);
+
+ b->yy_input_file = file;
+ b->yy_fill_buffer = 1;
+
+#if YY_ALWAYS_INTERACTIVE
+ b->yy_is_interactive = 1;
+#else
+#if YY_NEVER_INTERACTIVE
+ b->yy_is_interactive = 0;
+#else
+ b->yy_is_interactive = file ? (isatty(fileno(file)) > 0) : 0;
+#endif
+#endif
+}
+
+#ifdef YY_USE_PROTOS
+void yy_flush_buffer(YY_BUFFER_STATE b)
+#else
+void yy_flush_buffer(b)
+ YY_BUFFER_STATE b;
+#endif
+
+{
+ if (!b)
+ return;
+
+ b->yy_n_chars = 0;
+
+ /*
+ * We always need two end-of-buffer characters. The first causes a
+ * transition to the end-of-buffer state. The second causes a jam in
+ * that state.
+ */
+ b->yy_ch_buf[0] = YY_END_OF_BUFFER_CHAR;
+ b->yy_ch_buf[1] = YY_END_OF_BUFFER_CHAR;
+
+ b->yy_buf_pos = &b->yy_ch_buf[0];
+
+ b->yy_at_bol = 1;
+ b->yy_buffer_status = YY_BUFFER_NEW;
+
+ if (b == yy_current_buffer)
+ yy_load_buffer_state();
+}
+
+#ifndef YY_NO_SCAN_BUFFER
+#ifdef YY_USE_PROTOS
+YY_BUFFER_STATE yy_scan_buffer(char *base, yy_size_t size)
+#else
+YY_BUFFER_STATE yy_scan_buffer(base, size)
+ char *base;
+ yy_size_t size;
+#endif
+{
+ YY_BUFFER_STATE b;
+
+ if (size < 2 ||
+ base[size - 2] != YY_END_OF_BUFFER_CHAR ||
+ base[size - 1] != YY_END_OF_BUFFER_CHAR)
+ /*
+ * They forgot to leave room for the EOB's.
+ */
+ return 0;
+
+ b = (YY_BUFFER_STATE) yy_flex_alloc(sizeof(struct yy_buffer_state));
+ if (!b)
+ YY_FATAL_ERROR("out of dynamic memory in yy_scan_buffer()");
+
+ b->yy_buf_size = size - 2; /* "- 2" to take care of EOB's */
+ b->yy_buf_pos = b->yy_ch_buf = base;
+ b->yy_is_our_buffer = 0;
+ b->yy_input_file = 0;
+ b->yy_n_chars = b->yy_buf_size;
+ b->yy_is_interactive = 0;
+ b->yy_at_bol = 1;
+ b->yy_fill_buffer = 0;
+ b->yy_buffer_status = YY_BUFFER_NEW;
+
+ yy_switch_to_buffer(b);
+
+ return b;
+}
+#endif
+
+#ifndef YY_NO_SCAN_STRING
+#ifdef YY_USE_PROTOS
+YY_BUFFER_STATE yy_scan_string(yyconst char *yy_str)
+#else
+YY_BUFFER_STATE yy_scan_string(yy_str)
+ yyconst char *yy_str;
+#endif
+{
+ int len;
+ for (len = 0; yy_str[len]; ++len)
+ ;
+
+ return yy_scan_bytes(yy_str, len);
+}
+#endif
+
+#ifndef YY_NO_SCAN_BYTES
+#ifdef YY_USE_PROTOS
+YY_BUFFER_STATE yy_scan_bytes(yyconst char *bytes, int len)
+#else
+YY_BUFFER_STATE yy_scan_bytes(bytes, len)
+ yyconst char *bytes;
+ int len;
+#endif
+{
+ YY_BUFFER_STATE b;
+ char *buf;
+ yy_size_t n;
+ int i;
+
+ /*
+ * Get memory for full buffer, including space for trailing EOB's.
+ */
+ n = len + 2;
+ buf = (char *) yy_flex_alloc(n);
+ if (!buf)
+ YY_FATAL_ERROR("out of dynamic memory in yy_scan_bytes()");
+
+ for (i = 0; i < len; ++i)
+ buf[i] = bytes[i];
+
+ buf[len] = buf[len + 1] = YY_END_OF_BUFFER_CHAR;
+
+ b = yy_scan_buffer(buf, n);
+ if (!b)
+ YY_FATAL_ERROR("bad buffer in yy_scan_bytes()");
+
+ /*
+ * It's okay to grow etc. this buffer, and we should throw it away
+ * when we're done.
+ */
+ b->yy_is_our_buffer = 1;
+
+ return b;
+}
+#endif
+
+#ifndef YY_NO_PUSH_STATE
+#ifdef YY_USE_PROTOS
+static void yy_push_state(int new_state)
+#else
+static void yy_push_state(new_state)
+ int new_state;
+#endif
+{
+ if (yy_start_stack_ptr >= yy_start_stack_depth)
+ {
+ yy_size_t new_size;
+
+ yy_start_stack_depth += YY_START_STACK_INCR;
+ new_size = yy_start_stack_depth * sizeof(int);
+
+ if (!yy_start_stack)
+ yy_start_stack = (int *) yy_flex_alloc(new_size);
+
+ else
+ yy_start_stack = (int *) yy_flex_realloc(
+ (void *) yy_start_stack, new_size);
+
+ if (!yy_start_stack)
+ YY_FATAL_ERROR
+ ("out of memory expanding start-condition stack");
+ }
+
+ yy_start_stack[yy_start_stack_ptr++] = YY_START;
+
+ BEGIN(new_state);
+}
+#endif
+
+#ifndef YY_NO_POP_STATE
+static void yy_pop_state()
+{
+ if (--yy_start_stack_ptr < 0)
+ YY_FATAL_ERROR("start-condition stack underflow");
+
+ BEGIN(yy_start_stack[yy_start_stack_ptr]);
+}
+#endif
+
+#ifndef YY_NO_TOP_STATE
+static int yy_top_state()
+{
+ return yy_start_stack[yy_start_stack_ptr - 1];
+}
+#endif
+
+#ifndef YY_EXIT_FAILURE
+#define YY_EXIT_FAILURE 2
+#endif
+
+#ifdef YY_USE_PROTOS
+static void yy_fatal_error(yyconst char msg[])
+#else
+static void yy_fatal_error(msg)
+ char msg[];
+#endif
+{
+ (void) fprintf(stderr, "%s\n", msg);
+ exit(YY_EXIT_FAILURE);
+}
+
+/*
+ * Redefine yyless() so it works in section 3 code.
+ */
+
+#undef yyless
+#define yyless(n) \
+ do \
+ { \
+ /* Undo effects of setting up yytext. */ \
+ yytext[yyleng] = yy_hold_char; \
+ yy_c_buf_p = yytext + n; \
+ yy_hold_char = *yy_c_buf_p; \
+ *yy_c_buf_p = '\0'; \
+ yyleng = n; \
+ } \
+ while ( 0 )
+
+/*
+ * Internal utility routines.
+ */
+
+#ifndef yytext_ptr
+#ifdef YY_USE_PROTOS
+static void yy_flex_strncpy(char *s1, yyconst char *s2, int n)
+#else
+static void yy_flex_strncpy(s1, s2, n)
+ char *s1;
+ yyconst char *s2;
+ int n;
+#endif
+{
+ register int i;
+ for (i = 0; i < n; ++i)
+ s1[i] = s2[i];
+}
+#endif
+
+#ifdef YY_NEED_STRLEN
+#ifdef YY_USE_PROTOS
+static int yy_flex_strlen(yyconst char *s)
+#else
+static int yy_flex_strlen(s)
+ yyconst char *s;
+#endif
+{
+ register int n;
+ for (n = 0; s[n]; ++n)
+ ;
+
+ return n;
+}
+#endif
+
+#ifdef YY_USE_PROTOS
+static void *yy_flex_alloc(yy_size_t size)
+#else
+static void *yy_flex_alloc(size)
+ yy_size_t size;
+#endif
+{
+ return (void *) malloc(size);
+}
+
+#ifdef YY_USE_PROTOS
+static void *yy_flex_realloc(void *ptr, yy_size_t size)
+#else
+static void *yy_flex_realloc(ptr, size)
+ void *ptr;
+ yy_size_t size;
+#endif
+{
+ /*
+ * The cast to (char *) in the following accommodates both
+ * implementations that use char* generic pointers, and those that use
+ * void* generic pointers. It works with the latter because both ANSI
+ * C and C++ allow castless assignment from any pointer type to void*,
+ * and deal with argument conversions as though doing an assignment.
+ */
+ return (void *) realloc((char *) ptr, size);
+}
+
+#ifdef YY_USE_PROTOS
+static void yy_flex_free(void *ptr)
+#else
+static void yy_flex_free(ptr)
+ void *ptr;
+#endif
+{
+ free(ptr);
+}
+
+#if YY_MAIN
+int main()
+{
+ yylex();
+ return 0;
+}
+#endif
+#line 36 "tokenparser.l"
+
+#include <stdio.h>
+#include <string.h>
+#include "debuglog.h"
+
+#ifndef WIN32
+#include "config.h"
+#else
+#include "../win32/win32_config.h"
+#endif
+
+int yywrap()
+{
+ return 1;
+}
+
+void tpevalToken(char *pcToken, int tokType)
+{
+
+ int len;
+ len = 0;
+
+ if (tokType == 1)
+ {
+ for (len = 5; pcToken[len] != '<'; len++) ;
+ strncpy(pcKey, &pcToken[5], len - 5);
+ pcKey[len - 5] = 0;
+ }
+
+ if (tokType == 2)
+ {
+ for (len = 8; pcToken[len] != '<'; len++) ;
+ strncpy(pcValue, &pcToken[8], len - 8);
+ pcValue[len - 8] = 0;
+ if (strcmp(pcKey, pcDesiredKey) == 0)
+ {
+ if (desiredIndex == valueIndex)
+ {
+ strcpy(pcFinValue, pcValue);
+ }
+ }
+ }
+
+}
+
+void tperrorCheck(char *token_error)
+{
+}
+
+int LTPBundleFindValueWithKey(char *fileName, char *tokenKey,
+ char *tokenValue, int tokenIndice)
+{
+
+ FILE *file;
+ file = 0;
+
+ desiredIndex = tokenIndice;
+ pcDesiredKey = tokenKey;
+ pcFinValue[0] = 0;
+
+ file = fopen(fileName, "r");
+
+ if (!file)
+ {
+ DebugLogB("Could not open bundle file : %s\n", fileName);
+ return 1;
+ }
+
+ yyin = file;
+
+ do
+ {
+ yylex();
+ }
+ while (!feof(file));
+
+ if (pcFinValue[0] == 0)
+ {
+ if (tokenIndice == 0)
+ {
+ /*
+ * Not defined at all
+ */
+ DebugLogB("Value/Key not defined for: %s\n", tokenKey);
+ }
+ fclose(file);
+ return -1;
+ } else
+ {
+ strcpy(tokenValue, pcFinValue);
+ fclose(file);
+ return 0;
+ }
+
+ fclose(file);
+ return 0;
+}
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/tokenparser.l
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/tokenparser.l (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/tokenparser.l 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,114 @@
+/*****************************************************************
+
+ File : configfile.ll
+ Author : David Corcoran
+ Date : February 12, 1999 modified 7/28/99
+ Purpose: Reads lexical config files and updates database.
+ See http://www.linuxnet.com for more information.
+ License: Copyright (C) 1999 David Corcoran
+ <corcoran at linuxnet.com>
+
+******************************************************************/
+
+%{
+
+void tpevalToken( char *pcToken, int tokType );
+
+static char *pcDesiredKey = 0;
+static char pcKey[200];
+static char pcValue[200];
+static char pcFinValue[200];
+static int valueIndex = 0;
+static int desiredIndex = 0;
+
+void tperrorCheck ( char *pcToken_error );
+
+%}
+
+%%
+
+#.* {}
+"\n" {}
+\<key\>([A-Z]|[a-z]|[0-9]|[ \t])+\<\/key\> { valueIndex = 0; tpevalToken(yytext, 1); }
+[ \t] {}
+\<string\>([A-Z]|[a-z]|[0-9]|[ \t]|[!@#$%^&*()\-+/_\:?.,=~'"])+\<\/string\> {tpevalToken(yytext, 2); valueIndex += 1;}
+. { tperrorCheck( yytext ); }
+%%
+
+#include <stdio.h>
+#include <string.h>
+#include "debuglog.h"
+#include "config.h"
+
+int yywrap() {
+ return 1;
+}
+
+
+void tpevalToken( char *pcToken, int tokType ) {
+
+ int len;
+ len = 0;
+
+ if ( tokType == 1 ) {
+ for (len=5; pcToken[len] != '<'; len++);
+ strncpy(pcKey, &pcToken[5], len - 5);
+ pcKey[len-5] = 0;
+ }
+
+ if ( tokType == 2 ) {
+ for (len=8; pcToken[len] != '<'; len++);
+ strncpy(pcValue, &pcToken[8], len - 8);
+ pcValue[len-8] = 0;
+ if ( strcmp(pcKey, pcDesiredKey) == 0 ) {
+ if ( desiredIndex == valueIndex ) {
+ strcpy(pcFinValue, pcValue);
+ }
+ }
+ }
+
+
+}
+
+void tperrorCheck ( char *token_error ) { }
+
+int LTPBundleFindValueWithKey(char *fileName, char *tokenKey,
+ char *tokenValue, int tokenIndice) {
+
+ FILE *file;
+ file = 0;
+
+ desiredIndex = tokenIndice;
+ pcDesiredKey = tokenKey;
+ pcFinValue[0] = 0;
+
+ file = fopen(fileName, "r");
+
+ if (!file) {
+ DebugLogC( "Could not open bundle file : %s\n", fileName );
+ return 1;
+ }
+
+ yyin = file;
+
+ do {
+ yylex();
+ } while (!feof(file));
+
+ if ( pcFinValue[0] == 0 ) {
+ if ( tokenIndice == 0 ) {
+ /* Not defined at all */
+ DebugLogC( "Value/Key not defined for: %s\n", tokenKey );
+ }
+ fclose(file);
+ return -1;
+ } else {
+ strcpy(tokenValue, pcFinValue);
+ fclose(file);
+ return 0;
+ }
+
+ fclose(file);
+ return 0;
+}
+
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/utils/bundleTool.c
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/utils/bundleTool.c (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/utils/bundleTool.c 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,223 @@
+/*
+ * Copyright (c) 2000-2002 Apple Computer, Inc. All Rights Reserved.
+ * The contents of this file constitute Original Code as defined in and are
+ * subject to the Apple Public Source License Version 1.2 (the 'License').
+ * You may not use this file except in compliance with the License. Please
+ * obtain a copy of the License at http://www.apple.com/publicsource and
+ * read it before using this file.
+ *
+ * This Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS
+ * FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please
+ * see the License for the specific language governing rights and
+ * limitations under the License.
+ */
+
+/******************************************************************
+
+ MUSCLE SmartCard Development ( http://www.linuxnet.com )
+ Title : bundleTool.c
+ Package: MuscleCard Framework
+ Author : David Corcoran
+ Date : 03/11/01
+ License: Copyright (C) 2002 David Corcoran
+ <corcoran at linuxnet.com>
+ Purpose: This automatically updates the Info.plist
+
+ You may not remove this header from this file
+ without prior permission from the author.
+
+$Id: bundleTool.c,v 1.2 2003/02/13 20:06:36 ghoo Exp $
+
+********************************************************************/
+
+#include "wintypes.h"
+#include "winscard.h"
+#include "tokenfactory.h"
+
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <unistd.h>
+#include <dirent.h>
+#include <stdio.h>
+#include <fcntl.h>
+#include <stdlib.h>
+
+/*
+ * End of personalization
+ */
+
+#define CHECK_ERR(cond, msg) { if (cond) { \
+ printf("Error: %s\n", msg); return -1; } }
+
+int main(int argc, char **argv)
+{
+
+ LONG rv;
+ SCARDCONTEXT hContext;
+ SCARD_READERSTATE_A rgReaderStates;
+ DWORD readerListSize;
+ struct stat statBuffer;
+ char spAtrValue[100];
+ char chosenInfoPlist[1024];
+ char *readerList;
+ char *restFile;
+ char atrInsertion[256];
+ FILE *fp;
+ DIR *bundleDir;
+ struct dirent *currBundle;
+ int i, p;
+ int userChoice;
+ int totalBundles;
+ int filePosition;
+ int restFileSize;
+ int restOffset;
+ int getsSize;
+
+ if (argc > 1)
+ {
+ printf("Invalid arguments\n");
+ printf("./bundleTool\n");
+ return -1;
+ }
+
+ currBundle = 0;
+
+ bundleDir = opendir(MSC_SVC_DROPDIR);
+ CHECK_ERR(bundleDir == 0, "Could not open services directory.");
+
+ printf("Select the approprate token driver:\n");
+ printf("-----------------------------------\n");
+
+ i = 1;
+ totalBundles = 0;
+
+ while ((currBundle = readdir(bundleDir)) != 0)
+ {
+ if (strstr(currBundle->d_name, ".bundle") != 0)
+ {
+ printf(" %d. %s\n", i++, currBundle->d_name);
+ totalBundles += 1;
+ }
+ }
+ printf("-----------------------------------\n");
+
+ if (totalBundles == 0)
+ {
+ printf("No services are present - exiting.\n");
+ return 1;
+ }
+
+ do
+ {
+ printf("Enter the number: ");
+ scanf("%d", &userChoice);
+ }
+ while (userChoice < 1 && userChoice > totalBundles);
+
+ closedir(bundleDir);
+
+ bundleDir = opendir(MSC_SVC_DROPDIR);
+ CHECK_ERR(bundleDir == 0, "Could not open services directory.");
+ CHECK_ERR(bundleDir == 0, MSC_SVC_DROPDIR);
+
+ do
+ {
+ if ((currBundle = readdir(bundleDir)) != 0)
+ {
+ if (strstr(currBundle->d_name, ".bundle") != 0)
+ {
+ userChoice -= 1;
+ }
+ }
+ }
+ while (userChoice != 0);
+
+ snprintf(chosenInfoPlist, sizeof(chosenInfoPlist),
+ "%s%s/Contents/Info.plist", MSC_SVC_DROPDIR, currBundle->d_name);
+ closedir(bundleDir);
+ printf("\n");
+
+ rv = SCardEstablishContext(SCARD_SCOPE_SYSTEM, 0, 0, &hContext);
+ CHECK_ERR(rv != SCARD_S_SUCCESS, "PC/SC SCardEstablishContext Failed");
+
+ readerListSize = 0;
+ rv = SCardListReaders(hContext, 0, 0, &readerListSize);
+ CHECK_ERR(rv != SCARD_S_SUCCESS, "PC/SC SCardListReaders Failed");
+
+ readerList = (char *) malloc(sizeof(char) * readerListSize);
+ CHECK_ERR(readerList == 0, "Malloc Failed");
+
+ rv = SCardListReaders(hContext, 0, readerList, &readerListSize);
+ CHECK_ERR(rv != SCARD_S_SUCCESS, "PC/SC SCardListReaders Alloc Failed");
+
+ printf("Insert your token in: %s\n", readerList);
+
+ rgReaderStates.szReader = readerList;
+ rgReaderStates.dwCurrentState = SCARD_STATE_EMPTY;
+
+ rv = SCardGetStatusChange(hContext, INFINITE, &rgReaderStates, 1);
+ CHECK_ERR(rv != SCARD_S_SUCCESS, "PC/SC SCardGetStatusChange Failed");
+
+ p = 0;
+ for (i = 0; i < rgReaderStates.cbAtr; i++)
+ {
+ sprintf(&spAtrValue[p], "%02X", rgReaderStates.rgbAtr[i]);
+ p += 2;
+ }
+ printf("\n");
+
+ snprintf(atrInsertion, sizeof(atrInsertion),
+ " <string>%s</string>\n", spAtrValue);
+
+ fp = fopen(chosenInfoPlist, "r+");
+ if (fp == 0)
+ {
+ printf("Could not open %s\n", chosenInfoPlist);
+ }
+ CHECK_ERR(fp == 0, "Opening of Info.plist failed.");
+
+ rv = stat(chosenInfoPlist, &statBuffer);
+ CHECK_ERR(rv != 0, "File Stat failed\n");
+
+ restFileSize = statBuffer.st_size + strlen(atrInsertion);
+ restFile = (char *) malloc(sizeof(char) * restFileSize);
+ CHECK_ERR(restFile == 0, "Malloc failed");
+
+ filePosition = 0;
+ restOffset = 0;
+ getsSize = 0;
+
+ do
+ {
+ if (fgets(&restFile[restOffset], restFileSize, fp) == 0)
+ {
+ break;
+ }
+
+ if (strstr(&restFile[restOffset], "<key>spAtrValue</key>"))
+ {
+ filePosition = ftell(fp);
+ }
+
+ getsSize = strlen(&restFile[restOffset]);
+ restOffset += getsSize;
+ }
+ while (1);
+
+ rewind(fp);
+ fwrite(restFile, 1, filePosition, fp);
+ fwrite(atrInsertion, 1, strlen(atrInsertion), fp);
+ fwrite(&restFile[filePosition], 1,
+ statBuffer.st_size - filePosition, fp);
+
+ fclose(fp);
+
+ printf("Token support updated successfully !\n");
+
+ return 0;
+}
+
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/winscard.c
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/winscard.c (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/winscard.c 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,1525 @@
+/*
+ * Copyright (c) 2000-2007 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * winscard.c
+ * SmartCardServices
+ */
+
+/*
+ * MUSCLE SmartCard Development ( http://www.linuxnet.com )
+ *
+ * Copyright (C) 1999-2004
+ * David Corcoran <corcoran at linuxnet.com>
+ * Ludovic Rousseau <ludovic.rousseau at free.fr>
+ *
+ * $Id: winscard.c 2385 2007-02-05 13:55:01Z rousseau $
+ */
+
+/**
+ * @mainpage MUSCLE PC/SC-Lite API Documentation
+ *
+ * @section Introduction
+ *
+ * This document contains the reference API calls for communicating to the
+ * MUSCLE PC/SC Smart Card Resource Manager. PC/SC is a standard proposed by
+ * the PC/SC workgroup http://www.pcscworkgroup.com/ which is a conglomerate of
+ * representative from major smart card manufacturers and other companies. This
+ * specification tries to abstract the smart card layer into a high level API
+ * so that smart cards and their readers can be accessed in a homogeneous
+ * fashion.
+ *
+ * This toolkit was written in ANSI C that can be used with most compilers and
+ * does NOT use complex and large data structures such as vectors, etc. The C
+ * API emulates the winscard API that is used on the Windows platform. It is
+ * contained in the library <tt>libpcsclite.so</tt> that is linked to your
+ * application.
+ *
+ * I would really like to hear from you. If you have any feedback either on
+ * this documentation or on the MUSCLE project please feel free to email me at:
+ * corcoran at musclecard.com.
+ *
+ *
+ * @section API Routines
+ *
+ * These routines specified here are winscard routines like those in the
+ * winscard API provided under Windows(R). These are compatible with the
+ * Microsoft(R) API calls. This list of calls is mainly an abstraction of
+ * readers. It gives a common API for communication to most readers in a
+ * homogeneous fashion.
+ *
+ * Since all functions can produce a wide array of errors, please refer to
+ * Error codes for a list of error returns.
+ *
+ * For a human readable representation of an error the function
+ * pcsc_stringify_error() is declared in pcsclite.h. This function is not
+ * available on Microsoft(R) winscard API and is pcsc-lite specific.
+ *
+ * @section Internals
+ *
+ * PC/SC Lite is formed by a server deamon (<tt>pcscd</tt>) and a client
+ * library (<tt>libpcsclite.so</tt>) that communicate via IPC.
+ *
+ * The file \em winscard_clnt.c in the client-side exposes the API for
+ * applications.\n The file \em winscard.c has the server-side counterpart
+ * functions present in \em winscard_clnt.c.\n The file \em winscard_msg.c is
+ * the communication interface between \em winscard_clnt.c and \em
+ * winscard.c.\n The file pcscdaemon.c has the main server-side function,
+ * including a loop for accepting client requests.\n The file \em
+ * winscard_svc.c has the functions called by \em pcscdaemon.c to serve clients
+ * requests.
+ *
+ * When a function from \em winscard_clnt.c is called by a client application,
+ * it calls a function in \em winscard_msg.c to send the message to \em
+ * pcscdaemon.c. When \em pcscdaemon.c a client detects a request arrived, it
+ * calls \em winscard_svc.c which identifies what command the message contains
+ * and requests \em winscard.c to execute the command.\n Meanwhile
+ * winscard_clnt.c waits for the response until a timeout occurs.
+ */
+
+/**
+ * @file
+ * @brief This handles smartcard reader communications.
+ * This is the heart of the MS smartcard API.
+ *
+ * Here are the main server-side functions which execute the requests from the
+ * clients.
+ */
+
+#include "config.h"
+#include <stdlib.h>
+#include <sys/time.h>
+#include <string.h>
+
+#include "wintypes.h"
+#include "pcsclite.h"
+#include "winscard.h"
+#include "ifdhandler.h"
+#include "debuglog.h"
+#include "readerfactory.h"
+#include "prothandler.h"
+#include "ifdwrapper.h"
+#include "atrhandler.h"
+#include "configfile.h"
+#include "sys_generic.h"
+#include "eventhandler.h"
+#include "readerstate.h"
+
+#include <security_utilities/debugging.h>
+
+/** used for backward compatibility */
+#define SCARD_PROTOCOL_ANY_OLD 0x1000
+
+/** Some defines for context stack. */
+#define SCARD_LAST_CONTEXT 1
+/** Some defines for context stack. */
+#define SCARD_NO_CONTEXT 0
+/** Some defines for context stack. */
+#define SCARD_EXCLUSIVE_CONTEXT -1
+/** Some defines for context stack. */
+#define SCARD_NO_LOCK 0
+
+SCARD_IO_REQUEST g_rgSCardT0Pci = { SCARD_PROTOCOL_T0, 8 };
+SCARD_IO_REQUEST g_rgSCardT1Pci = { SCARD_PROTOCOL_T1, 8 };
+SCARD_IO_REQUEST g_rgSCardRawPci = { SCARD_PROTOCOL_RAW, 8 };
+
+#define PCSCLITE_LOCK_POLL_RATE 100000 /**< Lock polling rate */
+
+static LONG NotifyOfCardReset(DWORD state, PREADER_CONTEXT rContext, SCARDHANDLE hCard);
+static LONG EjectCard(PREADER_CONTEXT rContext);
+
+
+/**
+ * @brief Creates an Application Context for a client.
+ *
+ * This must be the first function called in a PC/SC application.
+ *
+ * @param[in] dwScope Scope of the establishment.
+ * This can either be a local or remote connection.
+ * <ul>
+ * <li>SCARD_SCOPE_USER - Not used.
+ * <li>SCARD_SCOPE_TERMINAL - Not used.
+ * <li>SCARD_SCOPE_GLOBAL - Not used.
+ * <li>SCARD_SCOPE_SYSTEM - Services on the local machine.
+ * </ul>
+ * @param[in] pvReserved1 Reserved for future use. Can be used for remote connection.
+ * @param[in] pvReserved2 Reserved for future use.
+ * @param[out] phContext Returned Application Context.
+ *
+ * @return Connection status.
+ * @retval SCARD_S_SUCCESS Successful (\ref SCARD_S_SUCCESS)
+ * @retval SCARD_E_INVALID_VALUE Invalid scope type passed (\ref SCARD_E_INVALID_VALUE)
+ * @retval SCARD_E_INVALID_PARAMETER phContext is null (\ref SCARD_E_INVALID_PARAMETER)
+ */
+LONG SCardEstablishContext(DWORD dwScope, LPCVOID pvReserved1,
+ LPCVOID pvReserved2, LPSCARDCONTEXT phContext)
+{
+ /*
+ * Check for NULL pointer
+ */
+ if (phContext == 0)
+ return SCARD_E_INVALID_PARAMETER;
+
+ if (dwScope != SCARD_SCOPE_USER && dwScope != SCARD_SCOPE_TERMINAL &&
+ dwScope != SCARD_SCOPE_SYSTEM && dwScope != SCARD_SCOPE_GLOBAL)
+ {
+
+ *phContext = 0;
+ return SCARD_E_INVALID_VALUE;
+ }
+
+ /*
+ * Unique identifier for this server so that it can uniquely be
+ * identified by clients and distinguished from others
+ */
+
+ *phContext = (PCSCLITE_SVC_IDENTITY + SYS_Random(SYS_GetSeed(),
+ 1.0, 65535.0));
+
+ Log3(PCSC_LOG_DEBUG, "Establishing Context: %d [0x%08X]", *phContext, *phContext);
+
+ return SCARD_S_SUCCESS;
+}
+
+LONG SCardReleaseContext(SCARDCONTEXT hContext)
+{
+ /*
+ * Nothing to do here RPC layer will handle this
+ */
+
+ Log2(PCSC_LOG_DEBUG, "Releasing Context: %d", hContext);
+
+ return SCARD_S_SUCCESS;
+}
+
+LONG SCardSetTimeout(SCARDCONTEXT hContext, DWORD dwTimeout)
+{
+ /*
+ * This is only used at the client side of an RPC call but just in
+ * case someone calls it here
+ */
+
+ return SCARD_E_UNSUPPORTED_FEATURE;
+}
+
+LONG SCardConnect(SCARDCONTEXT hContext, LPCSTR szReader,
+ DWORD dwShareMode, DWORD dwPreferredProtocols, LPSCARDHANDLE phCard,
+ LPDWORD pdwActiveProtocol)
+{
+ LONG rv;
+ PREADER_CONTEXT rContext = NULL;
+ DWORD dwStatus;
+
+ /*
+ * Check for NULL parameters
+ */
+ if (szReader == NULL || phCard == NULL || pdwActiveProtocol == NULL)
+ return SCARD_E_INVALID_PARAMETER;
+ else
+ *phCard = 0;
+
+ if (!(dwPreferredProtocols & SCARD_PROTOCOL_T0) &&
+ !(dwPreferredProtocols & SCARD_PROTOCOL_T1) &&
+ !(dwPreferredProtocols & SCARD_PROTOCOL_RAW) &&
+ !(dwPreferredProtocols & SCARD_PROTOCOL_ANY_OLD))
+ return SCARD_E_PROTO_MISMATCH;
+
+ if (dwShareMode != SCARD_SHARE_EXCLUSIVE &&
+ dwShareMode != SCARD_SHARE_SHARED &&
+ dwShareMode != SCARD_SHARE_DIRECT)
+ return SCARD_E_INVALID_VALUE;
+
+ Log3(PCSC_LOG_DEBUG, "Attempting Connect to %s using protocol: %d",
+ szReader, dwPreferredProtocols);
+
+ rv = RFReaderInfo((LPSTR) szReader, &rContext);
+
+ if (rv != SCARD_S_SUCCESS)
+ {
+ Log2(PCSC_LOG_ERROR, "Reader %s Not Found", szReader);
+ return rv;
+ }
+
+ /*
+ * Make sure the reader is working properly
+ */
+ rv = RFCheckReaderStatus(rContext);
+ if (rv != SCARD_S_SUCCESS)
+ return rv;
+
+ /*******************************************
+ *
+ * This section checks for simple errors
+ *
+ *******************************************/
+
+ /*
+ * Connect if not exclusive mode
+ */
+ if (rContext->dwContexts == SCARD_EXCLUSIVE_CONTEXT)
+ {
+ Log1(PCSC_LOG_ERROR, "Error Reader Exclusive");
+ return SCARD_E_SHARING_VIOLATION;
+ }
+
+ /*
+ * wait until a possible transaction is finished
+ */
+ if (rContext->dwLockId != 0)
+ {
+ Log1(PCSC_LOG_INFO, "Waiting for release of lock");
+ while (rContext->dwLockId != 0)
+ SYS_USleep(PCSCLITE_LOCK_POLL_RATE);
+ Log1(PCSC_LOG_INFO, "Lock released");
+
+ /* Allow the status thread to convey information */
+ SYS_USleep(PCSCLITE_STATUS_POLL_RATE + 10);
+ }
+
+ /*******************************************
+ *
+ * This section tries to determine the
+ * presence of a card or not
+ *
+ *******************************************/
+ dwStatus = SharedReaderState_State(rContext->readerState);
+
+ if (dwShareMode != SCARD_SHARE_DIRECT)
+ {
+ if (!(dwStatus & SCARD_PRESENT))
+ {
+ Log1(PCSC_LOG_ERROR, "Card Not Inserted");
+ return SCARD_E_NO_SMARTCARD;
+ }
+
+ if (dwStatus & SCARD_SWALLOWED)
+ {
+ Log1(PCSC_LOG_ERROR, "Card Not Powered");
+ return SCARD_W_UNPOWERED_CARD;
+ }
+ }
+
+
+ /*******************************************
+ *
+ * This section tries to decode the ATR
+ * and set up which protocol to use
+ *
+ *******************************************/
+ if (dwPreferredProtocols & SCARD_PROTOCOL_RAW)
+ SharedReaderState_SetProtocol(rContext->readerState, SCARD_PROTOCOL_RAW);
+ else
+ {
+ if (dwShareMode != SCARD_SHARE_DIRECT)
+ {
+ /* lock here instead in IFDSetPTS() to lock up to
+ * setting rContext->readerState->cardProtocol */
+ SYS_MutexLock(rContext->mMutex);
+
+ /* the protocol is not yet set (no PPS yet) */
+ if (SCARD_PROTOCOL_UNSET == SharedReaderState_Protocol(rContext->readerState))
+ {
+ UCHAR ucAvailable, ucDefault;
+ int ret;
+
+ ucDefault = PHGetDefaultProtocol(SharedReaderState_CardAtr(rContext->readerState),
+ SharedReaderState_CardAtrLength(rContext->readerState));
+ ucAvailable =
+ PHGetAvailableProtocols(SharedReaderState_CardAtr(rContext->readerState),
+ SharedReaderState_CardAtrLength(rContext->readerState));
+
+ /*
+ * If it is set to ANY let it do any of the protocols
+ */
+ if (dwPreferredProtocols & SCARD_PROTOCOL_ANY_OLD)
+ dwPreferredProtocols = SCARD_PROTOCOL_T0 | SCARD_PROTOCOL_T1;
+
+ ret = PHSetProtocol(rContext, dwPreferredProtocols,
+ ucAvailable, ucDefault);
+
+ /* keep cardProtocol = SCARD_PROTOCOL_UNSET in case of error */
+ if (SET_PROTOCOL_PPS_FAILED == ret)
+ {
+ SYS_MutexUnLock(rContext->mMutex);
+ return SCARD_W_UNRESPONSIVE_CARD;
+ }
+
+ if (SET_PROTOCOL_WRONG_ARGUMENT == ret)
+ {
+ SYS_MutexUnLock(rContext->mMutex);
+ return SCARD_E_PROTO_MISMATCH;
+ }
+
+ /* use negotiated protocol */
+ SharedReaderState_SetProtocol(rContext->readerState, ret);
+
+ SYS_MutexUnLock(rContext->mMutex);
+ }
+ else
+ {
+ SYS_MutexUnLock(rContext->mMutex);
+
+ if (! (dwPreferredProtocols & SharedReaderState_Protocol(rContext->readerState)))
+ return SCARD_E_PROTO_MISMATCH;
+ }
+ }
+ }
+
+ *pdwActiveProtocol = SharedReaderState_Protocol(rContext->readerState);
+
+ if (dwShareMode != SCARD_SHARE_DIRECT)
+ {
+ if ((*pdwActiveProtocol != SCARD_PROTOCOL_T0)
+ && (*pdwActiveProtocol != SCARD_PROTOCOL_T1))
+ Log2(PCSC_LOG_ERROR, "Active Protocol: unknown %d",
+ *pdwActiveProtocol);
+ else
+ Log2(PCSC_LOG_DEBUG, "Active Protocol: T=%d",
+ (*pdwActiveProtocol == SCARD_PROTOCOL_T0) ? 0 : 1);
+ }
+ else
+ Log1(PCSC_LOG_DEBUG, "Direct access: no protocol selected");
+
+ /*
+ * Prepare the SCARDHANDLE identity
+ */
+ *phCard = RFCreateReaderHandle(rContext);
+
+ Log2(PCSC_LOG_DEBUG, "hCard Identity: %x", *phCard);
+
+ /*******************************************
+ *
+ * This section tries to set up the
+ * exclusivity modes. -1 is exclusive
+ *
+ *******************************************/
+
+ if (dwShareMode == SCARD_SHARE_EXCLUSIVE)
+ {
+ if (rContext->dwContexts == SCARD_NO_CONTEXT)
+ {
+ rContext->dwContexts = SCARD_EXCLUSIVE_CONTEXT;
+ RFLockSharing(*phCard);
+ }
+ else
+ {
+ RFDestroyReaderHandle(*phCard);
+ *phCard = 0;
+ Log1(PCSC_LOG_ERROR, "SCardConnect: share mode is exclusive, but already in use");
+ return SCARD_E_SHARING_VIOLATION;
+ }
+ }
+ else
+ {
+ /*
+ * Add a connection to the context stack
+ */
+ rContext->dwContexts += 1;
+ }
+
+ /*
+ * Add this handle to the handle list
+ */
+ rv = RFAddReaderHandle(rContext, *phCard);
+
+ if (rv != SCARD_S_SUCCESS)
+ {
+ /*
+ * Clean up - there is no more room
+ */
+ RFDestroyReaderHandle(*phCard);
+ if (rContext->dwContexts == SCARD_EXCLUSIVE_CONTEXT)
+ rContext->dwContexts = SCARD_NO_CONTEXT;
+ else
+ if (rContext->dwContexts > SCARD_NO_CONTEXT)
+ rContext->dwContexts -= 1;
+
+ *phCard = 0;
+ return SCARD_F_INTERNAL_ERROR;
+ }
+
+ /*
+ * Allow the status thread to convey information
+ */
+ SYS_USleep(PCSCLITE_STATUS_POLL_RATE + 10);
+
+ return SCARD_S_SUCCESS;
+}
+
+LONG SCardReconnect(SCARDHANDLE hCard, DWORD dwShareMode,
+ DWORD dwPreferredProtocols, DWORD dwInitialization,
+ LPDWORD pdwActiveProtocol)
+{
+ LONG rv;
+ PREADER_CONTEXT rContext = NULL;
+ int do_sleep = 1;
+
+ Log1(PCSC_LOG_DEBUG, "Attempting reconnect to token.");
+
+ if (hCard == 0)
+ return SCARD_E_INVALID_HANDLE;
+
+ /*
+ * Handle the dwInitialization
+ */
+ if (dwInitialization != SCARD_LEAVE_CARD &&
+ dwInitialization != SCARD_RESET_CARD &&
+ dwInitialization != SCARD_UNPOWER_CARD)
+ return SCARD_E_INVALID_VALUE;
+
+ if (dwShareMode != SCARD_SHARE_SHARED &&
+ dwShareMode != SCARD_SHARE_EXCLUSIVE &&
+ dwShareMode != SCARD_SHARE_DIRECT)
+ return SCARD_E_INVALID_VALUE;
+
+ if (!(dwPreferredProtocols & SCARD_PROTOCOL_T0) &&
+ !(dwPreferredProtocols & SCARD_PROTOCOL_T1) &&
+ !(dwPreferredProtocols & SCARD_PROTOCOL_RAW) &&
+ !(dwPreferredProtocols & SCARD_PROTOCOL_ANY_OLD))
+ return SCARD_E_PROTO_MISMATCH;
+
+ if (pdwActiveProtocol == NULL)
+ return SCARD_E_INVALID_PARAMETER;
+
+ rv = RFReaderInfoById(hCard, &rContext);
+ if (rv != SCARD_S_SUCCESS)
+ return rv;
+
+ /*
+ * Make sure the reader is working properly
+ */
+ rv = RFCheckReaderStatus(rContext);
+ if (rv != SCARD_S_SUCCESS)
+ return rv;
+
+ rv = RFFindReaderHandle(hCard);
+ if (rv != SCARD_S_SUCCESS)
+ return rv;
+
+ /*
+ * Make sure no one has a lock on this reader
+ */
+ rv = RFCheckSharing(hCard);
+ if (rv != SCARD_S_SUCCESS)
+ return rv;
+
+ /*
+ * RFUnblockReader( rContext ); FIX - this doesn't work
+ */
+
+ if (dwInitialization == SCARD_RESET_CARD ||
+ dwInitialization == SCARD_UNPOWER_CARD)
+ {
+ LONG ret = NotifyOfCardReset(dwInitialization, rContext, hCard);
+ if (ret != SCARD_S_SUCCESS)
+ return ret;
+
+ do_sleep = 1;
+ }
+ else if (dwInitialization == SCARD_LEAVE_CARD)
+ {
+ /*
+ * Do nothing
+ */
+ do_sleep = 0;
+ }
+
+ /*******************************************
+ *
+ * This section tries to decode the ATR
+ * and set up which protocol to use
+ *
+ *******************************************/
+
+
+ if (dwPreferredProtocols & SCARD_PROTOCOL_RAW)
+ SharedReaderState_SetProtocol(rContext->readerState, SCARD_PROTOCOL_RAW);
+ else
+ {
+ if (dwShareMode != SCARD_SHARE_DIRECT)
+ {
+ /* lock here instead in IFDSetPTS() to lock up to
+ * setting rContext->readerState->cardProtocol */
+ SYS_MutexLock(rContext->mMutex);
+
+ /* the protocol is not yet set (no PPS yet) */
+ if (SCARD_PROTOCOL_UNSET == SharedReaderState_Protocol(rContext->readerState))
+ {
+ UCHAR ucAvailable, ucDefault;
+ int ret;
+
+ ucDefault = PHGetDefaultProtocol(SharedReaderState_CardAtr(rContext->readerState),
+ SharedReaderState_CardAtrLength(rContext->readerState));
+ ucAvailable =
+ PHGetAvailableProtocols(SharedReaderState_CardAtr(rContext->readerState),
+ SharedReaderState_CardAtrLength(rContext->readerState));
+
+ /* If it is set to ANY let it do any of the protocols */
+ if (dwPreferredProtocols & SCARD_PROTOCOL_ANY_OLD)
+ dwPreferredProtocols = SCARD_PROTOCOL_T0 | SCARD_PROTOCOL_T1;
+
+ ret = PHSetProtocol(rContext, dwPreferredProtocols,
+ ucAvailable, ucDefault);
+
+ /* keep cardProtocol = SCARD_PROTOCOL_UNSET in case of error */
+ if (SET_PROTOCOL_PPS_FAILED == ret)
+ {
+ SYS_MutexUnLock(rContext->mMutex);
+ return SCARD_W_UNRESPONSIVE_CARD;
+ }
+
+ if (SET_PROTOCOL_WRONG_ARGUMENT == ret)
+ {
+ SYS_MutexUnLock(rContext->mMutex);
+ return SCARD_E_PROTO_MISMATCH;
+ }
+
+ /* use negotiated protocol */
+ SharedReaderState_SetProtocol(rContext->readerState, ret);
+
+ SYS_MutexUnLock(rContext->mMutex);
+ }
+ else
+ {
+ SYS_MutexUnLock(rContext->mMutex);
+
+ if (! (dwPreferredProtocols & SharedReaderState_Protocol(rContext->readerState)))
+ return SCARD_E_PROTO_MISMATCH;
+ }
+ }
+ }
+
+ *pdwActiveProtocol = SharedReaderState_Protocol(rContext->readerState);
+
+ if (dwShareMode == SCARD_SHARE_EXCLUSIVE)
+ {
+ if (rContext->dwContexts == SCARD_EXCLUSIVE_CONTEXT)
+ {
+ /*
+ * Do nothing - we are already exclusive
+ */
+ } else
+ {
+ if (rContext->dwContexts == SCARD_LAST_CONTEXT)
+ {
+ rContext->dwContexts = SCARD_EXCLUSIVE_CONTEXT;
+ RFLockSharing(hCard);
+ } else
+ {
+ Log1(PCSC_LOG_ERROR, "SCardReConnect: share mode is exclusive, but already in use");
+ return SCARD_E_SHARING_VIOLATION;
+ }
+ }
+ } else if (dwShareMode == SCARD_SHARE_SHARED)
+ {
+ if (rContext->dwContexts != SCARD_EXCLUSIVE_CONTEXT)
+ {
+ /*
+ * Do nothing - in sharing mode already
+ */
+ } else
+ {
+ /*
+ * We are in exclusive mode but want to share now
+ */
+ RFUnlockSharing(hCard);
+ rContext->dwContexts = SCARD_LAST_CONTEXT;
+ }
+ } else if (dwShareMode == SCARD_SHARE_DIRECT)
+ {
+ if (rContext->dwContexts != SCARD_EXCLUSIVE_CONTEXT)
+ {
+ /*
+ * Do nothing - in sharing mode already
+ */
+ } else
+ {
+ /*
+ * We are in exclusive mode but want to share now
+ */
+ RFUnlockSharing(hCard);
+ rContext->dwContexts = SCARD_LAST_CONTEXT;
+ }
+ } else
+ return SCARD_E_INVALID_VALUE;
+
+ /*
+ * Clear a previous event to the application
+ */
+ RFClearReaderEventState(rContext, hCard);
+
+ /*
+ * Allow the status thread to convey information
+ */
+ if (do_sleep)
+ SYS_USleep(PCSCLITE_STATUS_POLL_RATE + 10);
+
+ return SCARD_S_SUCCESS;
+}
+
+LONG SCardDisconnect(SCARDHANDLE hCard, DWORD dwDisposition)
+{
+ LONG rv;
+ PREADER_CONTEXT rContext = NULL;
+
+ if (hCard == 0)
+ return SCARD_E_INVALID_HANDLE;
+
+ rv = RFReaderInfoById(hCard, &rContext);
+ if (rv != SCARD_S_SUCCESS)
+ return rv;
+
+ rv = RFFindReaderHandle(hCard);
+ if (rv != SCARD_S_SUCCESS)
+ return rv;
+
+ if ((dwDisposition != SCARD_LEAVE_CARD)
+ && (dwDisposition != SCARD_UNPOWER_CARD)
+ && (dwDisposition != SCARD_RESET_CARD)
+ && (dwDisposition != SCARD_EJECT_CARD))
+ return SCARD_E_INVALID_VALUE;
+
+ /*
+ * wait until a possible transaction is finished
+ */
+ if ((rContext->dwLockId != 0) && (rContext->dwLockId != (uint32_t)hCard))
+ {
+ Log1(PCSC_LOG_INFO, "Waiting for release of lock");
+ while (rContext->dwLockId != 0)
+ SYS_USleep(PCSCLITE_LOCK_POLL_RATE);
+ Log1(PCSC_LOG_INFO, "Lock released");
+ }
+
+ /*
+ * Unlock any blocks on this context
+ */
+ rv = RFUnlockSharing(hCard);
+ if (rv != SCARD_S_SUCCESS)
+ return rv;
+
+ Log2(PCSC_LOG_DEBUG, "Active Contexts: %d", rContext->dwContexts);
+
+ if (dwDisposition == SCARD_RESET_CARD ||
+ dwDisposition == SCARD_UNPOWER_CARD)
+ {
+ /* LONG ret = */ NotifyOfCardReset(dwDisposition, rContext, hCard);
+ /* we ignore the return values in this case */
+
+ /*
+ * Allow the status thread to convey information
+ */
+ SYS_USleep(PCSCLITE_STATUS_POLL_RATE + 10);
+
+ }
+ else
+ if (dwDisposition == SCARD_EJECT_CARD)
+ EjectCard(rContext);
+ else if (dwDisposition == SCARD_LEAVE_CARD)
+ {
+ /*
+ * Do nothing
+ */
+ }
+
+ /*
+ * Remove and destroy this handle
+ */
+ RFRemoveReaderHandle(rContext, hCard);
+ RFDestroyReaderHandle(hCard);
+
+ /*
+ * For exclusive connection reset it to no connections
+ */
+ if (rContext->dwContexts == SCARD_EXCLUSIVE_CONTEXT)
+ {
+ rContext->dwContexts = SCARD_NO_CONTEXT;
+ return SCARD_S_SUCCESS;
+ }
+
+ /*
+ * Remove a connection from the context stack
+ */
+ rContext->dwContexts -= 1;
+
+ if (rContext->dwContexts < 0)
+ rContext->dwContexts = 0;
+
+ return SCARD_S_SUCCESS;
+}
+
+LONG SCardBeginTransaction(SCARDHANDLE hCard)
+{
+ LONG rv;
+ PREADER_CONTEXT rContext;
+
+ if (hCard == 0)
+ return SCARD_E_INVALID_HANDLE;
+
+ rv = RFReaderInfoById(hCard, &rContext);
+
+ /*
+ * Cannot find the hCard in this context
+ */
+ if (rv != SCARD_S_SUCCESS)
+ {
+ Log3(PCSC_LOG_DEBUG, "SCardBeginTransaction: cannot find hCard: 0x%08X [0x%08X]", hCard, rv);
+ return rv;
+ }
+
+ /*
+ * Make sure the reader is working properly
+ */
+ rv = RFCheckReaderStatus(rContext);
+ if (rv != SCARD_S_SUCCESS)
+ {
+ Log3(PCSC_LOG_DEBUG, "SCardBeginTransaction: reader status fail: 0x%08X [0x%08X]", hCard, rv);
+ return rv;
+ }
+
+ rv = RFFindReaderHandle(hCard);
+ if (rv != SCARD_S_SUCCESS)
+ {
+ Log3(PCSC_LOG_DEBUG, "SCardBeginTransaction: reader handle fail: 0x%08X [0x%08X]", hCard, rv);
+ return rv;
+ }
+
+ /*
+ * Make sure some event has not occurred
+ */
+ if ((rv = RFCheckReaderEventState(rContext, hCard)) != SCARD_S_SUCCESS)
+ {
+ Log3(PCSC_LOG_DEBUG, "SCardBeginTransaction: reader event fail: 0x%08X [0x%08X]", hCard, rv);
+ return rv;
+ }
+
+ rv = RFLockSharing(hCard);
+
+ /* if the transaction is not yet ready we sleep a bit so the client
+ * do not retry immediately */
+ if (SCARD_E_SHARING_VIOLATION == (uint32_t)rv)
+ SYS_USleep(PCSCLITE_LOCK_POLL_RATE);
+
+ Log2(PCSC_LOG_DEBUG, "SCardBeginTransaction ending status: 0x%08X", rv);
+
+ return rv;
+}
+
+LONG SCardEndTransaction(SCARDHANDLE hCard, DWORD dwDisposition)
+{
+ LONG rv;
+ PREADER_CONTEXT rContext = NULL;
+
+ /*
+ * Ignoring dwDisposition for now
+ */
+ if (hCard == 0)
+ return SCARD_E_INVALID_HANDLE;
+
+ if ((dwDisposition != SCARD_LEAVE_CARD)
+ && (dwDisposition != SCARD_UNPOWER_CARD)
+ && (dwDisposition != SCARD_RESET_CARD)
+ && (dwDisposition != SCARD_EJECT_CARD))
+ return SCARD_E_INVALID_VALUE;
+
+ rv = RFReaderInfoById(hCard, &rContext);
+
+ /*
+ * Cannot find the hCard in this context
+ */
+ if (rv != SCARD_S_SUCCESS)
+ return rv;
+
+ rv = RFFindReaderHandle(hCard);
+ if (rv != SCARD_S_SUCCESS)
+ return rv;
+
+ /*
+ * Make sure some event has not occurred
+ */
+ if ((rv = RFCheckReaderEventState(rContext, hCard)) != SCARD_S_SUCCESS)
+ return rv;
+
+ if (dwDisposition == SCARD_RESET_CARD ||
+ dwDisposition == SCARD_UNPOWER_CARD)
+ {
+ /* LONG ret = */ NotifyOfCardReset(dwDisposition, rContext, hCard);
+ }
+ else if (dwDisposition == SCARD_EJECT_CARD)
+ EjectCard(rContext);
+ else if (dwDisposition == SCARD_LEAVE_CARD)
+ {
+ /*
+ * Do nothing
+ */
+ }
+
+ /*
+ * Unlock any blocks on this context
+ */
+ RFUnlockSharing(hCard);
+
+ Log2(PCSC_LOG_DEBUG, "Status: 0x%08X", rv);
+
+ return rv;
+}
+
+LONG SCardCancelTransaction(SCARDHANDLE hCard)
+{
+ LONG rv;
+ PREADER_CONTEXT rContext = NULL;
+
+ /*
+ * Ignoring dwDisposition for now
+ */
+ if (hCard == 0)
+ return SCARD_E_INVALID_HANDLE;
+
+ rv = RFReaderInfoById(hCard, &rContext);
+
+ /*
+ * Cannot find the hCard in this context
+ */
+ if (rv != SCARD_S_SUCCESS)
+ return rv;
+
+ rv = RFFindReaderHandle(hCard);
+ if (rv != SCARD_S_SUCCESS)
+ return rv;
+
+ /*
+ * Make sure some event has not occurred
+ */
+ if ((rv = RFCheckReaderEventState(rContext, hCard)) != SCARD_S_SUCCESS)
+ return rv;
+
+ rv = RFUnlockSharing(hCard);
+
+ Log2(PCSC_LOG_DEBUG, "Status: 0x%08X", rv);
+
+ return rv;
+}
+
+LONG SCardStatus(SCARDHANDLE hCard, LPSTR mszReaderNames,
+ LPDWORD pcchReaderLen, LPDWORD pdwState,
+ LPDWORD pdwProtocol, LPBYTE pbAtr, LPDWORD pcbAtrLen)
+{
+ LONG rv;
+ PREADER_CONTEXT rContext = NULL;
+
+ rv = RFReaderInfoById(hCard, &rContext);
+
+ /*
+ * Cannot find the hCard in this context
+ */
+ if (rv != SCARD_S_SUCCESS)
+ return rv;
+
+ if (strlen(rContext->lpcReader) > MAX_BUFFER_SIZE
+ || SharedReaderState_CardAtrLength(rContext->readerState) > MAX_ATR_SIZE)
+ return SCARD_F_INTERNAL_ERROR;
+
+ /*
+ * This is a client side function however the server maintains the
+ * list of events between applications so it must be passed through to
+ * obtain this event if it has occurred
+ */
+
+ /*
+ * Make sure some event has not occurred
+ */
+ if ((rv = RFCheckReaderEventState(rContext, hCard)) != SCARD_S_SUCCESS)
+ return rv;
+
+ /*
+ * Make sure the reader is working properly
+ */
+ rv = RFCheckReaderStatus(rContext);
+ if (rv != SCARD_S_SUCCESS)
+ return rv;
+
+ if (mszReaderNames) /* want reader name */
+ {
+ int cchReaderLen;
+ if (!pcchReaderLen) /* present buf & no buflen */
+ return SCARD_E_INVALID_PARAMETER;
+
+ cchReaderLen = strlen(rContext->lpcReader);
+ if(*pcchReaderLen < cchReaderLen)
+ rv = SCARD_E_INSUFFICIENT_BUFFER;
+ else /* There's enough room in the buffer */
+ strncpy(mszReaderNames, rContext->lpcReader, cchReaderLen);
+ *pcchReaderLen = cchReaderLen;
+ }
+ else if (pcchReaderLen) /* want the reader length but not the name */
+ *pcchReaderLen = strlen(rContext->lpcReader);
+
+ if (pdwState)
+ *pdwState = SharedReaderState_State(rContext->readerState);
+
+ if (pdwProtocol)
+ *pdwProtocol = SharedReaderState_Protocol(rContext->readerState);
+
+ if (pbAtr) /* want ATR */
+ {
+ int cbAtrLen;
+ if (!pcbAtrLen)
+ return SCARD_E_INVALID_PARAMETER;
+ cbAtrLen = SharedReaderState_CardAtrLength(rContext->readerState);
+
+ if(cbAtrLen >= *pcbAtrLen)
+ rv = SCARD_E_INSUFFICIENT_BUFFER;
+ else
+ {
+ *pcbAtrLen = cbAtrLen;
+ memcpy(pbAtr, SharedReaderState_CardAtr(rContext->readerState), cbAtrLen);
+ }
+ }
+ else if (pcbAtrLen)
+ *pcbAtrLen = SharedReaderState_CardAtrLength(rContext->readerState);
+
+ return rv;
+}
+
+LONG SCardGetStatusChange(SCARDCONTEXT hContext, DWORD dwTimeout,
+ LPSCARD_READERSTATE_A rgReaderStates, DWORD cReaders)
+{
+ /*
+ * Client side function
+ */
+ return SCARD_S_SUCCESS;
+}
+
+#undef SCardControl
+
+LONG SCardControl(SCARDHANDLE hCard, const void *pbSendBuffer,
+ DWORD cbSendLength, void *pbRecvBuffer, LPDWORD pcbRecvLength)
+{
+ // Pre pcsclite 1.3.2 version
+
+ uint32_t dwControlCode = 0;
+
+ uint32_t cbRecvLength = *pcbRecvLength;
+ uint32_t bytesReturned = 0;
+ int32_t rv = SCardControl132(hCard, dwControlCode, pbSendBuffer, cbSendLength,
+ pbRecvBuffer, cbRecvLength, &bytesReturned);
+ *pcbRecvLength = bytesReturned;
+ return rv;
+}
+
+int32_t SCardControl132(SCARDHANDLE hCard, uint32_t dwControlCode,
+ const void *pbSendBuffer, uint32_t cbSendLength,
+ void *pbRecvBuffer, uint32_t cbRecvLength, uint32_t *lpBytesReturned)
+{
+ LONG rv;
+ PREADER_CONTEXT rContext = NULL;
+
+ /* 0 bytes returned by default */
+ *lpBytesReturned = 0;
+
+ if (0 == hCard)
+ return SCARD_E_INVALID_HANDLE;
+
+ /*
+ * Make sure no one has a lock on this reader
+ */
+ if ((rv = RFCheckSharing(hCard)) != SCARD_S_SUCCESS)
+ return rv;
+
+ rv = RFReaderInfoById(hCard, &rContext);
+ if (rv != SCARD_S_SUCCESS)
+ return rv;
+
+ if (IFD_HVERSION_2_0 == rContext->dwVersion)
+ if (NULL == pbSendBuffer || 0 == cbSendLength)
+ return SCARD_E_INVALID_PARAMETER;
+
+ /*
+ * Make sure the reader is working properly
+ */
+ rv = RFCheckReaderStatus(rContext);
+ if (rv != SCARD_S_SUCCESS)
+ return rv;
+
+ rv = RFFindReaderHandle(hCard);
+ if (rv != SCARD_S_SUCCESS)
+ return rv;
+
+ /*
+ * Make sure some event has not occurred
+ */
+ if ((rv = RFCheckReaderEventState(rContext, hCard)) != SCARD_S_SUCCESS)
+ return rv;
+
+ if (IFD_HVERSION_2_0 == rContext->dwVersion)
+ {
+ /* we must wrap a API 3.0 client in an API 2.0 driver */
+ *lpBytesReturned = cbRecvLength;
+ return IFDControl_v2(rContext, (PUCHAR)pbSendBuffer,
+ cbSendLength, (uint8_t *)pbRecvBuffer, lpBytesReturned);
+ }
+ else
+ if (IFD_HVERSION_3_0 == rContext->dwVersion)
+ return IFDControl(rContext, dwControlCode, pbSendBuffer,
+ cbSendLength, pbRecvBuffer, cbRecvLength, lpBytesReturned);
+ else
+ return SCARD_E_UNSUPPORTED_FEATURE;
+}
+
+LONG SCardGetAttrib(SCARDHANDLE hCard, DWORD dwAttrId,
+ LPBYTE pbAttr, LPDWORD pcbAttrLen)
+{
+ LONG rv;
+ PREADER_CONTEXT rContext = NULL;
+
+ if (0 == hCard)
+ return SCARD_E_INVALID_HANDLE;
+
+ /*
+ * Make sure no one has a lock on this reader
+ */
+ if ((rv = RFCheckSharing(hCard)) != SCARD_S_SUCCESS)
+ return rv;
+
+ rv = RFReaderInfoById(hCard, &rContext);
+ if (rv != SCARD_S_SUCCESS)
+ return rv;
+
+ /*
+ * Make sure the reader is working properly
+ */
+ rv = RFCheckReaderStatus(rContext);
+ if (rv != SCARD_S_SUCCESS)
+ return rv;
+
+ rv = RFFindReaderHandle(hCard);
+ if (rv != SCARD_S_SUCCESS)
+ return rv;
+
+ /*
+ * Make sure some event has not occurred
+ */
+ if ((rv = RFCheckReaderEventState(rContext, hCard)) != SCARD_S_SUCCESS)
+ return rv;
+
+ rv = IFDGetCapabilities(rContext, dwAttrId, pcbAttrLen, pbAttr);
+ if (rv == IFD_SUCCESS)
+ return SCARD_S_SUCCESS;
+ else
+ if (rv == IFD_ERROR_TAG)
+ return SCARD_E_UNSUPPORTED_FEATURE;
+ else
+ return SCARD_E_NOT_TRANSACTED;
+}
+
+LONG SCardSetAttrib(SCARDHANDLE hCard, DWORD dwAttrId,
+ LPCBYTE pbAttr, DWORD cbAttrLen)
+{
+ LONG rv;
+ PREADER_CONTEXT rContext = NULL;
+
+ if (0 == hCard)
+ return SCARD_E_INVALID_HANDLE;
+
+ /*
+ * Make sure no one has a lock on this reader
+ */
+ if ((rv = RFCheckSharing(hCard)) != SCARD_S_SUCCESS)
+ return rv;
+
+ rv = RFReaderInfoById(hCard, &rContext);
+ if (rv != SCARD_S_SUCCESS)
+ return rv;
+
+ /*
+ * Make sure the reader is working properly
+ */
+ rv = RFCheckReaderStatus(rContext);
+ if (rv != SCARD_S_SUCCESS)
+ return rv;
+
+ rv = RFFindReaderHandle(hCard);
+ if (rv != SCARD_S_SUCCESS)
+ return rv;
+
+ /*
+ * Make sure some event has not occurred
+ */
+ if ((rv = RFCheckReaderEventState(rContext, hCard)) != SCARD_S_SUCCESS)
+ return rv;
+
+ rv = IFDSetCapabilities(rContext, dwAttrId, cbAttrLen, (PUCHAR)pbAttr);
+ if (rv == IFD_SUCCESS)
+ return SCARD_S_SUCCESS;
+ else
+ if (rv == IFD_ERROR_TAG)
+ return SCARD_E_UNSUPPORTED_FEATURE;
+ else
+ return SCARD_E_NOT_TRANSACTED;
+}
+
+#define kSCARD_LE_IN_SW2 0x6C
+#define kReadBinaryAPDU 0xB0
+#define kReadBinaryLe 4
+
+LONG SCardTransmit(SCARDHANDLE hCard, LPCSCARD_IO_REQUEST pioSendPci,
+ LPCBYTE pbSendBuffer, DWORD cbSendLength,
+ LPSCARD_IO_REQUEST pioRecvPci, LPBYTE pbRecvBuffer,
+ LPDWORD pcbRecvLength)
+{
+ /*
+ See for example:
+ NIST IR 6887 "Government Smart Card Interoperability Specification (GSC-IS), v2.1",
+ July 2003
+ http://csrc.nist.gov/publications/nistir/nistir-6887.pdf
+ for info on error conditions. One define is SCARD_LE_IN_SW2
+ */
+ LONG rv;
+ PREADER_CONTEXT rContext = NULL;
+ SCARD_IO_HEADER sSendPci, sRecvPci;
+ DWORD dwRxLength, tempRxLength;
+
+ if (pcbRecvLength == 0)
+ return SCARD_E_INVALID_PARAMETER;
+
+ dwRxLength = *pcbRecvLength;
+ *pcbRecvLength = 0;
+
+ if (hCard == 0)
+ return SCARD_E_INVALID_HANDLE;
+
+ if (pbSendBuffer == NULL || pbRecvBuffer == NULL || pioSendPci == NULL)
+ return SCARD_E_INVALID_PARAMETER;
+
+ /*
+ * Must at least send a 4 bytes APDU
+ */
+ if (cbSendLength < 4)
+ return SCARD_E_INVALID_PARAMETER;
+
+ /*
+ * Must at least have 2 status words even for SCardControl
+ */
+ if (dwRxLength < 2)
+ return SCARD_E_INSUFFICIENT_BUFFER;
+
+ /*
+ * Make sure no one has a lock on this reader
+ */
+ if ((rv = RFCheckSharing(hCard)) != SCARD_S_SUCCESS)
+ return rv;
+
+ rv = RFReaderInfoById(hCard, &rContext);
+ if (rv != SCARD_S_SUCCESS)
+ return rv;
+
+ /*
+ * Make sure the reader is working properly
+ */
+ rv = RFCheckReaderStatus(rContext);
+ if (rv != SCARD_S_SUCCESS)
+ return rv;
+
+ rv = RFFindReaderHandle(hCard);
+ if (rv != SCARD_S_SUCCESS)
+ return rv;
+
+ /*
+ * Make sure some event has not occurred
+ */
+ if ((rv = RFCheckReaderEventState(rContext, hCard)) != SCARD_S_SUCCESS)
+ return rv;
+
+ /*
+ * Check for some common errors
+ */
+ if (pioSendPci->dwProtocol != SCARD_PROTOCOL_RAW)
+ {
+ if (SharedReaderState_State(rContext->readerState) & SCARD_ABSENT)
+ {
+ return SCARD_E_NO_SMARTCARD;
+ }
+ }
+
+ if (pioSendPci->dwProtocol != SCARD_PROTOCOL_RAW)
+ {
+ if (pioSendPci->dwProtocol != SCARD_PROTOCOL_ANY_OLD)
+ {
+ if (pioSendPci->dwProtocol != SharedReaderState_Protocol(rContext->readerState))
+ {
+ return SCARD_E_PROTO_MISMATCH;
+ }
+ }
+ }
+
+ /*
+ * Quick fix: PC/SC starts at 1 for bit masking but the IFD_Handler
+ * just wants 0 or 1
+ */
+
+ sSendPci.Protocol = 0; /* protocol T=0 by default */
+
+ if (pioSendPci->dwProtocol == SCARD_PROTOCOL_T1)
+ {
+ sSendPci.Protocol = 1;
+ } else if (pioSendPci->dwProtocol == SCARD_PROTOCOL_RAW)
+ {
+ /*
+ * This is temporary ......
+ */
+ sSendPci.Protocol = SCARD_PROTOCOL_RAW;
+ } else if (pioSendPci->dwProtocol == SCARD_PROTOCOL_ANY_OLD)
+ {
+ /* Fix by Amira (Athena) */
+ unsigned long i;
+ unsigned long prot = SharedReaderState_Protocol(rContext->readerState);
+
+ for (i = 0 ; prot != 1 ; i++)
+ prot >>= 1;
+
+ sSendPci.Protocol = i;
+ }
+
+ sSendPci.Length = pioSendPci->cbPciLength;
+
+ /* the protocol number is decoded a few lines above */
+ Log2(PCSC_LOG_DEBUG, "Send Protocol: T=%d", sSendPci.Protocol);
+
+ tempRxLength = dwRxLength;
+
+ if (pioSendPci->dwProtocol == SCARD_PROTOCOL_RAW)
+ {
+ rv = IFDControl_v2(rContext, (PUCHAR)pbSendBuffer , cbSendLength,
+ pbRecvBuffer, &dwRxLength);
+ } else
+ {
+ rv = IFDTransmit(rContext, sSendPci, (PUCHAR)pbSendBuffer,
+ cbSendLength, pbRecvBuffer, &dwRxLength, &sRecvPci);
+ }
+
+ if (pioRecvPci)
+ {
+ pioRecvPci->dwProtocol = sRecvPci.Protocol;
+ pioRecvPci->cbPciLength = sRecvPci.Length;
+ }
+
+ Log3(PCSC_LOG_DEBUG, "IFDControl_v2/IFDTransmit result: 0x%08X, received: %d", rv, dwRxLength);
+ Log3(PCSC_LOG_DEBUG, " pbRecvBuffer: [0]: 0x%02X, [1]: 0x%02X", pbRecvBuffer[0], pbRecvBuffer[1]);
+
+ /*
+ * Check for any errors that might have occurred
+ */
+
+ if (rv != SCARD_S_SUCCESS)
+ {
+ *pcbRecvLength = 0;
+ Log2(PCSC_LOG_ERROR, "Card not transacted: 0x%08lX", rv);
+ return SCARD_E_NOT_TRANSACTED;
+ }
+
+ /*
+ * Available is less than received
+ */
+ if (tempRxLength < dwRxLength)
+ {
+ Log3(PCSC_LOG_DEBUG, "Available is less than received: avail: %d, received: %d", tempRxLength, dwRxLength);
+ *pcbRecvLength = 0;
+ return SCARD_E_INSUFFICIENT_BUFFER;
+ }
+
+ /*
+ * Successful return
+ */
+ *pcbRecvLength = dwRxLength;
+ return SCARD_S_SUCCESS;
+}
+
+LONG SCardListReaders(SCARDCONTEXT hContext, LPCSTR mszGroups,
+ LPSTR mszReaders, LPDWORD pcchReaders)
+{
+ /*
+ * Client side function
+ */
+ return SCARD_S_SUCCESS;
+}
+
+LONG SCardCancel(SCARDCONTEXT hContext)
+{
+ /*
+ * Client side function
+ */
+ return SCARD_S_SUCCESS;
+}
+
+static LONG NotifyOfCardReset(DWORD state, PREADER_CONTEXT rContext, SCARDHANDLE hCard)
+{
+ /*
+ * Currently pcsc-lite keeps the card powered constantly
+ * Note that although EndTransaction initially sets dwAction in one
+ * case to IFD_POWER_DOWN, it then sets it to IFD_RESET
+ */
+
+ LONG rv = SCARD_S_SUCCESS, ret = SCARD_S_SUCCESS;
+
+ DWORD tmpCardAtrLength = SharedReaderState_CardAtrLength(rContext->readerState);
+ if (SCARD_RESET_CARD == state)
+ rv = IFDPowerICC(rContext, IFD_RESET, SharedReaderState_CardAtr(rContext->readerState), &tmpCardAtrLength);
+ else
+ {
+ rv = IFDPowerICC(rContext, IFD_POWER_DOWN, SharedReaderState_CardAtr(rContext->readerState), &tmpCardAtrLength);
+ rv = IFDPowerICC(rContext, IFD_POWER_UP, SharedReaderState_CardAtr(rContext->readerState), &tmpCardAtrLength);
+ }
+ SharedReaderState_SetCardAtrLength(rContext->readerState, tmpCardAtrLength);
+
+ /* the protocol is unset after a power on */
+ SharedReaderState_SetProtocol(rContext->readerState, SCARD_PROTOCOL_UNSET);
+
+ /*
+ * Notify the card has been reset
+ * Not doing this could result in deadlock
+ */
+ ret = RFCheckReaderEventState(rContext, hCard);
+
+ /*
+ Note: there is disagreement on which value of rv to use for the switch below:
+
+ SCardReconnect: result of RFCheckReaderEventState
+ SCardDisconnect: result of IFDPowerICC
+ SCardEndTransaction: result of IFDPowerICC
+
+ We use the result of IFDPowerICC here; this seems more sensible
+ */
+ switch (rv)
+ {
+ /* avoid deadlock */
+ case SCARD_W_RESET_CARD:
+ break;
+
+ case SCARD_W_REMOVED_CARD:
+ Log1(PCSC_LOG_ERROR, "card removed");
+ return SCARD_W_REMOVED_CARD;
+
+ /* invalid EventStatus */
+ case SCARD_E_INVALID_VALUE:
+ Log1(PCSC_LOG_ERROR, "invalid EventStatus");
+ return SCARD_F_INTERNAL_ERROR;
+
+ /* invalid hCard, but hCard was widely used some lines above :( */
+ case SCARD_E_INVALID_HANDLE:
+ Log1(PCSC_LOG_ERROR, "invalid handle");
+ return SCARD_F_INTERNAL_ERROR;
+
+ case SCARD_S_SUCCESS:
+ /*
+ * Notify the card has been reset
+ */
+ RFSetReaderEventState(rContext, SCARD_RESET);
+
+ /*
+ * Set up the status bit masks on dwStatus
+ */
+ DWORD readerStateTmp = SharedReaderState_State(rContext->readerState);
+ if (rv == SCARD_S_SUCCESS)
+ {
+ readerStateTmp |= SCARD_PRESENT;
+ readerStateTmp &= ~SCARD_ABSENT;
+ readerStateTmp |= SCARD_POWERED;
+ readerStateTmp |= SCARD_NEGOTIABLE;
+ readerStateTmp &= ~SCARD_SPECIFIC;
+ readerStateTmp &= ~SCARD_SWALLOWED;
+ readerStateTmp &= ~SCARD_UNKNOWN;
+ }
+ else
+ {
+ readerStateTmp |= SCARD_PRESENT;
+ readerStateTmp &= ~SCARD_ABSENT;
+ readerStateTmp |= SCARD_SWALLOWED;
+ readerStateTmp &= ~SCARD_POWERED;
+ readerStateTmp &= ~SCARD_NEGOTIABLE;
+ readerStateTmp &= ~SCARD_SPECIFIC;
+ readerStateTmp &= ~SCARD_UNKNOWN;
+ SharedReaderState_SetCardAtrLength(rContext->readerState, 0);
+ }
+ SharedReaderState_SetState(rContext->readerState, readerStateTmp);
+
+ if (SharedReaderState_CardAtrLength(rContext->readerState) > 0)
+ {
+ Log1(PCSC_LOG_ERROR, "Reset complete.");
+ LogXxd(PCSC_LOG_DEBUG, "Card ATR: ", SharedReaderState_CardAtr(rContext->readerState),
+ SharedReaderState_CardAtrLength(rContext->readerState));
+ }
+ else
+ {
+ DWORD dwStatus, dwAtrLen;
+ UCHAR ucAtr[MAX_ATR_SIZE];
+
+ Log1(PCSC_LOG_ERROR, "Error resetting card.");
+ IFDStatusICC(rContext, &dwStatus, ucAtr, &dwAtrLen);
+ if (dwStatus & SCARD_PRESENT)
+ return SCARD_W_UNRESPONSIVE_CARD;
+ else
+ return SCARD_E_NO_SMARTCARD;
+ }
+ break;
+ default:
+ Log2(PCSC_LOG_ERROR, "invalid retcode from RFCheckReaderEventState (%X)", rv);
+ return SCARD_F_INTERNAL_ERROR;
+ }
+ return SCARD_S_SUCCESS;
+}
+
+static LONG EjectCard(PREADER_CONTEXT rContext)
+{
+ LONG rv = SCARD_S_SUCCESS;
+
+ UCHAR controlBuffer[5];
+ UCHAR receiveBuffer[MAX_BUFFER_SIZE];
+ DWORD receiveLength;
+
+ /*
+ * Set up the CTBCS command for Eject ICC
+ */
+ controlBuffer[0] = 0x20;
+ controlBuffer[1] = 0x15;
+ controlBuffer[2] = (rContext->dwSlot & 0x0000FFFF) + 1;
+ controlBuffer[3] = 0x00;
+ controlBuffer[4] = 0x00;
+ receiveLength = 2;
+ rv = IFDControl_v2(rContext, controlBuffer, 5, receiveBuffer, &receiveLength);
+
+ if (rv == SCARD_S_SUCCESS)
+ {
+ if (receiveLength == 2 && receiveBuffer[0] == 0x90) // Successful
+ Log1(PCSC_LOG_ERROR, "Card ejected successfully.");
+ else
+ {
+ Log3(PCSC_LOG_ERROR, "Error ejecting card: %02X%02X", receiveBuffer[0], receiveBuffer[1]);
+ rv = SCARD_F_UNKNOWN_ERROR;
+ }
+ }
+ else
+ Log1(PCSC_LOG_ERROR, "Error ejecting card.");
+
+ return rv;
+}
+
+
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/winscard.h
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/winscard.h (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/winscard.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,138 @@
+/*
+ * Copyright (c) 2000 Apple Computer, Inc. All rights reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * The contents of this file constitute Original Code as defined in and
+ * are subject to the Apple Public Source License Version 1.1 (the
+ * "License"). You may not use this file except in compliance with the
+ * License. Please obtain a copy of the License at
+ * http://www.apple.com/publicsource and read it before using this file.
+ *
+ * This Original Code and all software distributed under the License are
+ * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the
+ * License for the specific language governing rights and limitations
+ * under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * MUSCLE SmartCard Development ( http://www.linuxnet.com )
+ *
+ * Copyright (C) 1999-2003
+ * David Corcoran <corcoran at linuxnet.com>
+ * Ludovic Rousseau <ludovic.rousseau at free.fr>
+ *
+ * $Id: winscard.h 2072 2006-06-06 09:31:07Z rousseau $
+ */
+
+/**
+ * @file
+ * @brief This handles smartcard reader communications.
+ */
+
+#ifndef __winscard_h__
+#define __winscard_h__
+
+#include <PCSC/pcsclite.h>
+#include <stdint.h>
+//#include "pcscexport.h"
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+
+#ifndef PCSC_API
+#define PCSC_API
+#endif
+
+ PCSC_API int32_t SCardEstablishContext(uint32_t dwScope,
+ const void *pvReserved1, const void *pvReserved2, LPSCARDCONTEXT phContext);
+
+ PCSC_API int32_t SCardReleaseContext(SCARDCONTEXT hContext);
+
+ PCSC_API int32_t SCardIsValidContext(SCARDCONTEXT hContext);
+
+ PCSC_API int32_t SCardSetTimeout(SCARDCONTEXT hContext, uint32_t dwTimeout);
+
+ PCSC_API int32_t SCardConnect(SCARDCONTEXT hContext,
+ const char *szReader,
+ uint32_t dwShareMode,
+ uint32_t dwPreferredProtocols,
+ LPSCARDHANDLE phCard, uint32_t *pdwActiveProtocol);
+
+ PCSC_API int32_t SCardReconnect(SCARDHANDLE hCard,
+ uint32_t dwShareMode,
+ uint32_t dwPreferredProtocols,
+ uint32_t dwInitialization, uint32_t *pdwActiveProtocol);
+
+ PCSC_API int32_t SCardDisconnect(SCARDHANDLE hCard, uint32_t dwDisposition);
+
+ PCSC_API int32_t SCardBeginTransaction(SCARDHANDLE hCard);
+
+ PCSC_API int32_t SCardEndTransaction(SCARDHANDLE hCard, uint32_t dwDisposition);
+
+ PCSC_API int32_t SCardCancelTransaction(SCARDHANDLE hCard);
+
+ PCSC_API int32_t SCardStatus(SCARDHANDLE hCard,
+ char *mszReaderNames, uint32_t *pcchReaderLen,
+ uint32_t *pdwState,
+ uint32_t *pdwProtocol,
+ unsigned char *pbAtr, uint32_t *pcbAtrLen);
+
+ PCSC_API int32_t SCardGetStatusChange(SCARDCONTEXT hContext,
+ uint32_t dwTimeout,
+ LPSCARD_READERSTATE_A rgReaderStates, uint32_t cReaders);
+
+ PCSC_API int32_t SCardControl(SCARDHANDLE hCard,
+ const void *pbSendBuffer, uint32_t cbSendLength,
+ void *pbRecvBuffer, uint32_t *pcbRecvLength);
+
+ PCSC_API int32_t SCardControl132(SCARDHANDLE hCard, uint32_t dwControlCode,
+ const void *pbSendBuffer, uint32_t cbSendLength,
+ void *pbRecvBuffer, uint32_t cbRecvLength, uint32_t *lpBytesReturned);
+
+ PCSC_API int32_t SCardTransmit(SCARDHANDLE hCard,
+ LPCSCARD_IO_REQUEST pioSendPci,
+ const unsigned char *pbSendBuffer, uint32_t cbSendLength,
+ LPSCARD_IO_REQUEST pioRecvPci,
+ unsigned char *pbRecvBuffer, uint32_t *pcbRecvLength);
+
+ PCSC_API int32_t SCardListReaderGroups(SCARDCONTEXT hContext,
+ char *mszGroups, uint32_t *pcchGroups);
+
+ PCSC_API int32_t SCardListReaders(SCARDCONTEXT hContext,
+ const char *mszGroups,
+ char *mszReaders, uint32_t *pcchReaders);
+
+ PCSC_API int32_t SCardCancel(SCARDCONTEXT hContext);
+
+ PCSC_API int32_t SCardGetAttrib(SCARDHANDLE hCard, uint32_t dwAttrId,
+ uint8_t *pbAttr, uint32_t *pcbAttrLen);
+
+ PCSC_API int32_t SCardSetAttrib(SCARDHANDLE hCard, uint32_t dwAttrId,
+ const uint8_t *pbAttr, uint32_t cbAttrLen);
+
+ void SCardUnload(void);
+
+#ifdef __cplusplus
+}
+#endif
+
+/*
+ To support the newer version of SCardControl, we define it
+ as follows. The old version number was 1.1.2, the new call
+ appears in 1.3.2 of pcsc-lite (or perhaps earlier).
+*/
+
+#if !defined(USE_SCARD_CONTROL_112)
+#define SCardControl SCardControl132
+#endif /* USE_SCARD_CONTROL_112 */
+
+#endif
+
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/winscard_clnt.c
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/winscard_clnt.c (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/winscard_clnt.c 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,3408 @@
+/*
+ * Copyright (c) 2000-2007 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * winscard_clnt.c
+ * SmartCardServices
+ */
+
+/*
+ * MUSCLE SmartCard Development ( http://www.linuxnet.com )
+ *
+ * Copyright (C) 1999-2004
+ * David Corcoran <corcoran at linuxnet.com>
+ * Damien Sauveron <damien.sauveron at labri.fr>
+ * Ludovic Rousseau <ludovic.rousseau at free.fr>
+ *
+ * $Id: winscard_clnt.c 2377 2007-02-05 13:13:56Z rousseau $
+ */
+
+/**
+ * @file
+ * @brief This handles smartcard reader communications and
+ * forwarding requests over message queues.
+ *
+ * Here is exposed the API for client applications.
+ */
+
+#include <assert.h>
+#include "config.h"
+#include <stdlib.h>
+#include <string.h>
+#include <sys/types.h>
+#include <fcntl.h>
+#include <unistd.h>
+#include <sys/un.h>
+#include <errno.h>
+#include <sys/socket.h>
+#include <sys/ioctl.h>
+#include <sys/_endian.h>
+
+#include "wintypes.h"
+#include "pcsclite.h"
+#include "pcscexport.h"
+#include "winscard.h"
+#include "debug.h"
+#include "thread_generic.h"
+
+#include "readerfactory.h"
+#include "eventhandler.h"
+#include "sys_generic.h"
+#include "winscard_msg.h"
+#include "readerstate.h"
+
+#include <security_utilities/debugging.h>
+
+/** used for backward compatibility */
+#define SCARD_PROTOCOL_ANY_OLD 0x1000
+
+#ifndef min
+#define min(a,b) (((a) < (b)) ? (a) : (b))
+#endif
+
+#define PROFILE_START
+#define PROFILE_END
+
+/**
+ * Represents an Application Context Channel.
+ * A channel belongs to an Application Context (\c _psContextMap).
+ */
+struct _psChannelMap
+{
+ SCARDHANDLE hCard;
+ LPSTR readerName;
+};
+
+typedef struct _psChannelMap CHANNEL_MAP, *PCHANNEL_MAP;
+
+/**
+ * @brief Represents the an Application Context on the Client side.
+ *
+ * An Application Context contains Channels (\c _psChannelMap).
+ */
+static struct _psContextMap
+{
+ DWORD dwClientID; /** Client Connection ID */
+ SCARDCONTEXT hContext; /** Application Context ID */
+ DWORD contextBlockStatus;
+ PCSCLITE_MUTEX_T mMutex; /** Mutex for this context */
+ CHANNEL_MAP psChannelMap[PCSCLITE_MAX_APPLICATION_CONTEXT_CHANNELS];
+} psContextMap[PCSCLITE_MAX_APPLICATION_CONTEXTS];
+
+/**
+ * Make sure the initialization code is executed only once.
+ */
+static short isExecuted = 0;
+
+/**
+ * Memory mapped address used to read status information about the readers.
+ * Each element in the vector \ref readerStates makes references to a part of
+ * the memory mapped.
+ */
+static int mapAddr = 0;
+
+/**
+ * Ensure that some functions be accessed in thread-safe mode.
+ * These function's names finishes with "TH".
+ */
+static PCSCLITE_MUTEX clientMutex = PTHREAD_MUTEX_INITIALIZER;
+
+/**
+ * Pointers to a memory mapped area used to read status information about the
+ * readers.
+ * Each element in the vector \ref readerStates makes references to a part of
+ * the memory mapped \ref mapAddr.
+ */
+static PREADER_STATE readerStates[PCSCLITE_MAX_READERS_CONTEXTS];
+
+PCSC_API SCARD_IO_REQUEST g_rgSCardT0Pci = { SCARD_PROTOCOL_T0, 8 };
+PCSC_API SCARD_IO_REQUEST g_rgSCardT1Pci = { SCARD_PROTOCOL_T1, 8 };
+PCSC_API SCARD_IO_REQUEST g_rgSCardRawPci = { SCARD_PROTOCOL_RAW, 8 };
+
+
+static LONG SCardAddContext(SCARDCONTEXT, DWORD);
+static LONG SCardGetContextIndice(SCARDCONTEXT);
+static LONG SCardGetContextIndiceTH(SCARDCONTEXT);
+static LONG SCardRemoveContext(SCARDCONTEXT);
+
+static LONG SCardAddHandle(SCARDHANDLE, DWORD, LPSTR);
+static LONG SCardGetIndicesFromHandle(SCARDHANDLE, PDWORD, PDWORD);
+static LONG SCardGetIndicesFromHandleTH(SCARDHANDLE, PDWORD, PDWORD);
+static LONG SCardRemoveHandle(SCARDHANDLE);
+
+static LONG SCardGetSetAttrib(SCARDHANDLE hCard, int command, DWORD dwAttrId,
+ LPBYTE pbAttr, LPDWORD pcbAttrLen);
+
+static LONG SCardCheckDaemonAvailability(void);
+static int SCardInitializeOnce();
+
+static int SHMClientCommunicationTimeout();
+
+/*
+ * Thread safety functions
+ */
+inline static LONG SCardLockThread(void);
+inline static LONG SCardUnlockThread(void);
+
+static LONG SCardEstablishContextTH(DWORD, LPCVOID, LPCVOID, LPSCARDCONTEXT);
+
+/**
+ * @brief Creates an Application Context to the PC/SC Resource Manager.
+
+ * This must be the first function called in a PC/SC application.
+ * This is a thread-safe wrapper to the function SCardEstablishContextTH().
+ *
+ * @param[in] dwScope Scope of the establishment.
+ * This can either be a local or remote connection.
+ * <ul>
+ * <li>\ref SCARD_SCOPE_USER - Not used.
+ * <li>\ref SCARD_SCOPE_TERMINAL - Not used.
+ * <li>\ref SCARD_SCOPE_GLOBAL - Not used.
+ * <li>\ref SCARD_SCOPE_SYSTEM - Services on the local machine.
+ * </ul>
+ * @param[in] pvReserved1 Reserved for future use. Can be used for remote connection.
+ * @param[in] pvReserved2 Reserved for future use.
+ * @param[out] phContext Returned Application Context.
+ *
+ * @return Connection status.
+ * @retval SCARD_S_SUCCESS Successful (\ref SCARD_S_SUCCESS)
+ * @retval SCARD_E_NO_SERVICE The server is not runing (\ref SCARD_E_NO_SERVICE)
+ * @retval SCARD_E_INVALID_VALUE Invalid scope type passed (\ref SCARD_E_INVALID_VALUE )
+ * @retval SCARD_E_INVALID_PARAMETER phContext is null (\ref SCARD_E_INVALID_PARAMETER)
+ *
+ * @test
+ * @code
+ * SCARDCONTEXT hContext;
+ * LONG rv;
+ * ...
+ * rv = SCardEstablishContext(SCARD_SCOPE_SYSTEM, NULL, NULL, &hContext);
+ * @endcode
+ */
+LONG SCardEstablishContext(DWORD dwScope, LPCVOID pvReserved1,
+ LPCVOID pvReserved2, LPSCARDCONTEXT phContext)
+{
+ LONG rv;
+
+ PROFILE_START
+
+ SCardLockThread();
+ rv = SCardEstablishContextTH(dwScope, pvReserved1,
+ pvReserved2, phContext);
+ SCardUnlockThread();
+
+ PROFILE_END
+
+ return rv;
+}
+
+/**
+ * @brief Creates a communication context to the PC/SC Resource
+ * Manager.
+ *
+ * This function shuld not be called directly. Instead, the thread-safe
+ * function SCardEstablishContext() should be called.
+ *
+ * @param[in] dwScope Scope of the establishment.
+ * This can either be a local or remote connection.
+ * <ul>
+ * <li>\ref SCARD_SCOPE_USER - Not used.
+ * <li>\ref SCARD_SCOPE_TERMINAL - Not used.
+ * <li>\ref SCARD_SCOPE_GLOBAL - Not used.
+ * <li>\ref SCARD_SCOPE_SYSTEM - Services on the local machine.
+ * </ul>
+ * @param[in] pvReserved1 Reserved for future use. Can be used for remote connection.
+ * @param[in] pvReserved2 Reserved for future use.
+ * @param[out] phContext Returned reference to this connection.
+ *
+ * @return Connection status.
+ * @retval SCARD_S_SUCCESS Successful (\ref SCARD_S_SUCCESS)
+ * @retval SCARD_E_NO_SERVICE The server is not runing (\ref SCARD_E_NO_SERVICE)
+ * @retval SCARD_E_INVALID_PARAMETER phContext is null. (\ref SCARD_E_INVALID_PARAMETER)
+ * @retval SCARD_E_INVALID_VALUE Invalid scope type passed (\ref SCARD_E_INVALID_VALUE)
+ */
+static LONG SCardEstablishContextTH(DWORD dwScope, LPCVOID pvReserved1,
+ LPCVOID pvReserved2, LPSCARDCONTEXT phContext)
+{
+ LONG rv;
+ establish_struct scEstablishStruct;
+ sharedSegmentMsg msgStruct;
+ DWORD dwClientID = 0;
+
+ if (phContext == NULL)
+ return SCARD_E_INVALID_PARAMETER;
+ else
+ *phContext = 0;
+
+ /* Check if the server is running */
+ if (SCardCheckDaemonAvailability() != SCARD_S_SUCCESS)
+ return SCARD_E_NO_SERVICE;
+
+ /*
+ * Do this only once:
+ * - Initialize debug of need.
+ * - Set up the memory mapped structures for reader states.
+ * - Allocate each reader structure.
+ * - Initialize context struct.
+ */
+ if (isExecuted == 0)
+ {
+ SCardInitializeOnce();
+ isExecuted = 1;
+ }
+
+ /* Establishes a connection to the server */
+ if (SHMClientSetupSession(&dwClientID) != 0)
+ {
+ SYS_CloseFile(mapAddr);
+ return SCARD_E_NO_SERVICE;
+ }
+
+ { /* exchange client/server protocol versions */
+ sharedSegmentMsg msgStruct;
+ version_struct *veStr = (version_struct *)&msgStruct.data;
+ veStr->major = PROTOCOL_VERSION_MAJOR;
+ veStr->minor = PROTOCOL_VERSION_MINOR;
+ htonlVersionStruct(veStr);
+
+ if (-1 == WrapSHMWrite(CMD_VERSION, dwClientID, sizeof(version_struct), SHMClientCommunicationTimeout(), veStr))
+ return SCARD_E_NO_SERVICE;
+
+ /*
+ * Read a message from the server
+ */
+ if (-1 == SHMClientReadMessage(&msgStruct, dwClientID, sizeof(version_struct), SHMClientCommunicationTimeout()))
+ {
+ Log1(PCSC_LOG_ERROR, "Your pcscd is too old and does not support CMD_VERSION");
+ return SCARD_F_COMM_ERROR;
+ }
+
+ ntohlVersionStruct(veStr);
+ Log3(PCSC_LOG_ERROR, "Server is protocol version %d:%d",
+ veStr->major, veStr->minor);
+
+ if (veStr->rv != SCARD_S_SUCCESS)
+ return veStr->rv;
+ }
+
+ if (dwScope != SCARD_SCOPE_USER && dwScope != SCARD_SCOPE_TERMINAL &&
+ dwScope != SCARD_SCOPE_SYSTEM && dwScope != SCARD_SCOPE_GLOBAL)
+ {
+ return SCARD_E_INVALID_VALUE;
+ }
+
+ /*
+ * Try to establish an Application Context with the server
+ */
+ scEstablishStruct.dwScope = dwScope;
+ scEstablishStruct.phContext = 0;
+ scEstablishStruct.rv = 0;
+
+ htonlEstablishStruct(&scEstablishStruct);
+ rv = WrapSHMWrite(SCARD_ESTABLISH_CONTEXT, dwClientID,
+ sizeof(scEstablishStruct), PCSCLITE_MCLIENT_ATTEMPTS,
+ (void *) &scEstablishStruct);
+
+ if (rv == -1)
+ return SCARD_E_NO_SERVICE;
+
+ /*
+ * Read the response from the server
+ */
+ rv = SHMClientReadMessage(&msgStruct, dwClientID, sizeof(establish_struct), SHMClientCommunicationTimeout());
+
+ if (rv == -1)
+ return SCARD_F_COMM_ERROR;
+
+ memcpy(&scEstablishStruct, &msgStruct.data, sizeof(scEstablishStruct));
+ ntohlEstablishStruct(&scEstablishStruct);
+
+ if (scEstablishStruct.rv != SCARD_S_SUCCESS)
+ return scEstablishStruct.rv;
+
+ *phContext = scEstablishStruct.phContext;
+
+ /*
+ * Allocate the new hContext - if allocator full return an error
+ */
+ rv = SCardAddContext(*phContext, dwClientID);
+
+ return rv;
+}
+
+/**
+ * @brief This function destroys a communication context to the PC/SC Resource
+ * Manager. This must be the last function called in a PC/SC application.
+ *
+ * @param[in] hContext Connection context to be closed.
+ *
+ * @return Connection status.
+ * @retval SCARD_S_SUCCESS Successful (\ref SCARD_S_SUCCESS)
+ *
+ * @test
+ * @code
+ * SCARDCONTEXT hContext;
+ * LONG rv;
+ * ...
+ * rv = SCardEstablishContext(SCARD_SCOPE_SYSTEM, NULL, NULL, &hContext);
+ * rv = SCardReleaseContext(hContext);
+ * @endcode
+ */
+LONG SCardReleaseContext(SCARDCONTEXT hContext)
+{
+ LONG rv;
+ release_struct scReleaseStruct;
+ sharedSegmentMsg msgStruct;
+ LONG dwContextIndex;
+
+ PROFILE_START
+
+ if (SCardCheckDaemonAvailability() != SCARD_S_SUCCESS)
+ return SCARD_E_NO_SERVICE;
+
+ /*
+ * Make sure this context has been opened
+ */
+ dwContextIndex = SCardGetContextIndice(hContext);
+ if (dwContextIndex == -1)
+ return SCARD_E_INVALID_HANDLE;
+
+ SYS_MutexLock(psContextMap[dwContextIndex].mMutex);
+
+ scReleaseStruct.hContext = hContext;
+ scReleaseStruct.rv = 0;
+ htonlReleaseStruct(&scReleaseStruct);
+
+ rv = WrapSHMWrite(SCARD_RELEASE_CONTEXT, psContextMap[dwContextIndex].dwClientID,
+ sizeof(scReleaseStruct),
+ PCSCLITE_MCLIENT_ATTEMPTS, (void *) &scReleaseStruct);
+
+ if (rv == -1)
+ {
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+ return SCARD_E_NO_SERVICE;
+ }
+
+ /*
+ * Read a message from the server
+ */
+ rv = SHMClientReadMessage(&msgStruct, psContextMap[dwContextIndex].dwClientID, sizeof(release_struct), SHMClientCommunicationTimeout());
+ memcpy(&scReleaseStruct, &msgStruct.data, sizeof(scReleaseStruct));
+ ntohlReleaseStruct(&scReleaseStruct);
+
+ if (rv == -1)
+ {
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+ return SCARD_F_COMM_ERROR;
+ }
+
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+
+ /*
+ * Remove the local context from the stack
+ */
+ SCardLockThread();
+ SCardRemoveContext(hContext);
+ SCardUnlockThread();
+
+ PROFILE_END
+
+ return scReleaseStruct.rv;
+}
+
+/**
+ * @deprecated
+ * This function is not in Microsoft(R) WinSCard API and is deprecated
+ * in pcsc-lite API.
+ * The function does not do anything except returning \ref SCARD_S_SUCCESS.
+ *
+ * @param[in] hContext Connection context to the PC/SC Resource Manager.
+ * @param[in] dwTimeout New timeout value.
+ *
+ * @return Error code.
+ * @retval SCARD_S_SUCCESS Successful (\ref SCARD_S_SUCCESS)
+ */
+LONG SCardSetTimeout(SCARDCONTEXT hContext, DWORD dwTimeout)
+{
+ /*
+ * Deprecated
+ */
+
+ return SCARD_S_SUCCESS;
+}
+
+/**
+ * This function establishes a connection to the friendly name of the reader
+ * specified in szReader. The first connection will power up and perform a
+ * reset on the card.
+ *
+ * @param[in] hContext Connection context to the PC/SC Resource Manager.
+ * @param[in] szReader Reader name to connect to.
+ * @param[in] dwShareMode Mode of connection type: exclusive or shared.
+ * <ul>
+ * <li>\ref SCARD_SHARE_SHARED - This application will allow others to share
+ * the reader.
+ * <li>\ref SCARD_SHARE_EXCLUSIVE - This application will NOT allow others to
+ * share the reader.
+ * <li>\ref SCARD_SHARE_DIRECT - Direct control of the reader, even without a
+ * card. \ref SCARD_SHARE_DIRECT can be used before using SCardControl() to
+ * send control commands to the reader even if a card is not present in the
+ * reader.
+ * </ul>
+ * @param[in] dwPreferredProtocols Desired protocol use.
+ * <ul>
+ * <li>\ref SCARD_PROTOCOL_T0 - Use the T=0 protocol.
+ * <li>\ref SCARD_PROTOCOL_T1 - Use the T=1 protocol.
+ * <li>\ref SCARD_PROTOCOL_RAW - Use with memory type cards.
+ * </ul>
+ * dwPreferredProtocols is a bit mask of acceptable protocols for the
+ * connection. You can use (SCARD_PROTOCOL_T0 | SCARD_PROTOCOL_T1) if you
+ * do not have a preferred protocol.
+ * @param[out] phCard Handle to this connection.
+ * @param[out] pdwActiveProtocol Established protocol to this connection.
+ *
+ * @return Error code.
+ * @retval SCARD_S_SUCCESS Successful (\ref SCARD_S_SUCCESS)
+ * @retval SCARD_E_INVALID_HANDLE Invalid hContext handle (\ref SCARD_E_INVALID_HANDLE)
+ * @retval SCARD_E_INVALID_VALUE Invalid sharing mode, requested protocol, or reader name (\ref SCARD_E_INVALID_VALUE)
+ * @retval SCARD_E_NOT_READY Could not allocate the desired port (\ref SCARD_E_NOT_READY)
+ * @retval SCARD_E_READER_UNAVAILABLE Could not power up the reader or card (\ref SCARD_E_READER_UNAVAILABLE)
+ * @retval SCARD_E_SHARING_VIOLATION Someone else has exclusive rights (\ref SCARD_E_SHARING_VIOLATION)
+ * @retval SCARD_E_UNSUPPORTED_FEATURE Protocol not supported (\ref SCARD_E_UNSUPPORTED_FEATURE)
+ *
+ * @test
+ * @code
+ * SCARDCONTEXT hContext;
+ * SCARDHANDLE hCard;
+ * DWORD dwActiveProtocol;
+ * LONG rv;
+ * ...
+ * rv = SCardEstablishContext(SCARD_SCOPE_SYSTEM, NULL, NULL, &hContext);
+ * rv = SCardConnect(hContext, "Reader X", SCARD_SHARE_SHARED, SCARD_PROTOCOL_T0, &hCard, &dwActiveProtocol);
+ * @endcode
+ */
+LONG SCardConnect(SCARDCONTEXT hContext, LPCSTR szReader,
+ DWORD dwShareMode, DWORD dwPreferredProtocols, LPSCARDHANDLE phCard,
+ LPDWORD pdwActiveProtocol)
+{
+ LONG rv;
+ connect_struct scConnectStruct = {0,};
+ sharedSegmentMsg msgStruct = {0,};
+ LONG dwContextIndex;
+
+ PROFILE_START
+
+ /*
+ * Check for NULL parameters
+ */
+ if (phCard == NULL || pdwActiveProtocol == NULL)
+ return SCARD_E_INVALID_PARAMETER;
+ else
+ *phCard = 0;
+
+ if (szReader == NULL)
+ return SCARD_E_UNKNOWN_READER;
+
+ /*
+ * Check for uninitialized strings
+ */
+ if (strlen(szReader) > MAX_READERNAME)
+ return SCARD_E_INVALID_VALUE;
+
+ if (!(dwPreferredProtocols & SCARD_PROTOCOL_T0) &&
+ !(dwPreferredProtocols & SCARD_PROTOCOL_T1) &&
+ !(dwPreferredProtocols & SCARD_PROTOCOL_RAW) &&
+ !(dwPreferredProtocols & SCARD_PROTOCOL_ANY_OLD))
+ {
+ return SCARD_E_INVALID_VALUE;
+ }
+
+ if (SCardCheckDaemonAvailability() != SCARD_S_SUCCESS)
+ return SCARD_E_NO_SERVICE;
+
+ /*
+ * Make sure this context has been opened
+ */
+ dwContextIndex = SCardGetContextIndice(hContext);
+ if (dwContextIndex == -1)
+ return SCARD_E_INVALID_HANDLE;
+
+ SYS_MutexLock(psContextMap[dwContextIndex].mMutex);
+
+ strncpy(scConnectStruct.szReader, szReader, MAX_READERNAME);
+
+ scConnectStruct.hContext = hContext;
+ scConnectStruct.dwShareMode = dwShareMode;
+ scConnectStruct.dwPreferredProtocols = dwPreferredProtocols;
+ scConnectStruct.phCard = *phCard;
+ scConnectStruct.pdwActiveProtocol = *pdwActiveProtocol;
+ htonlConnectStruct(&scConnectStruct);
+
+ rv = WrapSHMWrite(SCARD_CONNECT, psContextMap[dwContextIndex].dwClientID,
+ sizeof(scConnectStruct),
+ SHMClientCommunicationTimeout(), (void *) &scConnectStruct);
+
+ if (rv == -1)
+ {
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+ return SCARD_E_NO_SERVICE;
+ }
+
+ /*
+ * Read a message from the server
+ */
+ rv = SHMClientReadMessage(&msgStruct, psContextMap[dwContextIndex].dwClientID, sizeof(connect_struct), SHMClientCommunicationTimeout());
+
+ memcpy(&scConnectStruct, &msgStruct.data, sizeof(scConnectStruct));
+ ntohlConnectStruct(&scConnectStruct);
+
+ if (rv == -1)
+ {
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+ return SCARD_F_COMM_ERROR;
+ }
+
+ *phCard = scConnectStruct.phCard;
+ *pdwActiveProtocol = scConnectStruct.pdwActiveProtocol;
+
+ if (scConnectStruct.rv == SCARD_S_SUCCESS)
+ {
+ /*
+ * Keep track of the handle locally
+ */
+ rv = SCardAddHandle(*phCard, dwContextIndex, (LPSTR) szReader);
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+
+ PROFILE_END
+
+ return rv;
+ }
+
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+
+ PROFILE_END
+
+ return scConnectStruct.rv;
+}
+
+/**
+ * @brief This function reestablishes a connection to a reader that was previously
+ * connected to using SCardConnect().
+ *
+ * In a multi application environment it is possible for an application to reset
+ * the card in shared mode. When this occurs any other application trying to
+ * access certain commands will be returned the value SCARD_W_RESET_CARD. When
+ * this occurs SCardReconnect() must be called in order to acknowledge that
+ * the card was reset and allow it to change it's state accordingly.
+ *
+ * @param[in] hCard Handle to a previous call to connect.
+ * @param[in] dwShareMode Mode of connection type: exclusive/shared.
+ * <ul>
+ * <li>\ref SCARD_SHARE_SHARED - This application will allow others to share
+ * the reader.
+ * <li>\ref SCARD_SHARE_EXCLUSIVE - This application will NOT allow others to
+ * share the reader.
+ * </ul>
+ * @param[in] dwPreferredProtocols Desired protocol use.
+ * <ul>
+ * <li>\ref SCARD_PROTOCOL_T0 - Use the T=0 protocol.
+ * <li>\ref SCARD_PROTOCOL_T1 - Use the T=1 protocol.
+ * <li>\ref SCARD_PROTOCOL_RAW - Use with memory type cards.
+ * </ul>
+ * \p dwPreferredProtocols is a bit mask of acceptable protocols for
+ * the connection. You can use (SCARD_PROTOCOL_T0 | SCARD_PROTOCOL_T1)
+ * if you do not have a preferred protocol.
+ * @param[in] dwInitialization Desired action taken on the card/reader.
+ * <ul>
+ * <li>\ref SCARD_LEAVE_CARD - Do nothing.
+ * <li>\ref SCARD_RESET_CARD - Reset the card (warm reset).
+ * <li>\ref SCARD_UNPOWER_CARD - Unpower the card (cold reset).
+ * <li>\ref SCARD_EJECT_CARD - Eject the card.
+ * </ul>
+ * @param[out] pdwActiveProtocol Established protocol to this connection.
+ *
+ * @return Error code.
+ * @retval SCARD_S_SUCCESS Successful (\ref SCARD_S_SUCCESS)
+ * @retval SCARD_E_INVALID_HANDLE Invalid \p hCard handle (\ref SCARD_E_INVALID_HANDLE)
+ * @retval SCARD_E_NOT_READY Could not allocate the desired port (\ref SCARD_E_NOT_READY)
+ * @retval SCARD_E_INVALID_VALUE Invalid sharing mode, requested protocol, or reader name (\ref SCARD_E_INVALID_VALUE)
+ * @retval SCARD_E_READER_UNAVAILABLE The reader has been removed (\ref SCARD_E_READER_UNAVAILABLE)
+ * @retval SCARD_E_UNSUPPORTED_FEATURE Protocol not supported (\ref SCARD_E_UNSUPPORTED_FEATURE)
+ * @retval SCARD_E_SHARING_VIOLATION Someone else has exclusive rights (\ref SCARD_E_SHARING_VIOLATION)
+ *
+ * @test
+ * @code
+ * SCARDCONTEXT hContext;
+ * SCARDHANDLE hCard;
+ * DWORD dwActiveProtocol, dwSendLength, dwRecvLength;
+ * LONG rv;
+ * BYTE pbRecvBuffer[10];
+ * BYTE pbSendBuffer[] = {0xC0, 0xA4, 0x00, 0x00, 0x02, 0x3F, 0x00};
+ * ...
+ * rv = SCardEstablishContext(SCARD_SCOPE_SYSTEM, NULL, NULL, &hContext);
+ * rv = SCardConnect(hContext, "Reader X", SCARD_SHARE_SHARED, SCARD_PROTOCOL_T0, &hCard, &dwActiveProtocol);
+ * ...
+ * dwSendLength = sizeof(pbSendBuffer);
+ * dwRecvLength = sizeof(pbRecvBuffer);
+ * rv = SCardTransmit(hCard, SCARD_PCI_T0, pbSendBuffer, dwSendLength, &pioRecvPci, pbRecvBuffer, &dwRecvLength);
+ * / * Card has been reset by another application * /
+ * if (rv == SCARD_W_RESET_CARD)
+ * {
+ * rv = SCardReconnect(hCard, SCARD_SHARE_SHARED, SCARD_PROTOCOL_T0, SCARD_RESET_CARD, &dwActiveProtocol);
+ * }
+ * @endcode
+ */
+LONG SCardReconnect(SCARDHANDLE hCard, DWORD dwShareMode,
+ DWORD dwPreferredProtocols, DWORD dwInitialization,
+ LPDWORD pdwActiveProtocol)
+{
+ LONG rv;
+ reconnect_struct scReconnectStruct;
+ sharedSegmentMsg msgStruct;
+ int i;
+ DWORD dwContextIndex, dwChannelIndex;
+
+ PROFILE_START
+
+ if (dwInitialization != SCARD_LEAVE_CARD &&
+ dwInitialization != SCARD_RESET_CARD &&
+ dwInitialization != SCARD_UNPOWER_CARD &&
+ dwInitialization != SCARD_EJECT_CARD)
+ {
+ return SCARD_E_INVALID_VALUE;
+ }
+
+ if (!(dwPreferredProtocols & SCARD_PROTOCOL_T0) &&
+ !(dwPreferredProtocols & SCARD_PROTOCOL_T1) &&
+ !(dwPreferredProtocols & SCARD_PROTOCOL_RAW) &&
+ !(dwPreferredProtocols & SCARD_PROTOCOL_ANY_OLD))
+ {
+ return SCARD_E_INVALID_VALUE;
+ }
+
+ if (pdwActiveProtocol == NULL)
+ return SCARD_E_INVALID_PARAMETER;
+
+ if (SCardCheckDaemonAvailability() != SCARD_S_SUCCESS)
+ return SCARD_E_NO_SERVICE;
+
+ /*
+ * Make sure this handle has been opened
+ */
+ rv = SCardGetIndicesFromHandle(hCard, &dwContextIndex, &dwChannelIndex);
+
+ if (rv == -1)
+ return SCARD_E_INVALID_HANDLE;
+
+ SYS_MutexLock(psContextMap[dwContextIndex].mMutex);
+
+
+ for (i = 0; i < PCSCLITE_MAX_READERS_CONTEXTS; i++)
+ {
+ char *r = psContextMap[dwContextIndex].psChannelMap[dwChannelIndex].readerName;
+ /* by default r == NULL */
+ if (SharedReaderState_ReaderNameIsEqual(readerStates[i], r))
+ break;
+ }
+
+ if (i == PCSCLITE_MAX_READERS_CONTEXTS)
+ {
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+ return SCARD_E_READER_UNAVAILABLE;
+ }
+
+ scReconnectStruct.hCard = hCard;
+ scReconnectStruct.dwShareMode = dwShareMode;
+ scReconnectStruct.dwPreferredProtocols = dwPreferredProtocols;
+ scReconnectStruct.dwInitialization = dwInitialization;
+ scReconnectStruct.pdwActiveProtocol = *pdwActiveProtocol;
+ htonlReconnectStruct(&scReconnectStruct);
+
+ rv = WrapSHMWrite(SCARD_RECONNECT, psContextMap[dwContextIndex].dwClientID,
+ sizeof(scReconnectStruct),
+ SHMClientCommunicationTimeout(), (void *) &scReconnectStruct);
+
+ if (rv == -1)
+ {
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+ return SCARD_E_NO_SERVICE;
+ }
+
+ /*
+ * Read a message from the server
+ */
+ rv = SHMClientReadMessage(&msgStruct, psContextMap[dwContextIndex].dwClientID, sizeof(reconnect_struct), SHMClientCommunicationTimeout());
+
+ memcpy(&scReconnectStruct, &msgStruct.data, sizeof(scReconnectStruct));
+ ntohlReconnectStruct(&scReconnectStruct);
+
+ if (rv == -1)
+ {
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+ return SCARD_F_COMM_ERROR;
+ }
+
+ *pdwActiveProtocol = scReconnectStruct.pdwActiveProtocol;
+
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+
+ PROFILE_END
+
+ return scReconnectStruct.rv;
+}
+
+/**
+ * This function terminates a connection to the connection made through
+ * SCardConnect(). dwDisposition can have the following values:
+ *
+ * @param[in] hCard Connection made from SCardConnect.
+ * @param[in] dwDisposition Reader function to execute.
+ * <ul>
+ * <li>\ref SCARD_LEAVE_CARD - Do nothing.
+ * <li>\ref SCARD_RESET_CARD - Reset the card (warm reset).
+ * <li>\ref SCARD_UNPOWER_CARD - Unpower the card (cold reset).
+ * <li>\ref SCARD_EJECT_CARD - Eject the card.
+ * </ul>
+ *
+ * @return Error code.
+ * @retval SCARD_S_SUCCESS Successful(\ref SCARD_S_SUCCESS)
+ * @retval SCARD_E_INVALID_HANDLE Invalid \p hCard handle (\ref SCARD_E_INVALID_HANDLE)
+ * @retval SCARD_E_INVALID_VALUE - Invalid \p dwDisposition (\ref SCARD_E_INVALID_VALUE)
+ *
+ * @test
+ * @code
+ * SCARDCONTEXT hContext;
+ * SCARDHANDLE hCard;
+ * DWORD dwActiveProtocol;
+ * LONG rv;
+ * ...
+ * rv = SCardEstablishContext(SCARD_SCOPE_SYSTEM, NULL, NULL, &hContext);
+ * rv = SCardConnect(hContext, "Reader X", SCARD_SHARE_SHARED, SCARD_PROTOCOL_T0, &hCard, &dwActiveProtocol);
+ * rv = SCardDisconnect(hCard, SCARD_UNPOWER_CARD);
+ * @endcode
+ */
+LONG SCardDisconnect(SCARDHANDLE hCard, DWORD dwDisposition)
+{
+ LONG rv;
+ disconnect_struct scDisconnectStruct;
+ sharedSegmentMsg msgStruct;
+ DWORD dwContextIndex, dwChannelIndex;
+
+ PROFILE_START
+
+ if (dwDisposition != SCARD_LEAVE_CARD &&
+ dwDisposition != SCARD_RESET_CARD &&
+ dwDisposition != SCARD_UNPOWER_CARD &&
+ dwDisposition != SCARD_EJECT_CARD)
+ {
+ return SCARD_E_INVALID_VALUE;
+ }
+
+ if (SCardCheckDaemonAvailability() != SCARD_S_SUCCESS)
+ return SCARD_E_NO_SERVICE;
+
+ /*
+ * Make sure this handle has been opened
+ */
+ rv = SCardGetIndicesFromHandle(hCard, &dwContextIndex, &dwChannelIndex);
+
+ if (rv == -1)
+ return SCARD_E_INVALID_HANDLE;
+
+ SYS_MutexLock(psContextMap[dwContextIndex].mMutex);
+
+ scDisconnectStruct.hCard = hCard;
+ scDisconnectStruct.dwDisposition = dwDisposition;
+ htonlDisconnectStruct(&scDisconnectStruct);
+
+ rv = WrapSHMWrite(SCARD_DISCONNECT, psContextMap[dwContextIndex].dwClientID,
+ sizeof(scDisconnectStruct),
+ SHMClientCommunicationTimeout(), (void *) &scDisconnectStruct);
+
+ if (rv == -1)
+ {
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+ return SCARD_E_NO_SERVICE;
+ }
+
+ /*
+ * Read a message from the server
+ */
+ rv = SHMClientReadMessage(&msgStruct, psContextMap[dwContextIndex].dwClientID, sizeof(disconnect_struct), SHMClientCommunicationTimeout());
+
+ memcpy(&scDisconnectStruct, &msgStruct.data, sizeof(scDisconnectStruct));
+ ntohlDisconnectStruct(&scDisconnectStruct);
+
+ if (rv == -1)
+ {
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+ return SCARD_F_COMM_ERROR;
+ }
+
+ SCardRemoveHandle(hCard);
+
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+
+ PROFILE_END
+
+ return scDisconnectStruct.rv;
+}
+
+/**
+ * @brief This function establishes a temporary exclusive access mode for
+ * doing a series of commands or transaction.
+ *
+ * You might want to use this when you are selecting a few files and then
+ * writing a large file so you can make sure that another application will
+ * not change the current file. If another application has a lock on this
+ * reader or this application is in \ref SCARD_SHARE_EXCLUSIVE there will be no
+ * action taken.
+ *
+ * @param[in] hCard Connection made from SCardConnect.
+ *
+ * @return Error code.
+ * @retval SCARD_S_SUCCESS Successful (\ref SCARD_S_SUCCESS)
+ * @retval SCARD_E_INVALID_HANDLE Invalid hCard handle (\ref SCARD_E_INVALID_HANDLE)
+ * @retval SCARD_E_SHARING_VIOLATION Someone else has exclusive rights (\ref SCARD_E_SHARING_VIOLATION)
+ * @retval SCARD_E_READER_UNAVAILABLE The reader has been removed (\ref SCARD_E_READER_UNAVAILABLE)
+ *
+ * @test
+ * @code
+ * SCARDCONTEXT hContext;
+ * SCARDHANDLE hCard;
+ * DWORD dwActiveProtocol;
+ * LONG rv;
+ * ...
+ * rv = SCardEstablishContext(SCARD_SCOPE_SYSTEM, NULL, NULL, &hContext);
+ * rv = SCardConnect(hContext, "Reader X", SCARD_SHARE_SHARED, SCARD_PROTOCOL_T0, &hCard, &dwActiveProtocol);
+ * rv = SCardBeginTransaction(hCard);
+ * ...
+ * / * Do some transmit commands * /
+ * @endcode
+ */
+LONG SCardBeginTransaction(SCARDHANDLE hCard)
+{
+
+ LONG rv;
+ begin_struct txBeginStruct = {0,}, rxBeginStruct = {0,};
+ int i;
+ sharedSegmentMsg msgStruct = {0,};
+ DWORD dwContextIndex, dwChannelIndex;
+
+ PROFILE_START
+
+ secdebug("pcscd", "SCardBeginTransaction: initial request: hCard: 0x%08X", hCard);
+
+ if (SCardCheckDaemonAvailability() != SCARD_S_SUCCESS)
+ return SCARD_E_NO_SERVICE;
+
+ /*
+ * Make sure this handle has been opened
+ */
+ rv = SCardGetIndicesFromHandle(hCard, &dwContextIndex, &dwChannelIndex);
+
+ if (rv == -1)
+ return SCARD_E_INVALID_HANDLE;
+
+ SYS_MutexLock(psContextMap[dwContextIndex].mMutex);
+
+ for (i = 0; i < PCSCLITE_MAX_READERS_CONTEXTS; i++)
+ {
+ char *r = psContextMap[dwContextIndex].psChannelMap[dwChannelIndex].readerName;
+
+ /* by default r == NULL */
+ if (SharedReaderState_ReaderNameIsEqual(readerStates[i], r))
+ break;
+ }
+
+ if (i == PCSCLITE_MAX_READERS_CONTEXTS)
+ {
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+ return SCARD_E_READER_UNAVAILABLE;
+ }
+
+ txBeginStruct.hCard = hCard;
+ htonlBeginStruct(&txBeginStruct);
+
+ /*
+ * Query the server every so often until the sharing violation ends
+ * and then hold the lock for yourself.
+ */
+
+ do
+ {
+ rv = WrapSHMWrite(SCARD_BEGIN_TRANSACTION, psContextMap[dwContextIndex].dwClientID,
+ sizeof(txBeginStruct),
+ SHMClientCommunicationTimeout(), (void *) &txBeginStruct);
+
+ if (rv == -1)
+ {
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+ return SCARD_E_NO_SERVICE;
+ }
+
+ /*
+ * Read a message from the server
+ */
+ rv = SHMClientReadMessage(&msgStruct, psContextMap[dwContextIndex].dwClientID, sizeof(begin_struct), SHMClientCommunicationTimeout());
+ memcpy(&rxBeginStruct, &msgStruct.data, sizeof(rxBeginStruct));
+ ntohlBeginStruct(&rxBeginStruct);
+
+ if (rv == -1)
+ {
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+ return SCARD_F_COMM_ERROR;
+ }
+
+ }
+ while (rxBeginStruct.rv == SCARD_E_SHARING_VIOLATION);
+
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+
+ PROFILE_END
+ secdebug("pcscd", "SCardBeginTransaction: hCard: 0x%08X, returning: 0x%08X", rxBeginStruct.hCard, rxBeginStruct.rv);
+
+ return rxBeginStruct.rv;
+}
+
+/**
+ * @brief This function ends a previously begun transaction.
+ *
+ * The calling application must be the owner of the previously begun
+ * transaction or an error will occur.
+ *
+ * @param[in] hCard Connection made from SCardConnect.
+ * @param[in] dwDisposition Action to be taken on the reader.
+ * The disposition action is not currently used in this release.
+ * <ul>
+ * <li>\ref SCARD_LEAVE_CARD - Do nothing.
+ * <li>\ref SCARD_RESET_CARD - Reset the card.
+ * <li>\ref SCARD_UNPOWER_CARD - Unpower the card.
+ * <li>\ref SCARD_EJECT_CARD - Eject the card.
+ * </ul>
+ *
+ * @return Error code.
+ * @retval SCARD_S_SUCCESS Successful (\ref SCARD_S_SUCCESS)
+ * @retval SCARD_E_INVALID_HANDLE Invalid hCard handle (\ref SCARD_E_INVALID_HANDLE)
+ * @retval SCARD_E_SHARING_VIOLATION Someone else has exclusive rights (\ref SCARD_E_SHARING_VIOLATION)
+ * @retval SCARD_E_READER_UNAVAILABLE The reader has been removed (\ref SCARD_E_READER_UNAVAILABLE)
+ *
+ * @test
+ * @code
+ * SCARDCONTEXT hContext;
+ * SCARDHANDLE hCard;
+ * DWORD dwActiveProtocol;
+ * LONG rv;
+ * ...
+ * rv = SCardEstablishContext(SCARD_SCOPE_SYSTEM, NULL, NULL, &hContext);
+ * rv = SCardConnect(hContext, "Reader X", SCARD_SHARE_SHARED, SCARD_PROTOCOL_T0, &hCard, &dwActiveProtocol);
+ * rv = SCardBeginTransaction(hCard);
+ * ...
+ * / * Do some transmit commands * /
+ * ...
+ * rv = SCardEndTransaction(hCard, SCARD_LEAVE_CARD);
+ * @endcode
+ */
+LONG SCardEndTransaction(SCARDHANDLE hCard, DWORD dwDisposition)
+{
+ LONG rv;
+ end_struct scEndStruct;
+ sharedSegmentMsg msgStruct;
+ int randnum, i;
+ DWORD dwContextIndex, dwChannelIndex;
+
+ PROFILE_START
+
+ secdebug("pcscd", "SCardEndTransaction: initial request: hCard: 0x%08X, dwDisposition: 0x%04X",
+ hCard, dwDisposition);
+ /*
+ * Zero out everything
+ */
+ randnum = 0;
+
+ if (dwDisposition != SCARD_LEAVE_CARD &&
+ dwDisposition != SCARD_RESET_CARD &&
+ dwDisposition != SCARD_UNPOWER_CARD &&
+ dwDisposition != SCARD_EJECT_CARD)
+ {
+ return SCARD_E_INVALID_VALUE;
+ }
+
+ if (SCardCheckDaemonAvailability() != SCARD_S_SUCCESS)
+ return SCARD_E_NO_SERVICE;
+
+ /*
+ * Make sure this handle has been opened
+ */
+ rv = SCardGetIndicesFromHandle(hCard, &dwContextIndex, &dwChannelIndex);
+
+ if (rv == -1)
+ return SCARD_E_INVALID_HANDLE;
+
+ SYS_MutexLock(psContextMap[dwContextIndex].mMutex);
+
+ for (i = 0; i < PCSCLITE_MAX_READERS_CONTEXTS; i++)
+ {
+ char *r = psContextMap[dwContextIndex].psChannelMap[dwChannelIndex].readerName;
+
+ /* by default r == NULL */
+ if (SharedReaderState_ReaderNameIsEqual(readerStates[i], r))
+ break;
+ }
+
+ if (i == PCSCLITE_MAX_READERS_CONTEXTS)
+ {
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+ return SCARD_E_READER_UNAVAILABLE;
+ }
+
+ scEndStruct.hCard = hCard;
+ scEndStruct.dwDisposition = dwDisposition;
+ htonlEndStruct(&scEndStruct);
+
+ rv = WrapSHMWrite(SCARD_END_TRANSACTION, psContextMap[dwContextIndex].dwClientID,
+ sizeof(scEndStruct),
+ SHMClientCommunicationTimeout(), (void *) &scEndStruct);
+ secdebug("pcscd", "SCardEndTransaction: WrapSHMWrite result: 0x%08X", rv);
+
+ if (rv == -1)
+ {
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+ return SCARD_E_NO_SERVICE;
+ }
+
+ /*
+ * Read a message from the server
+ */
+ rv = SHMClientReadMessage(&msgStruct, psContextMap[dwContextIndex].dwClientID, sizeof(end_struct), SHMClientCommunicationTimeout());
+ secdebug("pcscd", "SCardEndTransaction: SHMClientRead result: 0x%08X", rv);
+
+ memcpy(&scEndStruct, &msgStruct.data, sizeof(scEndStruct));
+ ntohlEndStruct(&scEndStruct);
+
+ if (rv == -1)
+ {
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+ return SCARD_F_COMM_ERROR;
+ }
+
+ /*
+ * This helps prevent starvation
+ */
+ randnum = SYS_Random(randnum, 1000.0, 10000.0);
+ SYS_USleep(randnum);
+
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+
+ PROFILE_END
+
+ secdebug("pcscd", "SCardEndTransaction: returning: 0x%08X", scEndStruct.rv);
+ return scEndStruct.rv;
+}
+
+/**
+ * @deprecated
+ * This function is not in Microsoft(R) WinSCard API and is deprecated
+ * in pcsc-lite API.
+ */
+LONG SCardCancelTransaction(SCARDHANDLE hCard)
+{
+ LONG rv;
+ cancel_struct scCancelStruct;
+ sharedSegmentMsg msgStruct;
+ int i;
+ DWORD dwContextIndex, dwChannelIndex;
+
+ PROFILE_START
+
+ if (SCardCheckDaemonAvailability() != SCARD_S_SUCCESS)
+ return SCARD_E_NO_SERVICE;
+
+ /*
+ * Make sure this handle has been opened
+ */
+ rv = SCardGetIndicesFromHandle(hCard, &dwContextIndex, &dwChannelIndex);
+
+ if (rv == -1)
+ return SCARD_E_INVALID_HANDLE;
+
+ SYS_MutexLock(psContextMap[dwContextIndex].mMutex);
+
+ for (i = 0; i < PCSCLITE_MAX_READERS_CONTEXTS; i++)
+ {
+ char *r = psContextMap[dwContextIndex].psChannelMap[dwChannelIndex].readerName;
+
+ /* by default r == NULL */
+ if (SharedReaderState_ReaderNameIsEqual(readerStates[i], r))
+ break;
+ }
+
+ if (i == PCSCLITE_MAX_READERS_CONTEXTS)
+ {
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+ return SCARD_E_READER_UNAVAILABLE;
+ }
+
+ scCancelStruct.hCard = hCard;
+ htonlCancelStruct(&scCancelStruct);
+
+ rv = WrapSHMWrite(SCARD_CANCEL_TRANSACTION, psContextMap[dwContextIndex].dwClientID,
+ sizeof(scCancelStruct),
+ SHMClientCommunicationTimeout(), (void *) &scCancelStruct);
+
+ if (rv == -1)
+ {
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+ return SCARD_E_NO_SERVICE;
+ }
+
+ /*
+ * Read a message from the server
+ */
+ rv = SHMClientReadMessage(&msgStruct, psContextMap[dwContextIndex].dwClientID, sizeof(cancel_struct), SHMClientCommunicationTimeout());
+
+ memcpy(&scCancelStruct, &msgStruct.data, sizeof(scCancelStruct));
+ ntohlCancelStruct(&scCancelStruct);
+
+ if (rv == -1)
+ {
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+ return SCARD_F_COMM_ERROR;
+ }
+
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+
+ PROFILE_END
+
+ return scCancelStruct.rv;
+}
+
+/**
+ * @brief This function returns the current status of the reader connected to by hCard.
+ *
+ * It's friendly name will be stored in szReaderName. pcchReaderLen will be
+ * the size of the allocated buffer for szReaderName, while pcbAtrLen will
+ * be the size of the allocated buffer for pbAtr. If either of these is too
+ * small, the function will return with \ref SCARD_E_INSUFFICIENT_BUFFER and the
+ * necessary size in pcchReaderLen and pcbAtrLen. The current state, and
+ * protocol will be stored in pdwState and pdwProtocol respectively.
+ *
+ * @param[in] hCard Connection made from SCardConnect.
+ * @param mszReaderNames [inout] Friendly name of this reader.
+ * @param pcchReaderLen [inout] Size of the szReaderName multistring.
+ * @param[out] pdwState Current state of this reader. pdwState
+ * is a DWORD possibly OR'd with the following values:
+ * <ul>
+ * <li>\ref SCARD_ABSENT - There is no card in the reader.
+ * <li>\ref SCARD_PRESENT - There is a card in the reader, but it has not
+ * been moved into position for use.
+ * <li>\ref SCARD_SWALLOWED - There is a card in the reader in position for
+ * use. The card is not powered.
+ * <li>\ref SCARD_POWERED - Power is being provided to the card, but the
+ * reader driver is unaware of the mode of the card.
+ * <li>\ref SCARD_NEGOTIABLE - The card has been reset and is awaiting PTS
+ * negotiation.
+ * <li>\ref SCARD_SPECIFIC - The card has been reset and specific
+ * communication protocols have been established.
+ * </ul>
+ * @param[out] pdwProtocol Current protocol of this reader.
+ * <ul>
+ * <li>\ref SCARD_PROTOCOL_T0 Use the T=0 protocol.
+ * <li>\ref SCARD_PROTOCOL_T1 Use the T=1 protocol.
+ * </ul>
+ * @param[out] pbAtr Current ATR of a card in this reader.
+ * @param[out] pcbAtrLen Length of ATR.
+ *
+ * @return Error code.
+ * @retval SCARD_S_SUCCESS Successful (\ref SCARD_S_SUCCESS)
+ * @retval SCARD_E_INVALID_HANDLE Invalid hCard handle (\ref SCARD_E_INVALID_HANDLE)
+ * @retval SCARD_E_INSUFFICIENT_BUFFER Not enough allocated memory for szReaderName or for pbAtr (\ref SCARD_E_INSUFFICIENT_BUFFER)
+ * @retval SCARD_E_READER_UNAVAILABLE The reader has been removed (\ref SCARD_E_READER_UNAVAILABLE)
+ *
+ * @test
+ * @code
+ * SCARDCONTEXT hContext;
+ * SCARDHANDLE hCard;
+ * DWORD dwActiveProtocol;
+ * DWORD dwState, dwProtocol, dwAtrLen, dwReaderLen;
+ * BYTE pbAtr[MAX_ATR_SIZE];
+ * ...
+ * rv = SCardEstablishContext(SCARD_SCOPE_SYSTEM, NULL, NULL, &hContext);
+ * rv = SCardConnect(hContext, "Reader X", SCARD_SHARE_SHARED, SCARD_PROTOCOL_T0, &hCard, &dwActiveProtocol);
+ * ...
+ * dwAtrLen = sizeof(pbAtr);
+ * rv=SCardStatus(hCard, NULL, &dwReaderLen, &dwState, &dwProtocol, pbAtr, &dwAtrLen);
+ * @endcode
+ */
+LONG SCardStatus(SCARDHANDLE hCard, LPSTR mszReaderNames,
+ LPDWORD pcchReaderLen, LPDWORD pdwState,
+ LPDWORD pdwProtocol, LPBYTE pbAtr, LPDWORD pcbAtrLen)
+{
+ DWORD dwReaderLen, atrOutputBufferSize;
+ LONG rv;
+ int i;
+ status_struct scStatusStruct;
+ sharedSegmentMsg msgStruct;
+ DWORD dwContextIndex, dwChannelIndex;
+ char *r;
+
+ PROFILE_START
+
+ /*
+ * Check for NULL parameters
+ */
+
+ if (pcchReaderLen == NULL || pcbAtrLen == NULL)
+ return SCARD_E_INVALID_PARAMETER;
+
+ /* length passed from caller */
+ dwReaderLen = *pcchReaderLen;
+ atrOutputBufferSize = *pcbAtrLen;
+
+ /* default output values */
+ if (pdwState)
+ *pdwState = 0;
+
+ if (pdwProtocol)
+ *pdwProtocol = 0;
+
+ *pcchReaderLen = 0;
+ *pcbAtrLen = 0;
+
+ if (SCardCheckDaemonAvailability() != SCARD_S_SUCCESS)
+ return SCARD_E_NO_SERVICE;
+
+ /*
+ * Make sure this handle has been opened
+ */
+ rv = SCardGetIndicesFromHandle(hCard, &dwContextIndex, &dwChannelIndex);
+
+ if (rv == -1)
+ return SCARD_E_INVALID_HANDLE;
+
+ SYS_MutexLock(psContextMap[dwContextIndex].mMutex);
+
+ r = psContextMap[dwContextIndex].psChannelMap[dwChannelIndex].readerName;
+ for (i = 0; i < PCSCLITE_MAX_READERS_CONTEXTS; i++)
+ {
+ /* by default r == NULL */
+ if (SharedReaderState_ReaderNameIsEqual(readerStates[i], r))
+ break;
+ }
+
+ if (i == PCSCLITE_MAX_READERS_CONTEXTS)
+ {
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+ return SCARD_E_READER_UNAVAILABLE;
+ }
+
+ /* initialise the structure */
+ memset(&scStatusStruct, 0, sizeof(scStatusStruct));
+ scStatusStruct.hCard = hCard;
+
+ /* those sizes need to be initialised */
+ scStatusStruct.pcchReaderLen = sizeof(scStatusStruct.mszReaderNames);
+ scStatusStruct.pcbAtrLen = sizeof(scStatusStruct.pbAtr);
+ htonlStatusStruct(&scStatusStruct);
+
+ rv = WrapSHMWrite(SCARD_STATUS, psContextMap[dwContextIndex].dwClientID,
+ sizeof(scStatusStruct),
+ SHMClientCommunicationTimeout(), (void *) &scStatusStruct);
+
+ if (rv == -1)
+ {
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+ return SCARD_E_NO_SERVICE;
+ }
+
+ /*
+ * Read a message from the server
+ */
+ rv = SHMClientReadMessage(&msgStruct, psContextMap[dwContextIndex].dwClientID, sizeof(status_struct), SHMClientCommunicationTimeout());
+
+ memcpy(&scStatusStruct, &msgStruct.data, sizeof(scStatusStruct));
+ ntohlStatusStruct(&scStatusStruct);
+
+ if (rv == -1)
+ {
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+ return SCARD_F_COMM_ERROR;
+ }
+
+ rv = scStatusStruct.rv;
+ if (rv != SCARD_S_SUCCESS && rv != SCARD_E_INSUFFICIENT_BUFFER)
+ {
+ /*
+ * An event must have occurred
+ */
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+ return rv;
+ }
+
+ /*
+ * Now continue with the client side SCardStatus
+ */
+
+ *pcchReaderLen = strlen(psContextMap[dwContextIndex].psChannelMap[dwChannelIndex].readerName) + 1;
+ *pcbAtrLen = SharedReaderState_CardAtrLength(readerStates[i]);
+
+ if (pdwState)
+ *pdwState = SharedReaderState_State(readerStates[i]);
+
+ if (pdwProtocol)
+ *pdwProtocol = SharedReaderState_Protocol(readerStates[i]);
+
+ /* return SCARD_E_INSUFFICIENT_BUFFER only if buffer pointer is non NULL */
+ if (mszReaderNames)
+ {
+ if (*pcchReaderLen > dwReaderLen)
+ rv = SCARD_E_INSUFFICIENT_BUFFER;
+
+ strncpy(mszReaderNames,
+ psContextMap[dwContextIndex].psChannelMap[dwChannelIndex].readerName,
+ dwReaderLen);
+ }
+
+ if (pbAtr)
+ {
+ if (*pcbAtrLen > atrOutputBufferSize)
+ rv = SCARD_E_INSUFFICIENT_BUFFER;
+
+ memcpy(pbAtr, SharedReaderState_CardAtr(readerStates[i]),
+ min(*pcbAtrLen, atrOutputBufferSize));
+ }
+
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+
+ PROFILE_END
+
+ return rv;
+}
+
+/**
+ * @brief This function receives a structure or list of structures containing
+ * reader names. It then blocks for a change in state to occur on any of the
+ * OR'd values contained in dwCurrentState for a maximum blocking time of
+ * dwTimeout or forever if INFINITE is used.
+ *
+ * The new event state will be contained in dwEventState. A status change might
+ * be a card insertion or removal event, a change in ATR, etc.
+ *
+ * This function will block for reader availability if cReaders is equal to
+ * zero and rgReaderStates is NULL.
+ *
+ * @code
+ * typedef struct {
+ * LPCSTR szReader; // Reader name
+ * LPVOID pvUserData; // User defined data
+ * DWORD dwCurrentState; // Current state of reader
+ * DWORD dwEventState; // Reader state after a state change
+ * DWORD cbAtr; // ATR Length, usually MAX_ATR_SIZE
+ * BYTE rgbAtr[MAX_ATR_SIZE]; // ATR Value
+ * } SCARD_READERSTATE;
+ * ...
+ * typedef SCARD_READERSTATE *PSCARD_READERSTATE, **LPSCARD_READERSTATE;
+ * ...
+ * @endcode
+ *
+ * Value of dwCurrentState and dwEventState:
+ * <ul>
+ * <li>\ref SCARD_STATE_UNAWARE The application is unaware of the current
+ * state, and would like to know. The use of this value results in an
+ * immediate return from state transition monitoring services. This is
+ * represented by all bits set to zero.
+ * <li>\ref SCARD_STATE_IGNORE This reader should be ignored
+ * <li>\ref SCARD_STATE_CHANGED There is a difference between the state believed
+ * by the application, and the state known by the resource manager.
+ * When this bit is set, the application may assume a significant state
+ * change has occurred on this reader.
+ * <li>\ref SCARD_STATE_UNKNOWN The given reader name is not recognized by the
+ * resource manager. If this bit is set, then \ref SCARD_STATE_CHANGED and
+ * \ref SCARD_STATE_IGNORE will also be set
+ * <li>\ref SCARD_STATE_UNAVAILABLE The actual state of this reader is not
+ * available. If this bit is set, then all the following bits are clear.
+ * <li>\ref SCARD_STATE_EMPTY There is no card in the reader. If this bit is set,
+ * all the following bits will be clear
+ * <li>\ref SCARD_STATE_PRESENT There is a card in the reader
+ * <li>\ref SCARD_STATE_ATRMATCH There is a card in the reader with an ATR
+ * matching one of the target cards. If this bit is set,
+ * \ref SCARD_STATE_PRESENT will also be set. This bit is only returned on
+ * the SCardLocateCards() function.
+ * <li>\ref SCARD_STATE_EXCLUSIVE The card in the reader is allocated for
+ * exclusive use by another application. If this bit is set,
+ * \ref SCARD_STATE_PRESENT will also be set.
+ * <li>\ref SCARD_STATE_INUSE The card in the reader is in use by one or more
+ * other applications, but may be connected to in shared mode. If this
+ * bit is set, \ref SCARD_STATE_PRESENT will also be set.
+ * <li>\ref SCARD_STATE_MUTE There is an unresponsive card in the reader.
+ * </ul>
+ *
+ * @param[in] hContext Connection context to the PC/SC Resource Manager.
+ * @param[in] dwTimeout Maximum waiting time (in miliseconds) for status
+ * change, zero (or INFINITE) for infinite.
+ * @param rgReaderStates [inout] Structures of readers with current states.
+ * @param[in] cReaders Number of structures.
+ *
+ * @return Error code.
+ * @retval SCARD_S_SUCCESS Successful (\ref SCARD_S_SUCCESS)
+ * @retval SCARD_E_INVALID_VALUE Invalid States, reader name, etc (\ref SCARD_E_INVALID_VALUE)
+ * @retval SCARD_E_INVALID_HANDLE Invalid hContext handle (\ref SCARD_E_INVALID_HANDLE)
+ * @retval SCARD_E_READER_UNAVAILABLE The reader is unavailable (\ref SCARD_E_READER_UNAVAILABLE)
+ *
+ * @test
+ * @code
+ * SCARDCONTEXT hContext;
+ * SCARD_READERSTATE_A rgReaderStates[1];
+ * LONG rv;
+ * ...
+ * rv = SCardEstablishContext(SCARD_SCOPE_SYSTEM, NULL, NULL, &hContext);
+ * ...
+ * rgReaderStates[0].szReader = "Reader X";
+ * rgReaderStates[0].dwCurrentState = SCARD_STATE_UNAWARE;
+ * ...
+ * rv = SCardGetStatusChange(hContext, INFINITE, rgReaderStates, 1);
+ * printf("reader state: 0x%04X\n", rgReaderStates[0].dwEventState);
+ * @endcode
+ */
+LONG SCardGetStatusChange(SCARDCONTEXT hContext, DWORD dwTimeout,
+ LPSCARD_READERSTATE_A rgReaderStates, DWORD cReaders)
+{
+ PSCARD_READERSTATE_A currReader;
+ PREADER_STATE rContext;
+ DWORD dwTime = 0;
+ DWORD dwState;
+ DWORD dwBreakFlag = 0;
+ int j;
+ LONG dwContextIndex;
+ int currentReaderCount = 0;
+
+ PROFILE_START
+
+ if (rgReaderStates == NULL && cReaders > 0)
+ return SCARD_E_INVALID_PARAMETER;
+
+ if (SCardCheckDaemonAvailability() != SCARD_S_SUCCESS)
+ return SCARD_E_NO_SERVICE;
+
+ /*
+ * Make sure this context has been opened
+ */
+
+ dwContextIndex = SCardGetContextIndice(hContext);
+ if (dwContextIndex == -1)
+ return SCARD_E_INVALID_HANDLE;
+
+ SYS_MutexLock(psContextMap[dwContextIndex].mMutex);
+
+ /*
+ * Application is waiting for a reader - return the first available
+ * reader
+ */
+
+ if (cReaders == 0)
+ {
+ while (1)
+ {
+ int i;
+
+ if (SCardCheckDaemonAvailability() != SCARD_S_SUCCESS)
+ {
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+ return SCARD_E_NO_SERVICE;
+ }
+
+ for (i = 0; i < PCSCLITE_MAX_READERS_CONTEXTS; i++)
+ {
+ if (SharedReaderState_ReaderID(readerStates[i]) != 0)
+ {
+ /*
+ * Reader was found
+ */
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+
+ PROFILE_END
+
+ return SCARD_S_SUCCESS;
+ }
+ }
+
+ if (dwTimeout == 0)
+ {
+ /*
+ * return immediately - no reader available
+ */
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+ return SCARD_E_READER_UNAVAILABLE;
+ }
+
+ SYS_USleep(PCSCLITE_STATUS_WAIT);
+
+ if (dwTimeout != INFINITE)
+ {
+ dwTime += PCSCLITE_STATUS_WAIT;
+
+ if (dwTime >= (dwTimeout * 1000))
+ {
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+
+ PROFILE_END
+
+ return SCARD_E_TIMEOUT;
+ }
+ }
+ }
+ }
+ else
+ if (cReaders >= PCSCLITE_MAX_READERS_CONTEXTS)
+ {
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+ return SCARD_E_INVALID_VALUE;
+ }
+
+ /*
+ * Check the integrity of the reader states structures
+ */
+
+ for (j = 0; j < cReaders; j++)
+ {
+ currReader = &rgReaderStates[j];
+
+ if (currReader->szReader == NULL)
+ {
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+ return SCARD_E_INVALID_VALUE;
+ }
+ }
+
+ /*
+ * End of search for readers
+ */
+
+ /*
+ * Clear the event state for all readers
+ */
+ for (j = 0; j < cReaders; j++)
+ {
+ currReader = &rgReaderStates[j];
+ currReader->dwEventState = 0;
+ }
+
+ /*
+ * Now is where we start our event checking loop
+ */
+
+ Log1(PCSC_LOG_DEBUG, "Event Loop Start");
+
+ psContextMap[dwContextIndex].contextBlockStatus = BLOCK_STATUS_BLOCKING;
+
+ /* Get the initial reader count on the system */
+ for (j=0; j < PCSCLITE_MAX_READERS_CONTEXTS; j++)
+ if (SharedReaderState_ReaderID(readerStates[j]) != 0)
+ currentReaderCount++;
+
+ j = 0;
+
+ do
+ {
+ int newReaderCount = 0;
+ char ReaderCountChanged = 0;
+
+ if (SCardCheckDaemonAvailability() != SCARD_S_SUCCESS)
+ {
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+
+ PROFILE_END
+
+ return SCARD_E_NO_SERVICE;
+ }
+
+ if (j == 0)
+ {
+ int i;
+
+ for (i=0; i < PCSCLITE_MAX_READERS_CONTEXTS; i++)
+ if (SharedReaderState_ReaderID(readerStates[i]) != 0)
+ newReaderCount++;
+
+ if (newReaderCount != currentReaderCount)
+ {
+ Log1(PCSC_LOG_INFO, "Reader list changed");
+ ReaderCountChanged = 1;
+ currentReaderCount = newReaderCount;
+ }
+ }
+ currReader = &rgReaderStates[j];
+
+ /************ Look for IGNORED readers ****************************/
+
+ if (currReader->dwCurrentState & SCARD_STATE_IGNORE)
+ currReader->dwEventState = SCARD_STATE_IGNORE;
+ else
+ {
+ LPSTR lpcReaderName;
+ int i;
+
+ /************ Looks for correct readernames *********************/
+
+ lpcReaderName = (char *) currReader->szReader;
+
+ for (i = 0; i < PCSCLITE_MAX_READERS_CONTEXTS; i++)
+ {
+ if (SharedReaderState_ReaderNameIsEqual(readerStates[i], lpcReaderName))
+ break;
+ }
+
+ /*
+ * The requested reader name is not recognized
+ */
+ if (i == PCSCLITE_MAX_READERS_CONTEXTS)
+ {
+ if (currReader->dwCurrentState & SCARD_STATE_UNKNOWN)
+ currReader->dwEventState = SCARD_STATE_UNKNOWN;
+ else
+ {
+ currReader->dwEventState =
+ SCARD_STATE_UNKNOWN | SCARD_STATE_CHANGED;
+ /*
+ * Spec says use SCARD_STATE_IGNORE but a removed USB
+ * reader with eventState fed into currentState will
+ * be ignored forever
+ */
+ dwBreakFlag = 1;
+ }
+ }
+ else
+ {
+
+ /*
+ * The reader has come back after being away
+ */
+ if (currReader->dwCurrentState & SCARD_STATE_UNKNOWN)
+ {
+ currReader->dwEventState |= SCARD_STATE_CHANGED;
+ currReader->dwEventState &= ~SCARD_STATE_UNKNOWN;
+ dwBreakFlag = 1;
+ }
+
+ /*****************************************************************/
+
+ /*
+ * Set the reader status structure
+ */
+ rContext = readerStates[i];
+
+ /*
+ * Now we check all the Reader States
+ */
+ dwState = SharedReaderState_State(rContext);
+
+ /*********** Check if the reader is in the correct state ********/
+ if (dwState & SCARD_UNKNOWN)
+ {
+ /*
+ * App thinks reader is in bad state and it is
+ */
+ if (currReader-> dwCurrentState & SCARD_STATE_UNAVAILABLE)
+ currReader->dwEventState = SCARD_STATE_UNAVAILABLE;
+ else
+ {
+ /*
+ * App thinks reader is in good state and it is
+ * not
+ */
+ currReader->dwEventState = SCARD_STATE_CHANGED |
+ SCARD_STATE_UNAVAILABLE;
+ dwBreakFlag = 1;
+ }
+ }
+ else
+ {
+ /*
+ * App thinks reader in bad state but it is not
+ */
+ if (currReader-> dwCurrentState & SCARD_STATE_UNAVAILABLE)
+ {
+ currReader->dwEventState &=
+ ~SCARD_STATE_UNAVAILABLE;
+ currReader->dwEventState |= SCARD_STATE_CHANGED;
+ dwBreakFlag = 1;
+ }
+ }
+
+ /********** Check for card presence in the reader **************/
+
+ if (dwState & SCARD_PRESENT)
+ {
+ /* card present but not yet powered up */
+ if (0 == SharedReaderState_CardAtrLength(rContext))
+ /* Allow the status thread to convey information */
+ SYS_USleep(PCSCLITE_STATUS_POLL_RATE + 10);
+
+ currReader->cbAtr = SharedReaderState_CardAtrLength(rContext);
+ memcpy(currReader->rgbAtr, SharedReaderState_CardAtr(rContext),
+ currReader->cbAtr);
+ }
+ else
+ currReader->cbAtr = 0;
+
+ /*
+ * Card is now absent
+ */
+ if (dwState & SCARD_ABSENT)
+ {
+ currReader->dwEventState |= SCARD_STATE_EMPTY;
+ currReader->dwEventState &= ~SCARD_STATE_PRESENT;
+ currReader->dwEventState &= ~SCARD_STATE_UNAWARE;
+ currReader->dwEventState &= ~SCARD_STATE_IGNORE;
+ currReader->dwEventState &= ~SCARD_STATE_UNKNOWN;
+ currReader->dwEventState &= ~SCARD_STATE_UNAVAILABLE;
+ currReader->dwEventState &= ~SCARD_STATE_ATRMATCH;
+ currReader->dwEventState &= ~SCARD_STATE_MUTE;
+ currReader->dwEventState &= ~SCARD_STATE_INUSE;
+
+ /*
+ * After present the rest are assumed
+ */
+ if (currReader->dwCurrentState & SCARD_STATE_PRESENT
+ || currReader->dwCurrentState & SCARD_STATE_ATRMATCH
+ || currReader->dwCurrentState & SCARD_STATE_EXCLUSIVE
+ || currReader->dwCurrentState & SCARD_STATE_INUSE)
+ {
+ currReader->dwEventState |= SCARD_STATE_CHANGED;
+ dwBreakFlag = 1;
+ }
+
+ /*
+ * Card is now present
+ */
+ } else if (dwState & SCARD_PRESENT)
+ {
+ currReader->dwEventState |= SCARD_STATE_PRESENT;
+ currReader->dwEventState &= ~SCARD_STATE_EMPTY;
+ currReader->dwEventState &= ~SCARD_STATE_UNAWARE;
+ currReader->dwEventState &= ~SCARD_STATE_IGNORE;
+ currReader->dwEventState &= ~SCARD_STATE_UNKNOWN;
+ currReader->dwEventState &= ~SCARD_STATE_UNAVAILABLE;
+ currReader->dwEventState &= ~SCARD_STATE_MUTE;
+
+ if (currReader->dwCurrentState & SCARD_STATE_EMPTY)
+ {
+ currReader->dwEventState |= SCARD_STATE_CHANGED;
+ dwBreakFlag = 1;
+ }
+
+ if (dwState & SCARD_SWALLOWED)
+ {
+ if (currReader->dwCurrentState & SCARD_STATE_MUTE)
+ currReader->dwEventState |= SCARD_STATE_MUTE;
+ else
+ {
+ currReader->dwEventState |= SCARD_STATE_MUTE;
+ if (currReader->dwCurrentState
+ != SCARD_STATE_UNAWARE)
+ currReader->dwEventState |= SCARD_STATE_CHANGED;
+ dwBreakFlag = 1;
+ }
+ }
+ else
+ {
+ /*
+ * App thinks card is mute but it is not
+ */
+ if (currReader->dwCurrentState & SCARD_STATE_MUTE)
+ {
+ currReader->dwEventState |=
+ SCARD_STATE_CHANGED;
+ dwBreakFlag = 1;
+ }
+ }
+ }
+
+ /*
+ * Now figure out sharing modes
+ */
+ DWORD sharing = SharedReaderState_Sharing(rContext);
+ if (sharing == -1)
+ {
+ currReader->dwEventState |= SCARD_STATE_EXCLUSIVE;
+ currReader->dwEventState &= ~SCARD_STATE_INUSE;
+ if (currReader->dwCurrentState & SCARD_STATE_INUSE)
+ {
+ currReader->dwEventState |= SCARD_STATE_CHANGED;
+ dwBreakFlag = 1;
+ }
+ }
+ else if (sharing >= 1)
+ {
+ /*
+ * A card must be inserted for it to be INUSE
+ */
+ if (dwState & SCARD_PRESENT)
+ {
+ currReader->dwEventState |= SCARD_STATE_INUSE;
+ currReader->dwEventState &= ~SCARD_STATE_EXCLUSIVE;
+ if (currReader-> dwCurrentState & SCARD_STATE_EXCLUSIVE)
+ {
+ currReader->dwEventState |= SCARD_STATE_CHANGED;
+ dwBreakFlag = 1;
+ }
+ }
+ }
+ else if (sharing == 0)
+ {
+ currReader->dwEventState &= ~SCARD_STATE_INUSE;
+ currReader->dwEventState &= ~SCARD_STATE_EXCLUSIVE;
+
+ if (currReader->dwCurrentState & SCARD_STATE_INUSE)
+ {
+ currReader->dwEventState |= SCARD_STATE_CHANGED;
+ dwBreakFlag = 1;
+ }
+ else if (currReader-> dwCurrentState
+ & SCARD_STATE_EXCLUSIVE)
+ {
+ currReader->dwEventState |= SCARD_STATE_CHANGED;
+ dwBreakFlag = 1;
+ }
+ }
+
+ if (currReader->dwCurrentState == SCARD_STATE_UNAWARE)
+ {
+ /*
+ * Break out of the while .. loop and return status
+ * once all the status's for all readers is met
+ */
+ currReader->dwEventState |= SCARD_STATE_CHANGED;
+ dwBreakFlag = 1;
+ }
+
+ } /* End of SCARD_STATE_UNKNOWN */
+
+ } /* End of SCARD_STATE_IGNORE */
+
+ /*
+ * Counter and resetter
+ */
+ j = j + 1;
+ if (j == cReaders)
+ {
+ if (!dwBreakFlag)
+ {
+ /* break if the reader count changed,
+ * so that the calling application can update
+ * the reader list
+ */
+ if (ReaderCountChanged)
+ break;
+ }
+ j = 0;
+ }
+
+ /*
+ * Declare all the break conditions
+ */
+
+ if (psContextMap[dwContextIndex].contextBlockStatus
+ == BLOCK_STATUS_RESUME)
+ break;
+
+ /*
+ * Break if UNAWARE is set and all readers have been checked
+ */
+ if ((dwBreakFlag == 1) && (j == 0))
+ break;
+
+ /*
+ * Timeout has occurred and all readers checked
+ */
+ if ((dwTimeout == 0) && (j == 0))
+ break;
+
+ if (dwTimeout != INFINITE && dwTimeout != 0)
+ {
+ /*
+ * If time is greater than timeout and all readers have been
+ * checked
+ */
+ if ((dwTime >= (dwTimeout * 1000)) && (j == 0))
+ {
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+ return SCARD_E_TIMEOUT;
+ }
+ }
+
+ /*
+ * Only sleep once for each cycle of reader checks.
+ */
+ if (j == 0)
+ {
+ SYS_USleep(PCSCLITE_STATUS_WAIT);
+ dwTime += PCSCLITE_STATUS_WAIT;
+ }
+ }
+ while (1);
+
+ Log1(PCSC_LOG_DEBUG, "Event Loop End");
+
+ if (psContextMap[dwContextIndex].contextBlockStatus ==
+ BLOCK_STATUS_RESUME)
+ {
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+ return SCARD_E_CANCELLED;
+ }
+
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+
+ PROFILE_END
+
+ return SCARD_S_SUCCESS;
+}
+
+#undef SCardControl
+
+LONG SCardControl(SCARDHANDLE hCard, const void *pbSendBuffer,
+ DWORD cbSendLength, void *pbRecvBuffer, LPDWORD pcbRecvLength)
+{
+
+ SCARD_IO_REQUEST pioSendPci, pioRecvPci;
+
+ pioSendPci.dwProtocol = SCARD_PROTOCOL_RAW;
+ pioRecvPci.dwProtocol = SCARD_PROTOCOL_RAW;
+
+ return SCardTransmit(hCard, &pioSendPci, pbSendBuffer, cbSendLength,
+ &pioRecvPci, pbRecvBuffer, pcbRecvLength);
+}
+
+/**
+ * @brief This function sends a command directly to the IFD Handler to be
+ * processed by the reader.
+ *
+ * This is useful for creating client side reader drivers for functions like
+ * PIN pads, biometrics, or other extensions to the normal smart card reader
+ * that are not normally handled by PC/SC.
+ *
+ * @note the API of this function changed. In pcsc-lite 1.2.0 and before the
+ * API was not Windows(R) PC/SC compatible. This has been corrected.
+ *
+ * @param[in] hCard Connection made from SCardConnect.
+ * @param[in] dwControlCode Control code for the operation.\n
+ * <a href="http://pcsclite.alioth.debian.org/pcsc-lite/node26.html#Some_SCardControl_commands">
+ * Click here</a> for a list of supported commands by some drivers.
+ * @param[in] pbSendBuffer Command to send to the reader.
+ * @param[in] cbSendLength Length of the command.
+ * @param[out] pbRecvBuffer Response from the reader.
+ * @param[in] cbRecvLength Length of the response buffer.
+ * @param[out] lpBytesReturned Length of the response.
+ *
+ * @return Error code.
+ * @retval SCARD_S_SUCCESS Successful (\ref SCARD_S_SUCCESS)
+ * @retval SCARD_E_NOT_TRANSACTED Data exchange not successful (\ref SCARD_E_NOT_TRANSACTED)
+ * @retval SCARD_E_INVALID_HANDLE Invalid hCard handle (\ref SCARD_E_INVALID_HANDLE)
+ * @retval SCARD_E_INVALID_VALUE Invalid value was presented (\ref SCARD_E_INVALID_VALUE)
+ * @retval SCARD_E_READER_UNAVAILABLE The reader has been removed(\ref SCARD_E_READER_UNAVAILABLE)
+ * @retval SCARD_W_RESET_CARD The card has been reset by another application (\ref SCARD_W_RESET_CARD)
+ * @retval SCARD_W_REMOVED_CARD The card has been removed from the reader(\ref SCARD_W_REMOVED_CARD)
+ *
+ * @test
+ * @code
+ * LONG rv;
+ * SCARDCONTEXT hContext;
+ * SCARDHANDLE hCard;
+ * DWORD dwActiveProtocol, dwSendLength, dwRecvLength;
+ * BYTE pbRecvBuffer[10];
+ * BYTE pbSendBuffer[] = { 0x06, 0x00, 0x0A, 0x01, 0x01, 0x10 0x00 };
+ * ...
+ * rv = SCardEstablishContext(SCARD_SCOPE_SYSTEM, NULL, NULL, &hContext);
+ * rv = SCardConnect(hContext, "Reader X", SCARD_SHARE_SHARED, SCARD_PROTOCOL_RAW &hCard, &dwActiveProtocol);
+ * dwSendLength = sizeof(pbSendBuffer);
+ * dwRecvLength = sizeof(pbRecvBuffer);
+ * rv = SCardControl(hCard, 0x42000001, pbSendBuffer, dwSendLength, pbRecvBuffer, sizeof(pbRecvBuffer), &dwRecvLength);
+ * @endcode
+ */
+int32_t SCardControl132(SCARDHANDLE hCard, DWORD dwControlCode, LPCVOID pbSendBuffer,
+ DWORD cbSendLength, LPVOID pbRecvBuffer, DWORD cbRecvLength,
+ LPDWORD lpBytesReturned)
+{
+ // Real implementation to be provided as part of:
+ // <rdar://problem/4711576> Support the new SCardControl function
+ //
+
+ LONG rv;
+ control_struct scControlStruct;
+ sharedSegmentMsg msgStruct;
+ int i;
+ DWORD dwContextIndex, dwChannelIndex;
+
+ PROFILE_START
+
+ /* 0 bytes received by default */
+ if (NULL != lpBytesReturned)
+ *lpBytesReturned = 0;
+
+ if (SCardCheckDaemonAvailability() != SCARD_S_SUCCESS)
+ return SCARD_E_NO_SERVICE;
+
+ /*
+ * Make sure this handle has been opened
+ */
+ rv = SCardGetIndicesFromHandle(hCard, &dwContextIndex, &dwChannelIndex);
+
+ if (rv == -1)
+ return SCARD_E_INVALID_HANDLE;
+
+ SYS_MutexLock(psContextMap[dwContextIndex].mMutex);
+
+ for (i = 0; i < PCSCLITE_MAX_READERS_CONTEXTS; i++)
+ {
+ char *r = psContextMap[dwContextIndex].psChannelMap[dwChannelIndex].readerName;
+
+ /* by default r == NULL */
+ if (SharedReaderState_ReaderNameIsEqual(readerStates[i], r))
+ break;
+ }
+
+ if (i == PCSCLITE_MAX_READERS_CONTEXTS)
+ {
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+ return SCARD_E_READER_UNAVAILABLE;
+ }
+
+ if ((cbSendLength > MAX_BUFFER_SIZE_EXTENDED)
+ || (cbRecvLength > MAX_BUFFER_SIZE_EXTENDED))
+ {
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+ return SCARD_E_INSUFFICIENT_BUFFER;
+ }
+
+ if ((cbSendLength > MAX_BUFFER_SIZE) || (cbRecvLength > MAX_BUFFER_SIZE))
+ {
+ /* extended control */
+ unsigned char buffer[sizeof(sharedSegmentMsg) + MAX_BUFFER_SIZE_EXTENDED];
+ control_struct_extended *scControlStructExtended = (control_struct_extended *)buffer;
+ sharedSegmentMsg *pmsgStruct = (psharedSegmentMsg)buffer;
+
+ scControlStructExtended->hCard = hCard;
+ scControlStructExtended->dwControlCode = dwControlCode;
+ scControlStructExtended->cbSendLength = cbSendLength;
+ scControlStructExtended->cbRecvLength = cbRecvLength;
+ scControlStructExtended->size = sizeof(*scControlStructExtended) + cbSendLength;
+ memcpy(scControlStructExtended->data, pbSendBuffer, cbSendLength);
+
+ size_t csesize = scControlStructExtended->size; // remember it from before byte swap
+ htonlControlStructExtended(scControlStructExtended);
+ rv = WrapSHMWrite(SCARD_CONTROL_EXTENDED,
+ psContextMap[dwContextIndex].dwClientID,
+ csesize,
+ SHMClientCommunicationTimeout(), buffer);
+
+ if (rv == -1)
+ {
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+ return SCARD_E_NO_SERVICE;
+ }
+
+ /*
+ * Read a message from the server
+ */
+ /* read the first block */
+ rv = SHMClientReadMessage(pmsgStruct, psContextMap[dwContextIndex].dwClientID, 0, SHMClientCommunicationTimeout());
+ if (rv == -1)
+ {
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+ return SCARD_F_COMM_ERROR;
+ }
+
+ /* we receive a sharedSegmentMsg and not a control_struct_extended */
+ scControlStructExtended = (control_struct_extended *)&(pmsgStruct -> data);
+ ntohlControlStructExtended(scControlStructExtended);
+
+ /* a second block is present */
+ if (scControlStructExtended->size > PCSCLITE_MAX_MESSAGE_SIZE)
+ {
+ rv = SHMMessageReceive(buffer + sizeof(sharedSegmentMsg),
+ scControlStructExtended->size-PCSCLITE_MAX_MESSAGE_SIZE,
+ psContextMap[dwContextIndex].dwClientID,
+ SHMClientCommunicationTimeout());
+ if (rv == -1)
+ {
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+ return SCARD_F_COMM_ERROR;
+ }
+ }
+
+ if (scControlStructExtended -> rv == SCARD_S_SUCCESS)
+ {
+ /*
+ * Copy and zero it so any secret information is not leaked
+ */
+ memcpy(pbRecvBuffer, scControlStructExtended -> data,
+ scControlStructExtended -> pdwBytesReturned);
+ memset(scControlStructExtended -> data, 0x00,
+ scControlStructExtended -> pdwBytesReturned);
+ }
+
+ if (NULL != lpBytesReturned)
+ *lpBytesReturned = scControlStructExtended -> pdwBytesReturned;
+
+ rv = scControlStructExtended -> rv;
+ }
+ else
+ {
+ scControlStruct.hCard = hCard;
+ scControlStruct.dwControlCode = dwControlCode;
+ scControlStruct.cbSendLength = cbSendLength;
+ scControlStruct.cbRecvLength = cbRecvLength;
+ memcpy(scControlStruct.pbSendBuffer, pbSendBuffer, cbSendLength);
+ htonlControlStruct(&scControlStruct);
+
+ rv = WrapSHMWrite(SCARD_CONTROL, psContextMap[dwContextIndex].dwClientID,
+ sizeof(scControlStruct), SHMClientCommunicationTimeout(), &scControlStruct);
+
+ if (rv == -1)
+ {
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+ return SCARD_E_NO_SERVICE;
+ }
+
+ /*
+ * Read a message from the server
+ */
+ rv = SHMClientReadMessage(&msgStruct, psContextMap[dwContextIndex].dwClientID, sizeof(control_struct), SHMClientCommunicationTimeout());
+
+ if (rv == -1)
+ {
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+ return SCARD_F_COMM_ERROR;
+ }
+
+ memcpy(&scControlStruct, &msgStruct.data, sizeof(scControlStruct));
+ ntohlControlStruct(&scControlStruct);
+
+ if (NULL != lpBytesReturned)
+ *lpBytesReturned = scControlStruct.dwBytesReturned;
+
+ if (scControlStruct.rv == SCARD_S_SUCCESS)
+ {
+ /*
+ * Copy and zero it so any secret information is not leaked
+ */
+ memcpy(pbRecvBuffer, scControlStruct.pbRecvBuffer,
+ scControlStruct.cbRecvLength);
+ memset(scControlStruct.pbRecvBuffer, 0x00,
+ sizeof(scControlStruct.pbRecvBuffer));
+ }
+
+ rv = scControlStruct.rv;
+ }
+
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+
+ PROFILE_END
+
+ return rv;
+}
+
+/**
+ * This function get an attribute from the IFD Handler. The list of possible
+ * attributes is available in the file \c pcsclite.h.
+ *
+ * @param[in] hCard Connection made from SCardConnect().
+ * @param[in] dwAttrId Identifier for the attribute to get.
+ * <ul>
+ * <li>\ref SCARD_ATTR_ASYNC_PROTOCOL_TYPES
+ * <li>\ref SCARD_ATTR_ATR_STRING
+ * <li>\ref SCARD_ATTR_CHANNEL_ID
+ * <li>\ref SCARD_ATTR_CHARACTERISTICS
+ * <li>\ref SCARD_ATTR_CURRENT_BWT
+ * <li>\ref SCARD_ATTR_CURRENT_CLK
+ * <li>\ref SCARD_ATTR_CURRENT_CWT
+ * <li>\ref SCARD_ATTR_CURRENT_D
+ * <li>\ref SCARD_ATTR_CURRENT_EBC_ENCODING
+ * <li>\ref SCARD_ATTR_CURRENT_F
+ * <li>\ref SCARD_ATTR_CURRENT_IFSC
+ * <li>\ref SCARD_ATTR_CURRENT_IFSD
+ * <li>\ref SCARD_ATTR_CURRENT_IO_STATE
+ * <li>\ref SCARD_ATTR_CURRENT_N
+ * <li>\ref SCARD_ATTR_CURRENT_PROTOCOL_TYPE
+ * <li>\ref SCARD_ATTR_CURRENT_W
+ * <li>\ref SCARD_ATTR_DEFAULT_CLK
+ * <li>\ref SCARD_ATTR_DEFAULT_DATA_RATE
+ * <li>\ref SCARD_ATTR_DEVICE_FRIENDLY_NAME_A
+ * <li>\ref SCARD_ATTR_DEVICE_FRIENDLY_NAME_W
+ * <li>\ref SCARD_ATTR_DEVICE_IN_USE
+ * <li>\ref SCARD_ATTR_DEVICE_SYSTEM_NAME_A
+ * <li>\ref SCARD_ATTR_DEVICE_SYSTEM_NAME_W
+ * <li>\ref SCARD_ATTR_DEVICE_UNIT
+ * <li>\ref SCARD_ATTR_ESC_AUTHREQUEST
+ * <li>\ref SCARD_ATTR_ESC_CANCEL
+ * <li>\ref SCARD_ATTR_ESC_RESET
+ * <li>\ref SCARD_ATTR_EXTENDED_BWT
+ * <li>\ref SCARD_ATTR_ICC_INTERFACE_STATUS
+ * <li>\ref SCARD_ATTR_ICC_PRESENCE
+ * <li>\ref SCARD_ATTR_ICC_TYPE_PER_ATR
+ * <li>\ref SCARD_ATTR_MAX_CLK
+ * <li>\ref SCARD_ATTR_MAX_DATA_RATE
+ * <li>\ref SCARD_ATTR_MAX_IFSD
+ * <li>\ref SCARD_ATTR_MAXINPUT
+ * <li>\ref SCARD_ATTR_POWER_MGMT_SUPPORT
+ * <li>\ref SCARD_ATTR_SUPRESS_T1_IFS_REQUEST
+ * <li>\ref SCARD_ATTR_SYNC_PROTOCOL_TYPES
+ * <li>\ref SCARD_ATTR_USER_AUTH_INPUT_DEVICE
+ * <li>\ref SCARD_ATTR_USER_TO_CARD_AUTH_DEVICE
+ * <li>\ref SCARD_ATTR_VENDOR_IFD_SERIAL_NO
+ * <li>\ref SCARD_ATTR_VENDOR_IFD_TYPE
+ * <li>\ref SCARD_ATTR_VENDOR_IFD_VERSION
+ * <li>\ref SCARD_ATTR_VENDOR_NAME
+ * </ul>
+ *
+ * Not all the dwAttrId values listed above may be implemented in the IFD
+ * Handler you are using. And some dwAttrId values not listed here may be
+ * implemented.
+ *
+ * @param[out] pbAttr Pointer to a buffer that receives the attribute.
+ * @param pcbAttrLen [inout] Length of the \p pbAttr buffer in bytes.
+ *
+ * @return Error code.
+ * @retval SCARD_S_SUCCESS Successful (\ref SCARD_S_SUCCESS)
+ * @retval SCARD_E_NOT_TRANSACTED Data exchange not successful (\ref SCARD_E_NOT_TRANSACTED)
+ * @retval SCARD_E_INSUFFICIENT_BUFFER Reader buffer not large enough (\ref SCARD_E_INSUFFICIENT_BUFFER)
+ *
+ * @test
+ * @code
+ * LONG rv;
+ * SCARDCONTEXT hContext;
+ * SCARDHANDLE hCard;
+ * DWORD dwActiveProtocol;
+ * unsigned char pbAtr[MAX_ATR_SIZE];
+ * DWORD dwAtrLen;
+ * ...
+ * rv = SCardEstablishContext(SCARD_SCOPE_SYSTEM, NULL, NULL, &hContext);
+ * rv = SCardConnect(hContext, "Reader X", SCARD_SHARE_SHARED,
+ * SCARD_PROTOCOL_RAW &hCard, &dwActiveProtocol);
+ * rv = SCardGetAttrib(hCard, SCARD_ATTR_ATR_STRING, pbAtr, &dwAtrLen);
+ * @endcode
+ */
+
+int32_t SCardGetAttrib(SCARDHANDLE hCard, uint32_t dwAttrId, uint8_t * pbAttr,
+ uint32_t * pcbAttrLen)
+{
+ PROFILE_START
+
+ if (NULL == pcbAttrLen)
+ return SCARD_E_INVALID_PARAMETER;
+
+ /* if only get the length */
+ if (NULL == pbAttr)
+ /* this variable may not be set by the caller. use a reasonable size */
+ *pcbAttrLen = MAX_BUFFER_SIZE;
+
+ PROFILE_END
+
+ return SCardGetSetAttrib(hCard, SCARD_GET_ATTRIB, dwAttrId, pbAttr,
+ pcbAttrLen);
+}
+
+/**
+ * @brief This function set an attribute of the IFD Handler.
+ *
+ * The list of attributes you can set is dependent on the IFD Handler you are
+ * using.
+ *
+ * @param[in] hCard Connection made from SCardConnect().
+ * @param[in] dwAttrId Identifier for the attribute to set.
+ * @param[in] pbAttr Pointer to a buffer that receives the attribute.
+ * @param[in] cbAttrLen Length of the \p pbAttr buffer in bytes.
+ *
+ * @return Error code
+ * @retval SCARD_S_SUCCESS Successful (\ref SCARD_S_SUCCESS)
+ * @retval SCARD_E_NOT_TRANSACTED Data exchange not successful (\ref SCARD_E_NOT_TRANSACTED)
+ *
+ * @test
+ * @code
+ * LONG rv;
+ * SCARDCONTEXT hContext;
+ * SCARDHANDLE hCard;
+ * DWORD dwActiveProtocol;
+ * unsigned char pbAtr[MAX_ATR_SIZE];
+ * DWORD dwAtrLen;
+ * ...
+ * rv = SCardEstablishContext(SCARD_SCOPE_SYSTEM, NULL, NULL, &hContext);
+ * rv = SCardConnect(hContext, "Reader X", SCARD_SHARE_SHARED,
+ * SCARD_PROTOCOL_RAW &hCard, &dwActiveProtocol);
+ * rv = SCardSetAttrib(hCard, 0x42000001, "\x12\x34\x56", 3);
+ * @endcode
+ */
+
+int32_t SCardSetAttrib(SCARDHANDLE hCard, uint32_t dwAttrId, const uint8_t *pbAttr,
+ uint32_t cbAttrLen)
+{
+ PROFILE_START
+
+ if (NULL == pbAttr || 0 == cbAttrLen)
+ return SCARD_E_INVALID_PARAMETER;
+
+ PROFILE_END
+
+ return SCardGetSetAttrib(hCard, SCARD_SET_ATTRIB, dwAttrId, (LPBYTE)pbAttr,
+ &cbAttrLen);
+}
+
+static LONG SCardGetSetAttrib(SCARDHANDLE hCard, int command, DWORD dwAttrId,
+ LPBYTE pbAttr, LPDWORD pcbAttrLen)
+{
+ PROFILE_START
+
+ LONG rv;
+ getset_struct scGetSetStruct;
+ sharedSegmentMsg msgStruct;
+ int i;
+ DWORD dwContextIndex, dwChannelIndex;
+
+ if (SCardCheckDaemonAvailability() != SCARD_S_SUCCESS)
+ return SCARD_E_NO_SERVICE;
+
+ /*
+ * Make sure this handle has been opened
+ */
+ rv = SCardGetIndicesFromHandle(hCard, &dwContextIndex, &dwChannelIndex);
+
+ if (rv == -1)
+ return SCARD_E_INVALID_HANDLE;
+
+ SYS_MutexLock(psContextMap[dwContextIndex].mMutex);
+
+ for (i = 0; i < PCSCLITE_MAX_READERS_CONTEXTS; i++)
+ {
+ char *r = psContextMap[dwContextIndex].psChannelMap[dwChannelIndex].readerName;
+
+ /* by default r == NULL */
+ if (SharedReaderState_ReaderNameIsEqual(readerStates[i], r))
+ break;
+ }
+
+ if (i == PCSCLITE_MAX_READERS_CONTEXTS)
+ {
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+ return SCARD_E_READER_UNAVAILABLE;
+ }
+
+ if (*pcbAttrLen > MAX_BUFFER_SIZE)
+ {
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+ return SCARD_E_INSUFFICIENT_BUFFER;
+ }
+
+ scGetSetStruct.hCard = hCard;
+ scGetSetStruct.dwAttrId = dwAttrId;
+ scGetSetStruct.cbAttrLen = *pcbAttrLen;
+ scGetSetStruct.rv = SCARD_E_NO_SERVICE;
+ if (SCARD_SET_ATTRIB == command)
+ memcpy(scGetSetStruct.pbAttr, pbAttr, *pcbAttrLen);
+
+ ntohlGetSetStruct(&scGetSetStruct);
+ rv = WrapSHMWrite(command,
+ psContextMap[dwContextIndex].dwClientID, sizeof(scGetSetStruct),
+ SHMClientCommunicationTimeout(), &scGetSetStruct);
+
+ if (rv == -1)
+ {
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+ return SCARD_E_NO_SERVICE;
+ }
+
+ /*
+ * Read a message from the server
+ */
+ rv = SHMClientReadMessage(&msgStruct, psContextMap[dwContextIndex].dwClientID, sizeof(getset_struct), SHMClientCommunicationTimeout());
+
+ if (rv == -1)
+ {
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+ return SCARD_F_COMM_ERROR;
+ }
+
+ memcpy(&scGetSetStruct, &msgStruct.data, sizeof(scGetSetStruct));
+ ntohlGetSetStruct(&scGetSetStruct);
+
+ if ((SCARD_S_SUCCESS == scGetSetStruct.rv) && (SCARD_GET_ATTRIB == command))
+ {
+ /*
+ * Copy and zero it so any secret information is not leaked
+ */
+ if (*pcbAttrLen < scGetSetStruct.cbAttrLen)
+ {
+ scGetSetStruct.cbAttrLen = *pcbAttrLen;
+ scGetSetStruct.rv = SCARD_E_INSUFFICIENT_BUFFER;
+ }
+ else
+ *pcbAttrLen = scGetSetStruct.cbAttrLen;
+
+ if (pbAttr)
+ memcpy(pbAttr, scGetSetStruct.pbAttr, scGetSetStruct.cbAttrLen);
+
+ memset(scGetSetStruct.pbAttr, 0x00, sizeof(scGetSetStruct.pbAttr));
+ }
+
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+
+ PROFILE_END
+
+ return scGetSetStruct.rv;
+}
+
+/**
+ * @brief This function sends an APDU to the smart card contained in the reader
+ * connected to by SCardConnect().
+ *
+ * The card responds from the APDU and stores this response in pbRecvBuffer
+ * and it's length in SpcbRecvLength.
+ * SSendPci and SRecvPci are structures containing the following:
+ * @code
+ * typedef struct {
+ * DWORD dwProtocol; // SCARD_PROTOCOL_T0 or SCARD_PROTOCOL_T1
+ * DWORD cbPciLength; // Length of this structure - not used
+ * } SCARD_IO_REQUEST;
+ * @endcode
+ *
+ * @param[in] hCard Connection made from SCardConnect().
+ * @param pioSendPci [inout] Structure of protocol information.
+ * <ul>
+ * <li>\ref SCARD_PCI_T0 - Pre-defined T=0 PCI structure.
+ * <li>\ref SCARD_PCI_T1 - Pre-defined T=1 PCI structure.
+ * </ul>
+ * @param[in] pbSendBuffer APDU to send to the card.
+ * @param[in] cbSendLength Length of the APDU.
+ * @param pioRecvPci [inout] Structure of protocol information.
+ * @param[out] pbRecvBuffer Response from the card.
+ * @param pcbRecvLength [inout] Length of the response.
+ *
+ * @return Error code.
+ * @retval SCARD_S_SUCCESS Successful (\ref SCARD_S_SUCCESS)
+ * @retval SCARD_E_INVALID_HANDLE Invalid hCard handle (\ref SCARD_E_INVALID_HANDLE)
+ * @retval SCARD_E_NOT_TRANSACTED APDU exchange not successful (\ref SCARD_E_NOT_TRANSACTED)
+ * @retval SCARD_E_PROTO_MISMATCH Connect protocol is different than desired (\ref SCARD_E_PROTO_MISMATCH)
+ * @retval SCARD_E_INVALID_VALUE Invalid Protocol, reader name, etc (\ref SCARD_E_INVALID_VALUE)
+ * @retval SCARD_E_READER_UNAVAILABLE The reader has been removed (\ref SCARD_E_READER_UNAVAILABLE)
+ * @retval SCARD_W_RESET_CARD The card has been reset by another application (\ref SCARD_W_RESET_CARD)
+ * @retval SCARD_W_REMOVED_CARD The card has been removed from the reader (\ref SCARD_W_REMOVED_CARD)
+ *
+ * @test
+ * @code
+ * LONG rv;
+ * SCARDCONTEXT hContext;
+ * SCARDHANDLE hCard;
+ * DWORD dwActiveProtocol, dwSendLength, dwRecvLength;
+ * SCARD_IO_REQUEST pioRecvPci;
+ * BYTE pbRecvBuffer[10];
+ * BYTE pbSendBuffer[] = { 0xC0, 0xA4, 0x00, 0x00, 0x02, 0x3F, 0x00 };
+ * ...
+ * rv = SCardEstablishContext(SCARD_SCOPE_SYSTEM, NULL, NULL, &hContext);
+ * rv = SCardConnect(hContext, "Reader X", SCARD_SHARE_SHARED, SCARD_PROTOCOL_T0, &hCard, &dwActiveProtocol);
+ * dwSendLength = sizeof(pbSendBuffer);
+ * dwRecvLength = sizeof(pbRecvBuffer);
+ * rv = SCardTransmit(hCard, SCARD_PCI_T0, pbSendBuffer, dwSendLength, &pioRecvPci, pbRecvBuffer, &dwRecvLength);
+ * @endcode
+ */
+#include <syslog.h>
+LONG SCardTransmit(SCARDHANDLE hCard, LPCSCARD_IO_REQUEST pioSendPci,
+ LPCBYTE pbSendBuffer, DWORD cbSendLength,
+ LPSCARD_IO_REQUEST pioRecvPci, LPBYTE pbRecvBuffer,
+ LPDWORD pcbRecvLength)
+{
+ LONG rv;
+ int i;
+ DWORD dwContextIndex, dwChannelIndex;
+
+ PROFILE_START
+
+ if (pbSendBuffer == NULL || pbRecvBuffer == NULL ||
+ pcbRecvLength == NULL || pioSendPci == NULL)
+ return SCARD_E_INVALID_PARAMETER;
+
+ if (SCardCheckDaemonAvailability() != SCARD_S_SUCCESS)
+ return SCARD_E_NO_SERVICE;
+
+ /*
+ * Make sure this handle has been opened
+ */
+ rv = SCardGetIndicesFromHandle(hCard, &dwContextIndex, &dwChannelIndex);
+
+ if (rv == -1)
+ {
+ *pcbRecvLength = 0;
+ return SCARD_E_INVALID_HANDLE;
+ }
+
+ SYS_MutexLock(psContextMap[dwContextIndex].mMutex);
+
+ for (i = 0; i < PCSCLITE_MAX_READERS_CONTEXTS; i++)
+ {
+ char *r = psContextMap[dwContextIndex].psChannelMap[dwChannelIndex].readerName;
+
+ /* by default r == NULL */
+ if (SharedReaderState_ReaderNameIsEqual(readerStates[i], r))
+ break;
+ }
+
+ if (i == PCSCLITE_MAX_READERS_CONTEXTS)
+ {
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+ return SCARD_E_READER_UNAVAILABLE;
+ }
+
+ if ((cbSendLength > MAX_BUFFER_SIZE_EXTENDED)
+ || (*pcbRecvLength > MAX_BUFFER_SIZE_EXTENDED))
+ {
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+ return SCARD_E_INSUFFICIENT_BUFFER;
+ }
+
+ if ((cbSendLength > MAX_BUFFER_SIZE) || (*pcbRecvLength > MAX_BUFFER_SIZE))
+ {
+ /* extended APDU */
+ unsigned char buffer[sizeof(sharedSegmentMsg) + MAX_BUFFER_SIZE_EXTENDED];
+ const sharedSegmentMsg *pmsgStruct = (psharedSegmentMsg)buffer;
+ transmit_struct_extended *scTransmitStructExtended = (transmit_struct_extended *)buffer;
+
+ scTransmitStructExtended->hCard = hCard;
+ scTransmitStructExtended->cbSendLength = cbSendLength;
+ scTransmitStructExtended->pcbRecvLength = *pcbRecvLength;
+ scTransmitStructExtended->size = sizeof(*scTransmitStructExtended) + cbSendLength;
+ scTransmitStructExtended->pioSendPciProtocol = pioSendPci->dwProtocol;
+ scTransmitStructExtended->pioSendPciLength = pioSendPci->cbPciLength;
+ memcpy(scTransmitStructExtended->data, pbSendBuffer, cbSendLength);
+ secdebug("pcscd", "Extended APDU: initial request: hCard: 0x%08X, cbSendLength: %d",
+ hCard, cbSendLength);
+ secdebug("pcscd", " pcbRecvLength: %d", *pcbRecvLength);
+
+ if (pioRecvPci)
+ {
+ scTransmitStructExtended->pioRecvPciProtocol = pioRecvPci->dwProtocol;
+ scTransmitStructExtended->pioRecvPciLength = pioRecvPci->cbPciLength;
+ }
+ else
+ scTransmitStructExtended->pioRecvPciProtocol = SCARD_PROTOCOL_ANY;
+
+ size_t tsesize = scTransmitStructExtended->size; // remember it before we byte swap
+ LogXxd(PCSC_LOG_INFO, "Extended APDU: sending: ", pbSendBuffer, cbSendLength);
+ htonlTransmitStructExtended(scTransmitStructExtended);
+ rv = WrapSHMWrite(SCARD_TRANSMIT_EXTENDED,
+ psContextMap[dwContextIndex].dwClientID,
+ tsesize,
+ SHMClientCommunicationTimeout(), buffer);
+ secdebug("pcscd", "Extended APDU: WrapSHMWrite result: %d [0x%08X]", rv, rv);
+
+ if (rv == -1)
+ {
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+ return SCARD_E_NO_SERVICE;
+ }
+
+ /*
+ * Read a message from the server
+ */
+ rv = SHMClientReadMessage((psharedSegmentMsg)buffer, psContextMap[dwContextIndex].dwClientID, 0, SHMClientCommunicationTimeout());
+ if (rv == -1)
+ {
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+ return SCARD_F_COMM_ERROR;
+ }
+
+ /* we receive a sharedSegmentMsg and not a transmit_struct_extended */
+ scTransmitStructExtended = (transmit_struct_extended *)pmsgStruct->data;
+ ntohlTransmitStructExtended(scTransmitStructExtended);
+ secdebug("pcscd", "Extended APDU: reply received: hCard: 0x%08X, cbSendLength: %d",
+ hCard, cbSendLength);
+ secdebug("pcscd", " reply received: pcbRecvLength: %d, size: %llu",
+ scTransmitStructExtended->pcbRecvLength, scTransmitStructExtended->size);
+ secdebug("pcscd", " reply received: rv %d [0x%08X]",
+ scTransmitStructExtended -> rv, scTransmitStructExtended -> rv);
+ LogXxd(PCSC_LOG_INFO, "Extended APDU: received: ", scTransmitStructExtended->data, scTransmitStructExtended->pcbRecvLength);
+
+ /* a second block is present */
+ if (scTransmitStructExtended->size > PCSCLITE_MAX_MESSAGE_SIZE)
+ {
+ rv = SHMMessageReceive(buffer + sizeof(sharedSegmentMsg),
+ scTransmitStructExtended->size-PCSCLITE_MAX_MESSAGE_SIZE,
+ psContextMap[dwContextIndex].dwClientID,
+ SHMClientCommunicationTimeout());
+ if (rv == -1)
+ {
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+ return SCARD_F_COMM_ERROR;
+ }
+ // we don't fix up byte order here since this is in the data portion
+ }
+
+ if (scTransmitStructExtended -> rv == SCARD_S_SUCCESS)
+ {
+ /*
+ * Copy and zero it so any secret information is not leaked
+ */
+ memcpy(pbRecvBuffer, scTransmitStructExtended -> data,
+ scTransmitStructExtended -> pcbRecvLength);
+ memset(scTransmitStructExtended -> data, 0x00,
+ scTransmitStructExtended -> pcbRecvLength);
+
+ if (pioRecvPci)
+ {
+ pioRecvPci->dwProtocol = scTransmitStructExtended->pioRecvPciProtocol;
+ pioRecvPci->cbPciLength = scTransmitStructExtended->pioRecvPciLength;
+ }
+ }
+
+ *pcbRecvLength = scTransmitStructExtended -> pcbRecvLength;
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+
+ rv = scTransmitStructExtended -> rv;
+ }
+ else
+ {
+ /* short APDU */
+ transmit_struct scTransmitStruct;
+ sharedSegmentMsg msgStruct;
+
+ scTransmitStruct.hCard = hCard;
+ scTransmitStruct.cbSendLength = cbSendLength;
+ scTransmitStruct.pcbRecvLength = *pcbRecvLength;
+ scTransmitStruct.pioSendPciProtocol = pioSendPci->dwProtocol;
+ scTransmitStruct.pioSendPciLength = pioSendPci->cbPciLength;
+ memcpy(scTransmitStruct.pbSendBuffer, pbSendBuffer, cbSendLength);
+
+ if (pioRecvPci)
+ {
+ scTransmitStruct.pioRecvPciProtocol = pioRecvPci->dwProtocol;
+ scTransmitStruct.pioRecvPciLength = pioRecvPci->cbPciLength;
+ }
+ else
+ scTransmitStruct.pioRecvPciProtocol = SCARD_PROTOCOL_ANY;
+
+ htonlTransmitStruct(&scTransmitStruct);
+ rv = WrapSHMWrite(SCARD_TRANSMIT,
+ psContextMap[dwContextIndex].dwClientID, sizeof(scTransmitStruct),
+ SHMClientCommunicationTimeout(), (void *) &scTransmitStruct);
+
+ if (rv == -1)
+ {
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+ return SCARD_E_NO_SERVICE;
+ }
+
+ /*
+ * Read a message from the server
+ */
+ rv = SHMClientReadMessage(&msgStruct, psContextMap[dwContextIndex].dwClientID, sizeof(transmit_struct), SHMClientCommunicationTimeout());
+
+ memcpy(&scTransmitStruct, &msgStruct.data, sizeof(scTransmitStruct));
+ ntohlTransmitStruct(&scTransmitStruct);
+
+ if (rv == -1)
+ {
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+ return SCARD_F_COMM_ERROR;
+ }
+
+ /*
+ * Zero it and free it so any secret information cannot be leaked
+ */
+ memset(scTransmitStruct.pbSendBuffer, 0x00, cbSendLength);
+
+ if (scTransmitStruct.rv == SCARD_S_SUCCESS)
+ {
+ /*
+ * Copy and zero it so any secret information is not leaked
+ */
+ memcpy(pbRecvBuffer, scTransmitStruct.pbRecvBuffer,
+ scTransmitStruct.pcbRecvLength);
+ memset(scTransmitStruct.pbRecvBuffer, 0x00,
+ scTransmitStruct.pcbRecvLength);
+
+ if (pioRecvPci)
+ {
+ pioRecvPci->dwProtocol = scTransmitStruct.pioRecvPciProtocol;
+ pioRecvPci->cbPciLength = scTransmitStruct.pioRecvPciLength;
+ }
+ }
+
+ *pcbRecvLength = scTransmitStruct.pcbRecvLength;
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+
+ rv = scTransmitStruct.rv;
+ }
+
+ PROFILE_END
+
+ return rv;
+}
+
+/**
+ * This function returns a list of currently available readers on the system.
+ * \p mszReaders is a pointer to a character string that is allocated by the application.
+ * If the application sends mszGroups and mszReaders as NULL then this function will
+ * return the size of the buffer needed to allocate in pcchReaders.
+ *
+ * @param[in] hContext Connection context to the PC/SC Resource Manager.
+ * @param[in] mszGroups List of groups to list readers (not used).
+ * @param[out] mszReaders Multi-string with list of readers.
+ * @param pcchReaders [inout] Size of multi-string buffer including NULL's.
+ *
+ * @return Connection status.
+ * @retval SCARD_S_SUCCESS Successful (\ref SCARD_S_SUCCESS)
+ * @retval SCARD_E_INVALID_HANDLE Invalid Scope Handle (\ref SCARD_E_INVALID_HANDLE)
+ * @retval SCARD_E_INSUFFICIENT_BUFFER Reader buffer not large enough (\ref SCARD_E_INSUFFICIENT_BUFFER)
+ *
+ * @test
+ * @code
+ * SCARDCONTEXT hContext;
+ * LPSTR mszReaders;
+ * DWORD dwReaders;
+ * LONG rv;
+ * ...
+ * rv = SCardEstablishContext(SCARD_SCOPE_SYSTEM, NULL, NULL, &hContext);
+ * rv = SCardListReaders(hContext, NULL, NULL, &dwReaders);
+ * mszReaders = malloc(sizeof(char)*dwReaders);
+ * rv = SCardListReaders(hContext, NULL, mszReaders, &dwReaders);
+ * @endcode
+ */
+LONG SCardListReaders(SCARDCONTEXT hContext, LPCSTR mszGroups,
+ LPSTR mszReaders, LPDWORD pcchReaders)
+{
+ DWORD dwReadersLen;
+ int i, lastChrPtr;
+ LONG dwContextIndex;
+
+ PROFILE_START
+
+ /*
+ * Check for NULL parameters
+ */
+ if (pcchReaders == NULL)
+ return SCARD_E_INVALID_PARAMETER;
+
+ if (SCardCheckDaemonAvailability() != SCARD_S_SUCCESS)
+ return SCARD_E_NO_SERVICE;
+
+ /*
+ * Make sure this context has been opened
+ */
+ dwContextIndex = SCardGetContextIndice(hContext);
+ if (dwContextIndex == -1)
+ return SCARD_E_INVALID_HANDLE;
+
+ SYS_MutexLock(psContextMap[dwContextIndex].mMutex);
+
+ dwReadersLen = 0;
+ for (i = 0; i < PCSCLITE_MAX_READERS_CONTEXTS; i++)
+ if (SharedReaderState_ReaderID(readerStates[i]) != 0)
+ dwReadersLen += strlen(SharedReaderState_ReaderName(readerStates[i])) + 1;
+
+ /* for the last NULL byte */
+ dwReadersLen += 1;
+
+ if ((mszReaders == NULL) /* text array not allocated */
+ || (*pcchReaders == 0)) /* size == 0 */
+ {
+ *pcchReaders = dwReadersLen;
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+ return SCARD_S_SUCCESS;
+ }
+
+ if (*pcchReaders < dwReadersLen)
+ {
+ *pcchReaders = dwReadersLen;
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+ return SCARD_E_INSUFFICIENT_BUFFER;
+ }
+
+ lastChrPtr = 0;
+ for (i = 0; i < PCSCLITE_MAX_READERS_CONTEXTS; i++)
+ {
+ if (SharedReaderState_ReaderID(readerStates[i]) != 0)
+ {
+ /*
+ * Build the multi-string
+ */
+ strcpy(&mszReaders[lastChrPtr], SharedReaderState_ReaderName(readerStates[i]));
+ lastChrPtr += strlen(SharedReaderState_ReaderName(readerStates[i]))+1;
+ }
+ }
+ mszReaders[lastChrPtr] = '\0'; /* Add the last null */
+
+ *pcchReaders = dwReadersLen;
+
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+
+ PROFILE_END
+
+ return SCARD_S_SUCCESS;
+}
+
+/**
+ * @brief This function returns a list of currently available reader groups on the system.
+ * \p mszGroups is a pointer to a character string that is allocated by the
+ * application. If the application sends mszGroups as NULL then this function
+ * will return the size of the buffer needed to allocate in pcchGroups.
+ *
+ * The group names is a multi-string and separated by a nul character ('\\0') and ended by
+ * a double nul character. "SCard$DefaultReaders\\0Group 2\\0\\0".
+ *
+ * @param[in] hContext Connection context to the PC/SC Resource Manager.
+ * @param[out] mszGroups List of groups to list readers.
+ * @param pcchGroups [inout] Size of multi-string buffer including NULL's.
+ *
+ * @return Error code.
+ * @retval SCARD_S_SUCCESS Successful (\ref SCARD_S_SUCCESS)
+ * @retval SCARD_E_INVALID_HANDLE Invalid Scope Handle (\ref SCARD_E_INVALID_HANDLE)
+ * @retval SCARD_E_INSUFFICIENT_BUFFER Reader buffer not large enough (\ref SCARD_E_INSUFFICIENT_BUFFER)
+ *
+ * @test
+ * @code
+ * SCARDCONTEXT hContext;
+ * LPSTR mszGroups;
+ * DWORD dwGroups;
+ * LONG rv;
+ * ...
+ * rv = SCardEstablishContext(SCARD_SCOPE_SYSTEM, NULL, NULL, &hContext);
+ * rv = SCardListReaderGroups(hContext, NULL, &dwGroups);
+ * mszGroups = malloc(sizeof(char)*dwGroups);
+ * rv = SCardListReaderGroups(hContext, mszGroups, &dwGroups);
+ * @endcode
+ */
+LONG SCardListReaderGroups(SCARDCONTEXT hContext, LPSTR mszGroups,
+ LPDWORD pcchGroups)
+{
+ LONG rv = SCARD_S_SUCCESS;
+ LONG dwContextIndex;
+
+ PROFILE_START
+
+ const char ReaderGroup[] = "SCard$DefaultReaders";
+ const int dwGroups = strlen(ReaderGroup) + 2;
+
+ if (SCardCheckDaemonAvailability() != SCARD_S_SUCCESS)
+ return SCARD_E_NO_SERVICE;
+
+ /*
+ * Make sure this context has been opened
+ */
+ dwContextIndex = SCardGetContextIndice(hContext);
+ if (dwContextIndex == -1)
+ return SCARD_E_INVALID_HANDLE;
+
+ SYS_MutexLock(psContextMap[dwContextIndex].mMutex);
+
+ if (mszGroups)
+ {
+
+ if (*pcchGroups < dwGroups)
+ rv = SCARD_E_INSUFFICIENT_BUFFER;
+ else
+ {
+ memset(mszGroups, 0, dwGroups);
+ memcpy(mszGroups, ReaderGroup, strlen(ReaderGroup));
+ }
+ }
+
+ *pcchGroups = dwGroups;
+
+ SYS_MutexUnLock(psContextMap[dwContextIndex].mMutex);
+
+ PROFILE_END
+
+ return rv;
+}
+
+/**
+ * This function cancels all pending blocking requests on the
+ * SCardGetStatusChange() function.
+ *
+ * @param[in] hContext Connection context to the PC/SC Resource Manager.
+ *
+ * @return Error code.
+ * @retval SCARD_S_SUCCESS Successful (\ref SCARD_S_SUCCESS)
+ * @retval SCARD_E_INVALID_HANDLE Invalid \p hContext handle (\ref SCARD_E_INVALID_HANDLE)
+ *
+ * @test
+ * @code
+ * SCARDCONTEXT hContext;
+ * DWORD cReaders;
+ * SCARD_READERSTATE rgReaderStates;
+ * LONG rv;
+ * ...
+ * rv = SCardEstablishContext(SCARD_SCOPE_SYSTEM, NULL, NULL, &hContext);
+ * rgReaderStates.szReader = strdup("Reader X");
+ * rgReaderStates.dwCurrentState = SCARD_STATE_EMPTY;
+ * ...
+ * / * Spawn off thread for following function * /
+ * ...
+ * rv = SCardGetStatusChange(hContext, 0, rgReaderStates, cReaders);
+ * rv = SCardCancel(hContext);
+ * @endcode
+ */
+LONG SCardCancel(SCARDCONTEXT hContext)
+{
+ LONG dwContextIndex;
+
+ PROFILE_START
+
+ dwContextIndex = SCardGetContextIndice(hContext);
+
+ if (dwContextIndex == -1)
+ return SCARD_E_INVALID_HANDLE;
+
+ /*
+ * Set the block status for this Context so blocking calls will
+ * complete
+ */
+ psContextMap[dwContextIndex].contextBlockStatus = BLOCK_STATUS_RESUME;
+
+ PROFILE_END
+
+ return SCARD_S_SUCCESS;
+}
+
+/**
+ * @brief check if a \ref SCARDCONTEXT is valid.
+ *
+ * Call this function to determine whether a smart card context handle is still
+ * valid. After a smart card context handle has been set by \ref
+ * SCardEstablishContext, it may become not valid if the resource manager
+ * service has been shut down.
+ *
+ * @param[in] hContext Connection context to the PC/SC Resource Manager.
+ *
+ * @return Error code.
+ * @retval SCARD_S_SUCCESS Successful (\ref SCARD_S_SUCCESS)
+ * @retval SCARD_E_INVALID_HANDLE Invalid Handle (\ref SCARD_E_INVALID_HANDLE)
+ *
+ * @test
+ * @code
+ * SCARDCONTEXT hContext;
+ * LONG rv;
+ * ...
+ * rv = SCardEstablishContext(SCARD_SCOPE_SYSTEM, NULL, NULL, &hContext);
+ * rv = SCardIsValidContext(hContext);
+ * @endcode
+ */
+LONG SCardIsValidContext(SCARDCONTEXT hContext)
+{
+ LONG rv;
+ LONG dwContextIndex;
+
+ PROFILE_START
+
+ rv = SCARD_S_SUCCESS;
+
+ /*
+ * Make sure this context has been opened
+ */
+ dwContextIndex = SCardGetContextIndice(hContext);
+ if (dwContextIndex == -1)
+ rv = SCARD_E_INVALID_HANDLE;
+
+ PROFILE_END
+
+ return rv;
+}
+
+/**
+ * Functions for managing instances of SCardEstablishContext These functions
+ * keep track of Context handles and associate the blocking
+ * variable contextBlockStatus to an hContext
+ */
+
+/**
+ * @brief Adds an Application Context to the vector \c psContextMap.
+ *
+ * @param[in] hContext Application Context ID.
+ * @param[in] dwClientID Client connection ID.
+ *
+ * @return Error code.
+ * @retval SCARD_S_SUCCESS Success (\ref SCARD_S_SUCCESS)
+ * @retval SCARD_E_NO_MEMORY There is no free slot to store \p hContext (\ref SCARD_E_NO_MEMORY)
+ */
+static LONG SCardAddContext(SCARDCONTEXT hContext, DWORD dwClientID)
+{
+ int i;
+
+ for (i = 0; i < PCSCLITE_MAX_APPLICATION_CONTEXTS; i++)
+ {
+ if (psContextMap[i].hContext == 0)
+ {
+ psContextMap[i].hContext = hContext;
+ psContextMap[i].dwClientID = dwClientID;
+ psContextMap[i].contextBlockStatus = BLOCK_STATUS_RESUME;
+ psContextMap[i].mMutex = malloc(sizeof(PCSCLITE_MUTEX));
+ SYS_MutexInit(psContextMap[i].mMutex);
+ return SCARD_S_SUCCESS;
+ }
+ }
+
+ return SCARD_E_NO_MEMORY;
+}
+
+/**
+ * @brief Get the index from the Application Context vector \c psContextMap
+ * for the passed context.
+ *
+ * This function is a thread-safe wrapper to the function
+ * SCardGetContextIndiceTH().
+ *
+ * @param[in] hContext Application Context whose index will be find.
+ *
+ * @return Index corresponding to the Application Context or -1 if it is
+ * not found.
+ */
+static LONG SCardGetContextIndice(SCARDCONTEXT hContext)
+{
+ LONG rv;
+
+ SCardLockThread();
+ rv = SCardGetContextIndiceTH(hContext);
+ SCardUnlockThread();
+
+ return rv;
+}
+
+/**
+ * @brief Get the index from the Application Context vector \c psContextMap
+ * for the passed context.
+ *
+ * This functions is not thread-safe and should not be called. Instead, call
+ * the function SCardGetContextIndice().
+ *
+ * @param[in] hContext Application Context whose index will be find.
+ *
+ * @return Index corresponding to the Application Context or -1 if it is
+ * not found.
+ */
+static LONG SCardGetContextIndiceTH(SCARDCONTEXT hContext)
+{
+ int i;
+
+ if (hContext == 0)
+ return -1;
+
+ /*
+ * Find this context and return its spot in the array
+ */
+ for (i = 0; i < PCSCLITE_MAX_APPLICATION_CONTEXTS; i++)
+ if (hContext == psContextMap[i].hContext)
+ return i;
+
+ return -1;
+}
+
+/**
+ * @brief Removes an Application Context from a control vector.
+ *
+ * @param[in] hContext Application Context to be removed.
+ *
+ * @return Error code.
+ * @retval SCARD_S_SUCCESS Success (\ref SCARD_S_SUCCESS)
+ * @retval SCARD_E_INVALID_HANDLE The context \p hContext was not found (\ref SCARD_E_INVALID_HANDLE)
+ */
+static LONG SCardRemoveContext(SCARDCONTEXT hContext)
+{
+ LONG retIndice;
+
+ retIndice = SCardGetContextIndiceTH(hContext);
+
+ if (retIndice == -1)
+ return SCARD_E_INVALID_HANDLE;
+ else
+ {
+ int i;
+
+ psContextMap[retIndice].hContext = 0;
+ SHMClientCloseSession(psContextMap[retIndice].dwClientID);
+ psContextMap[retIndice].dwClientID = 0;
+ free(psContextMap[retIndice].mMutex);
+ psContextMap[retIndice].mMutex = NULL;
+ psContextMap[retIndice].contextBlockStatus = BLOCK_STATUS_RESUME;
+
+ for (i = 0; i < PCSCLITE_MAX_APPLICATION_CONTEXT_CHANNELS; i++)
+ {
+ /*
+ * Reset the \c hCard structs to zero
+ */
+ psContextMap[retIndice].psChannelMap[i].hCard = 0;
+ free(psContextMap[retIndice].psChannelMap[i].readerName);
+ psContextMap[retIndice].psChannelMap[i].readerName = NULL;
+ }
+
+ return SCARD_S_SUCCESS;
+ }
+}
+
+/*
+ * Functions for managing hCard values returned from SCardConnect.
+ */
+
+static LONG SCardAddHandle(SCARDHANDLE hCard, DWORD dwContextIndex,
+ LPSTR readerName)
+{
+ int i;
+
+ for (i = 0; i < PCSCLITE_MAX_APPLICATION_CONTEXT_CHANNELS; i++)
+ {
+ if (psContextMap[dwContextIndex].psChannelMap[i].hCard == 0)
+ {
+ psContextMap[dwContextIndex].psChannelMap[i].hCard = hCard;
+ psContextMap[dwContextIndex].psChannelMap[i].readerName = strdup(readerName);
+ return SCARD_S_SUCCESS;
+ }
+ }
+
+ return SCARD_E_NO_MEMORY;
+}
+
+static LONG SCardRemoveHandle(SCARDHANDLE hCard)
+{
+ DWORD dwContextIndice, dwChannelIndice;
+ LONG rv;
+
+ rv = SCardGetIndicesFromHandle(hCard, &dwContextIndice, &dwChannelIndice);
+
+ if (rv == -1)
+ return SCARD_E_INVALID_HANDLE;
+ else
+ {
+ psContextMap[dwContextIndice].psChannelMap[dwChannelIndice].hCard = 0;
+ free(psContextMap[dwContextIndice].psChannelMap[dwChannelIndice].readerName);
+ psContextMap[dwContextIndice].psChannelMap[dwChannelIndice].readerName = NULL;
+ return SCARD_S_SUCCESS;
+ }
+}
+
+static LONG SCardGetIndicesFromHandle(SCARDHANDLE hCard, PDWORD pdwContextIndice, PDWORD pdwChannelIndice)
+{
+ LONG rv;
+
+ if (0 == hCard)
+ return -1;
+
+ SCardLockThread();
+ rv = SCardGetIndicesFromHandleTH(hCard, pdwContextIndice, pdwChannelIndice);
+ SCardUnlockThread();
+
+ return rv;
+}
+
+static LONG SCardGetIndicesFromHandleTH(SCARDHANDLE hCard, PDWORD pdwContextIndice, PDWORD pdwChannelIndice)
+{
+ int i;
+
+ for (i = 0; i < PCSCLITE_MAX_APPLICATION_CONTEXTS; i++)
+ {
+ if (psContextMap[i].hContext != 0)
+ {
+ int j;
+
+ for (j = 0; j < PCSCLITE_MAX_APPLICATION_CONTEXT_CHANNELS; j++)
+ {
+ if (psContextMap[i].psChannelMap[j].hCard == hCard)
+ {
+ *pdwContextIndice = i;
+ *pdwChannelIndice = j;
+ return SCARD_S_SUCCESS;
+ }
+ }
+
+ }
+ }
+
+ return -1;
+}
+
+/**
+ * @brief This function locks a mutex so another thread must wait to use this
+ * function.
+ *
+ * Wrapper to the function SYS_MutexLock().
+ */
+inline static LONG SCardLockThread(void)
+{
+ return SYS_MutexLock(&clientMutex);
+}
+
+/**
+ * @brief This function unlocks a mutex so another thread may use the client.
+ *
+ * Wrapper to the function SYS_MutexUnLock().
+ */
+inline static LONG SCardUnlockThread(void)
+{
+ return SYS_MutexUnLock(&clientMutex);
+}
+
+/**
+ * @brief Checks if the Server is running.
+ *
+ * @return Error code.
+ * @retval SCARD_S_SUCCESS Server is running (\ref SCARD_S_SUCCESS)
+ * @retval SCARD_E_NO_SERVICE Server is not running (\ref SCARD_E_NO_SERVICE)
+ */
+static LONG SCardCheckDaemonAvailability(void)
+{
+ LONG rv;
+ struct stat statBuffer;
+
+ rv = SYS_Stat(PCSCLITE_PUBSHM_FILE, &statBuffer);
+
+ if (rv != 0)
+ {
+ Log1(PCSC_LOG_ERROR, "PCSC Not Running");
+ return SCARD_E_NO_SERVICE;
+ }
+
+ return SCARD_S_SUCCESS;
+}
+
+/**
+ * free resources allocated by the library
+ * You _shall_ call this function if you use dlopen/dlclose to load/unload the
+ * library. Otherwise you will exhaust the ressources available.
+ */
+#ifdef __SUNPRO_C
+#pragma fini (SCardUnload)
+#endif
+
+void DESTRUCTOR SCardUnload(void)
+{
+ int i;
+
+ if (!isExecuted)
+ return;
+
+ /* unmap public shared file from memory */
+ for (i = 0; i < PCSCLITE_MAX_APPLICATION_CONTEXT_CHANNELS; i++)
+ {
+ if (readerStates[i] != NULL)
+ {
+ SYS_PublicMemoryUnmap(readerStates[i], sizeof(READER_STATE));
+ readerStates[i] = NULL;
+ }
+ }
+
+ SYS_CloseFile(mapAddr);
+ isExecuted = 0;
+}
+
+static int SCardInitializeOnce()
+{
+ int pageSize;
+ int i;
+
+ /*
+ * Do any system initilization here
+ */
+ SYS_Initialize();
+
+ /*
+ * Set up the memory mapped reader stats structures
+ */
+ mapAddr = SYS_OpenFile(PCSCLITE_PUBSHM_FILE, O_RDONLY, 0);
+ if (mapAddr < 0)
+ {
+ Log2(PCSC_LOG_ERROR, "Cannot open public shared file: %s",
+ PCSCLITE_PUBSHM_FILE);
+ return SCARD_E_NO_SERVICE;
+ }
+
+ pageSize = SYS_GetPageSize();
+
+ /*
+ * Allocate each reader structure in the memory map
+ */
+ for (i = 0; i < PCSCLITE_MAX_READERS_CONTEXTS; i++)
+ {
+ readerStates[i] =
+ (PREADER_STATE)SYS_PublicMemoryMap(sizeof(READER_STATE),
+ mapAddr, (i * pageSize));
+ if (readerStates[i] == NULL)
+ {
+ Log1(PCSC_LOG_ERROR, "Cannot public memory map");
+ SYS_CloseFile(mapAddr); /* Close the memory map file */
+ return SCARD_F_INTERNAL_ERROR;
+ }
+ }
+
+ /*
+ * Initializes the application contexts and all channels for each one
+ */
+ for (i = 0; i < PCSCLITE_MAX_APPLICATION_CONTEXTS; i++)
+ {
+ int j;
+
+ /*
+ * Initially set the context struct to zero
+ */
+ psContextMap[i].dwClientID = 0;
+ psContextMap[i].hContext = 0;
+ psContextMap[i].contextBlockStatus = BLOCK_STATUS_RESUME;
+ psContextMap[i].mMutex = NULL;
+
+ for (j = 0; j < PCSCLITE_MAX_APPLICATION_CONTEXT_CHANNELS; j++)
+ {
+ /*
+ * Initially set the hcard structs to zero
+ */
+ psContextMap[i].psChannelMap[j].hCard = 0;
+ psContextMap[i].psChannelMap[j].readerName = NULL;
+ }
+ }
+
+ /*
+ * Is there a free slot for this connection ?
+ */
+
+ for (i = 0; i < PCSCLITE_MAX_APPLICATION_CONTEXTS; i++)
+ {
+ if (psContextMap[i].dwClientID == 0)
+ break;
+ }
+
+ if (i == PCSCLITE_MAX_APPLICATION_CONTEXTS)
+ {
+ return SCARD_E_NO_MEMORY;
+ }
+
+ return SCARD_S_SUCCESS;
+}
+
+static int SHMClientCommunicationTimeout()
+{
+ /*
+ This is a param to e.g. SHMClientReadMessage, and is a timeout in milliseconds.
+ The constant PCSCLITE_SERVER_ATTEMPTS is very poorly named; it is a time value
+ in milliseconds, not the number of attempts. Some values to use:
+ 5 default if PCSCLITE_ENHANCED_MESSAGING not defined
+ 200 if PCSCLITE_ENHANCED_MESSAGING is defined
+ 12000 might be a good value to set while debugging
+ */
+
+ static int baseTimeout = 12000;//PCSCLITE_CLIENT_ATTEMPTS;
+ volatile int timeOut = baseTimeout;
+
+ return timeOut;
+}
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/winscard_msg.c
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/winscard_msg.c (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/winscard_msg.c 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,284 @@
+/*
+ * Copyright (c) 2000-2002 Apple Computer, Inc. All Rights Reserved.
+ * The contents of this file constitute Original Code as defined in and are
+ * subject to the Apple Public Source License Version 1.2 (the 'License').
+ * You may not use this file except in compliance with the License. Please
+ * obtain a copy of the License at http://www.apple.com/publicsource and
+ * read it before using this file.
+ *
+ * This Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS
+ * FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please
+ * see the License for the specific language governing rights and
+ * limitations under the License.
+ */
+
+/******************************************************************
+
+ Title : winscard_msg.c
+ Package: PC/SC Lite
+ Author : David Corcoran
+ Date : 04/19/01
+ License: Copyright (C) 2001 David Corcoran
+ <corcoran at linuxnet.com>
+ Purpose: This is responsible for client/server transport.
+
+$Id: winscard_msg.c,v 1.4 2004/10/21 01:17:53 mb Exp $
+
+********************************************************************/
+
+#include <fcntl.h>
+#include <unistd.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/mman.h>
+#include <sys/socket.h>
+#include <sys/time.h>
+#include <sys/un.h>
+#include <sys/ioctl.h>
+#include <errno.h>
+#include <stdio.h>
+#include <time.h>
+#include <string.h>
+#include <stdlib.h>
+
+#include "config.h"
+
+#ifdef PCSC_TARGET_SOLARIS
+#include <sys/filio.h>
+#endif
+
+#include "wintypes.h"
+#include "pcsclite.h"
+#include "winscard.h"
+#include "winscard_msg.h"
+#include "sys_generic.h"
+#include "debuglog.h"
+
+int MSGSendData(int filedes, int blockAmount, const void *data,
+ unsigned int dataSize)
+{
+ /*
+ * default is success
+ */
+ int retval = 0;
+ /*
+ * record the time when we started
+ */
+ time_t start = time(0);
+ /*
+ * data to be written
+ */
+ unsigned char *buffer = (unsigned char *) data;
+ /*
+ * how many bytes remains to be written
+ */
+ size_t remaining = dataSize;
+
+ /*
+ * repeat until all data is written
+ */
+ while (remaining > 0)
+ {
+ fd_set write_fd;
+ struct timeval timeout;
+ int selret;
+
+ FD_ZERO(&write_fd);
+ FD_SET(filedes, &write_fd);
+
+ timeout.tv_usec = 0;
+ if ((timeout.tv_sec = start + blockAmount - time(0)) < 0)
+ {
+ /*
+ * we already timed out
+ */
+ retval = -1;
+ break;
+ }
+
+ selret = select(filedes + 1, NULL, &write_fd, NULL, &timeout);
+
+ /*
+ * try to write only when the file descriptor is writable
+ */
+ if (selret > 0)
+ {
+ int written;
+
+ if (!FD_ISSET(filedes, &write_fd))
+ {
+ /*
+ * very strange situation. it should be an assert really
+ */
+ retval = -1;
+ break;
+ }
+ written = write(filedes, buffer, remaining);
+
+ if (written > 0)
+ {
+ /*
+ * we wrote something
+ */
+ buffer += written;
+ remaining -= written;
+ } else if (written == 0)
+ {
+ /*
+ * peer closed the socket
+ */
+ retval = -1;
+ break;
+ } else
+ {
+ /*
+ * we ignore the signals and socket full situations, all
+ * other errors are fatal
+ */
+ if (errno != EINTR && errno != EAGAIN)
+ {
+ retval = -1;
+ break;
+ }
+ }
+ } else if (selret == 0)
+ {
+ /*
+ * timeout
+ */
+ retval = -1;
+ break;
+ } else
+ {
+ /*
+ * ignore signals
+ */
+ if (errno != EINTR)
+ {
+ DebugLogB
+ ("MSGServerProcessEvents: Select returns with failure: %s",
+ strerror(errno));
+ retval = -1;
+ break;
+ }
+ }
+ }
+
+ return retval;
+}
+
+int MSGRecieveData(int filedes, int blockAmount, void *data,
+ unsigned int dataSize)
+{
+ /*
+ * default is success
+ */
+ int retval = 0;
+ /*
+ * record the time when we started
+ */
+ time_t start = time(0);
+ /*
+ * buffer where we place the readed bytes
+ */
+ unsigned char *buffer = (unsigned char *) data;
+ /*
+ * how many bytes we must read
+ */
+ size_t remaining = dataSize;
+
+ /*
+ * repeat until we get the whole message
+ */
+ while (remaining > 0)
+ {
+ fd_set read_fd;
+ struct timeval timeout;
+ int selret;
+
+ FD_ZERO(&read_fd);
+ FD_SET(filedes, &read_fd);
+
+ timeout.tv_usec = 0;
+ if ((timeout.tv_sec = start + blockAmount - time(0)) < 0)
+ {
+ /*
+ * we already timed out
+ */
+ retval = -1;
+ break;
+ }
+
+ selret = select(filedes + 1, &read_fd, NULL, NULL, &timeout);
+
+ /*
+ * try to read only when socket is readable
+ */
+ if (selret > 0)
+ {
+ int readed;
+
+ if (!FD_ISSET(filedes, &read_fd))
+ {
+ /*
+ * very strange situation. it should be an assert really
+ */
+ retval = -1;
+ break;
+ }
+ readed = read(filedes, buffer, remaining);
+
+ if (readed > 0)
+ {
+ /*
+ * we got something
+ */
+ buffer += readed;
+ remaining -= readed;
+ } else if (readed == 0)
+ {
+ /*
+ * peer closed the socket
+ */
+ retval = -1;
+ break;
+ } else
+ {
+ /*
+ * we ignore the signals and empty socket situations, all
+ * other errors are fatal
+ */
+ if (errno != EINTR && errno != EAGAIN)
+ {
+ retval = -1;
+ break;
+ }
+ }
+ } else if (selret == 0)
+ {
+ /*
+ * timeout
+ */
+ retval = -1;
+ break;
+ } else
+ {
+ /*
+ * we ignore signals, all other errors are fatal
+ */
+ if (errno != EINTR)
+ {
+ DebugLogB
+ ("MSGServerProcessEvents: Select returns with failure: %s",
+ strerror(errno));
+ retval = -1;
+ break;
+ }
+ }
+ }
+
+ return retval;
+}
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/winscard_msg.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/winscard_msg.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/winscard_msg.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,1000 @@
+/*
+ * Copyright (c) 2000-2007 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * winscard_msg.c
+ * SmartCardServices
+ */
+
+/*
+ * MUSCLE SmartCard Development ( http://www.linuxnet.com )
+ *
+ * Copyright (C) 2001-2004
+ * David Corcoran <corcoran at linuxnet.com>
+ * Damien Sauveron <damien.sauveron at labri.fr>
+ * Ludoic Rousseau <ludovic.rousseau at free.fr>
+ *
+ * $Id: winscard_msg.c 2377 2007-02-05 13:13:56Z rousseau $
+ */
+
+/**
+ * @file
+ * @brief This is responsible for client/server communication.
+ *
+ * A file based socket (\c commonSocket) is used to send/receive only messages
+ * among clients and server.\n
+ * The messages' data are passed throw a memory mapped file: \c sharedSegmentMsg.
+ */
+
+#include "config.h"
+#include <fcntl.h>
+#include <unistd.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/socket.h>
+#include <sys/time.h>
+#include <sys/un.h>
+#include <sys/ioctl.h>
+#include <errno.h>
+#include <stdio.h>
+#include <time.h>
+#include <string.h>
+#ifdef HAVE_SYS_FILIO_H
+#include <sys/filio.h>
+#endif
+
+#include "wintypes.h"
+#include "pcsclite.h"
+#include "pcscexport.h"
+#include "winscard.h"
+#include "debug.h"
+#include "winscard_msg.h"
+#include "sys_generic.h"
+
+#include <libkern/OSByteOrder.h>
+/*
+ #define bswap_16 OSSwapInt16
+#define bswap_32 OSSwapInt32
+#define bswap_64 OSSwapInt64
+*/
+
+#include <security_utilities/debugging.h>
+
+/**
+ * @brief Wrapper for the SHMMessageReceive() function.
+ *
+ * Called by clients to read the server responses.
+ *
+ * @param[out] msgStruct Message read.
+ * @param[in] dwClientID Client socket handle.
+ * @param[in] blockamount Timeout in milliseconds.
+ *
+ * @return Same error codes as SHMMessageReceive().
+ */
+INTERNAL int32_t SHMClientRead(psharedSegmentMsg msgStruct, uint32_t dwClientID, int32_t blockamount)
+{
+ int rv = SHMMessageReceive(msgStruct, sizeof(*msgStruct), dwClientID, blockamount);
+ SHSharedSegmentMsgToHostOrder(msgStruct);
+ return rv;
+}
+
+/**
+ * @brief Wrapper for the SHMMessageReceive() function.
+ *
+ * Called by clients to read the server responses. This reads the exact number of bytes expected for the struct
+ *
+ * @param[out] msgStruct Message read.
+ * @param[in] dwClientID Client socket handle.
+ * @param[in] dataSize Size of the data at msgStruct->data
+ * @param[in] blockamount Timeout in milliseconds.
+ *
+ * @return Same error codes as SHMMessageReceive().
+ */
+INTERNAL int32_t SHMClientReadMessage(psharedSegmentMsg msgStruct, uint32_t dwClientID, size_t dataSize, int32_t blockamount)
+{
+ // Read the basic header first so we know the size of the rest
+ // The special case of "dataSize == 0" means that we should deduce the size of the
+ // data from the header
+ size_t headerSize = sizeof(sharedSegmentMsg) - sizeof(msgStruct->data);
+ Log2(PCSC_LOG_DEBUG, "SHMClientReadMessage: Issuing read for %d bytes (header)", headerSize);
+ secdebug("pcscd", "SHMClientReadMessage: Issuing read for %ld bytes (header)", headerSize);
+ int rv = SHMMessageReceive(msgStruct, headerSize, dwClientID, blockamount);
+ Log3(rv?PCSC_LOG_CRITICAL:PCSC_LOG_DEBUG, "SHMClientReadMessage: read message header error: 0x%08X [0x%08X]", rv, rv);
+ secdebug("pcscd", "SHMClientReadMessage: read message header error: 0x%08X [0x%08X]", rv, rv);
+ if (rv)
+ return rv;
+ SHSharedSegmentMsgToHostOrder(msgStruct);
+
+ // Integrity check
+ if (msgStruct->headerTag != WINSCARD_MSG_HEADER_TAG)
+ {
+ Log3(PCSC_LOG_CRITICAL, "Error: read message header tag of: 0x%08X for possible command 0x%08X",
+ msgStruct->headerTag, msgStruct->command);
+ secdebug("pcscd", "Error: read message header tag of: 0x%08X for possible command 0x%08X",
+ msgStruct->headerTag, msgStruct->command);
+ return SCARD_F_INTERNAL_ERROR;
+ }
+
+ if (dataSize == 0)
+ dataSize = msgStruct->msgSize - headerSize; // message size includes header
+ else
+ if (msgStruct->msgSize != (headerSize + dataSize))
+ {
+ Log2(PCSC_LOG_CRITICAL, "Error: create on client socket: %s", strerror(errno));
+ secdebug("pcscd", "Error: create on client socket: %s", strerror(errno));
+ return SCARD_F_INTERNAL_ERROR;
+ }
+
+ Log2(PCSC_LOG_DEBUG, "SHMClientReadMessage: Issuing read for %d bytes", dataSize);
+ secdebug("pcscd", "SHMClientReadMessage: Issuing read for %ld bytes", dataSize);
+ if (blockamount == 0)
+ blockamount = PCSCLITE_SERVER_ATTEMPTS;
+ rv = SHMMessageReceive(msgStruct->data, dataSize, dwClientID, blockamount);
+ Log3(rv?PCSC_LOG_CRITICAL:PCSC_LOG_DEBUG, "SHMClientReadMessage: read message body error: 0x%08X [0x%08X]", rv, rv);
+ secdebug("pcscd", "SHMClientReadMessage: read message body error: 0x%08X [0x%08X]", rv, rv);
+
+ return rv;
+}
+
+/**
+ * @brief Prepares a communication channel for the client to talk to the server.
+ *
+ * This is called by the application to create a socket for local IPC with the
+ * server. The socket is associated to the file \c PCSCLITE_CSOCK_NAME.
+ *
+ * @param[out] pdwClientID Client Connection ID.
+ *
+ * @retval 0 Success.
+ * @retval -1 Can not create the socket.
+ * @retval -1 The socket can not open a connection.
+ * @retval -1 Can not set the socket to non-blocking.
+ */
+INTERNAL int SHMClientSetupSession(uint32_t *pdwClientID)
+{
+ struct sockaddr_un svc_addr;
+ int one;
+ int ret;
+
+ ret = socket(AF_UNIX, SOCK_STREAM, 0);
+ if (ret < 0)
+ {
+ Log2(PCSC_LOG_CRITICAL, "Error: create on client socket: %s",
+ strerror(errno));
+ return -1;
+ }
+ *pdwClientID = ret;
+
+ svc_addr.sun_family = AF_UNIX;
+ strncpy(svc_addr.sun_path, PCSCLITE_CSOCK_NAME,
+ sizeof(svc_addr.sun_path));
+
+ if (connect(*pdwClientID, (struct sockaddr *) &svc_addr,
+ sizeof(svc_addr.sun_family) + strlen(svc_addr.sun_path) + 1) < 0)
+ {
+ Log3(PCSC_LOG_CRITICAL, "Error: connect to client socket %s: %s",
+ PCSCLITE_CSOCK_NAME, strerror(errno));
+ SYS_CloseFile(*pdwClientID);
+ return -1;
+ }
+
+ one = 1;
+ if (ioctl(*pdwClientID, FIONBIO, &one) < 0)
+ {
+ Log3(PCSC_LOG_CRITICAL, "Error: cannot set socket %s nonblocking: %s",
+ PCSCLITE_CSOCK_NAME, strerror(errno));
+ SYS_CloseFile(*pdwClientID);
+ return -1;
+ }
+
+ return 0;
+}
+
+/**
+ * @brief Closes the socket used by the client to communicate with the server.
+ *
+ * @param[in] dwClientID Client socket handle to be closed.
+ *
+ * @retval 0 Success.
+ */
+INTERNAL int SHMClientCloseSession(uint32_t dwClientID)
+{
+ SYS_CloseFile(dwClientID);
+ return 0;
+}
+
+/**
+ * @brief CalculateMessageSize
+ *
+ * @param[in] dataSize Size of the additional data to send in the message.
+ *
+ * @retval total message size.
+ */
+INTERNAL size_t SHMCalculateMessageSize(size_t dataSize)
+{
+ // PCSCLITE_MAX_MESSAGE_SIZE == sizeof(sharedSegmentMsg.data)
+ return sizeof(sharedSegmentMsg) - PCSCLITE_MAX_MESSAGE_SIZE + dataSize;;
+}
+
+
+/**
+ * @brief Sends a menssage from client to server or vice-versa.
+ *
+ * Writes the message in the shared file \c filedes.
+ *
+ * @param[in] buffer_void Message to be sent.
+ * @param[in] buffer_size Size of the message to send
+ * @param[in] filedes Socket handle.
+ * @param[in] blockAmount Timeout in milliseconds.
+ *
+ * @retval 0 Success
+ * @retval -1 Timeout.
+ * @retval -1 Socket is closed.
+ * @retval -1 A signal was received.
+ */
+INTERNAL int SHMMessageSend(void *buffer_void, uint64_t buffer_size,
+ int32_t filedes, int32_t blockAmount)
+{
+ char *buffer = (char *)buffer_void;
+
+ /*
+ * default is success
+ */
+ int retval = 0;
+ /*
+ * record the time when we started
+ */
+ time_t start = time(0);
+ /*
+ * how many bytes remains to be written
+ */
+ size_t remaining = buffer_size;
+
+ LogXxd(PCSC_LOG_DEBUG, "==> SHMMessageSend:\n", (const unsigned char *)buffer, buffer_size);
+
+ /*
+ * repeat until all data is written
+ */
+ while (remaining > 0)
+ {
+ fd_set write_fd;
+ struct timeval timeout;
+ int selret;
+
+ FD_ZERO(&write_fd);
+ FD_SET(filedes, &write_fd);
+
+ timeout.tv_usec = 0;
+ if ((timeout.tv_sec = start + blockAmount - time(0)) < 0)
+ {
+ /*
+ * we already timed out
+ */
+ Log1(PCSC_LOG_ERROR, "SHMMessageReceive: we already timed out");
+ retval = -1;
+ break;
+ }
+
+ selret = select(filedes + 1, NULL, &write_fd, NULL, &timeout);
+
+ /*
+ * try to write only when the file descriptor is writable
+ */
+ if (selret > 0)
+ {
+ int written;
+
+ if (!FD_ISSET(filedes, &write_fd))
+ {
+ /*
+ * very strange situation. it should be an assert really
+ */
+ Log1(PCSC_LOG_ERROR, "SHMMessageReceive: very strange situation: !FD_ISSET");
+ retval = -1;
+ break;
+ }
+ written = write(filedes, buffer, remaining);
+
+ if (written > 0)
+ {
+ /*
+ * we wrote something
+ */
+ buffer += written;
+ remaining -= written;
+ } else if (written == 0)
+ {
+ /*
+ * peer closed the socket
+ */
+ Log1(PCSC_LOG_ERROR, "SHMMessageReceive: peer closed the socket");
+ retval = -1;
+ break;
+ } else
+ {
+ /*
+ * we ignore the signals and socket full situations, all
+ * other errors are fatal
+ */
+ if (errno != EINTR && errno != EAGAIN)
+ {
+ retval = -1;
+ break;
+ }
+ }
+ } else if (selret == 0)
+ {
+ /*
+ * timeout
+ */
+ Log1(PCSC_LOG_ERROR, "SHMMessageReceive: selret == 0 [timeout]");
+ retval = -1;
+ break;
+ } else
+ {
+ /*
+ * ignore signals
+ */
+ if (errno != EINTR)
+ {
+ Log2(PCSC_LOG_ERROR, "select returns with failure: %s",
+ strerror(errno));
+ retval = -1;
+ break;
+ }
+ }
+ }
+
+ if (remaining > 0)
+ Log3(PCSC_LOG_ERROR, "failure to write all bytes, remaining: %d, err: ", remaining, strerror(errno));
+
+ return retval;
+}
+
+/**
+ * @brief Called by the Client to get the reponse from the server or vice-versa.
+ *
+ * Reads the message from the file \c filedes.
+ *
+ * @param[out] buffer_void Message read.
+ * @param[in] buffer_size Size to read
+ * @param[in] filedes Socket handle.
+ * @param[in] blockAmount Timeout in milliseconds.
+ *
+ * @retval 0 Success.
+ * @retval -1 Timeout.
+ * @retval -1 Socket is closed.
+ * @retval -1 A signal was received.
+ */
+INTERNAL int SHMMessageReceive(void *buffer_void, uint64_t buffer_size,
+ int32_t filedes, int32_t blockAmount)
+{
+ char *buffer = (char *)buffer_void;
+
+ /*
+ * default is success
+ */
+ int retval = 0;
+ /*
+ * record the time when we started
+ */
+ time_t start = time(0);
+ /*
+ * how many bytes we must read
+ */
+ size_t remaining = buffer_size;
+
+ /*
+ * repeat until we get the whole message
+ */
+ while (remaining > 0)
+ {
+ fd_set read_fd;
+ struct timeval timeout;
+ int selret;
+
+ FD_ZERO(&read_fd);
+ FD_SET(filedes, &read_fd);
+
+ timeout.tv_usec = 0;
+ if ((timeout.tv_sec = start + blockAmount - time(0)) < 0)
+ {
+ /*
+ * we already timed out
+ */
+ Log1(PCSC_LOG_ERROR, "SHMMessageReceive: we already timed out");
+ retval = -1;
+ break;
+ }
+
+ selret = select(filedes + 1, &read_fd, NULL, NULL, &timeout);
+
+ /*
+ * try to read only when socket is readable
+ */
+ if (selret > 0)
+ {
+ int readed;
+
+ if (!FD_ISSET(filedes, &read_fd))
+ {
+ /*
+ * very strange situation. it should be an assert really
+ */
+ Log1(PCSC_LOG_ERROR, "SHMMessageReceive: very strange situation: !FD_ISSET");
+ retval = -1;
+ break;
+ }
+ readed = read(filedes, buffer, remaining);
+
+ if (readed > 0)
+ {
+ /*
+ * we got something
+ */
+ buffer += readed;
+ remaining -= readed;
+ } else if (readed == 0)
+ {
+ /*
+ * peer closed the socket
+ */
+ Log1(PCSC_LOG_ERROR, "SHMMessageReceive: peer closed the socket");
+ retval = -1;
+ break;
+ } else
+ {
+ /*
+ * we ignore the signals and empty socket situations, all
+ * other errors are fatal
+ */
+ if (errno != EINTR && errno != EAGAIN)
+ {
+ retval = -1;
+ break;
+ }
+ }
+ } else if (selret == 0)
+ {
+ /*
+ * timeout
+ */
+ Log1(PCSC_LOG_ERROR, "SHMMessageReceive: selret == 0 [timeout]");
+ retval = -1;
+ break;
+ } else
+ {
+ /*
+ * we ignore signals, all other errors are fatal
+ */
+ if (errno != EINTR)
+ {
+ Log2(PCSC_LOG_ERROR, "select returns with failure: %s",
+ strerror(errno));
+ retval = -1;
+ break;
+ }
+ }
+ }
+
+ size_t bytesRead = (buffer_size - remaining);
+ Log3(PCSC_LOG_DEBUG, "SHMMessageReceive errno: 0x%08X: %s", errno, errno?strerror(errno):"no error");
+ Log3(retval?PCSC_LOG_ERROR:PCSC_LOG_DEBUG, "SHMMessageReceive retval: 0x%08X, bytes read: %d", retval, bytesRead);
+ LogXxd(PCSC_LOG_DEBUG, "<== SHMMessageReceive:\n", (const unsigned char *)buffer_void, bytesRead);
+ return retval;
+}
+
+/**
+ * @brief Wrapper for the SHMMessageSend() function.
+ *
+ * Called by clients to send messages to the server.
+ * The parameters \p command and \p data are set in the \c sharedSegmentMsg
+ * struct in order to be sent.
+ *
+ * @param[in] command Command to be sent.
+ * @param[in] dwClientID Client socket handle.
+ * @param[in] size Size of the message (\p data).
+ * @param[in] blockAmount Timeout to the operation in ms.
+ * @param[in] data_void Data to be sent.
+ *
+ * @return Same error codes as SHMMessageSend().
+ */
+INTERNAL int32_t WrapSHMWrite(uint32_t command, uint32_t dwClientID,
+ uint64_t size, uint32_t blockAmount, void *data_void)
+{
+ char *data = (char *)data_void;
+
+ sharedSegmentMsg msgStruct;
+ int ret;
+
+ /*
+ * Set the appropriate packet parameters
+ */
+
+ memset(&msgStruct, 0, sizeof(msgStruct));
+ msgStruct.headerTag = WINSCARD_MSG_HEADER_TAG;
+ msgStruct.msgSize = sizeof(sharedSegmentMsg) - sizeof(msgStruct.data) + size;
+ msgStruct.mtype = (command == CMD_VERSION)?CMD_VERSION:CMD_FUNCTION;
+ msgStruct.user_id = SYS_GetUID();
+ msgStruct.group_id = SYS_GetGID();
+ msgStruct.command = command;
+ msgStruct.date = time(NULL);
+ memset(msgStruct.key, 0, sizeof(msgStruct.key));
+
+ if ((SCARD_TRANSMIT_EXTENDED == command)
+ || (SCARD_CONTROL_EXTENDED == command))
+ {
+ /* first block */
+ size_t sizeToSend = (msgStruct.msgSize <= PCSCLITE_MAX_MESSAGE_SIZE)?msgStruct.msgSize:PCSCLITE_MAX_MESSAGE_SIZE;
+ size_t sizeRemaining = (msgStruct.msgSize <= PCSCLITE_MAX_MESSAGE_SIZE)?0:
+ (msgStruct.msgSize - PCSCLITE_MAX_MESSAGE_SIZE);
+ memcpy(msgStruct.data, data, sizeToSend);
+
+ SHSharedSegmentMsgToNetworkOrder(&msgStruct);
+ ret = SHMMessageSend(&msgStruct, sizeToSend, dwClientID, blockAmount);
+ if (ret)
+ return ret;
+
+ // Warning: this code only works for sizes of 2 blocks or less
+ if (sizeRemaining > sizeof(msgStruct.data))
+ {
+ Log2(PCSC_LOG_ERROR, "WrapSHMWrite: cannot send message of size %d", sizeRemaining);
+ return -1;
+ }
+
+ // Message header already has the correct byte order
+ /* do not send an empty second block */
+ if (sizeRemaining > 0)
+ {
+ memcpy(msgStruct.data, data, sizeRemaining);
+ ret = SHMMessageSend(&msgStruct, sizeToSend, dwClientID, blockAmount);
+ if (ret)
+ return ret;
+ }
+ }
+ else
+ if (size > sizeof(msgStruct.data))
+ {
+ Log3(PCSC_LOG_ERROR, "WrapSHMWrite: cannot send message of size %d with this command: %d", size, command);
+ return -1;
+ }
+ else
+ {
+ size_t sizeToSend = msgStruct.msgSize;
+ memcpy(msgStruct.data, data, size);
+ SHSharedSegmentMsgToNetworkOrder(&msgStruct);
+ ret = SHMMessageSend(&msgStruct, sizeToSend, dwClientID, blockAmount);
+ }
+ return ret;
+}
+
+/**
+ * @brief Closes the communications channel used by the server to talk to the
+ * clients.
+ *
+ * The socket used is closed and the file it is bound to is removed.
+ *
+ * @param[in] sockValue Socket to be closed.
+ * @param[in] pcFilePath File used by the socket.
+ */
+INTERNAL void SHMCleanupSharedSegment(int sockValue, const char *pcFilePath)
+{
+ SYS_CloseFile(sockValue);
+ SYS_Unlink((char *)pcFilePath);
+}
+
+#pragma mark -------------------- Byte ordering functions --------------------
+
+/**
+ * @brief Convert fields in the psharedSegmentMsg struct to network byte order for sending
+ *
+ * Call this before each call to SHMMessageSend. Note: the data fields are not processed
+ * and need to be done individually. Also have to look for WrapSHMWrite.
+ *
+ * @param[in/out] msgStruct Message read.
+ *
+ */
+INTERNAL void SHSharedSegmentMsgToNetworkOrder(psharedSegmentMsg msg)
+{
+ if (msg)
+ {
+ msg->headerTag = htonl(msg->headerTag);
+ msg->msgSize = htonl(msg->msgSize);
+ msg->mtype = htonl(msg->mtype);
+ msg->user_id = htonl(msg->user_id);
+ msg->group_id = htonl(msg->group_id);
+ msg->command = htonl(msg->command);
+ msg->date = htonl(msg->date);
+ }
+}
+
+/**
+ * @brief Convert fields in the psharedSegmentMsg struct to host byte order on receive
+ *
+ * Call this after each call to SHMMessageReceive. Note: the data fields are not processed
+ * and need to be done individually, e.g. in MSGFunctionDemarshall
+ *
+ * @param[in/out] msgStruct Message read.
+ *
+ */
+INTERNAL void SHSharedSegmentMsgToHostOrder(psharedSegmentMsg msg)
+{
+ if (msg)
+ {
+ msg->headerTag = ntohl(msg->headerTag);
+ msg->msgSize = ntohl(msg->msgSize);
+ msg->mtype = ntohl(msg->mtype);
+ msg->user_id = ntohl(msg->user_id);
+ msg->group_id = ntohl(msg->group_id);
+ msg->command = ntohl(msg->command);
+ msg->date = ntohl(msg->date);
+ }
+}
+
+INTERNAL void htonlControlStructExtended(control_struct_extended *cs)
+{
+ if (cs)
+ {
+ cs->hCard = htonl(cs->hCard);
+ cs->dwControlCode = htonl(cs->dwControlCode);
+ cs->cbSendLength = htonl(cs->cbSendLength);
+ cs->cbRecvLength = htonl(cs->cbRecvLength);
+ cs->size = OSSwapHostToBigInt64(cs->size);
+ cs->rv = htonl(cs->rv); // so we don't forget about it
+ }
+}
+
+INTERNAL void ntohlControlStructExtended(control_struct_extended *cs)
+{
+ if (cs)
+ {
+ cs->hCard = ntohl(cs->hCard);
+ cs->dwControlCode = ntohl(cs->dwControlCode);
+ cs->cbSendLength = ntohl(cs->cbSendLength);
+ cs->cbRecvLength = ntohl(cs->cbRecvLength);
+ cs->size = OSSwapBigToHostInt64(cs->size);
+ cs->rv = ntohl(cs->rv);
+ }
+}
+
+INTERNAL void htonlTransmitStruct(transmit_struct *ts)
+{
+ if (ts)
+ {
+ ts->hCard = htonl(ts->hCard);
+ ts->pioSendPciProtocol = htonl(ts->pioSendPciProtocol);
+ ts->pioSendPciLength = htonl(ts->pioSendPciLength);
+ ts->cbSendLength = htonl(ts->cbSendLength);
+ ts->pioRecvPciProtocol = htonl(ts->pioRecvPciProtocol);
+ ts->pioRecvPciLength = htonl(ts->pioRecvPciLength);
+ ts->pcbRecvLength = htonl(ts->pcbRecvLength);
+ ts->rv = htonl(ts->rv); // so we don't forget about it
+ }
+}
+
+INTERNAL void ntohlTransmitStruct(transmit_struct *ts)
+{
+ if (ts)
+ {
+ ts->hCard = ntohl(ts->hCard);
+ ts->pioSendPciProtocol = ntohl(ts->pioSendPciProtocol);
+ ts->pioSendPciLength = ntohl(ts->pioSendPciLength);
+ ts->cbSendLength = ntohl(ts->cbSendLength);
+ ts->pioRecvPciProtocol = ntohl(ts->pioRecvPciProtocol);
+ ts->pioRecvPciLength = ntohl(ts->pioRecvPciLength);
+ ts->pcbRecvLength = ntohl(ts->pcbRecvLength);
+ ts->rv = ntohl(ts->rv);
+ }
+}
+
+INTERNAL void htonlTransmitStructExtended(transmit_struct_extended *ts)
+{
+ if (ts)
+ {
+ ts->hCard = htonl(ts->hCard);
+ ts->pioSendPciProtocol = htonl(ts->pioSendPciProtocol);
+ ts->pioSendPciLength = htonl(ts->pioSendPciLength);
+ ts->cbSendLength = htonl(ts->cbSendLength);
+ ts->pioRecvPciProtocol = htonl(ts->pioRecvPciProtocol);
+ ts->pioRecvPciLength = htonl(ts->pioRecvPciLength);
+ ts->pcbRecvLength = htonl(ts->pcbRecvLength);
+ /* Networks generally use big-endian order, and thus it is called network order when sending information over a network in a common format. */
+ ts->size = OSSwapHostToBigInt64(ts->size);
+ ts->rv = htonl(ts->rv); // so we don't forget about it
+ }
+}
+
+INTERNAL void ntohlTransmitStructExtended(transmit_struct_extended *ts)
+{
+ if (ts)
+ {
+ ts->hCard = ntohl(ts->hCard);
+ ts->pioSendPciProtocol = ntohl(ts->pioSendPciProtocol);
+ ts->pioSendPciLength = ntohl(ts->pioSendPciLength);
+ ts->cbSendLength = ntohl(ts->cbSendLength);
+ ts->pioRecvPciLength = ntohl(ts->pioRecvPciLength);
+ ts->pcbRecvLength = ntohl(ts->pcbRecvLength);
+ ts->size = OSSwapBigToHostInt64(ts->size);
+ ts->rv = ntohl(ts->rv);
+ }
+}
+
+INTERNAL void htonlEstablishStruct(establish_struct *es)
+{
+ if (es)
+ {
+ es->dwScope = htonl(es->dwScope);
+ es->phContext = htonl(es->phContext);
+ es->rv = htonl(es->rv);
+ }
+}
+
+INTERNAL void ntohlEstablishStruct(establish_struct *es)
+{
+ if (es)
+ {
+ es->dwScope = ntohl(es->dwScope);
+ es->phContext = ntohl(es->phContext);
+ es->rv = ntohl(es->rv);
+ }
+}
+
+INTERNAL void htonlReleaseStruct(release_struct *rs)
+{
+ if (rs)
+ {
+ rs->hContext = htonl(rs->hContext);
+ rs->rv = htonl(rs->rv);
+ }
+}
+
+INTERNAL void ntohlReleaseStruct(release_struct *rs)
+{
+ if (rs)
+ {
+ rs->hContext = ntohl(rs->hContext);
+ rs->rv = ntohl(rs->rv);
+ }
+}
+
+INTERNAL void htonlConnectStruct(connect_struct *cs)
+{
+ if (cs)
+ {
+ cs->hContext = htonl(cs->hContext);
+ cs->dwShareMode = htonl(cs->dwShareMode);
+ cs->dwPreferredProtocols = htonl(cs->dwPreferredProtocols);
+ cs->phCard = htonl(cs->phCard);
+ cs->pdwActiveProtocol = htonl(cs->pdwActiveProtocol);
+ cs->rv = htonl(cs->rv);
+ }
+}
+
+INTERNAL void ntohlConnectStruct(connect_struct *cs)
+{
+ if (cs)
+ {
+ cs->hContext = ntohl(cs->hContext);
+ cs->dwShareMode = ntohl(cs->dwShareMode);
+ cs->dwPreferredProtocols = ntohl(cs->dwPreferredProtocols);
+ cs->phCard = ntohl(cs->phCard);
+ cs->pdwActiveProtocol = ntohl(cs->pdwActiveProtocol);
+ cs->rv = ntohl(cs->rv);
+ }
+}
+
+INTERNAL void htonlReconnectStruct(reconnect_struct *rc)
+{
+ if (rc)
+ {
+ rc->hCard = htonl(rc->hCard);
+ rc->dwShareMode = htonl(rc->dwShareMode);
+ rc->dwPreferredProtocols = htonl(rc->dwPreferredProtocols);
+ rc->dwInitialization = htonl(rc->dwInitialization);
+ rc->pdwActiveProtocol = htonl(rc->pdwActiveProtocol);
+ rc->rv = htonl(rc->rv);
+ }
+}
+
+INTERNAL void ntohlReconnectStruct(reconnect_struct *rc)
+{
+ if (rc)
+ {
+ rc->hCard = ntohl(rc->hCard);
+ rc->dwShareMode = ntohl(rc->dwShareMode);
+ rc->dwPreferredProtocols = ntohl(rc->dwPreferredProtocols);
+ rc->dwInitialization = ntohl(rc->dwInitialization);
+ rc->pdwActiveProtocol = ntohl(rc->pdwActiveProtocol);
+ rc->rv = ntohl(rc->rv);
+ }
+}
+
+INTERNAL void htonlDisconnectStruct(disconnect_struct *dc)
+{
+ if (dc)
+ {
+ dc->hCard = htonl(dc->hCard);
+ dc->dwDisposition = htonl(dc->dwDisposition);
+ dc->rv = htonl(dc->rv);
+ }
+}
+
+INTERNAL void ntohlDisconnectStruct(disconnect_struct *dc)
+{
+ if (dc)
+ {
+ dc->hCard = ntohl(dc->hCard);
+ dc->dwDisposition = ntohl(dc->dwDisposition);
+ dc->rv = ntohl(dc->rv);
+ }
+}
+
+INTERNAL void htonlBeginStruct(begin_struct *bs)
+{
+ if (bs)
+ {
+ bs->hCard = htonl(bs->hCard);
+ bs->rv = htonl(bs->rv);
+ }
+}
+
+INTERNAL void ntohlBeginStruct(begin_struct *bs)
+{
+ if (bs)
+ {
+ bs->hCard = ntohl(bs->hCard);
+ bs->rv = ntohl(bs->rv);
+ }
+}
+
+INTERNAL void htonlCancelStruct(cancel_struct *cs)
+{
+ if (cs)
+ {
+ cs->hCard = htonl(cs->hCard);
+ cs->rv = htonl(cs->rv);
+ }
+}
+
+INTERNAL void ntohlCancelStruct(cancel_struct *cs)
+{
+ if (cs)
+ {
+ cs->hCard = ntohl(cs->hCard);
+ cs->rv = ntohl(cs->rv);
+ }
+}
+
+INTERNAL void htonlEndStruct(end_struct *es)
+{
+ if (es)
+ {
+ es->hCard = htonl(es->hCard);
+ es->dwDisposition = htonl(es->dwDisposition);
+ es->rv = htonl(es->rv);
+ }
+}
+
+INTERNAL void ntohlEndStruct(end_struct *es)
+{
+ if (es)
+ {
+ es->hCard = ntohl(es->hCard);
+ es->dwDisposition = ntohl(es->dwDisposition);
+ es->rv = ntohl(es->rv);
+ }
+}
+
+INTERNAL void htonlStatusStruct(status_struct *ss)
+{
+ if (ss)
+ {
+ ss->hCard = htonl(ss->hCard);
+ ss->pcchReaderLen = htonl(ss->pcchReaderLen);
+ ss->pdwState = htonl(ss->pdwState);
+ ss->pdwProtocol = htonl(ss->pdwProtocol);
+ ss->pcbAtrLen = htonl(ss->pcbAtrLen);
+ ss->rv = htonl(ss->rv);
+ }
+}
+
+INTERNAL void ntohlStatusStruct(status_struct *ss)
+{
+ if (ss)
+ {
+ ss->hCard = ntohl(ss->hCard);
+ ss->pcchReaderLen = ntohl(ss->pcchReaderLen);
+ ss->pdwState = ntohl(ss->pdwState);
+ ss->pdwProtocol = ntohl(ss->pdwProtocol);
+ ss->pcbAtrLen = ntohl(ss->pcbAtrLen);
+ ss->rv = ntohl(ss->rv);
+ }
+}
+
+INTERNAL void htonlControlStruct(control_struct *cs)
+{
+ if (cs)
+ {
+ cs->hCard = htonl(cs->hCard);
+ cs->dwControlCode = htonl(cs->dwControlCode);
+ cs->cbSendLength = htonl(cs->cbSendLength);
+ cs->cbRecvLength = htonl(cs->cbRecvLength);
+ cs->dwBytesReturned = htonl(cs->dwBytesReturned);
+ cs->rv = htonl(cs->rv);
+ }
+}
+
+INTERNAL void ntohlControlStruct(control_struct *cs)
+{
+ if (cs)
+ {
+ cs->hCard = ntohl(cs->hCard);
+ cs->dwControlCode = ntohl(cs->dwControlCode);
+ cs->cbSendLength = ntohl(cs->cbSendLength);
+ cs->cbRecvLength = ntohl(cs->cbRecvLength);
+ cs->dwBytesReturned = ntohl(cs->dwBytesReturned);
+ cs->rv = ntohl(cs->rv);
+ }
+}
+
+INTERNAL void htonlGetSetStruct(getset_struct *gs)
+{
+ if (gs)
+ {
+ gs->hCard = htonl(gs->hCard);
+ gs->dwAttrId = htonl(gs->dwAttrId);
+ gs->cbAttrLen = htonl(gs->cbAttrLen);
+ gs->rv = htonl(gs->rv);
+ }
+}
+
+INTERNAL void ntohlGetSetStruct(getset_struct *gs)
+{
+ if (gs)
+ {
+ gs->hCard = ntohl(gs->hCard);
+ gs->dwAttrId = ntohl(gs->dwAttrId);
+ gs->cbAttrLen = ntohl(gs->cbAttrLen);
+ gs->rv = ntohl(gs->rv);
+ }
+}
+
+INTERNAL void htonlVersionStruct(version_struct *vs)
+{
+ if (vs)
+ {
+ vs->major = htonl(vs->major);
+ vs->minor = htonl(vs->minor);
+ vs->rv = htonl(vs->rv);
+ }
+}
+
+INTERNAL void ntohlVersionStruct(version_struct *vs)
+{
+ if (vs)
+ {
+ vs->major = ntohl(vs->major);
+ vs->minor = ntohl(vs->minor);
+ vs->rv = ntohl(vs->rv);
+ }
+}
+
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/winscard_msg.h
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/winscard_msg.h (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/winscard_msg.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,423 @@
+/*
+ * Copyright (c) 2000-2007 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * winscard_msg.h
+ * SmartCardServices
+ */
+
+/*
+ * MUSCLE SmartCard Development ( http://www.linuxnet.com )
+ *
+ * Copyright (C) 2001-2004
+ * David Corcoran <corcoran at linuxnet.com>
+ * Damien Sauveron <damien.sauveron at labri.fr>
+ * Ludovic Rousseau <ludovic.rousseau at free.fr>
+ *
+ * $Id: winscard_msg.h 2900 2008-04-22 13:12:50Z rousseau $
+ */
+
+/**
+ * @file
+ * @brief This defines some structures and \#defines to be used over
+ * the transport layer.
+ */
+
+#ifndef __winscard_msg_h__
+#define __winscard_msg_h__
+
+#include "pcscexport.h"
+
+/** Major version of the current message protocol */
+#define PROTOCOL_VERSION_MAJOR 3
+/** Minor version of the current message protocol */
+#define PROTOCOL_VERSION_MINOR 0
+
+#define WINSCARD_MSG_HEADER_TAG 0x12345678
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+
+ /**
+ * @brief General structure for client/serve message data exchange.
+ *
+ * It is used in the calls of \c SHMMessageSend and \c SHMMessageReceive.
+ * The field \c data is interpreted according to the values of the fields
+ * \c mtype and \c command. The possible structs the \c data field can
+ * represent are: \c version_struct \c client_struct \c establish_struct
+ * \c release_struct \c connect_struct \c reconnect_struct
+ * \c disconnect_struct \c begin_struct \c end_struct \c cancel_struct
+ * \c status_struct \c transmit_struct \c control_struct \c getset_struct
+ */
+ typedef struct rxSharedSegment
+ {
+ uint32_t headerTag; /** Always WINSCARD_MSG_HEADER_TAG */
+ uint32_t msgSize; /** size of the whole message being sent/received */
+ uint32_t mtype; /** one of the \c pcsc_adm_commands */
+ uint32_t user_id;
+ uint32_t group_id;
+ uint32_t command; /** one of the \c pcsc_msg_commands */
+ uint64_t date;
+ unsigned char key[PCSCLITE_MSG_KEY_LEN];
+ unsigned char data[PCSCLITE_MAX_MESSAGE_SIZE];
+ }
+ sharedSegmentMsg, *psharedSegmentMsg;
+
+ /**
+ * Command types available to use in the field \c sharedSegmentMsg.mtype.
+ */
+ enum pcsc_adm_commands
+ {
+ CMD_FUNCTION = 0xF1,
+ CMD_FAILED = 0xF2,
+ CMD_SERVER_DIED = 0xF3,
+ CMD_CLIENT_DIED = 0xF4,
+ CMD_READER_EVENT = 0xF5,
+ CMD_SYN = 0xF6,
+ CMD_ACK = 0xF7,
+ CMD_VERSION = 0xF8 /**< version of the IPC */
+ };
+
+ /**
+ * @brief Commands available to use in the field \c sharedSegmentMsg.command.
+ */
+ enum pcsc_msg_commands
+ {
+ SCARD_ESTABLISH_CONTEXT = 0x01, /**< used by SCardEstablishContext() */
+ SCARD_RELEASE_CONTEXT = 0x02, /**< used by SCardReleaseContext() */
+ SCARD_LIST_READERS = 0x03, /**< used by SCardListReaders() */
+ SCARD_CONNECT = 0x04, /**< used by SCardConnect() */
+ SCARD_RECONNECT = 0x05, /**< used by SCardReconnect() */
+ SCARD_DISCONNECT = 0x06, /**< used by SCardDisconnect() */
+ SCARD_BEGIN_TRANSACTION = 0x07, /**< used by SCardBeginTransaction() */
+ SCARD_END_TRANSACTION = 0x08, /**< used by SCardEndTransaction() */
+ SCARD_TRANSMIT = 0x09, /**< used by SCardTransmit() */
+ SCARD_CONTROL = 0x0A, /**< used by SCardControl() */
+ SCARD_STATUS = 0x0B, /**< used by SCardStatus() */
+ SCARD_GET_STATUS_CHANGE = 0x0C, /**< used by SCardGetStatusChange() */
+ SCARD_CANCEL = 0x0D, /**< used by SCardCancel() */
+ SCARD_CANCEL_TRANSACTION = 0x0E,
+ SCARD_GET_ATTRIB = 0x0F, /**< used by SCardGetAttrib() */
+ SCARD_SET_ATTRIB = 0x10, /**< used by SCardSetAttrib() */
+ SCARD_TRANSMIT_EXTENDED = 0x11, /**< used by SCardTransmit() */
+ SCARD_CONTROL_EXTENDED = 0x12 /**< used by SCardControl() */
+ };
+
+ /**
+ * @brief Information transmitted in \ref CMD_VERSION Messages.
+ */
+ struct version_struct
+ {
+ int32_t major; /**< IPC major \ref PROTOCOL_VERSION_MAJOR */
+ int32_t minor; /**< IPC minor \ref PROTOCOL_VERSION_MINOR */
+ uint32_t rv;
+ };
+ typedef struct version_struct version_struct;
+
+ struct client_struct
+ {
+ uint32_t hContext;
+ };
+ typedef struct client_struct client_struct;
+
+ /**
+ * @brief Information contained in \ref SCARD_ESTABLISH_CONTEXT Messages.
+ *
+ * These data are passed throw the field \c sharedSegmentMsg.data.
+ */
+ struct establish_struct
+ {
+ uint32_t dwScope;
+ uint32_t phContext;
+ uint32_t rv;
+ };
+ typedef struct establish_struct establish_struct;
+
+ /**
+ * @brief Information contained in \ref SCARD_RELEASE_CONTEXT Messages.
+ *
+ * These data are passed throw the field \c sharedSegmentMsg.data.
+ */
+ struct release_struct
+ {
+ uint32_t hContext;
+ uint32_t rv;
+ };
+ typedef struct release_struct release_struct;
+
+ /**
+ * @brief contained in \ref SCARD_CONNECT Messages.
+ *
+ * These data are passed throw the field \c sharedSegmentMsg.data.
+ */
+ struct connect_struct
+ {
+ uint32_t hContext;
+ char szReader[MAX_READERNAME];
+ uint32_t dwShareMode;
+ uint32_t dwPreferredProtocols;
+ int32_t phCard;
+ uint32_t pdwActiveProtocol;
+ uint32_t rv;
+ };
+ typedef struct connect_struct connect_struct;
+
+ /**
+ * @brief contained in \ref SCARD_RECONNECT Messages.
+ *
+ * These data are passed throw the field \c sharedSegmentMsg.data.
+ */
+ struct reconnect_struct
+ {
+ int32_t hCard;
+ uint32_t dwShareMode;
+ uint32_t dwPreferredProtocols;
+ uint32_t dwInitialization;
+ uint32_t pdwActiveProtocol;
+ uint32_t rv;
+ };
+ typedef struct reconnect_struct reconnect_struct;
+
+ /**
+ * @brief contained in \ref SCARD_DISCONNECT Messages.
+ *
+ * These data are passed throw the field \c sharedSegmentMsg.data.
+ */
+ struct disconnect_struct
+ {
+ int32_t hCard;
+ uint32_t dwDisposition;
+ uint32_t rv;
+ };
+ typedef struct disconnect_struct disconnect_struct;
+
+ /**
+ * @brief contained in \ref SCARD_BEGIN_TRANSACTION Messages.
+ *
+ * These data are passed throw the field \c sharedSegmentMsg.data.
+ */
+ struct begin_struct
+ {
+ int32_t hCard;
+ uint32_t rv;
+ };
+ typedef struct begin_struct begin_struct;
+
+ /**
+ * @brief contained in \ref SCARD_END_TRANSACTION Messages.
+ *
+ * These data are passed throw the field \c sharedSegmentMsg.data.
+ */
+ struct end_struct
+ {
+ int32_t hCard;
+ uint32_t dwDisposition;
+ uint32_t rv;
+ };
+ typedef struct end_struct end_struct;
+
+ /**
+ * @brief contained in \ref SCARD_CANCEL Messages.
+ *
+ * These data are passed throw the field \c sharedSegmentMsg.data.
+ */
+ struct cancel_struct
+ {
+ int32_t hCard;
+ uint32_t rv;
+ };
+ typedef struct cancel_struct cancel_struct;
+
+ /**
+ * @brief contained in \ref SCARD_STATUS Messages.
+ *
+ * These data are passed throw the field \c sharedSegmentMsg.data.
+ */
+ struct status_struct
+ {
+ int32_t hCard;
+ char mszReaderNames[MAX_READERNAME];
+ uint32_t pcchReaderLen;
+ uint32_t pdwState;
+ uint32_t pdwProtocol;
+ uint8_t pbAtr[MAX_ATR_SIZE];
+ uint32_t pcbAtrLen;
+ uint32_t rv;
+ };
+ typedef struct status_struct status_struct;
+
+ /**
+ * @brief contained in \ref SCARD_TRANSMIT Messages.
+ *
+ * These data are passed throw the field \c sharedSegmentMsg.data.
+ */
+ struct transmit_struct
+ {
+ int32_t hCard;
+ uint32_t pioSendPciProtocol;
+ uint32_t pioSendPciLength;
+ uint8_t pbSendBuffer[MAX_BUFFER_SIZE];
+ uint32_t cbSendLength;
+ uint32_t pioRecvPciProtocol;
+ uint32_t pioRecvPciLength;
+ uint8_t pbRecvBuffer[MAX_BUFFER_SIZE];
+ uint32_t pcbRecvLength;
+ uint32_t rv;
+ };
+ typedef struct transmit_struct transmit_struct;
+
+ /**
+ * @brief contained in \ref SCARD_TRANSMIT_EXTENDED Messages.
+ *
+ * These data are passed throw the field \c sharedSegmentMsg.data.
+ */
+ struct transmit_struct_extended
+ {
+ int32_t hCard;
+ uint32_t pioSendPciProtocol;
+ uint32_t pioSendPciLength;
+ uint32_t cbSendLength;
+ uint32_t pioRecvPciProtocol;
+ uint32_t pioRecvPciLength;
+ uint32_t pcbRecvLength;
+ uint32_t rv;
+ uint64_t size;
+ uint8_t data[1];
+ };
+ typedef struct transmit_struct_extended transmit_struct_extended;
+
+ /**
+ * @brief contained in \ref SCARD_CONTROL Messages.
+ *
+ * These data are passed throw the field \c sharedSegmentMsg.data.
+ */
+ struct control_struct
+ {
+ int32_t hCard;
+ uint32_t dwControlCode;
+ uint8_t pbSendBuffer[MAX_BUFFER_SIZE];
+ uint32_t cbSendLength;
+ uint8_t pbRecvBuffer[MAX_BUFFER_SIZE];
+ uint32_t cbRecvLength;
+ uint32_t dwBytesReturned;
+ uint32_t rv;
+ };
+ typedef struct control_struct control_struct;
+
+ /**
+ * @brief contained in \ref SCARD_CONTROL_EXTENDED Messages.
+ *
+ * These data are passed throw the field \c sharedSegmentMsg.data.
+ */
+ struct control_struct_extended
+ {
+ int32_t hCard;
+ uint32_t dwControlCode;
+ uint32_t cbSendLength;
+ uint32_t cbRecvLength;
+ uint32_t pdwBytesReturned;
+ uint32_t rv;
+ uint64_t size;
+ uint8_t data[1];
+ };
+ typedef struct control_struct_extended control_struct_extended;
+
+ /**
+ * @brief contained in \ref SCARD_GET_ATTRIB and \c Messages.
+ *
+ * These data are passed throw the field \c sharedSegmentMsg.data.
+ */
+ struct getset_struct
+ {
+ int32_t hCard;
+ uint32_t dwAttrId;
+ uint8_t pbAttr[MAX_BUFFER_SIZE];
+ uint32_t cbAttrLen;
+ uint32_t rv;
+ };
+ typedef struct getset_struct getset_struct;
+
+ /*
+ * Now some function definitions
+ */
+
+ int32_t SHMClientReadMessage(psharedSegmentMsg msgStruct, uint32_t dwClientID, size_t dataSize, int blockamount);
+
+ int32_t SHMClientRead(psharedSegmentMsg, uint32_t, int32_t);
+ int32_t SHMClientSetupSession(uint32_t *);
+ int32_t SHMClientCloseSession(uint32_t);
+ int32_t SHMInitializeCommonSegment(void);
+ int32_t SHMProcessEventsContext(uint32_t, psharedSegmentMsg, int32_t);
+ int32_t SHMProcessEventsServer(uint32_t *, int32_t);
+ int32_t SHMMessageSend(void *buffer, uint64_t buffer_size, int32_t filedes,
+ int32_t blockAmount);
+ int32_t SHMMessageReceive(void *buffer, uint64_t buffer_size,
+ int32_t filedes, int32_t blockAmount);
+ int32_t WrapSHMWrite(uint32_t command, uint32_t dwClientID, uint64_t dataSize,
+ uint32_t blockAmount, void *data);
+ void SHMCleanupSharedSegment(int32_t, const char *);
+
+ void SHSharedSegmentMsgToNetworkOrder(psharedSegmentMsg msg);
+ void SHSharedSegmentMsgToHostOrder(psharedSegmentMsg msg);
+ size_t SHMCalculateMessageSize(size_t dataSize);
+ int32_t SHMCommunicationTimeout();
+
+ // Fix up byte ordering
+ INTERNAL void htonlControlStructExtended(control_struct_extended *cs);
+ INTERNAL void ntohlControlStructExtended(control_struct_extended *cs);
+ INTERNAL void htonlTransmitStructExtended(transmit_struct_extended *ts);
+ INTERNAL void ntohlTransmitStructExtended(transmit_struct_extended *ts);
+ INTERNAL void htonlEstablishStruct(establish_struct *es);
+ INTERNAL void ntohlEstablishStruct(establish_struct *es);
+ INTERNAL void htonlTransmitStruct(transmit_struct *ts);
+ INTERNAL void ntohlTransmitStruct(transmit_struct *ts);
+ INTERNAL void htonlReleaseStruct(release_struct *rs);
+ INTERNAL void ntohlReleaseStruct(release_struct *rs);
+ INTERNAL void htonlConnectStruct(connect_struct *Cs);
+ INTERNAL void ntohlConnectStruct(connect_struct *cs);
+ INTERNAL void htonlReconnectStruct(reconnect_struct *rc);
+ INTERNAL void ntohlReconnectStruct(reconnect_struct *rc);
+ INTERNAL void htonlDisconnectStruct(disconnect_struct *dc);
+ INTERNAL void ntohlDisconnectStruct(disconnect_struct *dc);
+ INTERNAL void htonlBeginStruct(begin_struct *bs);
+ INTERNAL void ntohlBeginStruct(begin_struct *bs);
+ INTERNAL void htonlCancelStruct(cancel_struct *cs);
+ INTERNAL void ntohlCancelStruct(cancel_struct *cs);
+ INTERNAL void htonlEndStruct(end_struct *es);
+ INTERNAL void ntohlEndStruct(end_struct *es);
+ INTERNAL void htonlStatusStruct(status_struct *ss);
+ INTERNAL void ntohlStatusStruct(status_struct *ss);
+ INTERNAL void htonlControlStruct(control_struct *cs);
+ INTERNAL void ntohlControlStruct(control_struct *cs);
+ INTERNAL void htonlGetSetStruct(getset_struct *gs);
+ INTERNAL void ntohlGetSetStruct(getset_struct *gs);
+ INTERNAL void htonlVersionStruct(version_struct *vs);
+ INTERNAL void ntohlVersionStruct(version_struct *vs);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/winscard_msg_srv.c
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/winscard_msg_srv.c (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/winscard_msg_srv.c 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,315 @@
+/*
+ * MUSCLE SmartCard Development ( http://www.linuxnet.com )
+ *
+ * Copyright (C) 2001-2004
+ * David Corcoran <corcoran at linuxnet.com>
+ * Damien Sauveron <damien.sauveron at labri.fr>
+ * Ludoic Rousseau <ludovic.rousseau at free.fr>
+ *
+ * $Id: winscard_msg_srv.c 2961 2008-05-16 09:12:53Z rousseau $
+ */
+
+/**
+ * @file
+ * @brief client/server communication (on the server side only)
+ *
+ * A file based socket (\c commonSocket) is used to send/receive only messages
+ * among clients and server.\n
+ * The messages' data are passed throw a memory mapped file: \c sharedSegmentMsg.
+ */
+
+#include "config.h"
+#include <fcntl.h>
+#include <unistd.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/socket.h>
+#include <sys/time.h>
+#include <sys/un.h>
+#include <sys/ioctl.h>
+#include <errno.h>
+#include <stdio.h>
+#include <time.h>
+#include <string.h>
+#ifdef HAVE_SYS_FILIO_H
+#include <sys/filio.h>
+#endif
+
+#include "wintypes.h"
+#include "pcscexport.h"
+#include "winscard.h"
+#include "debuglog.h"
+#include "winscard_msg.h"
+#include "sys_generic.h"
+
+/**
+ * Socket to a file, used for clients-server comminication.
+ */
+static int commonSocket = 0;
+extern char AraKiri;
+extern char ReCheckSerialReaders;
+
+/**
+ * @brief Accepts a Client connection.
+ *
+ * Called by \c SHMProcessEventsServer().
+ *
+ * @param[out] pdwClientID Connection ID used to reference the Client.
+ *
+ * @return Error code.
+ * @retval 0 Success.
+ * @retval -1 Can not establish the connection.
+ * @retval -1 Can not set the connection to non-blocking mode.
+ */
+static int SHMProcessCommonChannelRequest(uint32_t *pdwClientID)
+{
+ socklen_t clnt_len;
+ int new_sock;
+ struct sockaddr_un clnt_addr;
+ int one;
+
+ clnt_len = sizeof(clnt_addr);
+
+ if ((new_sock = accept(commonSocket, (struct sockaddr *) &clnt_addr,
+ &clnt_len)) < 0)
+ {
+ Log2(PCSC_LOG_CRITICAL, "Accept on common socket: %s",
+ strerror(errno));
+ return -1;
+ }
+
+ *pdwClientID = new_sock;
+
+ one = 1;
+ if (ioctl(*pdwClientID, FIONBIO, &one) < 0)
+ {
+ Log2(PCSC_LOG_CRITICAL, "Error: cannot set socket nonblocking: %s",
+ strerror(errno));
+ SYS_CloseFile(*pdwClientID);
+ *pdwClientID = -1;
+ return -1;
+ }
+
+ return 0;
+}
+
+/**
+ * @brief Prepares the communication channel used by the server to talk to the
+ * clients.
+ *
+ * This is called by the server to create a socket for local IPC with the
+ * clients. The socket is associated to the file \c PCSCLITE_CSOCK_NAME.
+ * Each client will open a connection to this socket.
+ *
+ * @return Error code.
+ * @retval 0 Success
+ * @retval -1 Can not create the socket.
+ * @retval -1 Can not bind the socket to the file \c PCSCLITE_CSOCK_NAME.
+ * @retval -1 Can not put the socket in listen mode.
+ */
+INTERNAL int SHMInitializeCommonSegment(void)
+{
+ static struct sockaddr_un serv_adr;
+
+ /*
+ * Create the common shared connection socket
+ */
+ if ((commonSocket = socket(AF_UNIX, SOCK_STREAM, 0)) < 0)
+ {
+ Log2(PCSC_LOG_CRITICAL, "Unable to create common socket: %s",
+ strerror(errno));
+ return -1;
+ }
+
+ serv_adr.sun_family = AF_UNIX;
+ strncpy(serv_adr.sun_path, PCSCLITE_CSOCK_NAME,
+ sizeof(serv_adr.sun_path));
+ SYS_Unlink(PCSCLITE_CSOCK_NAME);
+
+ if (bind(commonSocket, (struct sockaddr *) &serv_adr,
+ sizeof(serv_adr.sun_family) + strlen(serv_adr.sun_path) + 1) < 0)
+ {
+ Log2(PCSC_LOG_CRITICAL, "Unable to bind common socket: %s",
+ strerror(errno));
+ SHMCleanupSharedSegment(commonSocket, PCSCLITE_CSOCK_NAME);
+ return -1;
+ }
+
+ if (listen(commonSocket, 1) < 0)
+ {
+ Log2(PCSC_LOG_CRITICAL, "Unable to listen common socket: %s",
+ strerror(errno));
+ SHMCleanupSharedSegment(commonSocket, PCSCLITE_CSOCK_NAME);
+ return -1;
+ }
+
+ /*
+ * Chmod the public entry channel
+ */
+ SYS_Chmod(PCSCLITE_CSOCK_NAME, S_IRWXO | S_IRWXG | S_IRWXU);
+
+ return 0;
+}
+
+/**
+ * @brief Looks for messages sent by clients.
+ *
+ * This is called by the Server's function \c SVCServiceRunLoop().
+ *
+ * @param[out] pdwClientID Connection ID used to reference the Client.
+ * @param[in] blocktime Timeout (not used).
+ *
+ * @return Error code.
+ * @retval 0 Success.
+ * @retval -1 Error accessing the communication channel.
+ * @retval -1 Can not set the connection to non-blocking mode.
+ * @retval 2 Timeout.
+ */
+#if defined(__NetBSD__) || defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__DragonFly__)
+#define DO_TIMEOUT
+#endif
+INTERNAL int32_t SHMProcessEventsServer(uint32_t *pdwClientID, int32_t blocktime)
+{
+ fd_set read_fd;
+ int selret;
+#ifdef DO_TIMEOUT
+ struct timeval tv;
+
+ tv.tv_sec = 1;
+ tv.tv_usec = 0;
+#endif
+
+ FD_ZERO(&read_fd);
+
+ /*
+ * Set up the bit masks for select
+ */
+ FD_SET(commonSocket, &read_fd);
+
+ selret = select(commonSocket + 1, &read_fd, (fd_set *) NULL,
+ (fd_set *) NULL,
+#ifdef DO_TIMEOUT
+ &tv
+#else
+ NULL
+#endif
+ );
+
+ if (selret < 0)
+ {
+ if (EINTR == errno)
+ return -2;
+
+ Log2(PCSC_LOG_CRITICAL, "Select returns with failure: %s",
+ strerror(errno));
+ return -1;
+ }
+
+ if (selret == 0)
+ /* timeout. On *BSD only */
+ return 2;
+
+ /*
+ * A common pipe packet has arrived - it could be a new application
+ */
+ if (FD_ISSET(commonSocket, &read_fd))
+ {
+ Log1(PCSC_LOG_DEBUG, "Common channel packet arrival");
+ if (SHMProcessCommonChannelRequest(pdwClientID) == -1)
+ {
+ Log2(PCSC_LOG_ERROR,
+ "error in SHMProcessCommonChannelRequest: %d", *pdwClientID);
+ return -1;
+ } else
+ {
+ Log2(PCSC_LOG_DEBUG,
+ "SHMProcessCommonChannelRequest detects: %d", *pdwClientID);
+ return 0;
+ }
+ }
+
+ return -1;
+}
+
+/**
+ * @brief
+ *
+ * Called by \c ContextThread().
+ */
+INTERNAL int32_t SHMProcessEventsContext(uint32_t dwClientID,
+ psharedSegmentMsg msgStruct, int32_t blocktime)
+{
+ fd_set read_fd;
+ int selret, rv;
+ struct timeval tv;
+
+ tv.tv_sec = 1;
+ tv.tv_usec = 0;
+
+ FD_ZERO(&read_fd);
+ FD_SET(dwClientID, &read_fd);
+
+ selret = select(dwClientID + 1, &read_fd, (fd_set *) NULL,
+ (fd_set *) NULL, &tv);
+
+ if (selret < 0)
+ {
+ Log2(PCSC_LOG_ERROR, "select returns with failure: %s",
+ strerror(errno));
+ return -1;
+ }
+
+ if (selret == 0)
+ {
+// Log3(PCSC_LOG_ERROR, "SHMProcessEventsContext: select timed out, errno: %d, %s", errno,
+// strerror(errno));
+ /* timeout */
+ return 2;
+ }
+
+ if (FD_ISSET(dwClientID, &read_fd))
+ {
+ /*
+ * Return the current handle
+ */
+ /*
+ The 0 for size below means that SHMClientReadMessage should calculate the size from the
+ message header. The size is not sizeof(*msgStruct)
+ */
+ rv = SHMClientReadMessage(msgStruct, dwClientID, 0, SHMCommunicationTimeout());
+ if (rv == -1)
+ { /* The client has died */
+ Log2(PCSC_LOG_DEBUG, "Client has disappeared: %d", dwClientID);
+ msgStruct->mtype = CMD_CLIENT_DIED;
+ msgStruct->command = 0;
+ SYS_CloseFile(dwClientID);
+
+ return 0;
+ }
+
+ /*
+ * Set the identifier handle
+ */
+ Log2(PCSC_LOG_DEBUG, "correctly processed client: %d", dwClientID);
+ return 1;
+ }
+
+ return -1;
+}
+
+INTERNAL int SHMCommunicationTimeout()
+{
+ /*
+ This is a param to e.g. SHMClientReadMessage, and is a timeout in milliseconds.
+ The constant PCSCLITE_SERVER_ATTEMPTS is very poorly named; it is a time value
+ in milliseconds, not the number of attempts. Some values to use:
+ 5 default if PCSCLITE_ENHANCED_MESSAGING not defined
+ 200 if PCSCLITE_ENHANCED_MESSAGING is defined
+ 12000 might be a good value to set while debugging
+ */
+
+ static int baseTimeout = 12000;//PCSCLITE_SERVER_ATTEMPTS;
+ volatile int timeOut = baseTimeout;
+
+ return timeOut;
+}
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/winscard_svc.c
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/winscard_svc.c (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/winscard_svc.c 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,892 @@
+/*
+ * Copyright (c) 2000-2007 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * winscard_svc.c
+ * SmartCardServices
+ */
+
+/*
+ * MUSCLE SmartCard Development ( http://www.linuxnet.com )
+ *
+ * Copyright (C) 2001-2004
+ * David Corcoran <corcoran at linuxnet.com>
+ * Damien Sauveron <damien.sauveron at labri.fr>
+ * Ludovic Rousseau <ludovic.rousseau at free.fr>
+ *
+ * $Id: winscard_svc.c 2377 2007-02-05 13:13:56Z rousseau $
+ */
+
+/**
+ * @file
+ * @brief This demarshalls functions over the message queue and keeps
+ * track of clients and their handles.
+ *
+ * Each Client message is deald by creating a thread (\c CreateContextThread).
+ * The thread establishes reands and demarshalls the message and calls the
+ * appropriate function to threat it.
+ */
+
+#include "config.h"
+#include <time.h>
+#include <stdio.h>
+#include <string.h>
+
+#include "wintypes.h"
+#include "pcsclite.h"
+#include "winscard.h"
+#include "debuglog.h"
+#include "winscard_msg.h"
+#include "winscard_svc.h"
+#include "sys_generic.h"
+#include "thread_generic.h"
+#include "readerfactory.h"
+#include "hotplug.h"
+
+#include <errno.h>
+#include <unistd.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <sys/un.h>
+#include <sys/ioctl.h>
+#include <stdlib.h>
+
+/**
+ * @brief Represents the an Application Context on the Server side.
+ *
+ * An Application Context contains Channels (\c hCard).
+ */
+static struct _psContext
+{
+ SCARDCONTEXT hContext;
+ SCARDHANDLE hCard[PCSCLITE_MAX_APPLICATION_CONTEXT_CHANNELS];
+ DWORD dwClientID; /* Connection ID used to reference the Client. */
+ PCSCLITE_THREAD_T pthThread; /* Event polling thread's ID */
+ sharedSegmentMsg msgStruct; /* Msg sent by the Client */
+ int protocol_major, protocol_minor; /* Protocol number agreed between client and server*/
+} psContext[PCSCLITE_MAX_APPLICATIONS_CONTEXTS];
+
+LONG MSGCheckHandleAssociation(SCARDHANDLE, DWORD);
+LONG MSGFunctionDemarshall(psharedSegmentMsg, DWORD, uint32_t *replySize);
+LONG MSGAddContext(SCARDCONTEXT, DWORD);
+LONG MSGRemoveContext(SCARDCONTEXT, DWORD);
+LONG MSGAddHandle(SCARDCONTEXT, SCARDHANDLE, DWORD);
+LONG MSGRemoveHandle(SCARDHANDLE, DWORD);
+LONG MSGCleanupClient(DWORD);
+
+static void ContextThread(LPVOID pdwIndex);
+
+LONG ContextsInitialize(void)
+{
+ memset(psContext, 0, sizeof(struct _psContext)*PCSCLITE_MAX_APPLICATIONS_CONTEXTS);
+ return 1;
+}
+
+/**
+ * @brief Creates threads to handle messages received from Clients.
+ *
+ * @param[in] pdwClientID Connection ID used to reference the Client.
+ *
+ * @return Error code.
+ * @retval SCARD_S_SUCCESS Success.
+ * @retval SCARD_F_INTERNAL_ERROR Exceded the maximum number of simultaneous Application Contexts.
+ * @retval SCARD_E_NO_MEMORY Error creating the Context Thread.
+ */
+LONG CreateContextThread(PDWORD pdwClientID)
+{
+ int i;
+
+ for (i = 0; i < PCSCLITE_MAX_APPLICATIONS_CONTEXTS; i++)
+ {
+ if (psContext[i].dwClientID == 0)
+ {
+ psContext[i].dwClientID = *pdwClientID;
+ *pdwClientID = 0;
+ break;
+ }
+ }
+
+ if (i == PCSCLITE_MAX_APPLICATIONS_CONTEXTS)
+ {
+ SYS_CloseFile(psContext[i].dwClientID);
+ psContext[i].dwClientID = 0;
+ Log2(PCSC_LOG_CRITICAL, "No more context available (max: %d)",
+ PCSCLITE_MAX_APPLICATIONS_CONTEXTS);
+ return SCARD_F_INTERNAL_ERROR;
+ }
+
+ if (SYS_ThreadCreate(&psContext[i].pthThread, THREAD_ATTR_DETACHED,
+ (PCSCLITE_THREAD_FUNCTION( )) ContextThread,
+ (LPVOID) i) != 1)
+ {
+ SYS_CloseFile(psContext[i].dwClientID);
+ psContext[i].dwClientID = 0;
+ Log1(PCSC_LOG_CRITICAL, "SYS_ThreadCreate failed");
+ return SCARD_E_NO_MEMORY;
+ }
+
+ return SCARD_S_SUCCESS;
+}
+
+/*
+ * A list of local functions used to keep track of clients and their
+ * connections
+ */
+
+/**
+ * @brief Handles messages received from Clients.
+ *
+ * For each Client message a new instance of this thread is created.
+ *
+ * @param[in] dwIndex Index of an avaiable Application Context slot in
+ * \c psContext.
+ */
+
+/*
+ To handle the possible case where the client is one architecture and the server is another
+ (e.g. a PPC app running through Rosetta on OS X talking to a native i386 pcscd), we convert
+ everything going OUT over the pipe to network byte order. Conversely, everything coming IN
+ over the pipe is converted to host byte order.
+*/
+
+static void ContextThread(LPVOID dwIndex)
+{
+ LONG rv;
+ DWORD dwContextIndex = (DWORD)dwIndex;
+
+ Log2(PCSC_LOG_DEBUG, "Thread is started: %d",
+ psContext[dwContextIndex].dwClientID);
+
+ while (1)
+ {
+ sharedSegmentMsg msgStruct = {0,};
+
+ systemAwakeAndReadyCheck();
+
+ /*
+ Note: SHSharedSegmentMsgToHostOrder(&msgStruct) was called in SHMProcessEventsContext
+ This means that msgStruct contains host-order fields
+ */
+ switch (rv = SHMProcessEventsContext(psContext[dwContextIndex].dwClientID, &msgStruct, 0))
+ {
+ case 0:
+ if (msgStruct.mtype == CMD_CLIENT_DIED)
+ {
+ /*
+ * Clean up the dead client
+ */
+ Log2(PCSC_LOG_DEBUG, "Client die: %d",
+ psContext[dwContextIndex].dwClientID);
+ MSGCleanupClient(dwContextIndex);
+ SYS_ThreadExit((LPVOID) NULL);
+ }
+ break;
+
+ case 1:
+ if (msgStruct.mtype == CMD_FUNCTION)
+ {
+ /*
+ * Command must be found
+ */
+ uint32_t replySize = 0;
+ MSGFunctionDemarshall(&msgStruct, dwContextIndex, &replySize);
+
+ /* the SCARD_TRANSMIT_EXTENDED anwser is already sent by
+ * MSGFunctionDemarshall */
+ if ((msgStruct.command != SCARD_TRANSMIT_EXTENDED)
+ && (msgStruct.command != SCARD_CONTROL_EXTENDED))
+ {
+ sharedSegmentMsg tmpMsgStruct;
+ replySize += (sizeof(sharedSegmentMsg) - sizeof(msgStruct.data));
+ memcpy(&tmpMsgStruct, &msgStruct, replySize);
+ SHSharedSegmentMsgToNetworkOrder(&tmpMsgStruct);
+ rv = SHMMessageSend(&tmpMsgStruct, replySize,
+ psContext[dwContextIndex].dwClientID,
+ SHMCommunicationTimeout());
+ }
+ }
+ else
+ /* pcsc-lite client/server protocol version */
+ if (msgStruct.mtype == CMD_VERSION)
+ {
+ version_struct *veStr;
+ veStr = (version_struct *) msgStruct.data;
+ ntohlVersionStruct(veStr);
+
+ /* get the client protocol version */
+ psContext[dwContextIndex].protocol_major = veStr->major;
+ psContext[dwContextIndex].protocol_minor = veStr->minor;
+
+ Log3(PCSC_LOG_DEBUG,
+ "Client is protocol version %d:%d",
+ veStr->major, veStr->minor);
+
+ veStr->rv = SCARD_S_SUCCESS;
+
+ /* client is newer than server */
+ if ((veStr->major > PROTOCOL_VERSION_MAJOR)
+ || (veStr->major == PROTOCOL_VERSION_MAJOR
+ && veStr->minor > PROTOCOL_VERSION_MINOR))
+ {
+ Log3(PCSC_LOG_CRITICAL,
+ "Client protocol is too new %d:%d",
+ veStr->major, veStr->minor);
+ Log3(PCSC_LOG_CRITICAL,
+ "Server protocol is %d:%d",
+ PROTOCOL_VERSION_MAJOR, PROTOCOL_VERSION_MINOR);
+ veStr->rv = SCARD_E_NO_SERVICE;
+ }
+
+ /* set the server protocol version */
+ veStr->major = PROTOCOL_VERSION_MAJOR;
+ veStr->minor = PROTOCOL_VERSION_MINOR;
+ htonlVersionStruct(veStr);
+
+ /* send back the response */
+ sharedSegmentMsg tmpMsgStruct = msgStruct;
+ SHSharedSegmentMsgToNetworkOrder(&tmpMsgStruct);
+ rv = SHMMessageSend(&tmpMsgStruct, SHMCalculateMessageSize(sizeof(version_struct)),
+ psContext[dwContextIndex].dwClientID,
+ SHMCommunicationTimeout());
+ }
+ else
+ continue;
+
+ break;
+
+ case 2:
+ /*
+ * timeout in SHMProcessEventsContext(): do nothing
+ * this is used to catch the Ctrl-C signal at some time when
+ * nothing else happens
+ */
+ break;
+
+ case -1:
+ Log1(PCSC_LOG_ERROR, "Error in SHMProcessEventsContext");
+ break;
+
+ default:
+ Log2(PCSC_LOG_ERROR,
+ "SHMProcessEventsContext unknown retval: %d", rv);
+ break;
+ }
+ }
+}
+
+/**
+ * @brief Find out which message was sent by the Client and execute the right task.
+ *
+ * According to the command type sent by the client (\c pcsc_msg_commands),
+ * cast the message data to the correct struct so that is can be demarshalled.
+ * Then call the appropriate function to handle the request.
+ *
+ * Possible structs are: \c establish_struct \c release_struct
+ * \c connect_struct \c reconnect_struct \c disconnect_struct \c begin_struct
+ * \c cancel_struct \c end_struct \c status_struct \c transmit_struct
+ * \c control_struct \c getset_struct.
+ *
+ * @param[in] msgStruct Message to be demarshalled and executed.
+ * @param[in] dwContextIndex
+ */
+LONG MSGFunctionDemarshall(psharedSegmentMsg msgStruct, DWORD dwContextIndex, uint32_t *replySize)
+{
+ LONG rv;
+ establish_struct *esStr;
+ release_struct *reStr;
+ connect_struct *coStr;
+ reconnect_struct *rcStr;
+ disconnect_struct *diStr;
+ begin_struct *beStr;
+ cancel_struct *caStr;
+ end_struct *enStr;
+ status_struct *stStr;
+ transmit_struct *trStr;
+ control_struct *ctStr;
+ getset_struct *gsStr;
+
+ /*
+ * Zero out everything
+ */
+ rv = 0;
+ *replySize = 0;
+
+ /*
+ Note that we need to convert structs back out to network byte order
+ after the various calls are made, as this is how results are passed back
+ to the client
+ */
+ switch (msgStruct->command)
+ {
+
+ case SCARD_ESTABLISH_CONTEXT:
+ esStr = ((establish_struct *) msgStruct->data);
+ ntohlEstablishStruct(esStr);
+ esStr->rv = SCardEstablishContext(esStr->dwScope, 0, 0,
+ (int32_t *)&esStr->phContext);
+
+ if (esStr->rv == SCARD_S_SUCCESS)
+ esStr->rv =
+ MSGAddContext(esStr->phContext, dwContextIndex);
+ htonlEstablishStruct(esStr);
+ *replySize = sizeof(establish_struct);
+ break;
+
+ case SCARD_RELEASE_CONTEXT:
+ reStr = ((release_struct *) msgStruct->data);
+ ntohlReleaseStruct(reStr);
+
+ reStr->rv = SCardReleaseContext(reStr->hContext);
+
+ if (reStr->rv == SCARD_S_SUCCESS)
+ reStr->rv =
+ MSGRemoveContext(reStr->hContext, dwContextIndex);
+
+ htonlReleaseStruct(reStr);
+ *replySize = sizeof(release_struct);
+ break;
+
+ case SCARD_CONNECT:
+ coStr = ((connect_struct *) msgStruct->data);
+ ntohlConnectStruct(coStr);
+ Log3(PCSC_LOG_DEBUG, "SCardConnect hContext: 0x%08X, phCard: 0x%08X", coStr->hContext, coStr->phCard);
+ coStr->rv = SCardConnect(coStr->hContext, coStr->szReader,
+ coStr->dwShareMode, coStr->dwPreferredProtocols,
+ &coStr->phCard, &coStr->pdwActiveProtocol);
+ Log3(PCSC_LOG_DEBUG, "SCardConnect result: %d [0x%08X]", coStr->rv, coStr->rv);
+
+ if (coStr->rv == SCARD_S_SUCCESS)
+ {
+ coStr->rv =
+ MSGAddHandle(coStr->hContext, coStr->phCard, dwContextIndex);
+ Log3(PCSC_LOG_DEBUG, "MSGAddHandle result: %d [0x%08X]", coStr->rv, coStr->rv);
+ }
+ htonlConnectStruct(coStr);
+ *replySize = sizeof(connect_struct);
+ break;
+
+ case SCARD_RECONNECT:
+ rcStr = ((reconnect_struct *) msgStruct->data);
+ ntohlReconnectStruct(rcStr);
+ rv = MSGCheckHandleAssociation(rcStr->hCard, dwContextIndex);
+ if (rv != 0) return rv;
+
+ rcStr->rv = SCardReconnect(rcStr->hCard, rcStr->dwShareMode,
+ rcStr->dwPreferredProtocols,
+ rcStr->dwInitialization, &rcStr->pdwActiveProtocol);
+ htonlReconnectStruct(rcStr);
+ *replySize = sizeof(reconnect_struct);
+ break;
+
+ case SCARD_DISCONNECT:
+ diStr = ((disconnect_struct *) msgStruct->data);
+ ntohlDisconnectStruct(diStr);
+ rv = MSGCheckHandleAssociation(diStr->hCard, dwContextIndex);
+ if (rv != 0) return rv;
+ diStr->rv = SCardDisconnect(diStr->hCard, diStr->dwDisposition);
+
+ if (diStr->rv == SCARD_S_SUCCESS)
+ diStr->rv =
+ MSGRemoveHandle(diStr->hCard, dwContextIndex);
+ htonlDisconnectStruct(diStr);
+ *replySize = sizeof(disconnect_struct);
+ break;
+
+ case SCARD_BEGIN_TRANSACTION:
+ {
+ beStr = ((begin_struct *) msgStruct->data);
+ int ix;
+ unsigned char *px = &msgStruct->data[sizeof(begin_struct)];
+ for (ix = 0; ix < 32; ++ix)
+ *px++ = 0xEE;
+ beStr->rv = -99; // test
+ ntohlBeginStruct(beStr);
+ rv = MSGCheckHandleAssociation(beStr->hCard, dwContextIndex);
+ if (rv != 0) return rv;
+ beStr->rv = SCardBeginTransaction(beStr->hCard);
+ htonlBeginStruct(beStr);
+ }
+ *replySize = sizeof(begin_struct);
+ break;
+
+ case SCARD_END_TRANSACTION:
+ enStr = ((end_struct *) msgStruct->data);
+ ntohlEndStruct(enStr);
+ rv = MSGCheckHandleAssociation(enStr->hCard, dwContextIndex);
+ if (rv != 0) return rv;
+ enStr->rv =
+ SCardEndTransaction(enStr->hCard, enStr->dwDisposition);
+ htonlEndStruct(enStr);
+ *replySize = sizeof(end_struct);
+ break;
+
+ case SCARD_CANCEL_TRANSACTION:
+ caStr = ((cancel_struct *) msgStruct->data);
+ ntohlCancelStruct(caStr);
+ rv = MSGCheckHandleAssociation(caStr->hCard, dwContextIndex);
+ if (rv != 0) return rv;
+ caStr->rv = SCardCancelTransaction(caStr->hCard);
+ htonlCancelStruct(caStr);
+ *replySize = sizeof(cancel_struct);
+ break;
+
+ case SCARD_STATUS:
+ stStr = ((status_struct *) msgStruct->data);
+ ntohlStatusStruct(stStr);
+ rv = MSGCheckHandleAssociation(stStr->hCard, dwContextIndex);
+ if (rv != 0) return rv;
+ stStr->rv = SCardStatus(stStr->hCard, stStr->mszReaderNames,
+ &stStr->pcchReaderLen, &stStr->pdwState,
+ &stStr->pdwProtocol, stStr->pbAtr, &stStr->pcbAtrLen);
+ htonlStatusStruct(stStr);
+ *replySize = sizeof(status_struct);
+ break;
+
+ case SCARD_TRANSMIT:
+ trStr = ((transmit_struct *) msgStruct->data);
+ ntohlTransmitStruct(trStr);
+ Log2(PCSC_LOG_DEBUG, "SCardTransmit cbSendLength: %d", trStr->cbSendLength);
+ rv = MSGCheckHandleAssociation(trStr->hCard, dwContextIndex);
+ if (rv != 0) return rv;
+
+ {
+ SCARD_IO_REQUEST ioSendPci;
+ SCARD_IO_REQUEST ioRecvPci;
+ // ioSendPci is only an input parameter
+ ioSendPci.dwProtocol = trStr->pioSendPciProtocol;
+ ioSendPci.cbPciLength = trStr->pioSendPciLength;
+
+ trStr->rv = SCardTransmit(trStr->hCard, &ioSendPci,
+ trStr->pbSendBuffer, trStr->cbSendLength,
+ &ioRecvPci, trStr->pbRecvBuffer,
+ &trStr->pcbRecvLength);
+
+ // ioRecvPci is only an output parameter
+ trStr->pioRecvPciProtocol = ioRecvPci.dwProtocol;
+ trStr->pioRecvPciLength = ioRecvPci.cbPciLength;
+ }
+ Log2(PCSC_LOG_DEBUG, "SCardTransmit pcbRecvLength: %d", trStr->pcbRecvLength);
+ htonlTransmitStruct(trStr);
+ *replySize = sizeof(transmit_struct);
+ break;
+
+ case SCARD_CONTROL:
+ ctStr = ((control_struct *) msgStruct->data);
+ ntohlControlStruct(ctStr);
+ rv = MSGCheckHandleAssociation(ctStr->hCard, dwContextIndex);
+ if (rv != 0) return rv;
+ ctStr->rv = SCardControl(ctStr->hCard, ctStr->dwControlCode,
+ ctStr->pbSendBuffer, ctStr->cbSendLength,
+ ctStr->pbRecvBuffer, ctStr->cbRecvLength,
+ &ctStr->dwBytesReturned);
+ htonlControlStruct(ctStr);
+ *replySize = sizeof(control_struct);
+ break;
+
+ case SCARD_GET_ATTRIB:
+ gsStr = ((getset_struct *) msgStruct->data);
+ ntohlGetSetStruct(gsStr);
+ rv = MSGCheckHandleAssociation(gsStr->hCard, dwContextIndex);
+ if (rv != 0) return rv;
+ gsStr->rv = SCardGetAttrib(gsStr->hCard, gsStr->dwAttrId,
+ gsStr->pbAttr, &gsStr->cbAttrLen);
+ htonlGetSetStruct(gsStr);
+ *replySize = sizeof(getset_struct);
+ break;
+
+ case SCARD_SET_ATTRIB:
+ gsStr = ((getset_struct *) msgStruct->data);
+ ntohlGetSetStruct(gsStr);
+ rv = MSGCheckHandleAssociation(gsStr->hCard, dwContextIndex);
+ if (rv != 0) return rv;
+ gsStr->rv = SCardSetAttrib(gsStr->hCard, gsStr->dwAttrId,
+ gsStr->pbAttr, gsStr->cbAttrLen);
+ htonlGetSetStruct(gsStr);
+ *replySize = sizeof(getset_struct);
+ break;
+
+ case SCARD_TRANSMIT_EXTENDED:
+ {
+ transmit_struct_extended *treStr;
+ unsigned char pbSendBuffer[MAX_BUFFER_SIZE_EXTENDED];
+ unsigned char pbRecvBuffer[MAX_BUFFER_SIZE_EXTENDED];
+
+ treStr = ((transmit_struct_extended *) msgStruct->data);
+ ntohlTransmitStructExtended(treStr);
+ Log2(PCSC_LOG_DEBUG, "SCardTransmitExt cbSendLength: %d", treStr->cbSendLength);
+ rv = MSGCheckHandleAssociation(treStr->hCard, dwContextIndex);
+ if (rv != 0) return rv;
+
+ /* one more block to read? */
+ if (treStr->size > PCSCLITE_MAX_MESSAGE_SIZE)
+ {
+ /* copy the first APDU part */
+ memcpy(pbSendBuffer, treStr->data,
+ PCSCLITE_MAX_MESSAGE_SIZE-sizeof(*treStr));
+
+ /* receive the second block */
+ rv = SHMMessageReceive(
+ pbSendBuffer+PCSCLITE_MAX_MESSAGE_SIZE-sizeof(*treStr),
+ treStr->size - PCSCLITE_MAX_MESSAGE_SIZE,
+ psContext[dwContextIndex].dwClientID,
+ SHMCommunicationTimeout());
+ if (rv)
+ Log1(PCSC_LOG_CRITICAL, "reception failed");
+ }
+ else
+ memcpy(pbSendBuffer, treStr->data, treStr->cbSendLength);
+
+ {
+ SCARD_IO_REQUEST ioSendPci;
+ SCARD_IO_REQUEST ioRecvPci;
+ // ioSendPci is only an input parameter
+ ioSendPci.dwProtocol = treStr->pioSendPciProtocol;
+ ioSendPci.cbPciLength = treStr->pioSendPciLength;
+
+ treStr->rv = SCardTransmit(treStr->hCard, &ioSendPci,
+ pbSendBuffer, treStr->cbSendLength,
+ &ioRecvPci, pbRecvBuffer,
+ &treStr->pcbRecvLength);
+
+ // ioRecvPci is only an output parameter
+ treStr->pioRecvPciProtocol = ioRecvPci.dwProtocol;
+ treStr->pioRecvPciLength = ioRecvPci.cbPciLength;
+ }
+
+ treStr->size = sizeof(*treStr) + treStr->pcbRecvLength;
+ Log3(PCSC_LOG_DEBUG, "SCardTransmitExt pcbRecvLength: %d, size: %d",
+ treStr->pcbRecvLength, treStr->size);
+ Log3(PCSC_LOG_DEBUG, "SCardTransmitExt SCardTransmit result: %d [0x%08X]",
+ treStr->rv, treStr->rv);
+ if (treStr->size > PCSCLITE_MAX_MESSAGE_SIZE)
+ {
+ /* two blocks */
+ memcpy(treStr->data, pbRecvBuffer, PCSCLITE_MAX_MESSAGE_SIZE
+ - sizeof(*treStr));
+
+ // sharedSegmentMsg tmpMsgStruct = *msgStruct;
+ // we don't copy because of the size, and because it is not used after here
+ // SHSharedSegmentMsgToNetworkOrder(&tmpMsgStruct);
+ SHSharedSegmentMsgToNetworkOrder(msgStruct);
+ htonlTransmitStructExtended(treStr);
+ rv = SHMMessageSend(msgStruct, sizeof(*msgStruct),
+ psContext[dwContextIndex].dwClientID,
+ SHMCommunicationTimeout());
+ if (rv)
+ Log1(PCSC_LOG_CRITICAL, "transmission failed");
+
+ rv = SHMMessageSend(pbRecvBuffer + PCSCLITE_MAX_MESSAGE_SIZE
+ - sizeof(*treStr),
+ treStr->size - PCSCLITE_MAX_MESSAGE_SIZE,
+ psContext[dwContextIndex].dwClientID,
+ SHMCommunicationTimeout());
+ if (rv)
+ Log1(PCSC_LOG_CRITICAL, "transmission failed");
+ }
+ else
+ {
+ /* one block only */
+ size_t dataSize = treStr->pcbRecvLength;
+ memcpy(treStr->data, pbRecvBuffer, dataSize);
+
+ // the 4 is to drop the "BYTE data[1]", which rounds to 4 bytes
+ size_t replySize = dataSize + sizeof(transmit_struct_extended) - 4;
+ Log3(PCSC_LOG_DEBUG, "SCardTransmitExt/SHMMessageSend one block: data: %d, total: %d",
+ dataSize, replySize);
+ htonlTransmitStructExtended(treStr);
+ rv = WrapSHMWrite(SCARD_TRANSMIT_EXTENDED, psContext[dwContextIndex].dwClientID,
+ replySize, SHMCommunicationTimeout(), treStr);
+
+#if 0
+ // the 4 is to drop the "BYTE data[1]", which rounds to 4 bytes
+ size_t replySize = sizeof(sharedSegmentMsg) - sizeof(msgStruct->data) + // header portion of msgStruct
+ dataSize + sizeof(transmit_struct_extended) - 4;
+
+ Log3(PCSC_LOG_DEBUG, "SCardTransmitExt/SHMMessageSend one block: data: %d, total: %d",
+ dataSize, replySize);
+ // we don't copy because of the potential size
+ SHSharedSegmentMsgToNetworkOrder(msgStruct);
+ htonlTransmitStructExtended(treStr);
+ rv = SHMMessageSend(msgStruct, replySize,
+ psContext[dwContextIndex].dwClientID,
+ SHMCommunicationTimeout());
+#endif
+ if (rv)
+ Log1(PCSC_LOG_CRITICAL, "transmission failed");
+ // We flip back the header, since the SHMProcessEventsContext loop
+ // tests msgStruct.command after MSGFunctionDemarshall is called
+#if 0
+ SHSharedSegmentMsgToHostOrder(msgStruct);
+#endif
+ }
+ }
+ break;
+
+ case SCARD_CONTROL_EXTENDED:
+ {
+ control_struct_extended *cteStr;
+ unsigned char pbSendBuffer[MAX_BUFFER_SIZE_EXTENDED];
+ unsigned char pbRecvBuffer[MAX_BUFFER_SIZE_EXTENDED];
+
+ cteStr = ((control_struct_extended *) msgStruct->data);
+ ntohlControlStructExtended(cteStr);
+ Log2(PCSC_LOG_DEBUG, "SCardControlExt cbSendLength: %d", cteStr->cbSendLength);
+ rv = MSGCheckHandleAssociation(cteStr->hCard, dwContextIndex);
+ if (rv != 0) return rv;
+
+ /* one more block to read? */
+ if (cteStr->size > PCSCLITE_MAX_MESSAGE_SIZE)
+ {
+ /* copy the first data part */
+ memcpy(pbSendBuffer, cteStr->data,
+ PCSCLITE_MAX_MESSAGE_SIZE-sizeof(*cteStr));
+
+ /* receive the second block */
+ rv = SHMMessageReceive(
+ pbSendBuffer+PCSCLITE_MAX_MESSAGE_SIZE-sizeof(*cteStr),
+ cteStr->size - PCSCLITE_MAX_MESSAGE_SIZE,
+ psContext[dwContextIndex].dwClientID,
+ SHMCommunicationTimeout());
+ if (rv)
+ Log1(PCSC_LOG_CRITICAL, "reception failed");
+ }
+ else
+ memcpy(pbSendBuffer, cteStr->data, cteStr->cbSendLength);
+
+ cteStr->rv = SCardControl(cteStr->hCard, cteStr->dwControlCode,
+ pbSendBuffer, cteStr->cbSendLength,
+ pbRecvBuffer, cteStr->cbRecvLength,
+ &cteStr->pdwBytesReturned);
+
+ cteStr->size = sizeof(*cteStr) + cteStr->pdwBytesReturned;
+ Log3(PCSC_LOG_DEBUG, "SCardControlExt pdwBytesReturned: %d, size: %d",
+ cteStr->pdwBytesReturned, cteStr->size);
+ if (cteStr->size > PCSCLITE_MAX_MESSAGE_SIZE)
+ {
+ /* two blocks */
+ memcpy(cteStr->data, pbRecvBuffer, PCSCLITE_MAX_MESSAGE_SIZE
+ - sizeof(*cteStr));
+
+ sharedSegmentMsg tmpMsgStruct = *msgStruct;
+ SHSharedSegmentMsgToNetworkOrder(&tmpMsgStruct);
+ htonlControlStructExtended(cteStr);
+ rv = SHMMessageSend(&tmpMsgStruct, sizeof(tmpMsgStruct),
+ psContext[dwContextIndex].dwClientID,
+ SHMCommunicationTimeout());
+ if (rv)
+ Log1(PCSC_LOG_CRITICAL, "transmission failed");
+
+ rv = SHMMessageSend(pbRecvBuffer + PCSCLITE_MAX_MESSAGE_SIZE
+ - sizeof(*cteStr),
+ cteStr->size - PCSCLITE_MAX_MESSAGE_SIZE,
+ psContext[dwContextIndex].dwClientID,
+ SHMCommunicationTimeout());
+ if (rv)
+ Log1(PCSC_LOG_CRITICAL, "transmission failed");
+ }
+ else
+ {
+ /* one block only */
+ size_t dataSize = cteStr->pdwBytesReturned;
+ memcpy(cteStr->data, pbRecvBuffer, dataSize);
+ dataSize = dataSize + sizeof(*cteStr) - sizeof(cteStr->data);
+
+ sharedSegmentMsg tmpMsgStruct = *msgStruct;
+ dataSize = SHMCalculateMessageSize(dataSize);
+ tmpMsgStruct.msgSize = dataSize;
+ SHSharedSegmentMsgToNetworkOrder(&tmpMsgStruct);
+ cteStr = ((control_struct_extended *) tmpMsgStruct.data);
+ htonlControlStructExtended(cteStr);
+ rv = SHMMessageSend(&tmpMsgStruct, dataSize,
+ psContext[dwContextIndex].dwClientID,
+ SHMCommunicationTimeout());
+ if (rv)
+ Log1(PCSC_LOG_CRITICAL, "transmission failed");
+ }
+ }
+ break;
+
+ default:
+ Log2(PCSC_LOG_CRITICAL, "Unknown command: %d", msgStruct->command);
+ return -1;
+ }
+
+ return 0;
+}
+
+LONG MSGAddContext(SCARDCONTEXT hContext, DWORD dwContextIndex)
+{
+ psContext[dwContextIndex].hContext = hContext;
+ return SCARD_S_SUCCESS;
+}
+
+LONG MSGRemoveContext(SCARDCONTEXT hContext, DWORD dwContextIndex)
+{
+ int i;
+ LONG rv;
+
+ if (psContext[dwContextIndex].hContext == hContext)
+ {
+ for (i = 0; i < PCSCLITE_MAX_APPLICATION_CONTEXT_CHANNELS; i++)
+ {
+ /*
+ * Disconnect each of these just in case
+ */
+
+ if (psContext[dwContextIndex].hCard[i] != 0)
+ {
+ PREADER_CONTEXT rContext = NULL;
+ DWORD dwLockId;
+
+ /*
+ * Unlock the sharing
+ */
+ rv = RFReaderInfoById(psContext[dwContextIndex].hCard[i],
+ &rContext);
+ if (rv != SCARD_S_SUCCESS)
+ return rv;
+
+ dwLockId = rContext->dwLockId;
+ rContext->dwLockId = 0;
+
+ if (psContext[dwContextIndex].hCard[i] != dwLockId)
+ {
+ /*
+ * if the card is locked by someone else we do not reset it
+ * and simulate a card removal
+ */
+ rv = SCARD_W_REMOVED_CARD;
+ }
+ else
+ {
+ /*
+ * We will use SCardStatus to see if the card has been
+ * reset there is no need to reset each time
+ * Disconnect is called
+ */
+ rv = SCardStatus(psContext[dwContextIndex].hCard[i], NULL,
+ NULL, NULL, NULL, NULL, NULL);
+ }
+
+ if (rv == SCARD_W_RESET_CARD || rv == SCARD_W_REMOVED_CARD)
+ SCardDisconnect(psContext[dwContextIndex].hCard[i],
+ SCARD_LEAVE_CARD);
+ else
+ SCardDisconnect(psContext[dwContextIndex].hCard[i],
+ SCARD_RESET_CARD);
+
+ psContext[dwContextIndex].hCard[i] = 0;
+ }
+ }
+
+ psContext[dwContextIndex].hContext = 0;
+ return SCARD_S_SUCCESS;
+ }
+
+ return SCARD_E_INVALID_VALUE;
+}
+
+LONG MSGAddHandle(SCARDCONTEXT hContext, SCARDHANDLE hCard, DWORD dwContextIndex)
+{
+ int i;
+
+ if (psContext[dwContextIndex].hContext == hContext)
+ {
+
+ /*
+ * Find an empty spot to put the hCard value
+ */
+ for (i = 0; i < PCSCLITE_MAX_APPLICATION_CONTEXT_CHANNELS; i++)
+ {
+ if (psContext[dwContextIndex].hCard[i] == 0)
+ {
+ psContext[dwContextIndex].hCard[i] = hCard;
+ break;
+ }
+ }
+
+ if (i == PCSCLITE_MAX_APPLICATION_CONTEXT_CHANNELS)
+ {
+ return SCARD_F_INTERNAL_ERROR;
+ } else
+ {
+ return SCARD_S_SUCCESS;
+ }
+
+ }
+
+ return SCARD_E_INVALID_VALUE;
+}
+
+LONG MSGRemoveHandle(SCARDHANDLE hCard, DWORD dwContextIndex)
+{
+ int i;
+
+ for (i = 0; i < PCSCLITE_MAX_APPLICATION_CONTEXT_CHANNELS; i++)
+ {
+ if (psContext[dwContextIndex].hCard[i] == hCard)
+ {
+ psContext[dwContextIndex].hCard[i] = 0;
+ return SCARD_S_SUCCESS;
+ }
+ }
+
+ return SCARD_E_INVALID_VALUE;
+}
+
+
+LONG MSGCheckHandleAssociation(SCARDHANDLE hCard, DWORD dwContextIndex)
+{
+ int i;
+
+ for (i = 0; i < PCSCLITE_MAX_APPLICATION_CONTEXT_CHANNELS; i++)
+ {
+ if (psContext[dwContextIndex].hCard[i] == hCard)
+ {
+ return 0;
+ }
+ }
+
+ /* Must be a rogue client, debug log and sleep a couple of seconds */
+ Log2(PCSC_LOG_ERROR, "Client failed to authenticate (hCard: 0x%08X)", hCard);
+ SYS_Sleep(2);
+
+ return SCARD_E_INVALID_HANDLE;
+}
+
+LONG MSGCleanupClient(DWORD dwContextIndex)
+{
+ if (psContext[dwContextIndex].hContext != 0)
+ {
+ SCardReleaseContext(psContext[dwContextIndex].hContext);
+ MSGRemoveContext(psContext[dwContextIndex].hContext, dwContextIndex);
+ }
+
+ psContext[dwContextIndex].dwClientID = 0;
+ psContext[dwContextIndex].protocol_major = 0;
+ psContext[dwContextIndex].protocol_minor = 0;
+
+ return 0;
+}
+
+
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/winscard_svc.h
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/winscard_svc.h (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/winscard_svc.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,58 @@
+/*
+ * Copyright (c) 2000-2007 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * winscard_svc.h
+ * SmartCardServices
+ */
+
+/*
+ * MUSCLE SmartCard Development ( http://www.linuxnet.com )
+ *
+ * Copyright (C) 2001-2004
+ * David Corcoran <corcoran at linuxnet.com>
+ * Damien Sauveron <damien.sauveron at labri.fr>
+ *
+ * $Id: winscard_svc.h 1421 2005-04-12 12:09:21Z rousseau $
+ */
+
+/**
+ * @file
+ * @brief This demarshalls functions over the message queue and
+ * keeps track of clients and their handles.
+ */
+
+#ifndef __winscard_svc_h__
+#define __winscard_svc_h__
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+ LONG ContextsInitialize(void);
+ LONG CreateContextThread(PDWORD);
+#ifdef __cplusplus
+}
+#endif
+
+#endif
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/wintypes.h
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/wintypes.h (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/wintypes.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,104 @@
+/*
+ * Copyright (c) 2000 Apple Computer, Inc. All rights reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * The contents of this file constitute Original Code as defined in and
+ * are subject to the Apple Public Source License Version 1.1 (the
+ * "License"). You may not use this file except in compliance with the
+ * License. Please obtain a copy of the License at
+ * http://www.apple.com/publicsource and read it before using this file.
+ *
+ * This Original Code and all software distributed under the License are
+ * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the
+ * License for the specific language governing rights and limitations
+ * under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * MUSCLE SmartCard Development ( http://www.linuxnet.com )
+ *
+ * Copyright (C) 1999
+ * David Corcoran <corcoran at linuxnet.com>
+ *
+ * $Id: wintypes.h 2071 2006-06-06 09:20:19Z rousseau $
+ */
+
+/**
+ * @file
+ * @brief This keeps a list of Windows(R) types.
+ */
+
+#ifndef __wintypes_h__
+#define __wintypes_h__
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+
+#if !defined(WIN32)
+
+#include <stdint.h>
+
+#ifndef BYTE
+ typedef uint8_t BYTE;
+#endif
+ typedef uint8_t UCHAR;
+ typedef uint8_t *PUCHAR;
+ typedef uint16_t USHORT;
+
+#ifndef __COREFOUNDATION_CFPLUGINCOM__
+ typedef uint32_t ULONG;
+ typedef void *LPVOID;
+ typedef int16_t BOOL;
+#endif
+
+ typedef uint32_t *PULONG;
+ typedef const void *LPCVOID;
+ typedef uint32_t DWORD;
+ typedef uint32_t *PDWORD;
+ typedef uint16_t WORD;
+ typedef int32_t LONG;
+ typedef int32_t RESPONSECODE;
+ typedef const char *LPCSTR;
+ typedef const BYTE *LPCBYTE;
+ typedef BYTE *LPBYTE;
+ typedef DWORD *LPDWORD;
+ typedef char *LPSTR;
+
+ /* these types are deprecated but still used by old drivers and applications
+ * You should use LPSTR instead */
+ typedef char *LPTSTR
+#ifdef __GNUC__
+ /* __attribute__ is a GCC only extension */
+ __attribute__ ((deprecated))
+#endif
+ ;
+ typedef const char *LPCTSTR
+#ifdef __GNUC__
+ /* __attribute__ is a GCC only extension */
+ __attribute__ ((deprecated))
+#endif
+ ;
+ typedef char *LPCWSTR
+#ifdef __GNUC__
+ /* __attribute__ is a GCC only extension */
+ __attribute__ ((deprecated))
+#endif
+ ;
+
+#else
+#include <windows.h>
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/xiodevices.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/xiodevices.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/xiodevices.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,141 @@
+/*
+ * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+//
+// xiodevices - additional code for finding and tracking devices via IOKit
+// >>> move this iodevices.cpp when final
+//
+#include "xiodevices.h"
+#include <security_utilities/cfutilities.h>
+#include <security_utilities/mach++.h>
+#include <IOKit/IOMessage.h>
+#include <IOKit/usb/IOUSBLib.h>
+
+using namespace MachPlusPlus;
+
+namespace Security {
+namespace IOKit {
+
+void XNotificationPort::add(DeviceMatch match, XReceiver &receiver, const char *type)
+{
+ // The kIOProviderClassKey key is required in a matching dictionary. We extract it
+ // here only for debugging purposes
+
+ CFTypeRef valueRef = NULL;
+ const char *pclass = "";
+ CFRef<CFMutableDictionaryRef> theDict = match.dict();
+ if (theDict && CFDictionaryGetValueIfPresent(theDict, CFSTR(kIOProviderClassKey), &valueRef) &&
+ CFGetTypeID(valueRef) == CFStringGetTypeID())
+ pclass = cfString(static_cast<CFStringRef>(valueRef)).c_str();
+
+ // type is usually IOServiceMatched
+ mach_port_t pp = NotificationPort::port();
+ secdebug("iokit", "XNotificationPort::add - type: %s [port: %p (0x%08X), class: %s]",
+ type, mPortRef, pp, pclass);
+
+// CFShow(match.dict());
+ // p (void)CFShow(match.dict())
+ io_iterator_t iterator;
+ Error::check(::IOServiceAddMatchingNotification(mPortRef, type,
+ match, ioNotify, &receiver, &iterator));
+ CFRetain(match); // compensate for IOSAMN not retaining its argument
+
+ // run initial iterator to process existing devices
+ secdebug("iokit", "dispatching INITIAL device match iterator %p", reinterpret_cast<void *>(iterator));
+ DeviceIterator it(iterator);
+ receiver.ioChange(it);
+}
+
+void XNotificationPort::addInterestNotification(XReceiver &receiver, io_service_t service,
+ const io_name_t interestType)
+{
+ io_iterator_t iterator;
+ mach_port_t pp = NotificationPort::port();
+// MachPlusPlus::Port(pp).dump(0);
+ secdebug("iokit", "XNotificationPort::addInterest - type: %s [port: %p (0x%08X), service: 0x%08X]",
+ interestType, mPortRef, pp, service); // IOServiceMatched
+#if 1
+ CFRunLoopSourceRef notificationRunLoopSource = IONotificationPortGetRunLoopSource(mPortRef);
+ CFRunLoopSourceRef classRunLoopSource = NotificationPort::source();
+// IONotificationPortRef r_notify_port = IONotificationPortCreate(0);
+ kern_return_t kr = ::IOServiceAddInterestNotification(mPortRef, //,r_notify_port
+ service, interestType, ioDeviceNotification, &receiver, &iterator);
+ const char *msgstr = mach_error_string(kr);
+ const char *msgtyp = mach_error_type(kr);
+ if (msgstr && msgtyp)
+ secdebug("iokit", " msg: %s, typ: %s", msgstr, msgtyp);
+// Error::check(kr);
+// if(r_notify_port) IOObjectRelease((io_object_t)r_notify_port);
+#else
+ Error::check(::IOServiceAddInterestNotification(mPortRef,
+ service, interestType, ioDeviceNotification, &receiver, &iterator));
+#endif
+}
+
+// callbacks
+
+void XNotificationPort::ioNotify(void *refCon, io_iterator_t iterator)
+{
+ secdebug("iokit", "dispatching NEW device match iterator %p", reinterpret_cast<void *>(iterator));
+ DeviceIterator it(iterator);
+ reinterpret_cast<XReceiver *>(refCon)->ioChange(it);
+}
+
+void XNotificationPort::ioDeviceNotification(void *refCon, io_service_t service,
+ natural_t messageType, void *messageArgument)
+{
+ secdebug("iokit", "dispatching NEW device notification iterator, service 0x%08X, msg: 0x%04X, arg: %p",
+ service, messageType, messageArgument);
+
+ const char *msgstr = mach_error_string(messageType);
+ const char *msgtyp = mach_error_type(messageType);
+ if (msgstr && msgtyp)
+ secdebug("iokit", " msg: %s, typ: %s", msgstr, msgtyp);
+
+#if 0
+ secdebug("iokit", "kIOMessageServiceIsTerminated: 0x%04X", kIOMessageServiceIsTerminated);
+ secdebug("iokit", "kIOMessageServiceIsSuspended: 0x%04X", kIOMessageServiceIsSuspended);
+ secdebug("iokit", "kIOMessageServiceIsResumed: 0x%04X", kIOMessageServiceIsResumed);
+ secdebug("iokit", "kIOMessageServiceIsRequestingClose: 0x%04X", kIOMessageServiceIsRequestingClose);
+ secdebug("iokit", "kIOMessageServiceIsAttemptingOpen: 0x%04X", kIOMessageServiceIsAttemptingOpen);
+ secdebug("iokit", "kIOMessageServiceWasClosed: 0x%04X", kIOMessageServiceWasClosed);
+ secdebug("iokit", "kIOMessageServiceBusyStateChange: 0x%04X", kIOMessageServiceBusyStateChange);
+ secdebug("iokit", "kIOMessageServicePropertyChange: 0x%04X", kIOMessageServicePropertyChange);
+ secdebug("iokit", "kIOMessageCanDevicePowerOff: 0x%04X", kIOMessageCanDevicePowerOff);
+ secdebug("iokit", "kIOMessageDeviceWillPowerOff: 0x%04X", kIOMessageDeviceWillPowerOff);
+ secdebug("iokit", "kIOMessageDeviceWillNotPowerOff: 0x%04X", kIOMessageDeviceWillNotPowerOff);
+ secdebug("iokit", "kIOMessageDeviceHasPoweredOn: 0x%04X", kIOMessageDeviceHasPoweredOn);
+ secdebug("iokit", "kIOMessageCanSystemPowerOff: 0x%04X", kIOMessageCanSystemPowerOff);
+ secdebug("iokit", "iokit_vendor_specific_msg(0x000A): 0x%04X", iokit_vendor_specific_msg(0x000A));
+#endif
+
+// assert(service!=io_service_t(-1));
+ if (service!=io_service_t(-1))
+ reinterpret_cast<XReceiver *>(refCon)->ioServiceChange(refCon, service, messageType, messageArgument);
+}
+
+
+} // end namespace IOKit
+} // end namespace Security
+
+
Added: releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/xiodevices.h
===================================================================
--- releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/xiodevices.h (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartCardServices-36160/src/PCSC/xiodevices.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,70 @@
+/*
+ * Copyright (c) 2006 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+//
+// xiodevices - code for finding and tracking devices via IOKit
+//
+#ifndef _H_XIODEVICES
+#define _H_XIODEVICES
+
+#include <security_utilities/iodevices.h>
+
+#if defined(__cplusplus)
+
+namespace Security {
+namespace IOKit {
+
+//
+// An IOKit notification port object
+//
+class XNotificationPort : public MachPortNotificationPort
+{
+public:
+ XNotificationPort() : MachPortNotificationPort() {}
+ ~XNotificationPort() {}
+
+ class XReceiver : public Receiver
+ {
+ public:
+ virtual void ioChange(DeviceIterator &iterator) = 0;
+ virtual void ioServiceChange(void *refCon, io_service_t service, //IOServiceInterestCallback
+ natural_t messageType, void *messageArgument) = 0;
+ };
+
+ void add(DeviceMatch match, XReceiver &receiver, const char *type = kIOFirstMatchNotification);
+ void addInterestNotification(XReceiver &receiver, io_service_t service,
+ const io_name_t interestType = kIOGeneralInterest);
+
+private:
+
+ static void ioDeviceNotification(void *refCon, io_service_t service,
+ natural_t messageType, void *messageArgument);
+ static void ioNotify(void *refCon, io_iterator_t iterator);
+};
+
+} // end namespace MachPlusPlus
+} // end namespace Security
+
+#endif /* __cplusplus__ */
+
+#endif //_H_XIODEVICES
Added: releases/Apple/OSX-10.6.7/SmartcardCCID-35253/Makefile
===================================================================
--- releases/Apple/OSX-10.6.7/SmartcardCCID-35253/Makefile (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartcardCCID-35253/Makefile 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,34 @@
+# Makefile for doing a test build and then installing source for SecurityExamples
+# Created on 07/19/05 By John Hurley <jhurley at apple.com>
+# Based on Makefile for CoreDataExamples
+
+Project = ccid
+
+#
+# Top-level Makefile for SmartcardCCID Allows build or clean
+# of all directories in one swoop.
+#
+
+.PHONY: installsrc clean installhdrs install
+
+SUBPROJECTS = libusb ccid
+
+installsrc::
+ @cp -R Makefile $(SUBPROJECTS) $(SRCROOT)
+
+install::
+ @echo "the proj is: " $(Project)
+ @for proj in $(SUBPROJECTS); do \
+ mkdir -p $(SYMROOT)/$${proj}; \
+ done
+ (cd $(SRCROOT)/$(Project)/ccid && ./MacOSX/configure --no-configure --disable-opensc )
+
+installsrc clean installhdrs install::
+ @for proj in $(SUBPROJECTS); do \
+ (cd $${proj} && make $@ \
+ SRCROOT=$(SRCROOT)/$${proj} \
+ OBJROOT=$(OBJROOT)/$${proj} \
+ SYMROOT=$(SYMROOT)/$${proj} \
+ DSTROOT=$(DSTROOT) \
+ ) || exit 1; \
+ done
Added: releases/Apple/OSX-10.6.7/SmartcardCCID-35253/ccid/Makefile
===================================================================
--- releases/Apple/OSX-10.6.7/SmartcardCCID-35253/ccid/Makefile (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartcardCCID-35253/ccid/Makefile 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,49 @@
+Project = ccid
+UserType = Administrator
+ToolType = Commands
+GnuAfterInstall = install-plist post-install
+Extra_Configure_Flags = --enable-usbdropdir=/usr/libexec/SmartCardServices/drivers \
+ PCSC_CFLAGS="-I$(SRCROOT)/ccid/MacOSX -DRESPONSECODE_DEFINED_IN_WINTYPES_H" \
+ PCSC_LIBS="-framework PCSC" \
+ LIBUSB_CFLAGS="-I$(DSTROOT)/usr/include" \
+ LIBUSB_LIBS="-L$(DSTROOT)/usr/lib -lusb -framework IOKit -framework CoreFoundation"
+
+Extra_Environment =
+
+include $(MAKEFILEPATH)/CoreOS/ReleaseControl/GNUSource.make
+
+# install-strip will install stripped versions of binaries
+Install_Target = install-strip
+
+# Strip debug symbols from any dylibs that slipped through install-strip (libccid.dylib.1.3.8)
+post-install:
+ find $(DSTROOT)/ -name '*.dylib*' -exec strip -S \{\} \;
+ find $(DSTROOT)/ -name 'libusb*' -exec rm \{\} \;
+ find $(DSTROOT)/ -name 'usb*.h' -exec rm \{\} \;
+
+# Automatic Extract & Patch
+AEP_Project = ccid
+AEP_Version = 1.3.8
+AEP_ProjVers = $(AEP_Project)-$(AEP_Version)
+AEP_Filename = $(AEP_ProjVers).tar.bz2
+AEP_ExtractDir = $(AEP_ProjVers)
+AEP_Patches = osxConfigure.patch ccid-info-plist.patch ForceWithoutPcsc.patch destDirFix.patch
+
+# Extract the source.
+install_source::
+ $(TAR) -C $(SRCROOT) -jxf $(SRCROOT)/$(AEP_Filename)
+ $(RMDIR) $(SRCROOT)/$(Project)
+ $(MV) $(SRCROOT)/$(AEP_ExtractDir) $(SRCROOT)/$(Project)
+ for patchfile in $(AEP_Patches); do \
+ (cd $(SRCROOT)/$(Project) && patch -p0 < $(SRCROOT)/files/$$patchfile) || exit 1; \
+ done
+ (cd $(SRCROOT)/$(Project) && MacOSX/configure --no-configure --disable-opensc)
+
+OSV = $(DSTROOT)/usr/local/OpenSourceVersions
+OSL = $(DSTROOT)/usr/local/OpenSourceLicenses
+
+install-plist:
+ $(MKDIR) $(OSV)
+ $(INSTALL_FILE) $(SRCROOT)/$(Project).plist $(OSV)/$(Project).plist
+ $(MKDIR) $(OSL)
+ $(INSTALL_FILE) $(Sources)/COPYING $(OSL)/$(Project).txt
Added: releases/Apple/OSX-10.6.7/SmartcardCCID-35253/ccid/ccid-1.3.8.tar.bz2
===================================================================
(Binary files differ)
Property changes on: releases/Apple/OSX-10.6.7/SmartcardCCID-35253/ccid/ccid-1.3.8.tar.bz2
___________________________________________________________________
Added: svn:mime-type
+ application/octet-stream
Added: releases/Apple/OSX-10.6.7/SmartcardCCID-35253/ccid/ccid.plist
===================================================================
--- releases/Apple/OSX-10.6.7/SmartcardCCID-35253/ccid/ccid.plist (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartcardCCID-35253/ccid/ccid.plist 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,20 @@
+<plist version="1.0">
+<array>
+<dict>
+ <key>OpenSourceProject</key>
+ <string>ccid</string>
+ <key>OpenSourceVersion</key>
+ <string>1.3.8</string>
+ <key>OpenSourceWebsiteURL</key>
+ <string>https://alioth.debian.org/frs/?group_id=30105&release_id=1192</string>
+ <key>OpenSourceURL</key>
+ <string>https://alioth.debian.org/frs/download.php/2482/ccid-1.3.8.tar.bz2</string>
+ <key>OpenSourceImportDate</key>
+ <string>2008-07-22</string>
+ <key>OpenSourceLicense</key>
+ <string>unknown</string>
+ <key>OpenSourceLicenseFile</key>
+ <string>ccid.txt</string>
+</dict>
+</array>
+</plist>
Added: releases/Apple/OSX-10.6.7/SmartcardCCID-35253/ccid/files/ForceWithoutPcsc.patch
===================================================================
--- releases/Apple/OSX-10.6.7/SmartcardCCID-35253/ccid/files/ForceWithoutPcsc.patch (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartcardCCID-35253/ccid/files/ForceWithoutPcsc.patch 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,45 @@
+diff --git src/Makefile.am src/Makefile.am
+index a123374..11097de 100644
+--- src/Makefile.am
++++ src/Makefile.am
+@@ -48,9 +48,7 @@ TOKEN_PARSER = tokenparser.l parser.h \
+
+ MAINTAINERCLEANFILES = tokenparser.c
+
+-if WITHOUT_PCSC
+ PROVIDED_BY_PCSC = debug.c
+-endif
+
+ libccid_la_SOURCES = $(COMMON) $(USB) $(TOKEN_PARSER) $(PROVIDED_BY_PCSC) $(T1)
+ libccid_la_LIBADD = $(LEXLIB) $(COREFOUNDATION) $(IOKIT) \
+diff --git src/Makefile.in src/Makefile.in
+index da1333e..0595463 100644
+--- src/Makefile.in
++++ src/Makefile.in
+@@ -75,7 +75,7 @@ am__objects_1 = libccid_la-ccid.lo libccid_la-commands.lo \
+ libccid_la-ifdhandler.lo libccid_la-utils.lo
+ am__objects_2 = libccid_la-ccid_usb.lo
+ am__objects_3 = libccid_la-tokenparser.lo libccid_la-strlcpy.lo
+- at WITHOUT_PCSC_TRUE@am__objects_4 = libccid_la-debug.lo
++am__objects_4 = libccid_la-debug.lo
+ am__objects_5 = libccid_la-atr.lo libccid_la-pps.lo \
+ libccid_la-buffer.lo libccid_la-checksum.lo \
+ libccid_la-proto-t1.lo
+@@ -100,7 +100,7 @@ am__objects_6 = libccidtwin_la-ccid.lo libccidtwin_la-commands.lo \
+ am__objects_7 = libccidtwin_la-ccid_serial.lo
+ am__objects_8 = libccidtwin_la-tokenparser.lo \
+ libccidtwin_la-strlcpy.lo
+- at WITHOUT_PCSC_TRUE@am__objects_9 = libccidtwin_la-debug.lo
++am__objects_9 = libccidtwin_la-debug.lo
+ am__objects_10 = libccidtwin_la-atr.lo libccidtwin_la-pps.lo \
+ libccidtwin_la-buffer.lo libccidtwin_la-checksum.lo \
+ libccidtwin_la-proto-t1.lo
+@@ -311,7 +311,7 @@ TOKEN_PARSER = tokenparser.l parser.h \
+ strlcpycat.h
+
+ MAINTAINERCLEANFILES = tokenparser.c
+- at WITHOUT_PCSC_TRUE@PROVIDED_BY_PCSC = debug.c
++PROVIDED_BY_PCSC = debug.c
+ libccid_la_SOURCES = $(COMMON) $(USB) $(TOKEN_PARSER) $(PROVIDED_BY_PCSC) $(T1)
+ libccid_la_LIBADD = $(LEXLIB) $(COREFOUNDATION) $(IOKIT) \
+ $(LIBUSB_LIBS) $(PTHREAD_LIBS)
Added: releases/Apple/OSX-10.6.7/SmartcardCCID-35253/ccid/files/ccid-info-plist.patch
===================================================================
--- releases/Apple/OSX-10.6.7/SmartcardCCID-35253/ccid/files/ccid-info-plist.patch (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartcardCCID-35253/ccid/files/ccid-info-plist.patch 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,34 @@
+--- src/Info.plist.src 2008-06-26 20:07:05.000000000 -0700
++++ src/Info.plist.src 2008-07-29 16:09:52.000000000 -0700
+@@ -1,13 +1,21 @@
+ <?xml version="1.0" encoding="UTF-8"?>
+-<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
++<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+ <plist version="1.0">
+ <dict>
+ <key>CFBundleDevelopmentRegion</key>
+ <string>English</string>
++ <key>CFBundleExecutable</key>
++ <string>ifd-ccid.bundle</string>
++ <key>CFBundleIdentifier</key>
++ <string>com.apple.smartcardccid</string>
+ <key>CFBundleInfoDictionaryVersion</key>
+ <string>6.0</string>
++ <key>CFBundleName</key>
++ <string>CCIDCLASSDRIVER</string>
+ <key>CFBundlePackageType</key>
+ <string>BNDL</string>
++ <key>CFBundleShortVersionString</key>
++ <string>1.3.8</string>
+ <key>CFBundleSignature</key>
+ <string>????</string>
+ <key>CFBundleVersion</key>
+@@ -28,7 +28,7 @@
+ <string>0x00000001</string>
+
+ <key>ifdLogLevel</key>
+- <string>0x0003</string>
++ <string>0x0001</string>
+
+ <!-- Possible values for ifdLogLevel
+ 1: CRITICAL important error messages
Added: releases/Apple/OSX-10.6.7/SmartcardCCID-35253/ccid/files/destDirFix.patch
===================================================================
--- releases/Apple/OSX-10.6.7/SmartcardCCID-35253/ccid/files/destDirFix.patch (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartcardCCID-35253/ccid/files/destDirFix.patch 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,27 @@
+Only in .: destDirFix.patch
+diff -ubr ../ccid-1.3.8/src/Makefile.in ./src/Makefile.in
+--- ../ccid-1.3.8/src/Makefile.in 2008-06-27 02:47:24.000000000 -0700
++++ ./src/Makefile.in 2008-09-05 08:26:19.000000000 -0700
+@@ -16,6 +16,7 @@
+
+ # $Id: Makefile.am 3024 2008-06-26 13:20:43Z rousseau $
+
++DRIVER_DEST="$(DSTROOT)"
+
+ VPATH = @srcdir@
+ pkgdatadir = $(datadir)/@PACKAGE@
+@@ -898,10 +899,10 @@
+ $(srcdir)/create_Info_plist.pl $(srcdir)/../readers/supported_readers.txt $(srcdir)/Info.plist.src $(ifdCapabilities) | sed s/TARGET/$(CCID_LIB)/ > Info.plist
+
+ install_ccid: libccid.la Info.plist
+- $(mkinstalldirs) $(DESTDIR)$(usbdropdir)/$(CCID_BUNDLE)/Contents/$(BUNDLE_HOST)/
+- cp Info.plist $(DESTDIR)$(usbdropdir)/$(CCID_BUNDLE)/Contents/
+- cp .libs/$(CCID_LIB) $(DESTDIR)$(usbdropdir)/$(CCID_BUNDLE)/Contents/$(BUNDLE_HOST)/$(CCID_LIB).$(VERSION)
+- ln -fs $(CCID_LIB).$(VERSION) $(DESTDIR)$(usbdropdir)/$(CCID_BUNDLE)/Contents/$(BUNDLE_HOST)/$(CCID_LIB)
++ $(mkinstalldirs) $(DRIVER_DEST)$(usbdropdir)/$(CCID_BUNDLE)/Contents/$(BUNDLE_HOST)/
++ cp Info.plist $(DRIVER_DEST)$(usbdropdir)/$(CCID_BUNDLE)/Contents/
++ cp .libs/$(CCID_LIB) $(DRIVER_DEST)$(usbdropdir)/$(CCID_BUNDLE)/Contents/$(BUNDLE_HOST)/$(CCID_LIB).$(VERSION)
++ ln -fs $(CCID_LIB).$(VERSION) $(DRIVER_DEST)$(usbdropdir)/$(CCID_BUNDLE)/Contents/$(BUNDLE_HOST)/$(CCID_LIB)
+ $(INSTALL_UDEV_RULE_FILE)
+
+ install_ccidtwin: libccidtwin.la
Added: releases/Apple/OSX-10.6.7/SmartcardCCID-35253/ccid/files/osxConfigure.patch
===================================================================
--- releases/Apple/OSX-10.6.7/SmartcardCCID-35253/ccid/files/osxConfigure.patch (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartcardCCID-35253/ccid/files/osxConfigure.patch 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,52 @@
+diff --git MacOSX/configure MacOSX/configure
+index 8b42e38..b3fc826 100755
+--- MacOSX/configure
++++ MacOSX/configure
+@@ -39,6 +39,9 @@ fi
+
+ ./MacOSX/convert_reader_h.pl MacOSX/reader.h.in > MacOSX/reader.h
+
++if [[ "$*" =~ "--no-configure" ]]; then
++ exit 0
++fi
+ # we define PKG_CONFIG so that pkg-config is not used and PCSC_CFLAGS
+ # and PCSC_LIBS are used instead
+ PKG_CONFIG="foobar"
+@@ -47,9 +50,16 @@ PKG_CONFIG="foobar"
+ PCSC_CFLAGS="-I$(pwd)/MacOSX"
+ PCSC_LIBS="-framework PCSC"
+
+-# use libusb from OpenSC (universal binary)
+-LIBUSB_CFLAGS="-I/Library/OpenSC/include"
+-LIBUSB_LIBS="-L/Library/OpenSC/lib -lusb"
++# If --disable-opensc given, then do not alter the LIBUSB environment
++if [[ ! ("$*" =~ "--disable-opensc") ]]; then
++ # use libusb from OpenSC (universal binary)
++ LIBUSB_CFLAGS="-I/Library/OpenSC/include"
++ LIBUSB_LIBS="-L/Library/OpenSC/lib -lusb"
++
++ CONFIGURE_ARGS="$CONFIGURE_ARGS \
++ LIBUSB_CFLAGS=\"$LIBUSB_CFLAGS\" \
++ LIBUSB_LIBS=\"$LIBUSB_LIBS\""
++fi
+
+ # RESPONSECODE is already defined by PCSC/wintypes.h
+ # define needed here to compile examples/scardcontrol.c since config.h is
+@@ -59,7 +69,7 @@ CFLAGS="$CFLAGS -DRESPONSECODE_DEFINED_IN_WINTYPES_H"
+ # Build a Universal Binary
+ CFLAGS="$CFLAGS -isysroot /Developer/SDKs/MacOSX10.5.sdk -arch i386 -arch ppc"
+ LDFLAGS="-arch i386 -arch ppc"
+-CONFIGURE_ARGS="--disable-dependency-tracking"
++CONFIGURE_ARGS="$CONFIGURE_ARGS --disable-dependency-tracking"
+
+ # do not use pcscd debug feature
+ CONFIGURE_ARGS="$CONFIGURE_ARGS --disable-pcsclite"
+@@ -70,8 +80,6 @@ set -x
+ CFLAGS="$CFLAGS" \
+ PCSC_CFLAGS="$PCSC_CFLAGS" \
+ PCSC_LIBS="$PCSC_LIBS" \
+- LIBUSB_CFLAGS="$LIBUSB_CFLAGS" \
+- LIBUSB_LIBS="$LIBUSB_LIBS" \
+ LDFLAGS="$LDFLAGS" \
+ --enable-usbdropdir=/usr/libexec/SmartCardServices/drivers \
+ $CONFIGURE_ARGS \
Added: releases/Apple/OSX-10.6.7/SmartcardCCID-35253/libusb/Makefile
===================================================================
--- releases/Apple/OSX-10.6.7/SmartcardCCID-35253/libusb/Makefile (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartcardCCID-35253/libusb/Makefile 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,44 @@
+Project = libusb
+UserType = Administrator
+ToolType = Libraries
+GnuAfterInstall = install-plist remove-autom4te-cache remove-shared-libusb
+Extra_Configure_Flags =
+
+include $(MAKEFILEPATH)/CoreOS/ReleaseControl/GNUSource.make
+
+Install_Target = install
+
+# Automatic Extract & Patch
+AEP_Project = libusb
+AEP_Version = 0.1.13b
+AEP_ProjVers = $(AEP_Project)-$(AEP_Version)
+AEP_Filename = $(AEP_ProjVers).tar.gz
+AEP_ExtractDir = $(AEP_ProjVers)
+AEP_Patches = FixConfigureAddCPP.patch skipConfigure.patch remove_config_libdir.patch
+#svn co -r658 https://libusb.svn.sourceforge.net/svnroot/libusb/trunk
+
+# Extract the source.
+install_source::
+ $(TAR) -C $(SRCROOT) -xzf $(SRCROOT)/$(AEP_Filename)
+ $(RMDIR) $(SRCROOT)/$(Project)
+ $(MV) $(SRCROOT)/$(AEP_ExtractDir) $(SRCROOT)/$(Project)
+ for patchfile in $(AEP_Patches); do \
+ (cd $(SRCROOT)/$(Project) && patch -p0 < $(SRCROOT)/files/$$patchfile) || exit 1; \
+ done
+
+ (cd $(SRCROOT)/$(Project) && ./autogen.sh --skip-configure )
+
+OSV = $(DSTROOT)/usr/local/OpenSourceVersions
+OSL = $(DSTROOT)/usr/local/OpenSourceLicenses
+
+install-plist:
+ $(MKDIR) $(OSV)
+ $(INSTALL_FILE) $(SRCROOT)/$(Project).plist $(OSV)/$(Project).plist
+ $(MKDIR) $(OSL)
+ $(INSTALL_FILE) $(Sources)/LICENSE $(OSL)/$(Project).txt
+
+remove-autom4te-cache:
+ rm -rf $(SRCROOT)/$(Project)/autom4te.cache
+
+remove-shared-libusb:
+ rm -f $(DSTROOT)/usr/lib/libusb*{dylib,la}
Added: releases/Apple/OSX-10.6.7/SmartcardCCID-35253/libusb/files/FixConfigureAddCPP.patch
===================================================================
--- releases/Apple/OSX-10.6.7/SmartcardCCID-35253/libusb/files/FixConfigureAddCPP.patch (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartcardCCID-35253/libusb/files/FixConfigureAddCPP.patch 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,12 @@
+Index: configure.in
+===================================================================
+--- configure.in (revision 659)
++++ configure.in (working copy)
+@@ -151,6 +151,7 @@
+ # Checks for programs.
+ AC_LANG_CPLUSPLUS
+ AC_PROG_CC
++AC_PROG_CXX
+ AM_PROG_CC_C_O
+ AC_PROG_INSTALL
+
Added: releases/Apple/OSX-10.6.7/SmartcardCCID-35253/libusb/files/remove_config_libdir.patch
===================================================================
--- releases/Apple/OSX-10.6.7/SmartcardCCID-35253/libusb/files/remove_config_libdir.patch (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartcardCCID-35253/libusb/files/remove_config_libdir.patch 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,10 @@
+diff -ur ../libusb-0.1.13b-old/libusb-config.in ./libusb-config.in
+--- libusb-config.in 2008-07-23 14:41:32.000000000 -0400
++++ libusb-config.in 2008-10-01 16:30:12.000000000 -0400
+@@ -75,5 +75,5 @@
+ echo $includes
+ fi
+ if test "$echo_libs" = "yes"; then
+- echo -L at libdir@ -lusb @OSLIBS@
++ echo -lusb @OSLIBS@
+ fi
Added: releases/Apple/OSX-10.6.7/SmartcardCCID-35253/libusb/files/skipConfigure.patch
===================================================================
--- releases/Apple/OSX-10.6.7/SmartcardCCID-35253/libusb/files/skipConfigure.patch (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartcardCCID-35253/libusb/files/skipConfigure.patch 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,21 @@
+Index: autogen.sh
+===================================================================
+--- autogen.sh (revision 659)
++++ autogen.sh (working copy)
+@@ -59,6 +59,16 @@
+ autoconf${AUTOCONF_SUFFIX}
+ cd $ORIGDIR
+
++## Fix the makefile
++#sed -e 's/^\(all:.*\)/\1\
++# echo "s|\\(ECHO=\\(.*\\)\\)|echo=\\2\\\\" > echoFix.sed \
++# echo " \\1|" >> echoFix.sed \
++# sed -f echoFix.sed -i .bak libtool/' -i .bak Makefile.in | exit 1
++
++if [ "$1" == "--skip-configure" ]; then
++ exit
++fi
++
+ $srcdir/configure --enable-maintainer-mode "$@" || exit
+
+ echo
Added: releases/Apple/OSX-10.6.7/SmartcardCCID-35253/libusb/libusb-0.1.13b.tar.gz
===================================================================
(Binary files differ)
Property changes on: releases/Apple/OSX-10.6.7/SmartcardCCID-35253/libusb/libusb-0.1.13b.tar.gz
___________________________________________________________________
Added: svn:mime-type
+ application/octet-stream
Added: releases/Apple/OSX-10.6.7/SmartcardCCID-35253/libusb/libusb.plist
===================================================================
--- releases/Apple/OSX-10.6.7/SmartcardCCID-35253/libusb/libusb.plist (rev 0)
+++ releases/Apple/OSX-10.6.7/SmartcardCCID-35253/libusb/libusb.plist 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,23 @@
+<plist version="1.0">
+<array>
+<dict>
+ <key>OpenSourceProject</key>
+ <string>libusb</string>
+ <key>OpenSourceVersion</key>
+ <string>0.1.13b</string>
+ <key>OpenSourceWebsiteURL</key>
+ <string>http://www.ellert.se/twain-sane/</string>
+ <key>OpenSourceURL</key>
+ <string>http://www.ellert.se/PKGS/libusb-2008-02-02/src/libusb-2008-02-02-svn-macosx.tar.gz</string>
+ <key>OpenSourceImportDate</key>
+ <string>2008-07-22</string>
+ <key>OpenSourceModifications</key>
+ <array>
+ </array>
+ <key>OpenSourceLicense</key>
+ <string>unknown</string>
+ <key>OpenSourceLicenseFile</key>
+ <string>libusb.txt</string>
+</dict>
+</array>
+</plist>
Added: releases/Apple/OSX-10.6.7/Tokend-40596/APPLE_LICENSE
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/APPLE_LICENSE (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/APPLE_LICENSE 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,367 @@
+APPLE PUBLIC SOURCE LICENSE
+Version 2.0 - August 6, 2003
+
+Please read this License carefully before downloading this software.
+By downloading or using this software, you are agreeing to be bound by
+the terms of this License. If you do not or cannot agree to the terms
+of this License, please do not download or use the software.
+
+1. General; Definitions. This License applies to any program or other
+work which Apple Computer, Inc. ("Apple") makes publicly available and
+which contains a notice placed by Apple identifying such program or
+work as "Original Code" and stating that it is subject to the terms of
+this Apple Public Source License version 2.0 ("License"). As used in
+this License:
+
+1.1 "Applicable Patent Rights" mean: (a) in the case where Apple is
+the grantor of rights, (i) claims of patents that are now or hereafter
+acquired, owned by or assigned to Apple and (ii) that cover subject
+matter contained in the Original Code, but only to the extent
+necessary to use, reproduce and/or distribute the Original Code
+without infringement; and (b) in the case where You are the grantor of
+rights, (i) claims of patents that are now or hereafter acquired,
+owned by or assigned to You and (ii) that cover subject matter in Your
+Modifications, taken alone or in combination with Original Code.
+
+1.2 "Contributor" means any person or entity that creates or
+contributes to the creation of Modifications.
+
+1.3 "Covered Code" means the Original Code, Modifications, the
+combination of Original Code and any Modifications, and/or any
+respective portions thereof.
+
+1.4 "Externally Deploy" means: (a) to sublicense, distribute or
+otherwise make Covered Code available, directly or indirectly, to
+anyone other than You; and/or (b) to use Covered Code, alone or as
+part of a Larger Work, in any way to provide a service, including but
+not limited to delivery of content, through electronic communication
+with a client other than You.
+
+1.5 "Larger Work" means a work which combines Covered Code or portions
+thereof with code not governed by the terms of this License.
+
+1.6 "Modifications" mean any addition to, deletion from, and/or change
+to, the substance and/or structure of the Original Code, any previous
+Modifications, the combination of Original Code and any previous
+Modifications, and/or any respective portions thereof. When code is
+released as a series of files, a Modification is: (a) any addition to
+or deletion from the contents of a file containing Covered Code;
+and/or (b) any new file or other representation of computer program
+statements that contains any part of Covered Code.
+
+1.7 "Original Code" means (a) the Source Code of a program or other
+work as originally made available by Apple under this License,
+including the Source Code of any updates or upgrades to such programs
+or works made available by Apple under this License, and that has been
+expressly identified by Apple as such in the header file(s) of such
+work; and (b) the object code compiled from such Source Code and
+originally made available by Apple under this License.
+
+1.8 "Source Code" means the human readable form of a program or other
+work that is suitable for making modifications to it, including all
+modules it contains, plus any associated interface definition files,
+scripts used to control compilation and installation of an executable
+(object code).
+
+1.9 "You" or "Your" means an individual or a legal entity exercising
+rights under this License. For legal entities, "You" or "Your"
+includes any entity which controls, is controlled by, or is under
+common control with, You, where "control" means (a) the power, direct
+or indirect, to cause the direction or management of such entity,
+whether by contract or otherwise, or (b) ownership of fifty percent
+(50%) or more of the outstanding shares or beneficial ownership of
+such entity.
+
+2. Permitted Uses; Conditions & Restrictions. Subject to the terms
+and conditions of this License, Apple hereby grants You, effective on
+the date You accept this License and download the Original Code, a
+world-wide, royalty-free, non-exclusive license, to the extent of
+Apple's Applicable Patent Rights and copyrights covering the Original
+Code, to do the following:
+
+2.1 Unmodified Code. You may use, reproduce, display, perform,
+internally distribute within Your organization, and Externally Deploy
+verbatim, unmodified copies of the Original Code, for commercial or
+non-commercial purposes, provided that in each instance:
+
+(a) You must retain and reproduce in all copies of Original Code the
+copyright and other proprietary notices and disclaimers of Apple as
+they appear in the Original Code, and keep intact all notices in the
+Original Code that refer to this License; and
+
+(b) You must include a copy of this License with every copy of Source
+Code of Covered Code and documentation You distribute or Externally
+Deploy, and You may not offer or impose any terms on such Source Code
+that alter or restrict this License or the recipients' rights
+hereunder, except as permitted under Section 6.
+
+2.2 Modified Code. You may modify Covered Code and use, reproduce,
+display, perform, internally distribute within Your organization, and
+Externally Deploy Your Modifications and Covered Code, for commercial
+or non-commercial purposes, provided that in each instance You also
+meet all of these conditions:
+
+(a) You must satisfy all the conditions of Section 2.1 with respect to
+the Source Code of the Covered Code;
+
+(b) You must duplicate, to the extent it does not already exist, the
+notice in Exhibit A in each file of the Source Code of all Your
+Modifications, and cause the modified files to carry prominent notices
+stating that You changed the files and the date of any change; and
+
+(c) If You Externally Deploy Your Modifications, You must make
+Source Code of all Your Externally Deployed Modifications either
+available to those to whom You have Externally Deployed Your
+Modifications, or publicly available. Source Code of Your Externally
+Deployed Modifications must be released under the terms set forth in
+this License, including the license grants set forth in Section 3
+below, for as long as you Externally Deploy the Covered Code or twelve
+(12) months from the date of initial External Deployment, whichever is
+longer. You should preferably distribute the Source Code of Your
+Externally Deployed Modifications electronically (e.g. download from a
+web site).
+
+2.3 Distribution of Executable Versions. In addition, if You
+Externally Deploy Covered Code (Original Code and/or Modifications) in
+object code, executable form only, You must include a prominent
+notice, in the code itself as well as in related documentation,
+stating that Source Code of the Covered Code is available under the
+terms of this License with information on how and where to obtain such
+Source Code.
+
+2.4 Third Party Rights. You expressly acknowledge and agree that
+although Apple and each Contributor grants the licenses to their
+respective portions of the Covered Code set forth herein, no
+assurances are provided by Apple or any Contributor that the Covered
+Code does not infringe the patent or other intellectual property
+rights of any other entity. Apple and each Contributor disclaim any
+liability to You for claims brought by any other entity based on
+infringement of intellectual property rights or otherwise. As a
+condition to exercising the rights and licenses granted hereunder, You
+hereby assume sole responsibility to secure any other intellectual
+property rights needed, if any. For example, if a third party patent
+license is required to allow You to distribute the Covered Code, it is
+Your responsibility to acquire that license before distributing the
+Covered Code.
+
+3. Your Grants. In consideration of, and as a condition to, the
+licenses granted to You under this License, You hereby grant to any
+person or entity receiving or distributing Covered Code under this
+License a non-exclusive, royalty-free, perpetual, irrevocable license,
+under Your Applicable Patent Rights and other intellectual property
+rights (other than patent) owned or controlled by You, to use,
+reproduce, display, perform, modify, sublicense, distribute and
+Externally Deploy Your Modifications of the same scope and extent as
+Apple's licenses under Sections 2.1 and 2.2 above.
+
+4. Larger Works. You may create a Larger Work by combining Covered
+Code with other code not governed by the terms of this License and
+distribute the Larger Work as a single product. In each such instance,
+You must make sure the requirements of this License are fulfilled for
+the Covered Code or any portion thereof.
+
+5. Limitations on Patent License. Except as expressly stated in
+Section 2, no other patent rights, express or implied, are granted by
+Apple herein. Modifications and/or Larger Works may require additional
+patent licenses from Apple which Apple may grant in its sole
+discretion.
+
+6. Additional Terms. You may choose to offer, and to charge a fee for,
+warranty, support, indemnity or liability obligations and/or other
+rights consistent with the scope of the license granted herein
+("Additional Terms") to one or more recipients of Covered Code.
+However, You may do so only on Your own behalf and as Your sole
+responsibility, and not on behalf of Apple or any Contributor. You
+must obtain the recipient's agreement that any such Additional Terms
+are offered by You alone, and You hereby agree to indemnify, defend
+and hold Apple and every Contributor harmless for any liability
+incurred by or claims asserted against Apple or such Contributor by
+reason of any such Additional Terms.
+
+7. Versions of the License. Apple may publish revised and/or new
+versions of this License from time to time. Each version will be given
+a distinguishing version number. Once Original Code has been published
+under a particular version of this License, You may continue to use it
+under the terms of that version. You may also choose to use such
+Original Code under the terms of any subsequent version of this
+License published by Apple. No one other than Apple has the right to
+modify the terms applicable to Covered Code created under this
+License.
+
+8. NO WARRANTY OR SUPPORT. The Covered Code may contain in whole or in
+part pre-release, untested, or not fully tested works. The Covered
+Code may contain errors that could cause failures or loss of data, and
+may be incomplete or contain inaccuracies. You expressly acknowledge
+and agree that use of the Covered Code, or any portion thereof, is at
+Your sole and entire risk. THE COVERED CODE IS PROVIDED "AS IS" AND
+WITHOUT WARRANTY, UPGRADES OR SUPPORT OF ANY KIND AND APPLE AND
+APPLE'S LICENSOR(S) (COLLECTIVELY REFERRED TO AS "APPLE" FOR THE
+PURPOSES OF SECTIONS 8 AND 9) AND ALL CONTRIBUTORS EXPRESSLY DISCLAIM
+ALL WARRANTIES AND/OR CONDITIONS, EXPRESS OR IMPLIED, INCLUDING, BUT
+NOT LIMITED TO, THE IMPLIED WARRANTIES AND/OR CONDITIONS OF
+MERCHANTABILITY, OF SATISFACTORY QUALITY, OF FITNESS FOR A PARTICULAR
+PURPOSE, OF ACCURACY, OF QUIET ENJOYMENT, AND NONINFRINGEMENT OF THIRD
+PARTY RIGHTS. APPLE AND EACH CONTRIBUTOR DOES NOT WARRANT AGAINST
+INTERFERENCE WITH YOUR ENJOYMENT OF THE COVERED CODE, THAT THE
+FUNCTIONS CONTAINED IN THE COVERED CODE WILL MEET YOUR REQUIREMENTS,
+THAT THE OPERATION OF THE COVERED CODE WILL BE UNINTERRUPTED OR
+ERROR-FREE, OR THAT DEFECTS IN THE COVERED CODE WILL BE CORRECTED. NO
+ORAL OR WRITTEN INFORMATION OR ADVICE GIVEN BY APPLE, AN APPLE
+AUTHORIZED REPRESENTATIVE OR ANY CONTRIBUTOR SHALL CREATE A WARRANTY.
+You acknowledge that the Covered Code is not intended for use in the
+operation of nuclear facilities, aircraft navigation, communication
+systems, or air traffic control machines in which case the failure of
+the Covered Code could lead to death, personal injury, or severe
+physical or environmental damage.
+
+9. LIMITATION OF LIABILITY. TO THE EXTENT NOT PROHIBITED BY LAW, IN NO
+EVENT SHALL APPLE OR ANY CONTRIBUTOR BE LIABLE FOR ANY INCIDENTAL,
+SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES ARISING OUT OF OR RELATING
+TO THIS LICENSE OR YOUR USE OR INABILITY TO USE THE COVERED CODE, OR
+ANY PORTION THEREOF, WHETHER UNDER A THEORY OF CONTRACT, WARRANTY,
+TORT (INCLUDING NEGLIGENCE), PRODUCTS LIABILITY OR OTHERWISE, EVEN IF
+APPLE OR SUCH CONTRIBUTOR HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH
+DAMAGES AND NOTWITHSTANDING THE FAILURE OF ESSENTIAL PURPOSE OF ANY
+REMEDY. SOME JURISDICTIONS DO NOT ALLOW THE LIMITATION OF LIABILITY OF
+INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THIS LIMITATION MAY NOT APPLY
+TO YOU. In no event shall Apple's total liability to You for all
+damages (other than as may be required by applicable law) under this
+License exceed the amount of fifty dollars ($50.00).
+
+10. Trademarks. This License does not grant any rights to use the
+trademarks or trade names "Apple", "Apple Computer", "Mac", "Mac OS",
+"QuickTime", "QuickTime Streaming Server" or any other trademarks,
+service marks, logos or trade names belonging to Apple (collectively
+"Apple Marks") or to any trademark, service mark, logo or trade name
+belonging to any Contributor. You agree not to use any Apple Marks in
+or as part of the name of products derived from the Original Code or
+to endorse or promote products derived from the Original Code other
+than as expressly permitted by and in strict compliance at all times
+with Apple's third party trademark usage guidelines which are posted
+at http://www.apple.com/legal/guidelinesfor3rdparties.html.
+
+11. Ownership. Subject to the licenses granted under this License,
+each Contributor retains all rights, title and interest in and to any
+Modifications made by such Contributor. Apple retains all rights,
+title and interest in and to the Original Code and any Modifications
+made by or on behalf of Apple ("Apple Modifications"), and such Apple
+Modifications will not be automatically subject to this License. Apple
+may, at its sole discretion, choose to license such Apple
+Modifications under this License, or on different terms from those
+contained in this License or may choose not to license them at all.
+
+12. Termination.
+
+12.1 Termination. This License and the rights granted hereunder will
+terminate:
+
+(a) automatically without notice from Apple if You fail to comply with
+any term(s) of this License and fail to cure such breach within 30
+days of becoming aware of such breach;
+
+(b) immediately in the event of the circumstances described in Section
+13.5(b); or
+
+(c) automatically without notice from Apple if You, at any time during
+the term of this License, commence an action for patent infringement
+against Apple; provided that Apple did not first commence
+an action for patent infringement against You in that instance.
+
+12.2 Effect of Termination. Upon termination, You agree to immediately
+stop any further use, reproduction, modification, sublicensing and
+distribution of the Covered Code. All sublicenses to the Covered Code
+which have been properly granted prior to termination shall survive
+any termination of this License. Provisions which, by their nature,
+should remain in effect beyond the termination of this License shall
+survive, including but not limited to Sections 3, 5, 8, 9, 10, 11,
+12.2 and 13. No party will be liable to any other for compensation,
+indemnity or damages of any sort solely as a result of terminating
+this License in accordance with its terms, and termination of this
+License will be without prejudice to any other right or remedy of
+any party.
+
+13. Miscellaneous.
+
+13.1 Government End Users. The Covered Code is a "commercial item" as
+defined in FAR 2.101. Government software and technical data rights in
+the Covered Code include only those rights customarily provided to the
+public as defined in this License. This customary commercial license
+in technical data and software is provided in accordance with FAR
+12.211 (Technical Data) and 12.212 (Computer Software) and, for
+Department of Defense purchases, DFAR 252.227-7015 (Technical Data --
+Commercial Items) and 227.7202-3 (Rights in Commercial Computer
+Software or Computer Software Documentation). Accordingly, all U.S.
+Government End Users acquire Covered Code with only those rights set
+forth herein.
+
+13.2 Relationship of Parties. This License will not be construed as
+creating an agency, partnership, joint venture or any other form of
+legal association between or among You, Apple or any Contributor, and
+You will not represent to the contrary, whether expressly, by
+implication, appearance or otherwise.
+
+13.3 Independent Development. Nothing in this License will impair
+Apple's right to acquire, license, develop, have others develop for
+it, market and/or distribute technology or products that perform the
+same or similar functions as, or otherwise compete with,
+Modifications, Larger Works, technology or products that You may
+develop, produce, market or distribute.
+
+13.4 Waiver; Construction. Failure by Apple or any Contributor to
+enforce any provision of this License will not be deemed a waiver of
+future enforcement of that or any other provision. Any law or
+regulation which provides that the language of a contract shall be
+construed against the drafter will not apply to this License.
+
+13.5 Severability. (a) If for any reason a court of competent
+jurisdiction finds any provision of this License, or portion thereof,
+to be unenforceable, that provision of the License will be enforced to
+the maximum extent permissible so as to effect the economic benefits
+and intent of the parties, and the remainder of this License will
+continue in full force and effect. (b) Notwithstanding the foregoing,
+if applicable law prohibits or restricts You from fully and/or
+specifically complying with Sections 2 and/or 3 or prevents the
+enforceability of either of those Sections, this License will
+immediately terminate and You must immediately discontinue any use of
+the Covered Code and destroy all copies of it that are in your
+possession or control.
+
+13.6 Dispute Resolution. Any litigation or other dispute resolution
+between You and Apple relating to this License shall take place in the
+Northern District of California, and You and Apple hereby consent to
+the personal jurisdiction of, and venue in, the state and federal
+courts within that District with respect to this License. The
+application of the United Nations Convention on Contracts for the
+International Sale of Goods is expressly excluded.
+
+13.7 Entire Agreement; Governing Law. This License constitutes the
+entire agreement between the parties with respect to the subject
+matter hereof. This License shall be governed by the laws of the
+United States and the State of California, except that body of
+California law concerning conflicts of law.
+
+Where You are located in the province of Quebec, Canada, the following
+clause applies: The parties hereby confirm that they have requested
+that this License and all related documents be drafted in English. Les
+parties ont exige que le present contrat et tous les documents
+connexes soient rediges en anglais.
+
+EXHIBIT A.
+
+"Portions Copyright (c) 1999-2003 Apple Computer, Inc. All Rights
+Reserved.
+
+This file contains Original Code and/or Modifications of Original Code
+as defined in and that are subject to the Apple Public Source License
+Version 2.0 (the 'License'). You may not use this file except in
+compliance with the License. Please obtain a copy of the License at
+http://www.opensource.apple.com/apsl/ and read it before using this
+file.
+
+The Original Code and all software distributed under the License are
+distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+Please see the License for the specific language governing rights and
+limitations under the License."
Added: releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/BELPICAttributeCoder.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/BELPICAttributeCoder.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/BELPICAttributeCoder.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,57 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * BELPICAttributeCoder.cpp
+ * TokendMuscle
+ */
+
+#include "BELPICAttributeCoder.h"
+
+#include "Adornment.h"
+#include "MetaAttribute.h"
+#include "MetaRecord.h"
+#include "BELPICRecord.h"
+#include "BELPICToken.h"
+
+#include <Security/SecKeychainItem.h>
+#include <security_cdsa_utilities/cssmkey.h>
+
+using namespace Tokend;
+
+
+//
+// BELPICDataAttributeCoder
+//
+BELPICDataAttributeCoder::~BELPICDataAttributeCoder()
+{
+}
+
+void BELPICDataAttributeCoder::decode(TokenContext *tokenContext,
+ const MetaAttribute &metaAttribute, Record &record)
+{
+ BELPICRecord &belpicRecord = dynamic_cast<BELPICRecord &>(record);
+ record.attributeAtIndex(metaAttribute.attributeIndex(),
+ belpicRecord.getDataAttribute(tokenContext));
+}
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/BELPICAttributeCoder.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/BELPICAttributeCoder.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/BELPICAttributeCoder.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,55 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * BELPICAttributeCoder.h
+ * TokendMuscle
+ */
+
+#ifndef _BELPICATTRIBUTECODER_H_
+#define _BELPICATTRIBUTECODER_H_
+
+#include "AttributeCoder.h"
+#include <string>
+
+#include <PCSC/musclecard.h>
+
+
+//
+// A coder that reads the data of an object
+//
+class BELPICDataAttributeCoder : public Tokend::AttributeCoder
+{
+ NOCOPY(BELPICDataAttributeCoder)
+public:
+
+ BELPICDataAttributeCoder() {}
+ virtual ~BELPICDataAttributeCoder();
+
+ virtual void decode(Tokend::TokenContext *tokenContext,
+ const Tokend::MetaAttribute &metaAttribute, Tokend::Record &record);
+};
+
+
+#endif /* !_BELPICATTRIBUTECODER_H_ */
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/BELPICError.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/BELPICError.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/BELPICError.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,67 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * BELPICError.cpp
+ * TokendMuscle
+ */
+
+#include "BELPICError.h"
+
+#include <Security/cssmerr.h>
+
+//
+// BELPICError exceptions
+//
+BELPICError::BELPICError(uint16_t sw) : SCardError(sw)
+{
+#if MAX_OS_X_VERSION_MIN_REQUIRED <= MAX_OS_X_VERSION_10_5
+ IFDEBUG(debugDiagnose(this));
+#else
+ SECURITY_EXCEPTION_THROW_OTHER(this, sw, (char *)"BELPIC");
+#endif
+}
+
+BELPICError::~BELPICError() throw ()
+{
+}
+
+const char *BELPICError::what() const throw ()
+{ return "BELPIC error"; }
+
+void BELPICError::throwMe(uint16_t sw)
+{ throw BELPICError(sw); }
+
+#if MAX_OS_X_VERSION_MIN_REQUIRED <= MAX_OS_X_VERSION_10_5
+
+#if !defined(NDEBUG)
+
+void BELPICError::debugDiagnose(const void *id) const
+{
+ secdebug("exception", "%p BELPICError %s (%04hX)",
+ id, errorstr(statusWord), statusWord);
+}
+
+#endif //NDEBUG
+
+#endif // MAX_OS_X_VERSION_MIN_REQUIRED <= MAX_OS_X_VERSION_10_5
Added: releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/BELPICError.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/BELPICError.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/BELPICError.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,52 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * BELPICError.h
+ * TokendMuscle
+ */
+
+#ifndef _BELPICERROR_H_
+#define _BELPICERROR_H_
+
+#include "SCardError.h"
+
+
+class BELPICError : public Tokend::SCardError
+{
+protected:
+ BELPICError(uint16_t sw);
+ virtual ~BELPICError() throw ();
+public:
+ virtual const char *what () const throw ();
+
+ static void check(uint16_t sw) { if (sw != SCARD_SUCCESS) throwMe(sw); }
+ static void throwMe(uint16_t sw) __attribute__((noreturn));
+protected:
+#if MAX_OS_X_VERSION_MIN_REQUIRED <= MAX_OS_X_VERSION_10_5
+ IFDEBUG(void debugDiagnose(const void *id) const;)
+#endif
+};
+
+#endif /* !_BELPICERROR_H_ */
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/BELPICKeyHandle.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/BELPICKeyHandle.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/BELPICKeyHandle.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,274 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * BELPICKeyHandle.cpp
+ * TokendMuscle
+ */
+
+#include "BELPICKeyHandle.h"
+
+#include "BELPICRecord.h"
+#include "BELPICToken.h"
+
+#include <security_utilities/debugging.h>
+#include <security_utilities/utilities.h>
+#include <security_cdsa_utilities/cssmerrors.h>
+#include <Security/cssmerr.h>
+
+
+//
+// BELPICKeyHandle
+//
+BELPICKeyHandle::BELPICKeyHandle(BELPICToken &belpicToken,
+ const Tokend::MetaRecord &metaRecord, BELPICKeyRecord &cacKey) :
+ Tokend::KeyHandle(metaRecord, &cacKey),
+ mToken(belpicToken), mKey(cacKey)
+{
+}
+
+BELPICKeyHandle::~BELPICKeyHandle()
+{
+}
+
+void BELPICKeyHandle::getKeySize(CSSM_KEY_SIZE &keySize)
+{
+ secdebug("crypto", "getKeySize");
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+}
+
+uint32 BELPICKeyHandle::getOutputSize(const Context &context,
+ uint32 inputSize, bool encrypting)
+{
+ secdebug("crypto", "getOutputSize");
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+}
+
+static const unsigned char sha1sigheader[] =
+{
+ 0x30, // SEQUENCE
+ 0x21, // LENGTH
+ 0x30, // SEQUENCE
+ 0x09, // LENGTH
+ 0x06, 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1a, // SHA1 OID (1 4 14 3 2 26)
+ 0x05, 0x00, // OPTIONAL ANY algorithm params (NULL)
+ 0x04, 0x14 // OCTECT STRING (20 bytes)
+};
+
+static const unsigned char md5sigheader[] =
+{
+ 0x30, // SEQUENCE
+ 0x20, // LENGTH
+ 0x30, // SEQUENCE
+ 0x0C, // LENGTH
+ // MD5 OID (1 2 840 113549 2 5)
+ 0x06, 0x08, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x02, 0x05,
+ 0x05, 0x00, // OPTIONAL ANY algorithm params (NULL)
+ 0x04, 0x10 // OCTECT STRING (16 bytes)
+};
+
+void BELPICKeyHandle::generateSignature(const Context &context,
+ CSSM_ALGORITHMS signOnly, const CssmData &input, CssmData &signature)
+{
+ secdebug("crypto", "generateSignature alg: %u signOnly: %u",
+ context.algorithm(), signOnly);
+ IFDUMPING("crypto", context.dump("signature context"));
+
+ if (context.type() != CSSM_ALGCLASS_SIGNATURE)
+ CssmError::throwMe(CSSMERR_CSP_INVALID_CONTEXT);
+
+ if (context.algorithm() != CSSM_ALGID_RSA)
+ CssmError::throwMe(CSSMERR_CSP_INVALID_ALGORITHM);
+
+ // Find out if we are doing a SHA1 or MD5 signature and setup header to
+ // point to the right asn1 blob.
+ const unsigned char *header;
+ size_t headerLength;
+ if (signOnly == CSSM_ALGID_SHA1)
+ {
+ if (input.Length != 20)
+ CssmError::throwMe(CSSMERR_CSP_BLOCK_SIZE_MISMATCH);
+
+ header = sha1sigheader;
+ headerLength = sizeof(sha1sigheader);
+ }
+ else if (signOnly == CSSM_ALGID_MD5)
+ {
+ if (input.Length != 16)
+ CssmError::throwMe(CSSMERR_CSP_BLOCK_SIZE_MISMATCH);
+
+ header = md5sigheader;
+ headerLength = sizeof(md5sigheader);
+ }
+ else if (signOnly == CSSM_ALGID_NONE)
+ {
+ // Special case used by SSL it's an RSA signature, without the ASN1
+ // stuff
+ header = NULL;
+ headerLength = 0;
+
+ // @@@ Fix me
+ //CssmError::throwMe(CSSMERR_CSP_BLOCK_SIZE_MISMATCH);
+ }
+ else
+ CssmError::throwMe(CSSMERR_CSP_INVALID_DIGEST_ALGORITHM);
+
+#if 0
+ // @@@ Hack for BELPIC card!
+ header = NULL;
+ headerLength = 0;
+#endif
+
+ // Create an input buffer in which we construct the data we will send to
+ // the token.
+ size_t inputDataSize = headerLength + input.Length;
+ size_t keyLength = mKey.sizeInBits() / 8;
+ auto_array<unsigned char> inputData(keyLength);
+ unsigned char *to = inputData.get();
+
+ // Get padding, but default to pkcs1 style padding
+ uint32 padding = CSSM_PADDING_PKCS1;
+ context.getInt(CSSM_ATTRIBUTE_PADDING, padding);
+
+#if 1
+ if (padding != CSSM_PADDING_PKCS1)
+ CssmError::throwMe(CSSMERR_CSP_INVALID_ATTR_PADDING);
+#else
+ if (padding == CSSM_PADDING_PKCS1)
+ {
+ // Add PKCS1 style padding
+ *(to++) = 0;
+ *(to++) = 1; /* Private Key Block Type. */
+ size_t padLength = keyLength - 3 - inputDataSize;
+ memset(to, 0xff, padLength);
+ to += padLength;
+ *(to++) = 0;
+ inputDataSize = keyLength;
+ }
+ else if (padding == CSSM_PADDING_NONE)
+ {
+ // Token will fail if the input data isn't exactly keysize / 8 octects
+ // long
+ }
+ else
+ CssmError::throwMe(CSSMERR_CSP_INVALID_ATTR_PADDING);
+#endif
+
+ // Now copy the ASN1 header into the input buffer.
+ // This header is the DER encoding of
+ // DigestInfo ::= SEQUENCE { digestAlgorithm AlgorithmIdentifier,
+ // digest OCTET STRING }
+ // Where AlgorithmIdentifier ::= SEQUENCE { algorithm OBJECT IDENTIFIER,
+ // parameters OPTIONAL ANY }
+ if (headerLength)
+ {
+ memcpy(to, header, headerLength);
+ to += headerLength;
+ }
+
+ // Finally copy the passed in data to the input buffer.
+ memcpy(to, input.Data, input.Length);
+
+ // @@@ Switch to using tokend allocators
+ unsigned char *outputData =
+ reinterpret_cast<unsigned char *>(malloc(keyLength));
+ size_t outputLength = keyLength;
+ try
+ {
+ const AccessCredentials *cred = context.get<const AccessCredentials>(
+ CSSM_ATTRIBUTE_ACCESS_CREDENTIALS);
+ // Sign the inputData using the token
+ mKey.computeCrypt(mToken, true, cred, inputData.get(), inputDataSize,
+ outputData, outputLength);
+ }
+ catch (...)
+ {
+ // @@@ Switch to using tokend allocators
+ free(outputData);
+ throw;
+ }
+
+ signature.Data = outputData;
+ signature.Length = outputLength;
+}
+
+void BELPICKeyHandle::verifySignature(const Context &context,
+ CSSM_ALGORITHMS signOnly, const CssmData &input, const CssmData &signature)
+{
+ secdebug("crypto", "verifySignature");
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+}
+
+void BELPICKeyHandle::generateMac(const Context &context,
+ const CssmData &input, CssmData &output)
+{
+ secdebug("crypto", "generateMac");
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+}
+
+void BELPICKeyHandle::verifyMac(const Context &context,
+ const CssmData &input, const CssmData &compare)
+{
+ secdebug("crypto", "verifyMac");
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+}
+
+void BELPICKeyHandle::encrypt(const Context &context,
+ const CssmData &clear, CssmData &cipher)
+{
+ secdebug("crypto", "encrypt");
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+}
+
+void BELPICKeyHandle::decrypt(const Context &context,
+ const CssmData &cipher, CssmData &clear)
+{
+ secdebug("crypto", "decrypt alg: %u", context.algorithm());
+ CssmError::throwMe(CSSMERR_CSP_KEY_USAGE_INCORRECT);
+}
+
+void BELPICKeyHandle::exportKey(const Context &context,
+ const AccessCredentials *cred, CssmKey &wrappedKey)
+{
+ secdebug("crypto", "exportKey");
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+}
+
+
+//
+// BELPICKeyHandleFactory
+//
+BELPICKeyHandleFactory::~BELPICKeyHandleFactory()
+{
+}
+
+
+Tokend::KeyHandle *BELPICKeyHandleFactory::keyHandle(
+ Tokend::TokenContext *tokenContext, const Tokend::MetaRecord &metaRecord,
+ Tokend::Record &record) const
+{
+ BELPICKeyRecord &key = dynamic_cast<BELPICKeyRecord &>(record);
+ BELPICToken &belpicToken = static_cast<BELPICToken &>(*tokenContext);
+ return new BELPICKeyHandle(belpicToken, metaRecord, key);
+}
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/BELPICKeyHandle.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/BELPICKeyHandle.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/BELPICKeyHandle.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,92 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * BELPICKeyHandle.h
+ * TokendMuscle
+ */
+
+#ifndef _BELPICKEYHANDLE_H_
+#define _BELPICKEYHANDLE_H_
+
+#include "KeyHandle.h"
+
+class BELPICToken;
+class BELPICKeyRecord;
+
+
+//
+// A KeyHandle object which implements the crypto interface to muscle.
+//
+class BELPICKeyHandle: public Tokend::KeyHandle
+{
+ NOCOPY(BELPICKeyHandle)
+public:
+ BELPICKeyHandle(BELPICToken &belpicToken,
+ const Tokend::MetaRecord &metaRecord, BELPICKeyRecord &cacKey);
+ ~BELPICKeyHandle();
+
+ virtual void getKeySize(CSSM_KEY_SIZE &keySize);
+ virtual uint32 getOutputSize(const Context &context, uint32 inputSize,
+ bool encrypting);
+ virtual void generateSignature(const Context &context,
+ CSSM_ALGORITHMS signOnly, const CssmData &input, CssmData &signature);
+ virtual void verifySignature(const Context &context,
+ CSSM_ALGORITHMS signOnly, const CssmData &input,
+ const CssmData &signature);
+ virtual void generateMac(const Context &context, const CssmData &input,
+ CssmData &output);
+ virtual void verifyMac(const Context &context, const CssmData &input,
+ const CssmData &compare);
+ virtual void encrypt(const Context &context, const CssmData &clear,
+ CssmData &cipher);
+ virtual void decrypt(const Context &context, const CssmData &cipher,
+ CssmData &clear);
+
+ virtual void exportKey(const Context &context,
+ const AccessCredentials *cred, CssmKey &wrappedKey);
+
+private:
+ BELPICToken &mToken;
+ BELPICKeyRecord &mKey;
+};
+
+
+//
+// A factory that creates BELPICKeyHandle objects.
+//
+class BELPICKeyHandleFactory : public Tokend::KeyHandleFactory
+{
+ NOCOPY(BELPICKeyHandleFactory)
+public:
+ BELPICKeyHandleFactory() {}
+ virtual ~BELPICKeyHandleFactory();
+
+ virtual Tokend::KeyHandle *keyHandle(Tokend::TokenContext *tokenContext,
+ const Tokend::MetaRecord &metaRecord, Tokend::Record &record) const;
+};
+
+
+#endif /* !_BELPICKEYHANDLE_H_ */
+
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/BELPICRecord.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/BELPICRecord.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/BELPICRecord.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,265 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * BELPICRecord.cpp
+ * TokendMuscle
+ */
+
+#include "BELPICRecord.h"
+
+#include "BELPICError.h"
+#include "BELPICToken.h"
+#include "Attribute.h"
+#include "MetaAttribute.h"
+#include "MetaRecord.h"
+#include <security_cdsa_client/aclclient.h>
+#include <Security/SecKey.h>
+
+
+//
+// BELPICRecord
+//
+BELPICRecord::~BELPICRecord()
+{
+}
+
+//
+// BELPICCertificateRecord
+//
+BELPICBinaryFileRecord::~BELPICBinaryFileRecord()
+{
+}
+
+#define BELPIC_MAXSIZE_CERT 4000
+
+BELPICCertificateRecord::~BELPICCertificateRecord()
+{
+}
+
+Tokend::Attribute *BELPICCertificateRecord::getDataAttribute(
+ Tokend::TokenContext *tokenContext)
+{
+ CssmData data;
+ BELPICToken &belpicToken = static_cast<BELPICToken &>(*tokenContext);
+ if (belpicToken.cachedObject(0, mDescription, data))
+ {
+ Tokend::Attribute *attribute = new Tokend::Attribute(data.Data,
+ data.Length);
+ free(data.Data);
+ return attribute;
+ }
+
+ PCSC::Transaction _(belpicToken);
+ belpicToken.select(mDF, mEF);
+
+ uint8 certificate[BELPIC_MAXSIZE_CERT];
+ size_t certificateLength = sizeof(certificate);
+ belpicToken.readBinary(certificate, certificateLength);
+ data.Data = certificate;
+ data.Length = certificateLength;
+
+ /* Zetes: the cert files on cards older then V1.0 have padding bytes
+ * at the end (to allow updates that might be longer then the current
+ * cert). This works fine for certificate selection (keychain) but
+ * gives problems during an SSL handshake. So we first remove those
+ * padding bytes by adapting the data.Length. */
+ if (certificateLength > 500 && certificate[0] == 0x30 && certificate[1] == 0x82)
+ {
+ size_t realCertLength = 256 * certificate[2] + certificate[3] + 4;
+ if (realCertLength > 500 && realCertLength < certificateLength)
+ data.Length = realCertLength;
+ }
+
+ belpicToken.cacheObject(0, mDescription, data);
+
+ return new Tokend::Attribute(data.Data, data.Length);
+}
+
+//
+// BELPICProtectedRecord
+//
+BELPICProtectedRecord::~BELPICProtectedRecord()
+{
+}
+
+Tokend::Attribute *BELPICProtectedRecord::getDataAttribute(Tokend::TokenContext *tokenContext)
+{
+ // no caching
+ CssmData data;
+ BELPICToken &belpicToken = static_cast<BELPICToken &>(*tokenContext);
+
+ PCSC::Transaction _(belpicToken);
+ belpicToken.select(mDF, mEF);
+
+ uint8 certificate[BELPIC_MAXSIZE_CERT];
+ size_t certificateLength = sizeof(certificate);
+ belpicToken.readBinary(certificate, certificateLength);
+ data.Data = certificate;
+ data.Length = certificateLength;
+
+ return new Tokend::Attribute(data.Data, data.Length);
+}
+
+void BELPICProtectedRecord::getAcl(const char *tag, uint32 &count, AclEntryInfo *&acls)
+{
+ if (!mAclEntries) {
+ mAclEntries.allocator(Allocator::standard());
+ // Reading this object's data requires PIN1
+ mAclEntries.add(CssmClient::AclFactory::PinSubject(
+ mAclEntries.allocator(), 1),
+ AclAuthorizationSet(CSSM_ACL_AUTHORIZATION_DB_READ, 0));
+ }
+ count = mAclEntries.size();
+ acls = mAclEntries.entries();
+}
+
+//
+// BELPICKeyRecord
+//
+BELPICKeyRecord::BELPICKeyRecord(const uint8_t *keyId,
+ const char *description, const Tokend::MetaRecord &metaRecord,
+ bool signOnly) :
+ BELPICRecord(description),
+ mKeyId(keyId),
+ mSignOnly(signOnly)
+{
+ attributeAtIndex(metaRecord.metaAttribute(kSecKeyDecrypt).attributeIndex(),
+ new Tokend::Attribute(!signOnly));
+ attributeAtIndex(metaRecord.metaAttribute(kSecKeyUnwrap).attributeIndex(),
+ new Tokend::Attribute(!signOnly));
+ attributeAtIndex(metaRecord.metaAttribute(kSecKeySign).attributeIndex(),
+ new Tokend::Attribute(signOnly));
+}
+
+BELPICKeyRecord::~BELPICKeyRecord()
+{
+}
+
+void BELPICKeyRecord::computeCrypt(BELPICToken &belpicToken, bool sign,
+ const AccessCredentials *cred, const unsigned char *data,
+ size_t dataLength, unsigned char *output, size_t &outputLength)
+{
+ PCSC::Transaction _(belpicToken);
+ belpicToken.selectKeyForSign(mKeyId);
+
+ if (cred)
+ {
+ uint32 size = cred->size();
+ for (uint32 ix = 0; ix < size; ++ix)
+ {
+ const TypedList &sample = (*cred)[ix];
+ if (sample.type() == CSSM_SAMPLE_TYPE_PROMPTED_PASSWORD
+ && sample.length() == 2)
+ {
+ CssmData &pin = sample[1].data();
+ if (pin.Length >= BELPIC_MIN_PIN_LEN &&
+ pin.Length <= BELPIC_MAX_PIN_LEN)
+ {
+ belpicToken._verifyPIN(1, pin.Data, pin.Length);
+ break;
+ }
+ else if (pin.Length == 0)
+ {
+ // %%% <rdar://4334623>
+ // PIN previously verified by securityd;
+ // continue to look at remaining samples
+ }
+ else
+ {
+ CssmError::throwMe(CSSM_ERRCODE_SAMPLE_VALUE_NOT_SUPPORTED);
+ }
+ }
+ }
+
+ }
+
+ if (dataLength > sizeInBits() / 8)
+ CssmError::throwMe(CSSMERR_CSP_BLOCK_SIZE_MISMATCH);
+
+ if (sign != mSignOnly)
+ CssmError::throwMe(CSSMERR_CSP_KEY_USAGE_INCORRECT);
+
+ size_t apduSize = dataLength + 5;
+ unsigned char apdu[apduSize];
+ size_t resultLength = sizeInBits() / 8 + 2;
+ unsigned char result[resultLength];
+
+ apdu[0] = 0x00;
+ apdu[1] = 0x2A;
+ apdu[2] = 0x9E;
+ apdu[3] = 0x9A;
+ apdu[4] = dataLength;
+ memcpy(apdu + 5, data, dataLength);
+ BELPICError::check(belpicToken.exchangeAPDU(apdu, apduSize, result,
+ resultLength));
+ if (resultLength != sizeInBits() / 8 + 2)
+ {
+ secdebug("cac", " %s: computeCrypt: expected size: %ld, got: %ld",
+ mDescription, sizeInBits() / 8 + 2, resultLength);
+ PCSC::Error::throwMe(SCARD_E_PROTO_MISMATCH);
+ }
+
+ if (outputLength < resultLength - 2)
+ CssmError::throwMe(CSSMERR_CSP_BLOCK_SIZE_MISMATCH);
+
+ outputLength = resultLength - 2;
+ memcpy(output, result, outputLength);
+}
+
+void BELPICKeyRecord::getAcl(const char *tag, uint32 &count,
+ AclEntryInfo *&acls)
+{
+ // @@@ Key 1 has any acl for sign, key 2 has pin1 acl, and key3 has pin1
+ // acl with auto-lock which we express as a prompted password subject.
+ if (!mAclEntries) {
+ mAclEntries.allocator(Allocator::standard());
+ // Anyone can read the DB record for this key (which is a reference
+ // CSSM_KEY)
+ mAclEntries.add(CssmClient::AclFactory::AnySubject(
+ mAclEntries.allocator()),
+ AclAuthorizationSet(CSSM_ACL_AUTHORIZATION_DB_READ, 0));
+ // Setup the remainder of the acl based on the key type.
+
+ //PIN1 is hardcoded for now
+ // Apparently, PINS other than '1' are not yet supported by TokenD.
+ char tmptag[20];
+ snprintf(tmptag, sizeof(tmptag), "PIN%d", 1);
+ if (*mKeyId == 0x82)
+ {
+ mAclEntries.add(CssmClient::AclFactory::PinSubject(
+ mAclEntries.allocator(), 1),
+ AclAuthorizationSet(CSSM_ACL_AUTHORIZATION_SIGN, 0), tmptag);
+ }
+ else if (*mKeyId == 0x83)
+ {
+ CssmData prompt;
+ mAclEntries.add(CssmClient::AclFactory::PromptPWSubject(
+ mAclEntries.allocator(), prompt),
+ AclAuthorizationSet(CSSM_ACL_AUTHORIZATION_SIGN, 0), tmptag);
+ }
+ }
+ count = mAclEntries.size();
+ acls = mAclEntries.entries();
+}
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/BELPICRecord.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/BELPICRecord.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/BELPICRecord.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,121 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * BELPICRecord.h
+ * TokendMuscle
+ */
+
+#ifndef _BELPICRECORD_H_
+#define _BELPICRECORD_H_
+
+#include "Record.h"
+
+#include <security_cdsa_utilities/cssmcred.h>
+
+class BELPICToken;
+
+class BELPICRecord : public Tokend::Record
+{
+ NOCOPY(BELPICRecord)
+public:
+ BELPICRecord(const char *description) :
+ mDescription(description) {}
+ virtual ~BELPICRecord();
+
+ virtual const char *description() { return mDescription; }
+
+protected:
+ const char *mDescription;
+};
+
+
+class BELPICBinaryFileRecord : public BELPICRecord
+{
+ NOCOPY(BELPICBinaryFileRecord)
+public:
+ BELPICBinaryFileRecord(const uint8_t *df, const uint8_t *ef,
+ const char *description) :
+ BELPICRecord(description), mDF(df), mEF(ef) {}
+ virtual ~BELPICBinaryFileRecord();
+
+ virtual Tokend::Attribute *getDataAttribute(Tokend::TokenContext *tokenContext) = 0;
+
+protected:
+ const uint8_t *mDF;
+ const uint8_t *mEF;
+};
+
+class BELPICCertificateRecord : public BELPICBinaryFileRecord
+{
+ NOCOPY(BELPICCertificateRecord)
+public:
+ BELPICCertificateRecord(const uint8_t *df, const uint8_t *ef,
+ const char *description) :
+ BELPICBinaryFileRecord(df, ef, description) {}
+ virtual ~BELPICCertificateRecord();
+
+ virtual Tokend::Attribute *getDataAttribute(Tokend::TokenContext *tokenContext);
+};
+
+class BELPICProtectedRecord : public BELPICBinaryFileRecord
+{
+ NOCOPY(BELPICProtectedRecord)
+public:
+ BELPICProtectedRecord(const uint8_t *df, const uint8_t *ef, const char *description) :
+ BELPICBinaryFileRecord(df, ef, description) {}
+ virtual ~BELPICProtectedRecord();
+
+ virtual Tokend::Attribute *getDataAttribute(Tokend::TokenContext *tokenContext);
+ virtual void getAcl(const char *tag, uint32 &count,
+ AclEntryInfo *&aclList);
+private:
+ AutoAclEntryInfoList mAclEntries;
+};
+
+
+class BELPICKeyRecord : public BELPICRecord
+{
+ NOCOPY(BELPICKeyRecord)
+public:
+ BELPICKeyRecord(const uint8_t *keyId, const char *description,
+ const Tokend::MetaRecord &metaRecord, bool signOnly);
+ virtual ~BELPICKeyRecord();
+
+ size_t sizeInBits() const { return 1024; }
+ void computeCrypt(BELPICToken &belpicToken, bool sign,
+ const AccessCredentials *cred, const unsigned char *data,
+ size_t dataLength, unsigned char *result, size_t &resultLength);
+
+ void getAcl(const char *tag, uint32 &count, AclEntryInfo *&acls);
+
+private:
+ const uint8_t *mKeyId;
+ bool mSignOnly;
+ AutoAclEntryInfoList mAclEntries;
+};
+
+
+#endif /* !_BELPICRECORD_H_ */
+
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/BELPICSchema.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/BELPICSchema.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/BELPICSchema.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,99 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * BELPICSchema.cpp
+ * TokendMuscle
+ */
+
+#include "BELPICSchema.h"
+
+#include "MetaAttribute.h"
+#include "MetaRecord.h"
+
+#include <Security/SecCertificate.h>
+#include <Security/SecKeychainItem.h>
+#include <Security/SecKey.h>
+
+using namespace Tokend;
+
+BELPICSchema::BELPICSchema() :
+ mKeyAlgorithmCoder(uint32(CSSM_ALGID_RSA)),
+ mKeySizeCoder(uint32(1024))
+{
+}
+
+BELPICSchema::~BELPICSchema()
+{
+}
+
+Tokend::Relation *BELPICSchema::createKeyRelation(CSSM_DB_RECORDTYPE keyType)
+{
+ Relation *rn = createStandardRelation(keyType);
+
+ // Set up coders for key records.
+ MetaRecord &mr = rn->metaRecord();
+ mr.keyHandleFactory(&mBELPICKeyHandleFactory);
+
+ // Print name of a key might as well be the key name.
+ mr.attributeCoder(kSecKeyPrintName, &mDescriptionCoder);
+
+ // Other key valuess
+ mr.attributeCoder(kSecKeyKeyType, &mKeyAlgorithmCoder);
+ mr.attributeCoder(kSecKeyKeySizeInBits, &mKeySizeCoder);
+ mr.attributeCoder(kSecKeyEffectiveKeySize, &mKeySizeCoder);
+
+ // Key attributes
+ mr.attributeCoder(kSecKeyExtractable, &mFalseCoder);
+ mr.attributeCoder(kSecKeySensitive, &mTrueCoder);
+ mr.attributeCoder(kSecKeyModifiable, &mFalseCoder);
+ mr.attributeCoder(kSecKeyPrivate, &mTrueCoder);
+ mr.attributeCoder(kSecKeyNeverExtractable, &mTrueCoder);
+ mr.attributeCoder(kSecKeyAlwaysSensitive, &mTrueCoder);
+
+ // Key usage
+ mr.attributeCoder(kSecKeyEncrypt, &mFalseCoder);
+ mr.attributeCoder(kSecKeyWrap, &mFalseCoder);
+ mr.attributeCoder(kSecKeyVerify, &mFalseCoder);
+ mr.attributeCoder(kSecKeyDerive, &mFalseCoder);
+ mr.attributeCoder(kSecKeySignRecover, &mFalseCoder);
+ mr.attributeCoder(kSecKeyVerifyRecover, &mFalseCoder);
+
+ return rn;
+}
+
+void BELPICSchema::create()
+{
+ Schema::create();
+
+ createStandardRelation(CSSM_DL_DB_RECORD_X509_CERTIFICATE);
+ createKeyRelation(CSSM_DL_DB_RECORD_PRIVATE_KEY);
+
+ Relation *rn_gen = createStandardRelation(CSSM_DL_DB_RECORD_GENERIC);
+
+ // Create the generic table
+ MetaRecord &mr_gen = rn_gen->metaRecord();
+ mr_gen.attributeCoderForData(&mBELPICDataAttributeCoder);
+
+}
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/BELPICSchema.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/BELPICSchema.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/BELPICSchema.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,66 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * BELPICSchema.h
+ * TokendMuscle
+ */
+
+#ifndef _BELPICSCHEMA_H_
+#define _BELPICSCHEMA_H_
+
+#include "Schema.h"
+#include "BELPICKeyHandle.h"
+#include "BELPICAttributeCoder.h"
+
+namespace Tokend
+{
+ class Relation;
+ class MetaRecord;
+ class AttributeCoder;
+}
+
+class BELPICSchema : public Tokend::Schema
+{
+ NOCOPY(BELPICSchema)
+public:
+ BELPICSchema();
+ virtual ~BELPICSchema();
+
+ virtual void create();
+
+protected:
+ Tokend::Relation *createKeyRelation(CSSM_DB_RECORDTYPE keyType);
+
+private:
+ // Coders we need.
+ BELPICDataAttributeCoder mBELPICDataAttributeCoder;
+
+ Tokend::ConstAttributeCoder mKeyAlgorithmCoder;
+ Tokend::ConstAttributeCoder mKeySizeCoder;
+
+ BELPICKeyHandleFactory mBELPICKeyHandleFactory;
+};
+
+#endif /* !_BELPICSCHEMA_H_ */
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/BELPICToken.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/BELPICToken.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/BELPICToken.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,674 @@
+/*
+ * Copyright (c) 2004,2007 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * BELPICToken.cpp
+ * TokendMuscle
+ */
+
+#include "BELPICToken.h"
+
+#include "Adornment.h"
+#include "AttributeCoder.h"
+#include "BELPICError.h"
+#include "BELPICRecord.h"
+#include "BELPICSchema.h"
+#include <security_cdsa_client/aclclient.h>
+#include <map>
+#include <vector>
+
+using CssmClient::AclFactory;
+
+#define INTER_COMMAND_DELAY 10000 // delay in microseconds between commands
+
+#define OFF_CLA 0
+#define OFF_INS 1
+#define OFF_P1 2
+#define OFF_P2 3
+#define OFF_LC 4
+#define OFF_DATA 5
+
+#define CLA_STANDARD 0x00
+#define INS_SELECT_FILE 0xA4
+#define INS_MANAGE_SECURITY_ENVIRONMENT 0x22
+
+#define P1_SELECT_APPLET 0x04
+#define P2_SELECT_APPLET 0x0C
+
+#define SELECT_APPLET \
+ CLA_STANDARD, INS_SELECT_FILE, P1_SELECT_APPLET, P2_SELECT_APPLET
+
+#define BELPIC_MAX_DATA_SIZE (6*1024L) // plus some extra
+
+//static const unsigned char kBELPICPKCS15Applet[] =
+// { 0xA0, 0x00, 0x00, 0x01, 0x77, 0x50, 0x4B, 0x43, 0x53, 0x2D, 0x31, 0x35 };
+
+static const unsigned char kDF_BELPIC[] = { 0xDF, 0x00 };
+static const unsigned char kDF_ID[] = { 0xDF, 0x01 };
+
+static const unsigned char kEF_DIR[] = { 0x2F, 0x00 };
+
+static const unsigned char kBELPIC_EF_ODF[] = { 0x50, 0x31 };
+static const unsigned char kBELPIC_EF_TokenInfo[] = { 0x50, 0x32 };
+static const unsigned char kBELPIC_EF_AODF[] = { 0x50, 0x34 };
+static const unsigned char kBELPIC_EF_PrKDF[] = { 0x50, 0x35 };
+static const unsigned char kBELPIC_EF_PukDF[] = { 0x50, 0x36 };
+static const unsigned char kBELPIC_EF_CDF[] = { 0x50, 0x37 };
+static const unsigned char kBELPIC_EF_Cert2[] = { 0x50, 0x38 };
+static const unsigned char kBELPIC_EF_Cert3[] = { 0x50, 0x39 };
+static const unsigned char kBELPIC_EF_Cert4[] = { 0x50, 0x3A };
+static const unsigned char kBELPIC_EF_Cert6[] = { 0x50, 0x3B };
+static const unsigned char kBELPIC_EF_Cert8[] = { 0x50, 0x3C };
+
+static const unsigned char kID_EF_ID_RN[] = { 0x40, 0x31 };
+static const unsigned char kID_EF_SGN_RN[] = { 0x40, 0x32 };
+static const unsigned char kID_EF_ID_ADDRESS[] = { 0x40, 0x33 };
+static const unsigned char kID_EF_SGN_ADDRESS[] = { 0x40, 0x34 };
+static const unsigned char kID_EF_ID_PHOTO[] = { 0x40, 0x35 };
+static const unsigned char kID_EF_PuK7_ID[] = { 0x40, 0x38 };
+static const unsigned char kID_EF_Preferences[] = { 0x40, 0x39 };
+
+static const unsigned char kPIN_Cardholder_Id[] = { 0x01 };
+static const unsigned char kPIN_Reset_Id[] = { 0x02 };
+static const unsigned char kPUK_Unblock_Id[] = { 0x03 };
+static const unsigned char kPIN_Activate_Id[] = { 0x84 };
+
+static const unsigned char kPrK1_Id[] = { 0x81 };
+static const unsigned char kPrK2_Id[] = { 0x82 };
+static const unsigned char kPrK3_Id[] = { 0x83 };
+static const unsigned char kPuK5_Id[] = { 0x85 };
+static const unsigned char kPuK7_Id[] = { 0x87 };
+
+
+BELPICToken::BELPICToken() :
+ mCurrentDF(NULL),
+ mCurrentEF(NULL),
+ mReturnedData(NULL),
+ mPinStatus(0)
+{
+ mTokenContext = this;
+ mSession.open();
+}
+
+BELPICToken::~BELPICToken()
+{
+ delete mSchema;
+ delete mReturnedData;
+}
+
+void BELPICToken::select(const uint8_t *df, const uint8_t *ef)
+{
+ unsigned char result[MAX_BUFFER_SIZE];
+ size_t resultLength = sizeof(result);
+ if (isInTransaction() && mCurrentDF == df)
+ {
+ if (mCurrentEF == ef)
+ return;
+
+ uint8_t command[] = { 0x00, 0xA4, 0x02, 0x0C, 0x02, ef[0], ef[1] };
+ BELPICError::check(exchangeAPDU(command, sizeof(command), result,
+ resultLength));
+ mCurrentEF = ef;
+ }
+ else
+ {
+ uint8_t command[] =
+ { 0x00, 0xA4, 0x08, 0x0C, 0x04, df[0], df[1], ef[0], ef[1] };
+ BELPICError::check(exchangeAPDU(command, sizeof(command), result,
+ resultLength));
+ if (isInTransaction())
+ {
+ mCurrentDF = df;
+ mCurrentEF = ef;
+ }
+ }
+}
+
+void BELPICToken::selectKeyForSign(const uint8_t *keyId)
+{
+ bool encrypt = true;
+ uint8_t p1 = (encrypt ? 0x41 : 0x81);
+ // Select signing, algorithm pkcs1 padding and key keyId
+ unsigned char command[] =
+ { 0x00, 0x22, p1, 0xB6, 0x05, 0x04, 0x80, 0x01, 0x84, *keyId };
+ // @@@ This would be the command when letting the card itself to the
+ // DigestInfo wrapping for a SHA1 hash.
+ //unsigned char command[] =
+ // { 0x00, 0x22, p1, 0xB6, 0x05, 0x04, 0x80, 0x02, 0x84, *keyId };
+
+ //if (isInTransaction() && mCurrentKeyId == keyId)
+ // return;
+
+ unsigned char result[MAX_BUFFER_SIZE];
+ size_t resultLength = sizeof(result);
+ BELPICError::check(exchangeAPDU(command, sizeof(command), result,
+ resultLength));
+}
+
+/**
+ * @brief Makes the current process sleep for some microseconds.
+ *
+ * @param[in] iTimeVal Number of microseconds to sleep.
+ */
+int BELPICToken::usleep(int iTimeVal)
+{
+ struct timespec mrqtp;
+ mrqtp.tv_sec = iTimeVal/1000000;
+ mrqtp.tv_nsec = (iTimeVal - (mrqtp.tv_sec * 1000000)) * 1000;
+
+ return nanosleep(&mrqtp, NULL);
+}
+
+#define READ_BLOCK_SIZE 0xF4
+
+/*
+ A full transaction for the readBinary command seems to be the following:
+
+ - Select the appropriate file [ref INS_SELECT_FILE]
+ - Issue read binary command (0xB0) for READ_BLOCK_SIZE (0xF4) bytes
+ - usually, it will come back with a response of "6C xx", where xx is the
+ actual number of bytes available
+ - Issue a new read binary command with correct size
+
+*/
+
+/*
+ See NIST IR 6887, 5.1.1.2 Read Binary APDU
+
+ Function Code 0x02
+
+ CLA 0x00
+ INS 0xB0
+ P1 High-order byte of 2-byte offset
+ P2 Low-order byte of 2-byte offset
+ Lc Empty
+ Data Field Empty
+ Le Number of bytes to read
+
+
+ Processing State returned in the Response Message
+
+ SW1 SW2 Meaning
+ --- --- -----------------------------------------------------
+ 62 81 Part of returned data may be corrupted
+ 62 82 End of file reached before reading Le bytes
+ 67 00 Wrong length (wrong Le field)
+ 69 81 Command incompatible with file structure
+ 69 82 Security status not satisfied
+ 69 86 Command not allowed (no current EF)
+ 6A 81 Function not supported
+ 6A 82 File not found
+ 6B 00 Wrong parameters (offset outside the EF)
+ 6C XX Wrong length (wrong Le field; XX indicates the exact length)
+ 90 00 Successful execution
+
+ Non-fatal errors:
+ 62 82 End of file reached before reading Le bytes
+ 6B 00 Wrong parameters (offset outside the EF)
+ 6C XX Wrong length (wrong Le field; XX indicates the exact length)
+ 90 00 Successful execution
+*/
+
+void BELPICToken::readBinary(uint8_t *result, size_t &resultLength)
+{
+ // Attempt to read READ_BLOCK_SIZE bytes
+
+ unsigned char rcvBuffer[MAX_BUFFER_SIZE]; // N.B. Must be > READ_BLOCK_SIZE
+ size_t bytesReceived = sizeof(rcvBuffer);
+ size_t returnedDataLength = 0;
+
+ // The initial "Read Binary" command, with offset 0 and length READ_BLOCK_SIZE
+ unsigned char apdu[] = { 0x00, 0xB0, 0x00, 0x00, READ_BLOCK_SIZE };
+ size_t apduSize = sizeof(apdu);
+
+ // Talk to token here to get data
+ {
+ PCSC::Transaction _(*this);
+
+ uint16_t rx;
+ uint32_t offset = 0;
+ bool requestedTooMuch = false;
+
+ for (bool done = false; !done; )
+ {
+ bytesReceived = sizeof(rcvBuffer); // must reset each time
+ secdebug("token", "readBinary: attempting read of %d bytes at offset: %d",
+ apdu[OFF_LC], (apdu[OFF_P1] << 8 | apdu[OFF_P2]));
+ transmit(apdu, apduSize, rcvBuffer, bytesReceived);
+ if (bytesReceived < 2)
+ break;
+ rx = (rcvBuffer[bytesReceived - 2] << 8) + rcvBuffer[bytesReceived - 1];
+ secdebug("tokend", "readBinary result 0x%02X (masked: 0x%02X)", rx, rx & 0xFF00);
+
+ switch (rx & 0xFF00)
+ {
+ case SCARD_BYTES_LEFT_IN_SW2: // 0x6100
+ case SCARD_LE_IN_SW2: // 0x6C00
+ secdebug("token", "readBinary should only have read: %d bytes", rx & 0x00FF);
+ // Re-read from same offset with new, shorter length
+ apdu[OFF_LC] = (uint8_t)(rx & 0xFF);
+ requestedTooMuch = true; // signal that we are almost done
+ break;
+ case SCARD_WRONG_PARAMETER_P1_P2: // we read past the end, (probably) non-fatal
+ done = true;
+ break;
+ case SCARD_SUCCESS:
+ offset += (bytesReceived - 2);
+ apdu[OFF_P1] = offset >> 8;
+ apdu[OFF_P2] = offset & 0xFF;
+ apdu[OFF_LC] = READ_BLOCK_SIZE & 0xFF;
+ if (requestedTooMuch)
+ done = true;
+ if (resultLength >= (returnedDataLength + bytesReceived - 2))
+ {
+ memcpy(result + returnedDataLength, rcvBuffer, bytesReceived - 2);
+ returnedDataLength += bytesReceived - 2;
+ }
+ else
+ done = true;
+ break;
+ case SCARD_EXECUTION_WARNING: // No way to recover from SCARD_END_OF_FILE_REACHED, so fall through
+ default:
+ BELPICError::check(rx);
+ return; // will actually throw above
+ }
+
+ }
+ }
+
+ secdebug("token", "readBinary read a total of %ld bytes", returnedDataLength);
+ resultLength = returnedDataLength;
+}
+
+uint32_t BELPICToken::exchangeAPDU(const uint8_t *apdu, size_t apduLength,
+ uint8_t *result, size_t &resultLength)
+{
+ // see SCARD_LE_IN_SW2
+
+ size_t savedLength = resultLength;
+
+ transmit(apdu, apduLength, result, resultLength);
+ if (resultLength == 2 && result[0] == 0x61) // || result[0] == 0x6C)
+ {
+ resultLength = savedLength;
+ uint8 expectedLength = result[1];
+ unsigned char getResult[] = { 0x00, 0xC0, 0x00, 0x00, expectedLength };
+ BELPICToken::usleep(INTER_COMMAND_DELAY);
+ transmit(getResult, sizeof(getResult), result, resultLength);
+ if (resultLength - 2 != expectedLength)
+ {
+ if (resultLength < 2)
+ PCSC::Error::throwMe(SCARD_E_PROTO_MISMATCH);
+ else
+ BELPICError::throwMe((result[resultLength - 2] << 8)
+ + result[resultLength - 1]);
+ }
+ }
+
+ if (resultLength < 2)
+ PCSC::Error::throwMe(SCARD_E_PROTO_MISMATCH);
+
+ return (result[resultLength - 2] << 8) + result[resultLength - 1];
+}
+
+void BELPICToken::didDisconnect()
+{
+ PCSC::Card::didDisconnect();
+ mCurrentDF = NULL;
+ mCurrentEF = NULL;
+ mPinStatus = 0;
+}
+
+void BELPICToken::didEnd()
+{
+ PCSC::Card::didEnd();
+ mCurrentDF = NULL;
+ mCurrentEF = NULL;
+ mPinStatus = 0;
+}
+
+uint8_t BELPICToken::pinDigit(uint8_t digit)
+{
+ if ('0' <= digit && digit <= '9')
+ return digit - '0';
+ else if ('A' <= digit && digit <= 'F')
+ return digit - 'A' + 0x10;
+ else if ('a' <= digit && digit <= 'f')
+ return digit - 'a' + 0x10;
+ else
+ CssmError::throwMe(CSSM_ERRCODE_SAMPLE_VALUE_NOT_SUPPORTED);
+}
+
+void BELPICToken::changePIN(int pinNum,
+ const unsigned char *oldPin, size_t oldPinLength,
+ const unsigned char *newPin, size_t newPinLength)
+{
+ if (pinNum != 1)
+ CssmError::throwMe(CSSM_ERRCODE_SAMPLE_VALUE_NOT_SUPPORTED);
+
+ if (oldPinLength < 0 ||
+ oldPinLength > BELPIC_MAX_PIN_LEN ||
+ newPinLength < BELPIC_MIN_PIN_LEN ||
+ newPinLength > BELPIC_MAX_PIN_LEN)
+ {
+ CssmError::throwMe(CSSM_ERRCODE_INVALID_SAMPLE_VALUE);
+ }
+
+ PCSC::Transaction _(*this);
+ uint8_t apdu[] =
+ { 0x00, 0x24, 0x00, uint8_t(pinNum), 0x10,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
+ };
+
+ uint32_t offset = 5;
+
+ apdu[offset++] = 0x20 + oldPinLength;
+ for (uint32_t ix = 0; ix < oldPinLength;ix+=2)
+ {
+ apdu[offset++] = (pinDigit(oldPin[ix]) << 4) +
+ ((ix+1) < oldPinLength ? pinDigit(oldPin[ix+1]) : pinDigit('F'));
+ }
+
+ offset = 5 + 8;
+ apdu[offset++] = 0x20 + newPinLength;
+ for (uint32_t ix = 0; ix < newPinLength;ix+=2)
+ {
+ apdu[offset++] = (pinDigit(newPin[ix]) << 4) +
+ ((ix+1) < newPinLength ? pinDigit(newPin[ix+1]) : pinDigit('F'));
+ }
+
+ unsigned char result[MAX_BUFFER_SIZE];
+ size_t resultLength = sizeof(result);
+ mPinStatus = exchangeAPDU(apdu, sizeof(apdu), result, resultLength);
+ memset(apdu + 5, 0, 16);
+ BELPICError::check(mPinStatus);
+}
+
+uint32_t BELPICToken::pinStatus(int pinNum)
+{
+ if (pinNum != 1)
+ CssmError::throwMe(CSSM_ERRCODE_SAMPLE_VALUE_NOT_SUPPORTED);
+
+#if 0
+ if (mPinStatus && isInTransaction())
+ return mPinStatus;
+
+ // Always checks PIN1
+ PCSC::Transaction _(*this);
+
+ unsigned char result[2];
+ size_t resultLength = sizeof(result);
+ unsigned char apdu[] = { 0x00, 0x20, 0x00, *kPIN_Cardholder_Id };
+
+ mPinStatus = exchangeAPDU(apdu, 4, result, resultLength);
+ if ((mPinStatus & 0xFF00) != 0x6300
+ && mPinStatus != SCARD_AUTHENTICATION_BLOCKED)
+ BELPICError::check(mPinStatus);
+#endif
+
+ return mPinStatus;
+}
+
+void BELPICToken::verifyPIN(int pinNum, const uint8_t *pin, size_t pinLength)
+{
+ _verifyPIN(pinNum, pin, pinLength);
+ // Start a new transaction which we never get rid of until someone calls
+ // unverifyPIN()
+ begin();
+}
+
+void BELPICToken::_verifyPIN(int pinNum, const uint8_t *pin, size_t pinLength)
+{
+ if (pinNum < 1 || pinNum > 3)
+ CssmError::throwMe(CSSM_ERRCODE_SAMPLE_VALUE_NOT_SUPPORTED);
+
+ if (pinLength < BELPIC_MIN_PIN_LEN || pinLength > BELPIC_MAX_PIN_LEN)
+ CssmError::throwMe(CSSM_ERRCODE_INVALID_SAMPLE_VALUE);
+
+ PCSC::Transaction _(*this);
+#ifdef USE_BUILTIN_PIN
+ uint8_t apdu[] =
+ { 0x00, 0x20, 0x00, 0x01, 0x08, 0x24,
+ 0x12, 0x34, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF };
+#else
+ uint8_t apdu[] =
+ { 0x00, 0x20, 0x00, uint8_t(pinNum), 0x08,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF };
+
+ uint32_t offset = 5;
+
+ apdu[offset++] = 0x20 + pinLength;
+ for (uint32_t ix = 0; ix < pinLength;ix+=2)
+ {
+ apdu[offset++] = (pinDigit(pin[ix]) << 4) +
+ ((ix+1) < pinLength ? pinDigit(pin[ix+1]) : pinDigit('F'));
+ }
+#endif
+
+ unsigned char result[MAX_BUFFER_SIZE];
+ size_t resultLength = sizeof(result);
+ mPinStatus = exchangeAPDU(apdu, sizeof(apdu), result, resultLength);
+ memset(apdu + 5, 0, 8);
+ BELPICError::check(mPinStatus);
+ // Start a new transaction which we never get rid of until someone calls
+ // unverifyPIN()
+ // begin();
+}
+
+void BELPICToken::unverifyPIN(int pinNum)
+{
+ if (pinNum != -1)
+ CssmError::throwMe(CSSM_ERRCODE_SAMPLE_VALUE_NOT_SUPPORTED);
+
+ end(SCARD_RESET_CARD);
+}
+
+uint32 BELPICToken::probe(SecTokendProbeFlags flags,
+ char tokenUid[TOKEND_MAX_UID])
+{
+// uint32 score = Tokend::ISO7816Token::probe(flags, tokenUid);
+//SCARD_PROTOCOL_T0
+ const SCARD_READERSTATE &readerState = *(*startupReaderInfo)();
+ connect(mSession, readerState.szReader, SCARD_SHARE_SHARED, SCARD_PROTOCOL_T0);
+ uint32 score = 0;
+ //flags = 2;//share pcsc
+ bool doDisconnect = false; /*!(flags & kSecTokendProbeKeepToken); */
+
+ try
+ {
+ unsigned char result[MAX_BUFFER_SIZE];
+ size_t resultLength = sizeof(result);
+
+ {
+ PCSC::Transaction _(*this);
+ select(kDF_BELPIC, kBELPIC_EF_TokenInfo);
+ readBinary(result, resultLength);
+ }
+
+ if (resultLength < 0x29 || memcmp(result + 0x19, "BELPIC", 6))
+ doDisconnect = true;
+ else
+ {
+ // If the length is not an exact match only return a score of 100
+ score = (resultLength == 0x29) ? 200 : 100;
+ // @@@ If the ATR matches one of the built in BELPIC ATR's we
+ // should probably return an even better score.
+
+ // Setup the tokendUID
+ memcpy(tokenUid, "BELPIC-", 7);
+ uint32_t offset = 7;
+ // Now stick in the chip serial # as hex bytes.
+ for (uint32_t ix = 0x07; ix < 0x17; ++ix)
+ {
+ sprintf(tokenUid + offset, "%02X", result[ix]);
+ offset += 2;
+ }
+ assert(TOKEND_MAX_UID > offset);
+ memset(tokenUid + offset, 0, TOKEND_MAX_UID - offset);
+ Tokend::ISO7816Token::name(tokenUid);
+ secdebug("probe", "recognized %s", tokenUid);
+ }
+ }
+ catch (...)
+ {
+ doDisconnect = true;
+ score = 0;
+ }
+
+ if (doDisconnect)
+ disconnect();
+
+ return score;
+}
+
+void BELPICToken::establish(const CSSM_GUID *guid, uint32 subserviceId,
+ SecTokendEstablishFlags flags, const char *cacheDirectory,
+ const char *workDirectory, char mdsDirectory[PATH_MAX],
+ char printName[PATH_MAX])
+{
+ Tokend::ISO7816Token::establish(guid, subserviceId, flags,
+ cacheDirectory, workDirectory, mdsDirectory, printName);
+
+ mSchema = new BELPICSchema();
+ mSchema->create();
+
+ populate();
+}
+
+//
+// Database-level ACLs
+//
+void BELPICToken::getOwner(AclOwnerPrototype &owner)
+{
+ // we don't really know (right now), so claim we're owned by PIN #0
+ if (!mAclOwner) {
+ mAclOwner.allocator(Allocator::standard());
+ mAclOwner = AclFactory::PinSubject(Allocator::standard(), 0);
+ }
+ owner = mAclOwner;
+}
+
+
+void BELPICToken::getAcl(const char *tag, uint32 &count, AclEntryInfo *&acls)
+{
+ Allocator &alloc = Allocator::standard();
+
+ if (unsigned pin = pinFromAclTag(tag, "?")) {
+ static AutoAclEntryInfoList acl;
+ acl.clear();
+ acl.allocator(alloc);
+ uint32_t status = this->pinStatus(pin);
+ if (status == SCARD_SUCCESS)
+ acl.addPinState(pin, CSSM_ACL_PREAUTH_TRACKING_AUTHORIZED);
+ else
+ acl.addPinState(pin, CSSM_ACL_PREAUTH_TRACKING_UNKNOWN);
+ count = acl.size();
+ acls = acl.entries();
+ return;
+ }
+
+ // get pin list, then for each pin
+ if (!mAclEntries)
+ {
+ mAclEntries.allocator(alloc);
+ // Anyone can read the attributes and data of any record on this token
+ // (it's further limited by the object itself).
+ mAclEntries.add(CssmClient::AclFactory::AnySubject(
+ mAclEntries.allocator()),
+ AclAuthorizationSet(CSSM_ACL_AUTHORIZATION_DB_READ, 0));
+ // We support PIN1 with either a passed in password
+ // subject or a prompted password subject.
+ mAclEntries.addPin(AclFactory::PWSubject(alloc), 1);
+ mAclEntries.addPin(AclFactory::PromptPWSubject(alloc, CssmData()), 1);
+ }
+ count = mAclEntries.size();
+ acls = mAclEntries.entries();
+}
+
+
+#pragma mark ---------------- BELPIC Specific --------------
+
+void BELPICToken::populate()
+{
+ secdebug("populate", "BELPICToken::populate() begin");
+ Tokend::Relation &certRelation =
+ mSchema->findRelation(CSSM_DL_DB_RECORD_X509_CERTIFICATE);
+ Tokend::Relation &privateKeyRelation =
+ mSchema->findRelation(CSSM_DL_DB_RECORD_PRIVATE_KEY);
+ Tokend::Relation &dataRelation =
+ mSchema->findRelation(CSSM_DL_DB_RECORD_GENERIC);
+
+ RefPointer<Tokend::Record> cert2(new BELPICCertificateRecord(kDF_BELPIC,
+ kBELPIC_EF_Cert2, "Cert #2 (authentication)"));
+ RefPointer<Tokend::Record> cert3(new BELPICCertificateRecord(kDF_BELPIC,
+ kBELPIC_EF_Cert3, "Cert #3 (signature)"));
+ RefPointer<Tokend::Record> cert4(new BELPICCertificateRecord(kDF_BELPIC,
+ kBELPIC_EF_Cert4, "Cert #4 (CA)"));
+ RefPointer<Tokend::Record> cert6(new BELPICCertificateRecord(kDF_BELPIC,
+ kBELPIC_EF_Cert6, "Cert #6 (root)"));
+ /* Zetes: RRN cert is not relevant here */
+ /* RefPointer<Tokend::Record> cert8(new BELPICCertificateRecord(kDF_BELPIC,
+ kBELPIC_EF_Cert8, "Cert #8 (RN)"));
+ */
+ certRelation.insertRecord(cert2);
+ certRelation.insertRecord(cert3);
+ certRelation.insertRecord(cert4);
+ certRelation.insertRecord(cert6);
+ /* Zetes: RRN cert is not relevant here */
+ /*
+ certRelation.insertRecord(cert8);
+ */
+
+ /* Zetes: better names for the private keys */
+ RefPointer<Tokend::Record> key2(new BELPICKeyRecord(kPrK2_Id,
+ "Authentication key", privateKeyRelation.metaRecord(), true));
+ RefPointer<Tokend::Record> key3(new BELPICKeyRecord(kPrK3_Id,
+ "Signature key", privateKeyRelation.metaRecord(), true));
+
+ privateKeyRelation.insertRecord(key2);
+ privateKeyRelation.insertRecord(key3);
+
+ key2->setAdornment(mSchema->publicKeyHashCoder().certificateKey(),
+ new Tokend::LinkedRecordAdornment(cert2));
+ key3->setAdornment(mSchema->publicKeyHashCoder().certificateKey(),
+ new Tokend::LinkedRecordAdornment(cert3));
+
+ dataRelation.insertRecord(new BELPICProtectedRecord(kDF_ID,
+ kID_EF_ID_RN, "ID#RN"));
+ dataRelation.insertRecord(new BELPICProtectedRecord(kDF_ID,
+ kID_EF_SGN_RN, "SGN#RN"));
+ dataRelation.insertRecord(new BELPICProtectedRecord(kDF_ID,
+ kID_EF_ID_ADDRESS, "ID#Address"));
+ dataRelation.insertRecord(new BELPICProtectedRecord(kDF_ID,
+ kID_EF_SGN_ADDRESS, "SGN#Address"));
+ dataRelation.insertRecord(new BELPICProtectedRecord(kDF_ID,
+ kID_EF_ID_PHOTO, "ID#Photo"));
+ dataRelation.insertRecord(new BELPICProtectedRecord(kDF_ID,
+ kID_EF_PuK7_ID, "PuK#7 ID (CA role ID)"));
+ dataRelation.insertRecord(new BELPICProtectedRecord(kDF_ID,
+ kID_EF_Preferences, "Preferences"));
+
+ secdebug("populate", "BELPICToken::populate() end");
+}
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/BELPICToken.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/BELPICToken.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/BELPICToken.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,96 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * BELPICToken.h
+ * TokendMuscle
+ */
+
+#ifndef _BELPICTOKEN_H_
+#define _BELPICTOKEN_H_
+
+#include <Token.h>
+
+#include <security_utilities/pcsc++.h>
+
+#define BELPIC_MIN_PIN_LEN 4
+#define BELPIC_MAX_PIN_LEN 12
+
+class BELPICSchema;
+
+//
+// "The" token
+//
+class BELPICToken : public Tokend::ISO7816Token
+{
+ NOCOPY(BELPICToken)
+public:
+ BELPICToken();
+ ~BELPICToken();
+
+ virtual void didDisconnect();
+ virtual void didEnd();
+
+ virtual uint32 probe(SecTokendProbeFlags flags,
+ char tokenUid[TOKEND_MAX_UID]);
+ virtual void establish(const CSSM_GUID *guid, uint32 subserviceId,
+ SecTokendEstablishFlags flags, const char *cacheDirectory,
+ const char *workDirectory, char mdsDirectory[PATH_MAX],
+ char printName[PATH_MAX]);
+ virtual void getOwner(AclOwnerPrototype &owner);
+ virtual void getAcl(const char *tag, uint32 &count, AclEntryInfo *&acls);
+
+ virtual void changePIN(int pinNum,
+ const unsigned char *oldPin, size_t oldPinLength,
+ const unsigned char *newPin, size_t newPinLength);
+ virtual uint32_t pinStatus(int pinNum);
+ virtual void verifyPIN(int pinNum, const unsigned char *pin, size_t pinLength);
+ void _verifyPIN(int pinNum, const unsigned char *pin, size_t pinLength);
+ virtual void unverifyPIN(int pinNum);
+
+ void select(const uint8_t *df, const uint8_t *ef);
+ void selectKeyForSign(const uint8_t *keyId);
+ void readBinary(uint8_t *result, size_t &resultLength);
+ uint32_t exchangeAPDU(const uint8_t *apdu, size_t apduLength,
+ uint8_t *result, size_t &resultLength);
+
+ static int usleep(int iTimeVal);
+
+protected:
+ uint8_t pinDigit(uint8_t digit);
+ void populate();
+
+public:
+ const uint8_t *mCurrentDF;
+ const uint8_t *mCurrentEF;
+ unsigned char *mReturnedData;
+ uint32_t mPinStatus;
+
+ // temporary ACL cache hack - to be removed
+ AutoAclOwnerPrototype mAclOwner;
+ AutoAclEntryInfoList mAclEntries;
+};
+
+
+#endif /* !_BELPICTOKEN_H_ */
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/Info.plist
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/Info.plist (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/Info.plist 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+ <key>CFBundleDevelopmentRegion</key>
+ <string>English</string>
+ <key>CFBundleExecutable</key>
+ <string>BELPIC</string>
+ <key>CFBundleIdentifier</key>
+ <string>com.apple.tokend.belpic</string>
+ <key>CFBundleInfoDictionaryVersion</key>
+ <string>6.0</string>
+ <key>CFBundleName</key>
+ <string>BELPIC</string>
+ <key>CFBundlePackageType</key>
+ <string>????</string>
+ <key>CFBundleShortVersionString</key>
+ <string>2.2.1</string>
+ <key>CFBundleSignature</key>
+ <string>????</string>
+ <key>CFBundleVersion</key>
+ <string>40596</string>
+</dict>
+</plist>
Added: releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/belpic.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/belpic.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/belpic.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,38 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * belpic.cpp - BELPIC.tokend main program
+ */
+
+#include "BELPICToken.h"
+
+int main(int argc, const char *argv[])
+{
+ secdebug("BELPIC.tokend", "main starting with %d arguments", argc);
+ secdelay((char *)"/tmp/delay/BELPIC");
+
+ token = new BELPICToken();
+ return SecTokendMain(argc, argv, token->callbacks(), token->support());
+}
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/mds/belpic_csp_capabilities.mdsinfo
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/mds/belpic_csp_capabilities.mdsinfo (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/mds/belpic_csp_capabilities.mdsinfo 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist SYSTEM "file://localhost/System/Library/DTDs/PropertyList.dtd">
+<plist version="0.9">
+<dict>
+ <key>Capabilities</key>
+ <string>file:belpic_csp_capabilities_common.mds</string>
+ <key>MdsFileDescription</key>
+ <string>BELPIC Token CSPDL CSP Capabilities</string>
+ <key>MdsFileType</key>
+ <string>PluginSpecific</string>
+ <key>MdsRecordType</key>
+ <string>MDS_CDSADIR_CSP_CAPABILITY_RECORDTYPE</string>
+</dict>
+</plist>
Added: releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/mds/belpic_csp_capabilities_common.mds
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/mds/belpic_csp_capabilities_common.mds (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/mds/belpic_csp_capabilities_common.mds 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,903 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<array>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_SHA1</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_OUTPUT_SIZE</string>
+ <key>AttributeValue</key>
+ <integer>20</integer>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_DIGEST</string>
+ <key>Description</key>
+ <string>SHA1 Digest</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_MD5</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_OUTPUT_SIZE</string>
+ <key>AttributeValue</key>
+ <integer>16</integer>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_DIGEST</string>
+ <key>Description</key>
+ <string>MD5 Digest</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_MD2</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_OUTPUT_SIZE</string>
+ <key>AttributeValue</key>
+ <integer>16</integer>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_DIGEST</string>
+ <key>Description</key>
+ <string>MD2 Digest</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_RSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>RSA Key Pair Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_DES</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_KEY_LENGTH</string>
+ <key>AttributeValue</key>
+ <integer>64</integer>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>DES Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_3DES_3KEY</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_KEY_LENGTH</string>
+ <key>AttributeValue</key>
+ <integer>192</integer>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>3DES Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_RC2</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>RC2 Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_RC4</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>RC4 Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_RC5</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>RC5 Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_CAST</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>New item</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>CAST Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_BLOWFISH</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>Blowfish Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_SHA1HMAC</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>SHA1HMAC Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_MD5HMAC</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>MD5HMAC Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_AES</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_KEY_LENGTH</string>
+ <key>AttributeValue</key>
+ <array>
+ <integer>128</integer>
+ <integer>192</integer>
+ <integer>256</integer>
+ </array>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>AES Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_ASC</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>ASC Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_FEE</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_KEY_LENGTH</string>
+ <key>AttributeValue</key>
+ <array>
+ <integer>31</integer>
+ <integer>127</integer>
+ <integer>128</integer>
+ <integer>161</integer>
+ <integer>192</integer>
+ </array>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>FEE Key Pair Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_DSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>DSA Key Pair Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_PKCS5_PBKDF2</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_DERIVEKEY</string>
+ <key>Description</key>
+ <string>PKCS5 Key Derivation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_PKCS5_PBKDF1_MD5</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_DERIVEKEY</string>
+ <key>Description</key>
+ <string>PKCS5 PBKDF1 MD5 Key Derivation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_PKCS5_PBKDF1_MD2</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_DERIVEKEY</string>
+ <key>Description</key>
+ <string>PKCS5 PBKDF1 MD2 Key Derivation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_PKCS5_PBKDF1_SHA1</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_DERIVEKEY</string>
+ <key>Description</key>
+ <string>PKCS5 PBKDF1 SHA1 Key Derivation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_DES</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_MODE</string>
+ <key>AttributeValue</key>
+ <array>
+ <integer>2</integer>
+ <integer>3</integer>
+ <integer>5</integer>
+ <integer>6</integer>
+ </array>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SYMMETRIC</string>
+ <key>Description</key>
+ <string>DES Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_3DES_3KEY_EDE</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_MODE</string>
+ <key>AttributeValue</key>
+ <array>
+ <integer>2</integer>
+ <integer>3</integer>
+ <integer>5</integer>
+ <integer>6</integer>
+ </array>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SYMMETRIC</string>
+ <key>Description</key>
+ <string>3DES EDE Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_AES</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_MODE</string>
+ <key>AttributeValue</key>
+ <array>
+ <integer>2</integer>
+ <integer>3</integer>
+ <integer>5</integer>
+ <integer>6</integer>
+ </array>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SYMMETRIC</string>
+ <key>Description</key>
+ <string>AES Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_RC4</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_MODE</string>
+ <key>AttributeValue</key>
+ <array>
+ <integer>0</integer>
+ </array>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SYMMETRIC</string>
+ <key>Description</key>
+ <string>RC4 Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_RC5</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_MODE</string>
+ <key>AttributeValue</key>
+ <array>
+ <integer>2</integer>
+ <integer>3</integer>
+ <integer>5</integer>
+ <integer>6</integer>
+ </array>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SYMMETRIC</string>
+ <key>Description</key>
+ <string>RC5 Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_BLOWFISH</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_MODE</string>
+ <key>AttributeValue</key>
+ <array>
+ <integer>2</integer>
+ <integer>3</integer>
+ <integer>5</integer>
+ <integer>6</integer>
+ </array>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SYMMETRIC</string>
+ <key>Description</key>
+ <string>Blowfish Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_CAST</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_MODE</string>
+ <key>AttributeValue</key>
+ <array>
+ <integer>2</integer>
+ <integer>3</integer>
+ <integer>5</integer>
+ <integer>6</integer>
+ </array>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SYMMETRIC</string>
+ <key>Description</key>
+ <string>CAST Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_RSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_ASYMMETRIC</string>
+ <key>Description</key>
+ <string>RSA Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_FEEDEXP</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_ASYMMETRIC</string>
+ <key>Description</key>
+ <string>FEEDExp Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_FEED</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_ASYMMETRIC</string>
+ <key>Description</key>
+ <string>FEED Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_SHA1WithRSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>SHA1 With RSA Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_MD5WithRSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>MD5 With RSA Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_MD2WithRSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>MD2 With RSA Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_RSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>Raw RSA Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_SHA1WithDSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>SHA1 With DSA Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_DSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>Raw DSA Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_FEE_MD5</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>MD5 with FEE Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_FEE_SHA1</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>SHA1 with FEE Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_FEE</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>Raw FEE Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_SHA1WithECDSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>SHA1 with ECDSA Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_ECDSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>Raw ECDSA Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_SHA1HMAC</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_OUTPUT_SIZE</string>
+ <key>AttributeValue</key>
+ <integer>20</integer>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_MAC</string>
+ <key>Description</key>
+ <string>SHA1HMAC MAC</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_SHA1HMAC_LEGACY</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_OUTPUT_SIZE</string>
+ <key>AttributeValue</key>
+ <integer>20</integer>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_MAC</string>
+ <key>Description</key>
+ <string>SHA1HMAC MAC Legacy</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_APPLE_YARROW</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_RANDOMGEN</string>
+ <key>Description</key>
+ <string>Yarrow PRNG</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+</array>
+</plist>
Added: releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/mds/belpic_csp_primary.mdsinfo
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/mds/belpic_csp_primary.mdsinfo (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/mds/belpic_csp_primary.mdsinfo 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,44 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist SYSTEM "file://localhost/System/Library/DTDs/PropertyList.dtd">
+<plist version="0.9">
+<dict>
+ <key>AclSubjectTypes</key>
+ <array>
+ <string>CSSM_ACL_SUBJECT_TYPE_PASSWORD</string>
+ <string>CSSM_ACL_SUBJECT_TYPE_PROMPTED_PASSWORD</string>
+ <string>CSSM_ACL_SUBJECT_TYPE_PROTECTED_PASSWORD</string>
+ </array>
+ <key>AuthTags</key>
+ <!-- @@@ complete this -->
+ <array>
+ <string>CSSM_ACL_AUTHORIZATION_ANY</string>
+ </array>
+ <key>CspCustomFlags</key>
+ <integer>0</integer>
+ <key>CspFlags</key>
+ <!-- @@@ dynamic -->
+ <string>CSSM_CSP_STORES_PRIVATE_KEYS | CSSM_CSP_STORES_PUBLIC_KEYS | CSSM_CSP_STORES_CERTIFICATES | CSSM_CSP_STORES_GENERIC</string>
+ <key>CspType</key>
+ <string>CSSM_CSP_HARDWARE</string>
+ <key>MdsFileDescription</key>
+ <string>Token CSPDL CSP Primary info</string>
+ <key>MdsFileType</key>
+ <string>PluginSpecific</string>
+ <key>MdsRecordType</key>
+ <string>MDS_CDSADIR_CSP_PRIMARY_RECORDTYPE</string>
+ <key>ModuleName</key>
+ <string>AppleSDCSPDL</string>
+ <key>ProductVersion</key>
+ <string>0.1</string>
+ <key>SampleTypes</key>
+ <array>
+ <string>CSSM_SAMPLE_TYPE_PASSWORD</string>
+ <string>CSSM_SAMPLE_TYPE_PROMPTED_PASSWORD</string>
+ <string>CSSM_SAMPLE_TYPE_PROTECTED_PASSWORD</string>
+ </array>
+ <key>UseeTags</key>
+ <array/>
+ <key>Vendor</key>
+ <string>Apple Computer, Inc.</string>
+</dict>
+</plist>
Added: releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/mds/belpic_dl_primary.mdsinfo
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/mds/belpic_dl_primary.mdsinfo (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/mds/belpic_dl_primary.mdsinfo 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,55 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist SYSTEM "file://localhost/System/Library/DTDs/PropertyList.dtd">
+<plist version="0.9">
+<dict>
+ <key>AclSubjectTypes</key>
+ <array>
+ <string>CSSM_ACL_SUBJECT_TYPE_PASSWORD</string>
+ <string>CSSM_ACL_SUBJECT_TYPE_PROMPTED_PASSWORD</string>
+ <string>CSSM_ACL_SUBJECT_TYPE_PROTECTED_PASSWORD</string>
+ </array>
+ <key>AuthTags</key>
+ <array>
+ <!-- @@@ complete this -->
+ <string>CSSM_ACL_AUTHORIZATION_ANY</string>
+ </array>
+ <key>ConjunctiveOps</key>
+ <array>
+ <string>CSSM_DB_NONE</string>
+ <string>CSSM_DB_AND</string>
+ <string>CSSM_DB_OR</string>
+ </array>
+ <key>DLType</key>
+ <string>CSSM_DL_FFS</string>
+ <key>MdsFileDescription</key>
+ <string>Token CSPDL DL Primary info</string>
+ <key>MdsFileType</key>
+ <string>PluginSpecific</string>
+ <key>MdsRecordType</key>
+ <string>MDS_CDSADIR_DL_PRIMARY_RECORDTYPE</string>
+ <key>ModuleName</key>
+ <string>AppleSDCSPDL</string>
+ <key>ProductVersion</key>
+ <string>0.1</string>
+ <key>QueryLimitsFlag</key>
+ <integer>0</integer>
+ <key>RelationalOps</key>
+ <array>
+ <string>CSSM_DB_EQUAL</string>
+ <string>CSSM_DB_LESS_THAN</string>
+ <string>CSSM_DB_GREATER_THAN</string>
+ <string>CSSM_DB_CONTAINS_FINAL_SUBSTRING</string>
+ <string>CSSM_DB_CONTAINS_INITIAL_SUBSTRING</string>
+ <string>CSSM_DB_CONTAINS</string>
+ <string></string>
+ </array>
+ <key>SampleTypes</key>
+ <array>
+ <string>CSSM_SAMPLE_TYPE_PASSWORD</string>
+ <string>CSSM_SAMPLE_TYPE_PROMPTED_PASSWORD</string>
+ <string>CSSM_SAMPLE_TYPE_PROTECTED_PASSWORD</string>
+ </array>
+ <key>Vendor</key>
+ <string>Apple Computer, Inc.</string>
+</dict>
+</plist>
Added: releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/mds/belpic_smartcard.mdsinfo
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/mds/belpic_smartcard.mdsinfo (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/BELPIC/mds/belpic_smartcard.mdsinfo 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist SYSTEM "file://localhost/System/Library/DTDs/PropertyList.dtd">
+<plist version="0.9">
+<dict>
+ <key>MdsFileDescription</key>
+ <string>SD/CSPDL Generic Smartcard Information</string>
+ <key>MdsRecordType</key>
+ <string>MDS_CDSADIR_CSP_SC_INFO_RECORDTYPE</string>
+ <key>MdsFileType</key>
+ <string>PluginSpecific</string>
+ <key>ScVendor</key>
+ <string>Generic</string>
+ <key>ScVersion</key>
+ <string>unknown</string>
+ <key>ScFirmwareVersion</key>
+ <string>BELPICViewerPlugin</string>
+ <key>ScFlags</key> <!-- @@@ dynamic -->
+ <integer>0</integer>
+ <key>ScCustomFlags</key>
+ <integer>0</integer>
+</dict>
+</plist>
Added: releases/Apple/OSX-10.6.7/Tokend-40596/CAC/CACAttributeCoder.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/CAC/CACAttributeCoder.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/CAC/CACAttributeCoder.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,57 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * CACAttributeCoder.cpp
+ * TokendMuscle
+ */
+
+#include "CACAttributeCoder.h"
+
+#include "Adornment.h"
+#include "MetaAttribute.h"
+#include "MetaRecord.h"
+#include "CACRecord.h"
+#include "CACToken.h"
+
+#include <Security/SecKeychainItem.h>
+#include <security_cdsa_utilities/cssmkey.h>
+
+using namespace Tokend;
+
+
+//
+// CACDataAttributeCoder
+//
+CACDataAttributeCoder::~CACDataAttributeCoder()
+{
+}
+
+void CACDataAttributeCoder::decode(TokenContext *tokenContext,
+ const MetaAttribute &metaAttribute, Record &record)
+{
+ CACRecord &cacRecord = dynamic_cast<CACRecord &>(record);
+ record.attributeAtIndex(metaAttribute.attributeIndex(),
+ cacRecord.getDataAttribute(tokenContext));
+}
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/CAC/CACAttributeCoder.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/CAC/CACAttributeCoder.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/CAC/CACAttributeCoder.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,55 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * CACAttributeCoder.h
+ * TokendMuscle
+ */
+
+#ifndef _CACATTRIBUTECODER_H_
+#define _CACATTRIBUTECODER_H_
+
+#include "AttributeCoder.h"
+#include <string>
+
+#include <PCSC/musclecard.h>
+
+
+//
+// A coder that reads the data of an object
+//
+class CACDataAttributeCoder : public Tokend::AttributeCoder
+{
+ NOCOPY(CACDataAttributeCoder)
+public:
+
+ CACDataAttributeCoder() {}
+ virtual ~CACDataAttributeCoder();
+
+ virtual void decode(Tokend::TokenContext *tokenContext,
+ const Tokend::MetaAttribute &metaAttribute, Tokend::Record &record);
+};
+
+
+#endif /* !_CACATTRIBUTECODER_H_ */
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/CAC/CACError.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/CAC/CACError.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/CAC/CACError.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,99 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * CACError.cpp
+ * TokendMuscle
+ */
+
+#include "CACError.h"
+
+#include <Security/cssmerr.h>
+
+//
+// CACError exceptions
+//
+CACError::CACError(uint16_t sw) : SCardError(sw)
+{
+#if MAX_OS_X_VERSION_MIN_REQUIRED <= MAX_OS_X_VERSION_10_5
+ IFDEBUG(debugDiagnose(this));
+#else
+ SECURITY_EXCEPTION_THROW_OTHER(this, sw, (char *)"CAC");
+#endif
+}
+
+CACError::~CACError() throw ()
+{
+}
+
+const char *CACError::what() const throw ()
+{ return "CAC error"; }
+
+OSStatus CACError::osStatus() const
+{
+ switch (statusWord)
+ {
+ case CAC_AUTHENTICATION_FAILED_0:
+ case CAC_AUTHENTICATION_FAILED_1:
+ case CAC_AUTHENTICATION_FAILED_2:
+ case CAC_AUTHENTICATION_FAILED_3:
+ return CSSM_ERRCODE_OPERATION_AUTH_DENIED;
+ default:
+ return SCardError::osStatus();
+ }
+}
+
+void CACError::throwMe(uint16_t sw)
+{ throw CACError(sw); }
+
+#if !defined(NDEBUG)
+
+#if MAX_OS_X_VERSION_MIN_REQUIRED <= MAX_OS_X_VERSION_10_5
+
+void CACError::debugDiagnose(const void *id) const
+{
+ secdebug("exception", "%p CACError %s (%04hX)",
+ id, errorstr(statusWord), statusWord);
+}
+
+#endif // MAX_OS_X_VERSION_MIN_REQUIRED <= MAX_OS_X_VERSION_10_5
+
+const char *CACError::errorstr(uint16_t sw) const
+{
+ switch (sw)
+ {
+ case CAC_AUTHENTICATION_FAILED_0:
+ return "Authentication failed, 0 retries left.";
+ case CAC_AUTHENTICATION_FAILED_1:
+ return "Authentication failed, 1 retry left.";
+ case CAC_AUTHENTICATION_FAILED_2:
+ return "Authentication failed, 2 retries left.";
+ case CAC_AUTHENTICATION_FAILED_3:
+ return "Authentication failed, 3 retries left.";
+ default:
+ return SCardError::errorstr(sw);
+ }
+}
+
+#endif //NDEBUG
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/CAC/CACError.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/CAC/CACError.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/CAC/CACError.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,63 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * CACError.h
+ * TokendMuscle
+ */
+
+#ifndef _CACERROR_H_
+#define _CACERROR_H_
+
+#include "SCardError.h"
+
+/** Entered PIN is not correct and pin was blocked. */
+#define CAC_AUTHENTICATION_FAILED_0 0x6300
+/** Entered PIN is not correct, 1 try left. */
+#define CAC_AUTHENTICATION_FAILED_1 0x6301
+/** Entered PIN is not correct, 2 tries left. */
+#define CAC_AUTHENTICATION_FAILED_2 0x6302
+/** Entered PIN is not correct, 3 tries left. */
+#define CAC_AUTHENTICATION_FAILED_3 0x6303
+
+class CACError : public Tokend::SCardError
+{
+protected:
+ CACError(uint16_t sw);
+ virtual ~CACError() throw ();
+public:
+ OSStatus osStatus() const;
+ virtual const char *what () const throw ();
+
+ static void check(uint16_t sw) { if (sw != SCARD_SUCCESS) throwMe(sw); }
+ static void throwMe(uint16_t sw) __attribute__((noreturn));
+
+protected:
+#if MAX_OS_X_VERSION_MIN_REQUIRED <= MAX_OS_X_VERSION_10_5
+ IFDEBUG(void debugDiagnose(const void *id) const;)
+#endif
+ IFDEBUG(const char *errorstr(uint16_t sw) const;)
+};
+
+#endif /* !_CACERROR_H_ */
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/CAC/CACKeyHandle.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/CAC/CACKeyHandle.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/CAC/CACKeyHandle.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,310 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * CACKeyHandle.cpp
+ * TokendMuscle
+ */
+
+#include "CACKeyHandle.h"
+
+#include "CACRecord.h"
+#include "CACToken.h"
+
+#include <security_utilities/debugging.h>
+#include <security_utilities/utilities.h>
+#include <security_cdsa_utilities/cssmerrors.h>
+#include <Security/cssmerr.h>
+
+
+//
+// CACKeyHandle
+//
+CACKeyHandle::CACKeyHandle(CACToken &cacToken,
+ const Tokend::MetaRecord &metaRecord, CACKeyRecord &cacKey) :
+ Tokend::KeyHandle(metaRecord, &cacKey),
+ mToken(cacToken),
+ mKey(cacKey)
+{
+}
+
+CACKeyHandle::~CACKeyHandle()
+{
+}
+
+void CACKeyHandle::getKeySize(CSSM_KEY_SIZE &keySize)
+{
+ secdebug("crypto", "getKeySize");
+ keySize.LogicalKeySizeInBits = mKey.sizeInBits(); // Logical key size in bits
+ keySize.EffectiveKeySizeInBits = mKey.sizeInBits(); // Effective key size in bits
+}
+
+uint32 CACKeyHandle::getOutputSize(const Context &context, uint32 inputSize,
+ bool encrypting)
+{
+ secdebug("crypto", "getOutputSize");
+ if (encrypting)
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+ return inputSize; //accurate for crypto used on CAC cards
+}
+
+static const unsigned char sha1sigheader[] =
+{
+ 0x30, // SEQUENCE
+ 0x21, // LENGTH
+ 0x30, // SEQUENCE
+ 0x09, // LENGTH
+ 0x06, 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1a, // SHA1 OID (1 4 14 3 2 26)
+ 0x05, 0x00, // OPTIONAL ANY algorithm params (NULL)
+ 0x04, 0x14 // OCTECT STRING (20 bytes)
+};
+
+static const unsigned char md5sigheader[] =
+{
+ 0x30, // SEQUENCE
+ 0x20, // LENGTH
+ 0x30, // SEQUENCE
+ 0x0C, // LENGTH
+ // MD5 OID (1 2 840 113549 2 5)
+ 0x06, 0x08, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x02, 0x05,
+ 0x05, 0x00, // OPTIONAL ANY algorithm params (NULL)
+ 0x04, 0x10 // OCTECT STRING (16 bytes)
+};
+
+void CACKeyHandle::generateSignature(const Context &context,
+ CSSM_ALGORITHMS signOnly, const CssmData &input, CssmData &signature)
+{
+ secdebug("crypto", "generateSignature alg: %u signOnly: %u",
+ context.algorithm(), signOnly);
+ IFDUMPING("crypto", context.dump("signature context"));
+
+ if (context.type() != CSSM_ALGCLASS_SIGNATURE)
+ CssmError::throwMe(CSSMERR_CSP_INVALID_CONTEXT);
+
+ if (context.algorithm() != CSSM_ALGID_RSA)
+ CssmError::throwMe(CSSMERR_CSP_INVALID_ALGORITHM);
+
+ // Find out if we are doing a SHA1 or MD5 signature and setup header to
+ // point to the right asn1 blob.
+ const unsigned char *header;
+ size_t headerLength;
+ if (signOnly == CSSM_ALGID_SHA1)
+ {
+ if (input.Length != 20)
+ CssmError::throwMe(CSSMERR_CSP_BLOCK_SIZE_MISMATCH);
+
+ header = sha1sigheader;
+ headerLength = sizeof(sha1sigheader);
+ }
+ else if (signOnly == CSSM_ALGID_MD5)
+ {
+ if (input.Length != 16)
+ CssmError::throwMe(CSSMERR_CSP_BLOCK_SIZE_MISMATCH);
+
+ header = md5sigheader;
+ headerLength = sizeof(md5sigheader);
+ }
+ else if (signOnly == CSSM_ALGID_NONE)
+ {
+ // Special case used by SSL it's an RSA signature, without the ASN1
+ // stuff
+ header = NULL;
+ headerLength = 0;
+ }
+ else
+ CssmError::throwMe(CSSMERR_CSP_INVALID_DIGEST_ALGORITHM);
+
+ // Create an input buffer in which we construct the data we will send to
+ // the token.
+ size_t inputDataSize = headerLength + input.Length;
+ size_t keyLength = mKey.sizeInBits() / 8;
+ auto_array<unsigned char> inputData(keyLength);
+ unsigned char *to = inputData.get();
+
+ // Get padding, but default to pkcs1 style padding
+ uint32 padding = CSSM_PADDING_PKCS1;
+ context.getInt(CSSM_ATTRIBUTE_PADDING, padding);
+
+ if (padding == CSSM_PADDING_PKCS1)
+ {
+ // Add PKCS1 style padding
+ *(to++) = 0;
+ *(to++) = 1; /* Private Key Block Type. */
+ size_t padLength = keyLength - 3 - inputDataSize;
+ memset(to, 0xff, padLength);
+ to += padLength;
+ *(to++) = 0;
+ inputDataSize = keyLength;
+ }
+ else if (padding == CSSM_PADDING_NONE)
+ {
+ // Token will fail if the input data isn't exactly keysize / 8 octects
+ // long
+ }
+ else
+ CssmError::throwMe(CSSMERR_CSP_INVALID_ATTR_PADDING);
+
+ // Now copy the ASN1 header into the input buffer.
+ // This header is the DER encoding of
+ // DigestInfo ::= SEQUENCE { digestAlgorithm AlgorithmIdentifier,
+ // digest OCTET STRING }
+ // Where AlgorithmIdentifier ::= SEQUENCE { algorithm OBJECT IDENTIFIER,
+ // parameters OPTIONAL ANY }
+ if (headerLength)
+ {
+ memcpy(to, header, headerLength);
+ to += headerLength;
+ }
+
+ // Finally copy the passed in data to the input buffer.
+ memcpy(to, input.Data, input.Length);
+
+ // @@@ Switch to using tokend allocators
+ unsigned char *outputData =
+ reinterpret_cast<unsigned char *>(malloc(keyLength));
+ size_t outputLength = keyLength;
+ try
+ {
+ // Sign the inputData using the token
+ mKey.computeCrypt(mToken, true, inputData.get(), inputDataSize,
+ outputData, outputLength);
+ }
+ catch (...)
+ {
+ // @@@ Switch to using tokend allocators
+ free(outputData);
+ throw;
+ }
+
+ signature.Data = outputData;
+ signature.Length = outputLength;
+}
+
+void CACKeyHandle::verifySignature(const Context &context,
+ CSSM_ALGORITHMS signOnly, const CssmData &input, const CssmData &signature)
+{
+ secdebug("crypto", "verifySignature");
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+}
+
+void CACKeyHandle::generateMac(const Context &context,
+ const CssmData &input, CssmData &output)
+{
+ secdebug("crypto", "generateMac");
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+}
+
+void CACKeyHandle::verifyMac(const Context &context,
+ const CssmData &input, const CssmData &compare)
+{
+ secdebug("crypto", "verifyMac");
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+}
+
+void CACKeyHandle::encrypt(const Context &context,
+ const CssmData &clear, CssmData &cipher)
+{
+ secdebug("crypto", "encrypt");
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+}
+
+void CACKeyHandle::decrypt(const Context &context,
+ const CssmData &cipher, CssmData &clear)
+{
+ secdebug("crypto", "decrypt alg: %u", context.algorithm());
+ IFDUMPING("crypto", context.dump("decrypt context"));
+
+ if (context.type() != CSSM_ALGCLASS_ASYMMETRIC)
+ CssmError::throwMe(CSSMERR_CSP_INVALID_CONTEXT);
+
+ if (context.algorithm() != CSSM_ALGID_RSA)
+ CssmError::throwMe(CSSMERR_CSP_INVALID_ALGORITHM);
+
+ size_t keyLength = mKey.sizeInBits() / 8;
+ if (cipher.length() % keyLength != 0)
+ CssmError::throwMe(CSSMERR_CSP_INPUT_LENGTH_ERROR);
+
+ // @@@ Add support for multiples of keyLength by doing multiple blocks
+ if (cipher.length() != keyLength)
+ CssmError::throwMe(CSSMERR_CSP_INPUT_LENGTH_ERROR);
+
+ // @@@ Use a secure allocator for this.
+ auto_array<uint8> outputData(keyLength);
+ uint8 *output = outputData.get();
+ size_t outputLength = keyLength;
+
+ secdebug("crypto", "decrypt: card supports RSA_NOPAD");
+ // Decrypt the inputData using the token
+ mKey.computeCrypt(mToken, false, cipher.Data, cipher.Length, output,
+ outputLength);
+
+ // Now check for proper pkcs1 type 2 padding and remove it.
+ if (outputLength != keyLength || *(output++) != 0 || *(output++) != 2)
+ CssmError::throwMe(CSSMERR_CSP_INVALID_DATA);
+
+ /* Skip over padding data */
+ // We already skiped the 00 02 at the start of the block.
+ outputLength -= 2;
+ size_t padSize;
+ for (padSize = 0; padSize < outputLength; ++padSize)
+ if (*(output++) == 0) break;
+
+ if (padSize == outputLength || padSize < 8)
+ CssmError::throwMe(CSSMERR_CSP_INVALID_DATA);
+
+ /* Don't count the 00 at the end of the padding. */
+ outputLength -= padSize + 1;
+
+ // @@@ Switch to using tokend allocators
+ clear.Data = reinterpret_cast<uint8 *>(malloc(outputLength));
+ // Finally copy the result into the clear buffer and set the length.
+ memcpy(clear.Data, output, outputLength);
+ clear.Length = outputLength;
+}
+
+void CACKeyHandle::exportKey(const Context &context,
+ const AccessCredentials *cred, CssmKey &wrappedKey)
+{
+ secdebug("crypto", "exportKey");
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+}
+
+
+//
+// CACKeyHandleFactory
+//
+CACKeyHandleFactory::~CACKeyHandleFactory()
+{
+}
+
+
+Tokend::KeyHandle *CACKeyHandleFactory::keyHandle(
+ Tokend::TokenContext *tokenContext, const Tokend::MetaRecord &metaRecord,
+ Tokend::Record &record) const
+{
+ CACKeyRecord &key = dynamic_cast<CACKeyRecord &>(record);
+ CACToken &cacToken = static_cast<CACToken &>(*tokenContext);
+ return new CACKeyHandle(cacToken, metaRecord, key);
+}
+
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/CAC/CACKeyHandle.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/CAC/CACKeyHandle.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/CAC/CACKeyHandle.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,91 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * CACKeyHandle.h
+ * TokendMuscle
+ */
+
+#ifndef _CACKEYHANDLE_H_
+#define _CACKEYHANDLE_H_
+
+#include "KeyHandle.h"
+
+class CACToken;
+class CACKeyRecord;
+
+
+//
+// A KeyHandle object which implements the crypto interface to muscle.
+//
+class CACKeyHandle: public Tokend::KeyHandle
+{
+ NOCOPY(CACKeyHandle)
+public:
+ CACKeyHandle(CACToken &cacToken, const Tokend::MetaRecord &metaRecord,
+ CACKeyRecord &cacKey);
+ ~CACKeyHandle();
+
+ virtual void getKeySize(CSSM_KEY_SIZE &keySize);
+ virtual uint32 getOutputSize(const Context &context, uint32 inputSize,
+ bool encrypting);
+ virtual void generateSignature(const Context &context,
+ CSSM_ALGORITHMS signOnly, const CssmData &input, CssmData &signature);
+ virtual void verifySignature(const Context &context,
+ CSSM_ALGORITHMS signOnly, const CssmData &input,
+ const CssmData &signature);
+ virtual void generateMac(const Context &context, const CssmData &input,
+ CssmData &output);
+ virtual void verifyMac(const Context &context, const CssmData &input,
+ const CssmData &compare);
+ virtual void encrypt(const Context &context, const CssmData &clear,
+ CssmData &cipher);
+ virtual void decrypt(const Context &context, const CssmData &cipher,
+ CssmData &clear);
+
+ virtual void exportKey(const Context &context,
+ const AccessCredentials *cred, CssmKey &wrappedKey);
+private:
+ CACToken &mToken;
+ CACKeyRecord &mKey;
+};
+
+
+//
+// A factory that creates CACKeyHandle objects.
+//
+class CACKeyHandleFactory : public Tokend::KeyHandleFactory
+{
+ NOCOPY(CACKeyHandleFactory)
+public:
+ CACKeyHandleFactory() {}
+ virtual ~CACKeyHandleFactory();
+
+ virtual Tokend::KeyHandle *keyHandle(Tokend::TokenContext *tokenContext,
+ const Tokend::MetaRecord &metaRecord, Tokend::Record &record) const;
+};
+
+
+#endif /* !_CACKEYHANDLE_H_ */
+
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/CAC/CACRecord.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/CAC/CACRecord.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/CAC/CACRecord.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,359 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * CACRecord.cpp
+ * TokendMuscle
+ */
+
+#include "CACRecord.h"
+
+#include "CACError.h"
+#include "CACToken.h"
+#include "Attribute.h"
+#include "MetaAttribute.h"
+#include "MetaRecord.h"
+#include <security_cdsa_client/aclclient.h>
+#include <Security/SecKey.h>
+
+#include <zlib.h>
+
+//
+// CACRecord
+//
+CACRecord::~CACRecord()
+{
+}
+
+
+//
+// CACCertificateRecord
+//
+CACCertificateRecord::~CACCertificateRecord()
+{
+}
+
+#define CAC_MAXSIZE_CERT 4000
+
+Tokend::Attribute *CACCertificateRecord::getDataAttribute(Tokend::TokenContext *tokenContext)
+{
+ CACToken &cacToken = dynamic_cast<CACToken &>(*tokenContext);
+ CssmData data;
+ if (cacToken.cachedObject(0, mDescription, data))
+ {
+ Tokend::Attribute *attribute =
+ new Tokend::Attribute(data.Data, data.Length);
+ free(data.Data);
+ return attribute;
+ }
+
+ unsigned char command[] = { 0x80, 0x36, 0x00, 0x00, 0x64 };
+ unsigned char result[MAX_BUFFER_SIZE];
+ size_t resultLength = sizeof(result);
+ uint8 certificate[CAC_MAXSIZE_CERT];
+ uint8 uncompressed[CAC_MAXSIZE_CERT];
+ size_t certificateLength = 0;
+
+ try
+ {
+ PCSC::Transaction _(cacToken);
+ cacToken.select(mApplication);
+ uint32_t cacreturn;
+ do
+ {
+ cacreturn = cacToken.exchangeAPDU(command, sizeof(command), result,
+ resultLength);
+
+ if ((cacreturn & 0xFF00) != 0x6300)
+ CACError::check(cacreturn);
+
+ size_t requested = command[4];
+ if (resultLength != requested + 2)
+ PCSC::Error::throwMe(SCARD_E_PROTO_MISMATCH);
+
+ memcpy(certificate + certificateLength, result, resultLength - 2);
+ certificateLength += resultLength - 2;
+ // Number of bytes to fetch next time around is in the last byte
+ // returned.
+ command[4] = cacreturn & 0xFF;
+ } while ((cacreturn & 0xFF00) == 0x6300);
+ }
+ catch (...)
+ {
+ return NULL;
+ }
+
+ if (certificate[0] == 1)
+ {
+ /* The certificate is compressed */
+ secdebug("cac", "uncompressing compressed %s", mDescription);
+ size_t uncompressedLength = sizeof(uncompressed);
+ int rv = uncompress(uncompressed, &uncompressedLength, certificate + 1,
+ certificateLength - 1);
+ if (rv != Z_OK)
+ {
+ secdebug("zlib", "uncompressing %s failed: %d", mDescription, rv);
+ CssmError::throwMe(CSSMERR_DL_DATABASE_CORRUPT);
+ }
+
+ data.Data = uncompressed;
+ data.Length = uncompressedLength;
+ }
+ else
+ {
+ data.Data = certificate;
+ data.Length = certificateLength;
+ }
+
+ cacToken.cacheObject(0, mDescription, data);
+ return new Tokend::Attribute(data.Data, data.Length);
+}
+
+
+//
+// CACKeyRecord
+//
+CACKeyRecord::CACKeyRecord(const unsigned char *application,
+ const char *description, const Tokend::MetaRecord &metaRecord) :
+ CACRecord(application, description)
+{
+ // Allow all keys to decrypt, unwrap, sign
+ attributeAtIndex(metaRecord.metaAttribute(kSecKeyDecrypt).attributeIndex(),
+ new Tokend::Attribute(true));
+ attributeAtIndex(metaRecord.metaAttribute(kSecKeyUnwrap).attributeIndex(),
+ new Tokend::Attribute(true));
+ attributeAtIndex(metaRecord.metaAttribute(kSecKeySign).attributeIndex(),
+ new Tokend::Attribute(true));
+}
+
+CACKeyRecord::~CACKeyRecord()
+{
+}
+
+void CACKeyRecord::computeCrypt(CACToken &cacToken, bool sign,
+ const unsigned char *data, size_t dataLength, unsigned char *output,
+ size_t &outputLength)
+{
+ if (dataLength > sizeInBits() / 8)
+ CssmError::throwMe(CSSMERR_CSP_BLOCK_SIZE_MISMATCH);
+
+ PCSC::Transaction _(cacToken);
+ cacToken.select(mApplication);
+ size_t apduSize = dataLength + 5;
+ unsigned char apdu[apduSize];
+ size_t resultLength = sizeInBits() / 8 + 2;
+ unsigned char result[resultLength];
+
+ apdu[0] = 0x80;
+ apdu[1] = 0x42;
+ apdu[2] = 0x00;
+ apdu[3] = 0x00;
+ apdu[4] = dataLength;
+ memcpy(apdu + 5, data, dataLength);
+ CACError::check(cacToken.exchangeAPDU(apdu, apduSize, result,
+ resultLength));
+ if (resultLength != sizeInBits() / 8 + 2)
+ {
+ secdebug("cac", " %s: computeCrypt: expected size: %ld, got: %ld",
+ mDescription, sizeInBits() / 8 + 2, resultLength);
+ PCSC::Error::throwMe(SCARD_E_PROTO_MISMATCH);
+ }
+
+ if (outputLength < resultLength - 2)
+ CssmError::throwMe(CSSMERR_CSP_BLOCK_SIZE_MISMATCH);
+
+ outputLength = resultLength - 2;
+ memcpy(output, result, outputLength);
+}
+
+void CACKeyRecord::getAcl(const char *tag, uint32 &count, AclEntryInfo *&acls)
+{
+ if (!mAclEntries) {
+ mAclEntries.allocator(Allocator::standard());
+ // Anyone can read the DB record for this key (which is a reference
+ // CSSM_KEY)
+ mAclEntries.add(CssmClient::AclFactory::AnySubject(
+ mAclEntries.allocator()),
+ AclAuthorizationSet(CSSM_ACL_AUTHORIZATION_DB_READ, 0));
+
+ // Using this key to sign or decrypt will require PIN1
+ char tmptag[20];
+ const uint32 slot = 1; // hardwired for now, but...
+ snprintf(tmptag, sizeof(tmptag), "PIN%d", slot);
+ mAclEntries.add(CssmClient::AclFactory::PinSubject(
+ mAclEntries.allocator(), 1),
+ AclAuthorizationSet(CSSM_ACL_AUTHORIZATION_SIGN, CSSM_ACL_AUTHORIZATION_DECRYPT, 0),
+ tmptag);
+ }
+ count = mAclEntries.size();
+ acls = mAclEntries.entries();
+}
+
+//
+// CACTBRecord
+//
+CACTBRecord::~CACTBRecord()
+{
+}
+
+void
+CACTBRecord::getSize(CACToken &cacToken, size_t &tbsize, size_t &vbsize)
+{
+ cacToken.select(mApplication);
+ unsigned char apdu[] = { 0x80, 0x56, 0x00, 0x00, 0x2E };
+ unsigned char result[MAX_BUFFER_SIZE];
+ size_t resultLength = sizeof(result);
+ uint32_t cacresult = cacToken.exchangeAPDU(apdu, sizeof(apdu), result,
+ resultLength);
+ if ((cacresult & 0x6C00) == 0x6C00 && (cacresult & 0xFF) > 0x1E)
+ {
+ /* We requested the wrong length, try again */
+ apdu[4] = cacresult & 0xFF;
+ resultLength = sizeof(result);
+ cacresult = cacToken.exchangeAPDU(apdu, sizeof(apdu), result,
+ resultLength);
+ }
+
+ CACError::check(cacresult);
+
+ if (resultLength - 2 != apdu[4])
+ PCSC::Error::throwMe(SCARD_E_PROTO_MISMATCH);
+
+ CACError::check(result[resultLength - 2] << 8 + result[resultLength - 1]);
+
+ tbsize = result[0x1C] + (result[0x1D] << 8);
+ vbsize = result[0x1E] + (result[0x1F] << 8);
+}
+
+#define MAX_READ 0xFF // 200 redefine to avoid SCardTransmitExt -- was 0xFF
+
+#if 0
+ // With extended APDUs, we can get another 0x61xx result
+ if (resultLength == 2 && result[0] == 0x61)
+ {
+ apdusize = 5;
+ apdu[0] = 0x00; apdu[1] = 0xC0; apdu[2] = 0x00; apdu[3] = 0x00; apdu[4] = result[1];
+ continue;
+ }
+#endif
+
+/*
+ See NIST IR 6887 \xD0 2003 EDITION, GSC-IS VERSION 2.1
+ 5.3.4 Generic Container Provider Virtual Machine Card Edge Interface
+ for a description of how this command works
+
+ READ BUFFER 0x80 0x52 Off/H Off/L 0x02 <buffer & number bytes to read> \xD0
+*/
+
+Tokend::Attribute *CACTBRecord::getDataAttribute(CACToken &cacToken,
+ bool getTB)
+{
+ size_t size, tbsize, vbsize;
+ cacToken.select(mApplication);
+ size_t resultLength;
+
+ PCSC::Transaction _(cacToken);
+ getSize(cacToken, tbsize, vbsize);
+ size = getTB ? tbsize : vbsize;
+
+ unsigned char outputData[size + 2];
+ unsigned int offset, bytes_left;
+
+ for (offset = 0, bytes_left = size; bytes_left;)
+ {
+ // resultLength = size + 2 - offset;
+ unsigned char toread = bytes_left > MAX_READ ? MAX_READ : bytes_left;
+ unsigned char apdu[] = { 0x80, 0x52,
+ offset >> 8, offset & 0xFF,
+ 0x02, (getTB ? 0x01 : 0x02),
+ toread };
+ resultLength = toread + 2;
+ uint32_t cacresult = cacToken.exchangeAPDU(apdu, sizeof(apdu),
+ outputData + offset,
+ resultLength);
+
+ CACError::check(cacresult);
+
+ if (resultLength - 2 != toread)
+ PCSC::Error::throwMe(SCARD_E_PROTO_MISMATCH);
+
+ resultLength -= 2;
+ offset += resultLength;
+ bytes_left -= resultLength;
+ }
+
+ return new Tokend::Attribute(outputData, offset);
+}
+
+#if 0
+Tokend::Attribute *CACTBRecord::getDataAttribute(CACToken &cacToken, bool getTB)
+{
+ size_t size, tbsize, vbsize;
+ cacToken.select(mApplication);
+ size_t resultLength;
+
+ PCSC::Transaction _(cacToken);
+ getSize(cacToken, tbsize, vbsize);
+ size = getTB ? tbsize : vbsize;
+
+ CssmData data;
+
+ cacToken.getDataCore(mApplication, mApplicationSize, mDescription, mIsCertificate, mAllowCaching, data);
+
+ return new Tokend::Attribute(data.Data, data.Length);
+}
+#endif
+
+Tokend::Attribute *CACTBRecord::getDataAttribute(Tokend::TokenContext *tokenContext)
+{
+ CACToken &cacToken = dynamic_cast<CACToken &>(*tokenContext);
+ return getDataAttribute(cacToken, true);
+}
+
+
+//
+// CACVBRecord
+//
+CACVBRecord::~CACVBRecord()
+{
+}
+
+Tokend::Attribute *CACVBRecord::getDataAttribute(Tokend::TokenContext *tokenContext)
+{
+ CACToken &cacToken = dynamic_cast<CACToken &>(*tokenContext);
+ return CACTBRecord::getDataAttribute(cacToken, false);
+}
+
+void CACVBRecord::getAcl(const char *tag, uint32 &count, AclEntryInfo *&acls)
+{
+ if (!mAclEntries) {
+ mAclEntries.allocator(Allocator::standard());
+ // Reading this objects data requires PIN1
+ mAclEntries.add(CssmClient::AclFactory::PinSubject(
+ mAclEntries.allocator(), 1),
+ AclAuthorizationSet(CSSM_ACL_AUTHORIZATION_DB_READ, 0));
+ }
+ count = mAclEntries.size();
+ acls = mAclEntries.entries();
+}
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/CAC/CACRecord.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/CAC/CACRecord.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/CAC/CACRecord.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,120 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * CACRecord.h
+ * TokendMuscle
+ */
+
+#ifndef _CACRECORD_H_
+#define _CACRECORD_H_
+
+#include "Record.h"
+
+class CACToken;
+
+class CACRecord : public Tokend::Record
+{
+ NOCOPY(CACRecord)
+public:
+ CACRecord(const unsigned char *application, const char *description) :
+ mApplication(application), mDescription(description) {}
+ virtual ~CACRecord();
+
+ virtual const char *description() { return mDescription; }
+
+protected:
+ const unsigned char *application() const { return mApplication; }
+
+protected:
+ const unsigned char *mApplication;
+ const char *mDescription;
+};
+
+
+class CACCertificateRecord : public CACRecord
+{
+ NOCOPY(CACCertificateRecord)
+public:
+ CACCertificateRecord(const unsigned char *application,
+ const char *description) :
+ CACRecord(application, description) {}
+ virtual ~CACCertificateRecord();
+
+ virtual Tokend::Attribute *getDataAttribute(Tokend::TokenContext *tokenContext);
+};
+
+class CACKeyRecord : public CACRecord
+{
+ NOCOPY(CACKeyRecord)
+public:
+ CACKeyRecord(const unsigned char *application, const char *description,
+ const Tokend::MetaRecord &metaRecord);
+ virtual ~CACKeyRecord();
+
+ size_t sizeInBits() const { return 1024; }
+ void computeCrypt(CACToken &cacToken, bool sign, const unsigned char *data,
+ size_t dataLength, unsigned char *result, size_t &resultLength);
+
+ virtual void getAcl(const char *tag, uint32 &count,
+ AclEntryInfo *&aclList);
+private:
+ AutoAclEntryInfoList mAclEntries;
+};
+
+
+class CACTBRecord : public CACRecord
+{
+ NOCOPY(CACTBRecord)
+public:
+ CACTBRecord(const unsigned char *application, const char *description) :
+ CACRecord(application, description) {}
+ virtual ~CACTBRecord();
+
+ virtual Tokend::Attribute *getDataAttribute(Tokend::TokenContext *tokenContext);
+
+protected:
+ void getSize(CACToken &cacToken, size_t &tbsize, size_t &vbsize);
+ Tokend::Attribute *getDataAttribute(CACToken &cacToken, bool getTB);
+};
+
+
+class CACVBRecord : public CACTBRecord
+{
+ NOCOPY(CACVBRecord)
+public:
+ CACVBRecord(const unsigned char *application, const char *description) :
+ CACTBRecord(application, description) {}
+ virtual ~CACVBRecord();
+
+ virtual Tokend::Attribute *getDataAttribute(Tokend::TokenContext *tokenContext);
+ virtual void getAcl(const char *tag, uint32 &count,
+ AclEntryInfo *&aclList);
+private:
+ AutoAclEntryInfoList mAclEntries;
+};
+
+
+#endif /* !_CACRECORD_H_ */
+
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/CAC/CACSchema.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/CAC/CACSchema.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/CAC/CACSchema.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,97 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * CACSchema.cpp
+ * TokendMuscle
+ */
+
+#include "CACSchema.h"
+
+#include "MetaAttribute.h"
+#include "MetaRecord.h"
+
+#include <Security/SecCertificate.h>
+#include <Security/SecKeychainItem.h>
+#include <Security/SecKey.h>
+
+using namespace Tokend;
+
+CACSchema::CACSchema() :
+ mKeyAlgorithmCoder(uint32(CSSM_ALGID_RSA)),
+ mKeySizeCoder(uint32(1024))
+{
+}
+
+CACSchema::~CACSchema()
+{
+}
+
+Tokend::Relation *CACSchema::createKeyRelation(CSSM_DB_RECORDTYPE keyType)
+{
+ Relation *rn = createStandardRelation(keyType);
+
+ // Set up coders for key records.
+ MetaRecord &mr = rn->metaRecord();
+ mr.keyHandleFactory(&mCACKeyHandleFactory);
+
+ // Print name of a key might as well be the key name.
+ mr.attributeCoder(kSecKeyPrintName, &mDescriptionCoder);
+
+ // Other key valuess
+ mr.attributeCoder(kSecKeyKeyType, &mKeyAlgorithmCoder);
+ mr.attributeCoder(kSecKeyKeySizeInBits, &mKeySizeCoder);
+ mr.attributeCoder(kSecKeyEffectiveKeySize, &mKeySizeCoder);
+
+ // Key attributes
+ mr.attributeCoder(kSecKeyExtractable, &mFalseCoder);
+ mr.attributeCoder(kSecKeySensitive, &mTrueCoder);
+ mr.attributeCoder(kSecKeyModifiable, &mFalseCoder);
+ mr.attributeCoder(kSecKeyPrivate, &mTrueCoder);
+ mr.attributeCoder(kSecKeyNeverExtractable, &mTrueCoder);
+ mr.attributeCoder(kSecKeyAlwaysSensitive, &mTrueCoder);
+
+ // Key usage
+ mr.attributeCoder(kSecKeyEncrypt, &mFalseCoder);
+ mr.attributeCoder(kSecKeyWrap, &mFalseCoder);
+ mr.attributeCoder(kSecKeyVerify, &mFalseCoder);
+ mr.attributeCoder(kSecKeyDerive, &mFalseCoder);
+ mr.attributeCoder(kSecKeySignRecover, &mFalseCoder);
+ mr.attributeCoder(kSecKeyVerifyRecover, &mFalseCoder);
+
+ return rn;
+}
+
+void CACSchema::create()
+{
+ Schema::create();
+
+ createStandardRelation(CSSM_DL_DB_RECORD_X509_CERTIFICATE);
+ createKeyRelation(CSSM_DL_DB_RECORD_PRIVATE_KEY);
+ Relation *rn_gen = createStandardRelation(CSSM_DL_DB_RECORD_GENERIC);
+
+ // Create the generic table
+ MetaRecord &mr_gen = rn_gen->metaRecord();
+ mr_gen.attributeCoderForData(&mCACDataAttributeCoder);
+}
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/CAC/CACSchema.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/CAC/CACSchema.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/CAC/CACSchema.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,66 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * CACSchema.h
+ * TokendMuscle
+ */
+
+#ifndef _CACSCHEMA_H_
+#define _CACSCHEMA_H_
+
+#include "Schema.h"
+#include "CACAttributeCoder.h"
+#include "CACKeyHandle.h"
+
+namespace Tokend
+{
+ class Relation;
+ class MetaRecord;
+ class AttributeCoder;
+}
+
+class CACSchema : public Tokend::Schema
+{
+ NOCOPY(CACSchema)
+public:
+ CACSchema();
+ virtual ~CACSchema();
+
+ virtual void create();
+
+protected:
+ Tokend::Relation *createKeyRelation(CSSM_DB_RECORDTYPE keyType);
+
+private:
+ // Coders we need.
+ CACDataAttributeCoder mCACDataAttributeCoder;
+
+ Tokend::ConstAttributeCoder mKeyAlgorithmCoder;
+ Tokend::ConstAttributeCoder mKeySizeCoder;
+
+ CACKeyHandleFactory mCACKeyHandleFactory;
+};
+
+#endif /* !_CACSCHEMA_H_ */
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/CAC/CACToken.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/CAC/CACToken.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/CAC/CACToken.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,621 @@
+/*
+ * Copyright (c) 2004,2007 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * CACToken.cpp
+ * TokendMuscle
+ */
+
+#include "CACToken.h"
+
+#include "Adornment.h"
+#include "AttributeCoder.h"
+#include "CACError.h"
+#include "CACRecord.h"
+#include "CACSchema.h"
+#include <security_cdsa_client/aclclient.h>
+#include <map>
+#include <vector>
+
+using CssmClient::AclFactory;
+
+#define CLA_STANDARD 0x00
+#define INS_SELECT_FILE 0xA4
+#define INS_GET_DATA 0xCA
+
+#define SELECT_APPLET CLA_STANDARD, INS_SELECT_FILE, 0x04, 0x00
+
+#define SELECT_CAC_APPLET SELECT_APPLET, 0x07, 0xA0, 0x00, 0x00, 0x00, 0x79
+
+#define SELECT_CAC_APPLET_PKI SELECT_CAC_APPLET, 0x01
+#define SELECT_CAC_APPLET_TLB SELECT_CAC_APPLET, 0x02
+#define SELECT_CAC_APPLET_PIN SELECT_CAC_APPLET, 0x03
+
+static const unsigned char kSelectCardManagerApplet[] =
+ { SELECT_APPLET, 0x07, 0xA0, 0x00, 0x00, 0x00, 0x03, 0x00, 0x00 };
+
+static const unsigned char kSelectCACAppletPKIID[] =
+ { SELECT_CAC_APPLET_PKI, 0x00 };
+static const unsigned char kSelectCACAppletPKIESig[] =
+ { SELECT_CAC_APPLET_PKI, 0x01 };
+static const unsigned char kSelectCACAppletPKIECry[] =
+ { SELECT_CAC_APPLET_PKI, 0x02 };
+static const unsigned char kSelectCACAppletPN[] =
+ { SELECT_CAC_APPLET_TLB, 0x00 };
+static const unsigned char kSelectCACAppletPL[] =
+ { SELECT_CAC_APPLET_TLB, 0x01 };
+static const unsigned char kSelectCACAppletBS[] =
+ { SELECT_CAC_APPLET_TLB, 0x02 };
+static const unsigned char kSelectCACAppletOB[] =
+ { SELECT_CAC_APPLET_TLB, 0x03 };
+static const unsigned char kSelectCACAppletPIN[] =
+ { SELECT_CAC_APPLET_PIN, 0x00 };
+
+
+CACToken::CACToken() :
+ mCurrentApplet(NULL),
+ mPinStatus(0)
+{
+ mTokenContext = this;
+ mSession.open();
+}
+
+CACToken::~CACToken()
+{
+ delete mSchema;
+}
+
+bool CACToken::identify()
+{
+ try
+ {
+ select(kSelectCACAppletPKIID);
+ return true;
+ }
+ catch (const PCSC::Error &error)
+ {
+ if (error.error == SCARD_E_PROTO_MISMATCH)
+ return false;
+ throw;
+ }
+}
+
+void CACToken::select(const unsigned char *applet)
+{
+ // If we are already connected and our current applet is already selected
+ // we are done.
+ if (isInTransaction() && mCurrentApplet == applet)
+ return;
+
+ // For CAC all applet selectors have the same size.
+ size_t applet_length = sizeof(kSelectCACAppletPKIID);
+ unsigned char result[MAX_BUFFER_SIZE];
+ size_t resultLength = sizeof(result);
+
+ transmit(applet, applet_length, result, resultLength);
+ // If the select command failed this isn't a cac card, so we are done.
+ if (resultLength < 2 || result[resultLength - 2] != 0x90 &&
+ result[resultLength - 2] != 0x61 /* || result[resultLength - 1] != 0x0D */)
+ PCSC::Error::throwMe(SCARD_E_PROTO_MISMATCH);
+
+ if (isInTransaction())
+ mCurrentApplet = applet;
+}
+
+uint32_t CACToken::exchangeAPDU(const unsigned char *apdu, size_t apduLength,
+ unsigned char *result, size_t &resultLength)
+{
+ size_t savedLength = resultLength;
+
+ transmit(apdu, apduLength, result, resultLength);
+ if (resultLength == 2 && result[0] == 0x61)
+ {
+ resultLength = savedLength;
+ uint8 expectedLength = result[1];
+ unsigned char getResult[] = { 0x00, 0xC0, 0x00, 0x00, expectedLength };
+ transmit(getResult, sizeof(getResult), result, resultLength);
+ if (resultLength - 2 != expectedLength)
+ {
+ if (resultLength < 2)
+ PCSC::Error::throwMe(SCARD_E_PROTO_MISMATCH);
+ else
+ CACError::throwMe((result[resultLength - 2] << 8)
+ + result[resultLength - 1]);
+ }
+ }
+
+ if (resultLength < 2)
+ PCSC::Error::throwMe(SCARD_E_PROTO_MISMATCH);
+
+ return (result[resultLength - 2] << 8) + result[resultLength - 1];
+}
+
+void CACToken::didDisconnect()
+{
+ PCSC::Card::didDisconnect();
+ mCurrentApplet = NULL;
+ mPinStatus = 0;
+}
+
+void CACToken::didEnd()
+{
+ PCSC::Card::didEnd();
+ mCurrentApplet = NULL;
+ mPinStatus = 0;
+}
+
+void CACToken::changePIN(int pinNum,
+ const unsigned char *oldPin, size_t oldPinLength,
+ const unsigned char *newPin, size_t newPinLength)
+{
+ if (pinNum != 1)
+ CssmError::throwMe(CSSM_ERRCODE_SAMPLE_VALUE_NOT_SUPPORTED);
+
+ if (oldPinLength < 4 || oldPinLength > 8 ||
+ newPinLength < 4 || newPinLength > 8)
+ CssmError::throwMe(CSSM_ERRCODE_INVALID_SAMPLE_VALUE);
+
+ PCSC::Transaction _(*this);
+ /* Change pin only works if one of the CAC applets are selected. */
+ select(kSelectCACAppletPIN);
+
+ unsigned char apdu[] =
+ {
+ 0x80, 0x24, 0x01, 0x00, 0x10,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
+ };
+
+ memcpy(apdu + 5, oldPin, oldPinLength);
+ memcpy(apdu + 13, newPin, newPinLength);
+
+ unsigned char result[2];
+ size_t resultLength = sizeof(result);
+
+ mPinStatus = exchangeAPDU(apdu, sizeof(apdu), result, resultLength);
+ memset(apdu + 5, 0, 16);
+ CACError::check(mPinStatus);
+}
+
+uint32_t CACToken::pinStatus(int pinNum)
+{
+ if (pinNum != 1)
+ CssmError::throwMe(CSSM_ERRCODE_SAMPLE_VALUE_NOT_SUPPORTED);
+
+ if (mPinStatus && isInTransaction())
+{ secdebug("adhoc", "returning cached PIN status 0x%x", mPinStatus);
+ return mPinStatus;
+}
+
+ PCSC::Transaction _(*this);
+ /* Verify pin only works if one of the CAC applets are selected. */
+ if (mCurrentApplet != kSelectCACAppletPKIID
+ && mCurrentApplet != kSelectCACAppletPKIESig
+ && mCurrentApplet != kSelectCACAppletPKIECry
+ && mCurrentApplet != kSelectCACAppletPN
+ && mCurrentApplet != kSelectCACAppletPL
+ && mCurrentApplet != kSelectCACAppletBS
+ && mCurrentApplet != kSelectCACAppletOB
+ && mCurrentApplet != kSelectCACAppletPIN)
+ {
+ select(kSelectCACAppletPKIESig);
+ }
+
+ unsigned char result[2];
+ size_t resultLength = sizeof(result);
+ unsigned char apdu[] = { 0x80, 0x20, 0x00, 0x00 };
+
+ mPinStatus = exchangeAPDU(apdu, 4, result, resultLength);
+ if ((mPinStatus & 0xFF00) != 0x6300
+ && mPinStatus != SCARD_AUTHENTICATION_BLOCKED)
+ CACError::check(mPinStatus);
+
+secdebug("adhoc", "new PIN status=0x%x", mPinStatus);
+ return mPinStatus;
+}
+
+void CACToken::verifyPIN(int pinNum,
+ const unsigned char *pin, size_t pinLength)
+{
+ if (pinNum != 1)
+ CssmError::throwMe(CSSM_ERRCODE_SAMPLE_VALUE_NOT_SUPPORTED);
+
+ if (pinLength < 4 || pinLength > 8)
+ CssmError::throwMe(CSSM_ERRCODE_INVALID_SAMPLE_VALUE);
+
+ PCSC::Transaction _(*this);
+ /* Verify pin only works if one of the CAC applets are selected. */
+ if (mCurrentApplet != kSelectCACAppletPKIID
+ && mCurrentApplet != kSelectCACAppletPKIESig
+ && mCurrentApplet != kSelectCACAppletPKIECry
+ && mCurrentApplet != kSelectCACAppletPN
+ && mCurrentApplet != kSelectCACAppletPL
+ && mCurrentApplet != kSelectCACAppletBS
+ && mCurrentApplet != kSelectCACAppletOB
+ && mCurrentApplet != kSelectCACAppletPIN)
+ {
+ select(kSelectCACAppletPKIESig);
+ }
+
+ unsigned char apdu[] =
+ {
+ 0x80, 0x20, 0x00, 0x00, 0x08,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
+ };
+
+#if defined(CAC_PROTECTED_MODE)
+ memcpy(apdu + 5, "77777777", 8);
+#else
+ memcpy(apdu + 5, pin, pinLength);
+#endif
+
+ unsigned char result[2];
+ size_t resultLength = sizeof(result);
+
+ mPinStatus = exchangeAPDU(apdu, sizeof(apdu), result, resultLength);
+ memset(apdu + 5, 0, 8);
+ CACError::check(mPinStatus);
+ // Start a new transaction which we never get rid of until someone calls
+ // unverifyPIN()
+ begin();
+}
+
+void CACToken::unverifyPIN(int pinNum)
+{
+ if (pinNum != -1)
+ CssmError::throwMe(CSSM_ERRCODE_SAMPLE_VALUE_NOT_SUPPORTED);
+
+ end(SCARD_RESET_CARD);
+}
+
+uint32_t CACToken::getData(unsigned char *result, size_t &resultLength)
+{
+ PCSC::Transaction _(*this);
+ try
+ {
+ select(kSelectCardManagerApplet);
+ }
+ catch (const PCSC::Error &error)
+ {
+ return error.error;
+ }
+
+ unsigned char apdu[] = { 0x80, INS_GET_DATA, 0x9F, 0x7F, 0x2D };
+ return exchangeAPDU(apdu, sizeof(apdu), result, resultLength);
+}
+
+/*
+ See NIST IR 6887 \xD0 2003 EDITION, GSC-IS VERSION 2.1
+ 5.3.4 Generic Container Provider Virtual Machine Card Edge Interface
+ for a description of how this command works
+
+ READ BUFFER 0x80 0x52 Off/H Off/L 0x02 <buffer & number bytes to read> \xD0
+
+*/
+
+#if 0
+ unsigned char toread = bytes_left > MAX_READ ? MAX_READ : bytes_left;
+ unsigned char apdu[] = { 0x80, 0x52,
+ offset >> 8, offset & 0xFF,
+ 0x02, (getTB ? 0x01 : 0x02),
+ toread };
+
+#define TBD_ZERO 0x00
+
+#define CAC_CLA_STANDARD CLA_STANDARD // 00
+#define CAC_INS_GET_DATA INS_GET_DATA 0xCB // [SP800731 7.1.2]
+
+// 0x00 0xCB
+#define CAC_GETDATA_APDU CAC_CLA_STANDARD, CAC_INS_GET_DATA, 0x3F, 0xFF
+// Template for getting data
+// 00 CB 3F FF Lc Tag Len OID1 OID2 OID3
+#define PIV_GETDATA_APDU_TEMPLATE PIV_GETDATA_APDU, TBD_ZERO, 0x5C, TBD_ZERO, TBD_FF, TBD_FF, TBD_FF
+
+#define PIV_GETDATA_APDU_INDEX_LEN 4 // Index into APDU for APDU data length (this is TLV<OID>) [Lc]
+#define PIV_GETDATA_APDU_INDEX_OIDLEN 6 // Index into APDU for requested length of data
+#define PIV_GETDATA_APDU_INDEX_OID 7 // Index into APDU for object ID
+
+#define CAC_GETDATA_CONT_APDU_TEMPLATE 0x00, 0xC0, 0x00, 0x00, TBD_ZERO
+
+#define CAC_GETDATA_CONT_APDU_INDEX_LEN 4 // Index into CONT APDU for requested length of data
+
+void CACToken::getDataCore(const unsigned char *oid, size_t oidlen, const char *description, bool isCertificate,
+ bool allowCaching, CssmData &data)
+{
+ unsigned char result[MAX_BUFFER_SIZE];
+ size_t resultLength = sizeof(result);
+ size_t returnedDataLength = 0;
+
+ // The APDU only has space for a 3 byte OID
+ if (oidlen != 3)
+ PCSC::Error::throwMe(SCARD_E_PROTO_MISMATCH);
+
+ if (!mReturnedData)
+ {
+ mReturnedData = new unsigned char[PIV_MAX_DATA_SIZE];
+ if (!mReturnedData)
+ CssmError::throwMe(CSSM_ERRCODE_MEMORY_ERROR);
+ }
+
+ const unsigned char dataFieldLen = 0x05; // doc says must be 16, but in pratice it is 5
+ unsigned char initialapdu[] = { PIV_GETDATA_APDU_TEMPLATE };
+
+ initialapdu[PIV_GETDATA_APDU_INDEX_LEN] = dataFieldLen;
+ initialapdu[PIV_GETDATA_APDU_INDEX_OIDLEN] = oidlen;
+ memcpy(initialapdu + PIV_GETDATA_APDU_INDEX_OID, oid, oidlen);
+
+ unsigned char continuationapdu[] = { PIV_GETDATA_CONT_APDU_TEMPLATE };
+
+ unsigned char *apdu = initialapdu;
+ size_t apduSize = sizeof(initialapdu);
+
+ selectDefault();
+ // Talk to token here to get data
+ {
+ PCSC::Transaction _(*this);
+
+ uint32_t rx;
+ do
+ {
+ resultLength = sizeof(result); // must reset each time
+ transmit(apdu, apduSize, result, resultLength);
+ if (resultLength < 2)
+ break;
+ rx = (result[resultLength - 2] << 8) + result[resultLength - 1];
+ secdebug("pivtokend", "exchangeAPDU result %02X", rx);
+
+ if ((rx & 0xFF00) != SCARD_BYTES_LEFT_IN_SW2 &&
+ (rx & 0xFF00) != SCARD_SUCCESS)
+ PIVError::check(rx);
+
+ // Switch to the continuation APDU after first exchange
+ apdu = continuationapdu;
+ apduSize = sizeof(continuationapdu);
+
+ memcpy(mReturnedData + returnedDataLength, result, resultLength - 2);
+ returnedDataLength += resultLength - 2;
+
+ // Number of bytes to fetch next time around is in the last byte returned.
+ // For all except the penultimate read, this is 0, indicating that the
+ // token should read all bytes.
+
+ *(apdu + PIV_GETDATA_CONT_APDU_INDEX_LEN) = static_cast<unsigned char>(rx & 0xFF);
+
+ } while ((rx & 0xFF00) == SCARD_BYTES_LEFT_IN_SW2);
+ }
+
+ dumpDataRecord(mReturnedData, returnedDataLength, oid);
+
+ // Start to parse the BER-TLV encoded data. In the end, we only return the
+ // main data part of this but we need to step through the rest first
+ // The certficates are the only types we parse here
+
+ if (returnedDataLength>0)
+ {
+ const unsigned char *pd = &mReturnedData[0];
+ if (*pd != PIV_GETDATA_RESPONSE_TAG)
+ PIVError::throwMe(SCARD_RETURNED_DATA_CORRUPTED);
+ pd++;
+
+ if (isCertificate)
+ processCertificateRecord(pd, returnedDataLength, oid, description, data);
+ else
+ {
+ data.Data = mReturnedData;
+ data.Length = returnedDataLength;
+ }
+
+ if (allowCaching)
+ cacheObject(0, description, data);
+ }
+ else
+ {
+ data.Data = mReturnedData;
+ data.Length = 0;
+ }
+}
+#endif
+
+
+uint32 CACToken::probe(SecTokendProbeFlags flags,
+ char tokenUid[TOKEND_MAX_UID])
+{
+ uint32 score = Tokend::ISO7816Token::probe(flags, tokenUid);
+
+ bool doDisconnect = false; /*!(flags & kSecTokendProbeKeepToken); */
+
+ try
+ {
+ if (!identify())
+ doDisconnect = true;
+ else
+ {
+ unsigned char result[0x2F];
+ size_t resultLength = sizeof(result);
+ /* uint32_t cacreturn = */ getData(result, resultLength);
+
+ /* Score of 200 to ensure that CAC "wins" for Hybrid CAC/PIV cards */
+ score = 200;
+ // Now stick in the bytes returned by getData into the
+ // tokenUid.
+ if(resultLength > 20)
+ {
+ sprintf(tokenUid,
+ "CAC-%02X%02X-%02X%02X-%02X%02X-%02X%02X-%02X%02X",
+ result[3], result[4], result[5], result[6], result[19],
+ result[20], result[15], result[16], result[17],
+ result[18]);
+ }
+ else
+ {
+ /* Cannot generated a tokenUid given the returned data.
+ * Generate time-based tokenUid to permit basic caching */
+ unsigned char buffer[80];
+ time_t now;
+ struct tm* timestruct = localtime(&now);
+ /* Print out the # of seconds since EPOCH UTF */
+ strftime(reinterpret_cast<char *>(buffer), 80, "%s", timestruct);
+ snprintf(tokenUid, TOKEND_MAX_UID, "CAC-%s", buffer);
+ }
+ Tokend::ISO7816Token::name(tokenUid);
+ secdebug("probe", "recognized %s", tokenUid);
+ }
+ }
+ catch (...)
+ {
+ doDisconnect = true;
+ score = 0;
+ }
+
+ if (doDisconnect)
+ disconnect();
+
+ return score;
+}
+
+void CACToken::establish(const CSSM_GUID *guid, uint32 subserviceId,
+ SecTokendEstablishFlags flags, const char *cacheDirectory,
+ const char *workDirectory, char mdsDirectory[PATH_MAX],
+ char printName[PATH_MAX])
+{
+ Tokend::ISO7816Token::establish(guid, subserviceId, flags,
+ cacheDirectory, workDirectory, mdsDirectory, printName);
+
+ mSchema = new CACSchema();
+ mSchema->create();
+
+ populate();
+}
+
+//
+// Database-level ACLs
+//
+void CACToken::getOwner(AclOwnerPrototype &owner)
+{
+ // we don't really know (right now), so claim we're owned by PIN #0
+ if (!mAclOwner)
+ {
+ mAclOwner.allocator(Allocator::standard());
+ mAclOwner = AclFactory::PinSubject(Allocator::standard(), 0);
+ }
+ owner = mAclOwner;
+}
+
+
+void CACToken::getAcl(const char *tag, uint32 &count, AclEntryInfo *&acls)
+{
+ Allocator &alloc = Allocator::standard();
+
+ if (unsigned pin = pinFromAclTag(tag, "?")) {
+ static AutoAclEntryInfoList acl;
+ acl.clear();
+ acl.allocator(alloc);
+ uint32_t status = this->pinStatus(pin);
+ if (status == SCARD_SUCCESS)
+ acl.addPinState(pin, CSSM_ACL_PREAUTH_TRACKING_AUTHORIZED);
+ else if (status >= CAC_AUTHENTICATION_FAILED_0 && status <= CAC_AUTHENTICATION_FAILED_3)
+ acl.addPinState(pin, 0, status - CAC_AUTHENTICATION_FAILED_0);
+ else
+ acl.addPinState(pin, CSSM_ACL_PREAUTH_TRACKING_UNKNOWN);
+ count = acl.size();
+ acls = acl.entries();
+ return;
+ }
+
+ // mAclEntries sets the handle of each AclEntryInfo to the
+ // offset in the array.
+
+ // get pin list, then for each pin
+ if (!mAclEntries) {
+ mAclEntries.allocator(alloc);
+ // Anyone can read the attributes and data of any record on this token
+ // (it's further limited by the object itself).
+ mAclEntries.add(CssmClient::AclFactory::AnySubject(
+ mAclEntries.allocator()),
+ AclAuthorizationSet(CSSM_ACL_AUTHORIZATION_DB_READ, 0));
+ // We support PIN1 with either a passed in password
+ // subject or a prompted password subject.
+ mAclEntries.addPin(AclFactory::PWSubject(alloc), 1);
+ mAclEntries.addPin(AclFactory::PromptPWSubject(alloc, CssmData()), 1);
+ }
+ count = mAclEntries.size();
+ acls = mAclEntries.entries();
+}
+
+
+#pragma mark ---------------- CAC Specific --------------
+
+void CACToken::populate()
+{
+ secdebug("populate", "CACToken::populate() begin");
+ Tokend::Relation &certRelation =
+ mSchema->findRelation(CSSM_DL_DB_RECORD_X509_CERTIFICATE);
+ Tokend::Relation &privateKeyRelation =
+ mSchema->findRelation(CSSM_DL_DB_RECORD_PRIVATE_KEY);
+ Tokend::Relation &dataRelation =
+ mSchema->findRelation(CSSM_DL_DB_RECORD_GENERIC);
+
+ RefPointer<Tokend::Record> idCert(new CACCertificateRecord(
+ kSelectCACAppletPKIID, "Identity Certificate"));
+ RefPointer<Tokend::Record> eSigCert(new CACCertificateRecord(
+ kSelectCACAppletPKIESig, "Email Signing Certificate"));
+ RefPointer<Tokend::Record> eCryCert(new CACCertificateRecord(
+ kSelectCACAppletPKIECry, "Email Encryption Certificate"));
+
+ certRelation.insertRecord(idCert);
+ certRelation.insertRecord(eSigCert);
+ certRelation.insertRecord(eCryCert);
+
+ RefPointer<Tokend::Record> idKey(new CACKeyRecord(
+ kSelectCACAppletPKIID, "Identity Private Key",
+ privateKeyRelation.metaRecord()));
+ RefPointer<Tokend::Record> eSigKey(new CACKeyRecord(
+ kSelectCACAppletPKIESig, "Email Signing Private Key",
+ privateKeyRelation.metaRecord()));
+ RefPointer<Tokend::Record> eCryKey(new CACKeyRecord(
+ kSelectCACAppletPKIECry, "Email Encryption Private Key",
+ privateKeyRelation.metaRecord()));
+
+ privateKeyRelation.insertRecord(idKey);
+ privateKeyRelation.insertRecord(eSigKey);
+ privateKeyRelation.insertRecord(eCryKey);
+
+ idKey->setAdornment(mSchema->publicKeyHashCoder().certificateKey(),
+ new Tokend::LinkedRecordAdornment(idCert));
+ eSigKey->setAdornment(mSchema->publicKeyHashCoder().certificateKey(),
+ new Tokend::LinkedRecordAdornment(eSigCert));
+ eCryKey->setAdornment(mSchema->publicKeyHashCoder().certificateKey(),
+ new Tokend::LinkedRecordAdornment(eCryCert));
+
+ dataRelation.insertRecord(new CACTBRecord(kSelectCACAppletPN, "PNTB"));
+ dataRelation.insertRecord(new CACVBRecord(kSelectCACAppletPN, "PNVB"));
+ dataRelation.insertRecord(new CACTBRecord(kSelectCACAppletPL, "PLTB"));
+ dataRelation.insertRecord(new CACVBRecord(kSelectCACAppletPL, "PLVB"));
+ dataRelation.insertRecord(new CACTBRecord(kSelectCACAppletBS, "BSTB"));
+ dataRelation.insertRecord(new CACVBRecord(kSelectCACAppletBS, "BSVB"));
+ dataRelation.insertRecord(new CACTBRecord(kSelectCACAppletOB, "OBTB"));
+ dataRelation.insertRecord(new CACVBRecord(kSelectCACAppletOB, "OBVB"));
+
+ secdebug("populate", "CACToken::populate() end");
+}
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/CAC/CACToken.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/CAC/CACToken.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/CAC/CACToken.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,89 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * CACToken.h
+ * TokendMuscle
+ */
+
+#ifndef _CACTOKEN_H_
+#define _CACTOKEN_H_
+
+#include <Token.h>
+#include "TokenContext.h"
+
+#include <security_utilities/pcsc++.h>
+
+class CACSchema;
+
+//
+// "The" token
+//
+class CACToken : public Tokend::ISO7816Token
+{
+ NOCOPY(CACToken)
+public:
+ CACToken();
+ ~CACToken();
+
+ virtual void didDisconnect();
+ virtual void didEnd();
+
+ virtual uint32 probe(SecTokendProbeFlags flags,
+ char tokenUid[TOKEND_MAX_UID]);
+ virtual void establish(const CSSM_GUID *guid, uint32 subserviceId,
+ SecTokendEstablishFlags flags, const char *cacheDirectory,
+ const char *workDirectory, char mdsDirectory[PATH_MAX],
+ char printName[PATH_MAX]);
+ virtual void getOwner(AclOwnerPrototype &owner);
+ virtual void getAcl(const char *tag, uint32 &count, AclEntryInfo *&acls);
+
+ virtual void changePIN(int pinNum,
+ const unsigned char *oldPin, size_t oldPinLength,
+ const unsigned char *newPin, size_t newPinLength);
+ virtual uint32_t pinStatus(int pinNum);
+ virtual void verifyPIN(int pinNum, const unsigned char *pin, size_t pinLength);
+ virtual void unverifyPIN(int pinNum);
+
+ bool identify();
+ void select(const unsigned char *applet);
+ uint32_t exchangeAPDU(const unsigned char *apdu, size_t apduLength,
+ unsigned char *result, size_t &resultLength);
+
+ uint32_t getData(unsigned char *result, size_t &resultLength);
+
+protected:
+ void populate();
+
+public:
+ const unsigned char *mCurrentApplet;
+ uint32_t mPinStatus;
+
+ // temporary ACL cache hack - to be removed
+ AutoAclOwnerPrototype mAclOwner;
+ AutoAclEntryInfoList mAclEntries;
+};
+
+
+#endif /* !_CACTOKEN_H_ */
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/CAC/Info.plist
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/CAC/Info.plist (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/CAC/Info.plist 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+ <key>CFBundleDevelopmentRegion</key>
+ <string>English</string>
+ <key>CFBundleExecutable</key>
+ <string>CAC</string>
+ <key>CFBundleIdentifier</key>
+ <string>com.apple.tokend.cac</string>
+ <key>CFBundleInfoDictionaryVersion</key>
+ <string>6.0</string>
+ <key>CFBundleName</key>
+ <string>CAC</string>
+ <key>CFBundlePackageType</key>
+ <string>????</string>
+ <key>CFBundleShortVersionString</key>
+ <string>2.2.1</string>
+ <key>CFBundleSignature</key>
+ <string>????</string>
+ <key>CFBundleVersion</key>
+ <string>40596</string>
+</dict>
+</plist>
Added: releases/Apple/OSX-10.6.7/Tokend-40596/CAC/cac.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/CAC/cac.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/CAC/cac.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,45 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * cac.cpp - CAC.tokend main program
+ */
+
+#include "CACToken.h"
+
+int main(int argc, const char *argv[])
+{
+ secdebug("CAC.tokend", "main starting with %d arguments", argc);
+ secdelay((char *)"/tmp/delay/CAC");
+
+#if 0
+ setenv("DEBUGSCOPE", "-mutex,walkers", 0);
+ setenv("DEBUGOPTIONS", "scope,thread,date", 0);
+ setenv("DEBUGDEST", "/var/tmp/securityd-log", 0);
+ setenv("DEBUGDUMP", "stdout", 0);
+#endif
+
+ token = new CACToken();
+ return SecTokendMain(argc, argv, token->callbacks(), token->support());
+}
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/CAC/mds/cac_csp_capabilities.mdsinfo
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/CAC/mds/cac_csp_capabilities.mdsinfo (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/CAC/mds/cac_csp_capabilities.mdsinfo 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist SYSTEM "file://localhost/System/Library/DTDs/PropertyList.dtd">
+<plist version="0.9">
+<dict>
+ <key>Capabilities</key>
+ <string>file:cac_csp_capabilities_common.mds</string>
+ <key>MdsFileDescription</key>
+ <string>CAC Token CSPDL CSP Capabilities</string>
+ <key>MdsFileType</key>
+ <string>PluginSpecific</string>
+ <key>MdsRecordType</key>
+ <string>MDS_CDSADIR_CSP_CAPABILITY_RECORDTYPE</string>
+</dict>
+</plist>
Added: releases/Apple/OSX-10.6.7/Tokend-40596/CAC/mds/cac_csp_capabilities_common.mds
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/CAC/mds/cac_csp_capabilities_common.mds (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/CAC/mds/cac_csp_capabilities_common.mds 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,903 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<array>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_SHA1</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_OUTPUT_SIZE</string>
+ <key>AttributeValue</key>
+ <integer>20</integer>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_DIGEST</string>
+ <key>Description</key>
+ <string>SHA1 Digest</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_MD5</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_OUTPUT_SIZE</string>
+ <key>AttributeValue</key>
+ <integer>16</integer>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_DIGEST</string>
+ <key>Description</key>
+ <string>MD5 Digest</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_MD2</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_OUTPUT_SIZE</string>
+ <key>AttributeValue</key>
+ <integer>16</integer>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_DIGEST</string>
+ <key>Description</key>
+ <string>MD2 Digest</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_RSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>RSA Key Pair Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_DES</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_KEY_LENGTH</string>
+ <key>AttributeValue</key>
+ <integer>64</integer>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>DES Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_3DES_3KEY</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_KEY_LENGTH</string>
+ <key>AttributeValue</key>
+ <integer>192</integer>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>3DES Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_RC2</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>RC2 Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_RC4</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>RC4 Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_RC5</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>RC5 Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_CAST</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>New item</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>CAST Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_BLOWFISH</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>Blowfish Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_SHA1HMAC</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>SHA1HMAC Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_MD5HMAC</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>MD5HMAC Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_AES</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_KEY_LENGTH</string>
+ <key>AttributeValue</key>
+ <array>
+ <integer>128</integer>
+ <integer>192</integer>
+ <integer>256</integer>
+ </array>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>AES Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_ASC</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>ASC Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_FEE</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_KEY_LENGTH</string>
+ <key>AttributeValue</key>
+ <array>
+ <integer>31</integer>
+ <integer>127</integer>
+ <integer>128</integer>
+ <integer>161</integer>
+ <integer>192</integer>
+ </array>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>FEE Key Pair Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_DSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>DSA Key Pair Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_PKCS5_PBKDF2</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_DERIVEKEY</string>
+ <key>Description</key>
+ <string>PKCS5 Key Derivation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_PKCS5_PBKDF1_MD5</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_DERIVEKEY</string>
+ <key>Description</key>
+ <string>PKCS5 PBKDF1 MD5 Key Derivation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_PKCS5_PBKDF1_MD2</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_DERIVEKEY</string>
+ <key>Description</key>
+ <string>PKCS5 PBKDF1 MD2 Key Derivation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_PKCS5_PBKDF1_SHA1</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_DERIVEKEY</string>
+ <key>Description</key>
+ <string>PKCS5 PBKDF1 SHA1 Key Derivation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_DES</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_MODE</string>
+ <key>AttributeValue</key>
+ <array>
+ <integer>2</integer>
+ <integer>3</integer>
+ <integer>5</integer>
+ <integer>6</integer>
+ </array>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SYMMETRIC</string>
+ <key>Description</key>
+ <string>DES Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_3DES_3KEY_EDE</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_MODE</string>
+ <key>AttributeValue</key>
+ <array>
+ <integer>2</integer>
+ <integer>3</integer>
+ <integer>5</integer>
+ <integer>6</integer>
+ </array>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SYMMETRIC</string>
+ <key>Description</key>
+ <string>3DES EDE Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_AES</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_MODE</string>
+ <key>AttributeValue</key>
+ <array>
+ <integer>2</integer>
+ <integer>3</integer>
+ <integer>5</integer>
+ <integer>6</integer>
+ </array>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SYMMETRIC</string>
+ <key>Description</key>
+ <string>AES Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_RC4</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_MODE</string>
+ <key>AttributeValue</key>
+ <array>
+ <integer>0</integer>
+ </array>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SYMMETRIC</string>
+ <key>Description</key>
+ <string>RC4 Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_RC5</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_MODE</string>
+ <key>AttributeValue</key>
+ <array>
+ <integer>2</integer>
+ <integer>3</integer>
+ <integer>5</integer>
+ <integer>6</integer>
+ </array>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SYMMETRIC</string>
+ <key>Description</key>
+ <string>RC5 Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_BLOWFISH</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_MODE</string>
+ <key>AttributeValue</key>
+ <array>
+ <integer>2</integer>
+ <integer>3</integer>
+ <integer>5</integer>
+ <integer>6</integer>
+ </array>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SYMMETRIC</string>
+ <key>Description</key>
+ <string>Blowfish Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_CAST</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_MODE</string>
+ <key>AttributeValue</key>
+ <array>
+ <integer>2</integer>
+ <integer>3</integer>
+ <integer>5</integer>
+ <integer>6</integer>
+ </array>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SYMMETRIC</string>
+ <key>Description</key>
+ <string>CAST Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_RSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_ASYMMETRIC</string>
+ <key>Description</key>
+ <string>RSA Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_FEEDEXP</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_ASYMMETRIC</string>
+ <key>Description</key>
+ <string>FEEDExp Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_FEED</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_ASYMMETRIC</string>
+ <key>Description</key>
+ <string>FEED Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_SHA1WithRSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>SHA1 With RSA Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_MD5WithRSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>MD5 With RSA Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_MD2WithRSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>MD2 With RSA Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_RSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>Raw RSA Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_SHA1WithDSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>SHA1 With DSA Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_DSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>Raw DSA Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_FEE_MD5</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>MD5 with FEE Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_FEE_SHA1</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>SHA1 with FEE Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_FEE</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>Raw FEE Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_SHA1WithECDSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>SHA1 with ECDSA Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_ECDSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>Raw ECDSA Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_SHA1HMAC</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_OUTPUT_SIZE</string>
+ <key>AttributeValue</key>
+ <integer>20</integer>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_MAC</string>
+ <key>Description</key>
+ <string>SHA1HMAC MAC</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_SHA1HMAC_LEGACY</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_OUTPUT_SIZE</string>
+ <key>AttributeValue</key>
+ <integer>20</integer>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_MAC</string>
+ <key>Description</key>
+ <string>SHA1HMAC MAC Legacy</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_APPLE_YARROW</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_RANDOMGEN</string>
+ <key>Description</key>
+ <string>Yarrow PRNG</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+</array>
+</plist>
Added: releases/Apple/OSX-10.6.7/Tokend-40596/CAC/mds/cac_csp_primary.mdsinfo
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/CAC/mds/cac_csp_primary.mdsinfo (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/CAC/mds/cac_csp_primary.mdsinfo 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,44 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist SYSTEM "file://localhost/System/Library/DTDs/PropertyList.dtd">
+<plist version="0.9">
+<dict>
+ <key>AclSubjectTypes</key>
+ <array>
+ <string>CSSM_ACL_SUBJECT_TYPE_PASSWORD</string>
+ <string>CSSM_ACL_SUBJECT_TYPE_PROMPTED_PASSWORD</string>
+ <string>CSSM_ACL_SUBJECT_TYPE_PROTECTED_PASSWORD</string>
+ </array>
+ <key>AuthTags</key>
+ <!-- @@@ complete this -->
+ <array>
+ <string>CSSM_ACL_AUTHORIZATION_ANY</string>
+ </array>
+ <key>CspCustomFlags</key>
+ <integer>0</integer>
+ <key>CspFlags</key>
+ <!-- @@@ dynamic -->
+ <string>CSSM_CSP_STORES_PRIVATE_KEYS | CSSM_CSP_STORES_PUBLIC_KEYS | CSSM_CSP_STORES_CERTIFICATES | CSSM_CSP_STORES_GENERIC</string>
+ <key>CspType</key>
+ <string>CSSM_CSP_HARDWARE</string>
+ <key>MdsFileDescription</key>
+ <string>Token CSPDL CSP Primary info</string>
+ <key>MdsFileType</key>
+ <string>PluginSpecific</string>
+ <key>MdsRecordType</key>
+ <string>MDS_CDSADIR_CSP_PRIMARY_RECORDTYPE</string>
+ <key>ModuleName</key>
+ <string>AppleSDCSPDL</string>
+ <key>ProductVersion</key>
+ <string>0.1</string>
+ <key>SampleTypes</key>
+ <array>
+ <string>CSSM_SAMPLE_TYPE_PASSWORD</string>
+ <string>CSSM_SAMPLE_TYPE_PROMPTED_PASSWORD</string>
+ <string>CSSM_SAMPLE_TYPE_PROTECTED_PASSWORD</string>
+ </array>
+ <key>UseeTags</key>
+ <array/>
+ <key>Vendor</key>
+ <string>Apple Computer, Inc.</string>
+</dict>
+</plist>
Added: releases/Apple/OSX-10.6.7/Tokend-40596/CAC/mds/cac_dl_primary.mdsinfo
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/CAC/mds/cac_dl_primary.mdsinfo (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/CAC/mds/cac_dl_primary.mdsinfo 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,55 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist SYSTEM "file://localhost/System/Library/DTDs/PropertyList.dtd">
+<plist version="0.9">
+<dict>
+ <key>AclSubjectTypes</key>
+ <array>
+ <string>CSSM_ACL_SUBJECT_TYPE_PASSWORD</string>
+ <string>CSSM_ACL_SUBJECT_TYPE_PROMPTED_PASSWORD</string>
+ <string>CSSM_ACL_SUBJECT_TYPE_PROTECTED_PASSWORD</string>
+ </array>
+ <key>AuthTags</key>
+ <array>
+ <!-- @@@ complete this -->
+ <string>CSSM_ACL_AUTHORIZATION_ANY</string>
+ </array>
+ <key>ConjunctiveOps</key>
+ <array>
+ <string>CSSM_DB_NONE</string>
+ <string>CSSM_DB_AND</string>
+ <string>CSSM_DB_OR</string>
+ </array>
+ <key>DLType</key>
+ <string>CSSM_DL_FFS</string>
+ <key>MdsFileDescription</key>
+ <string>Token CSPDL DL Primary info</string>
+ <key>MdsFileType</key>
+ <string>PluginSpecific</string>
+ <key>MdsRecordType</key>
+ <string>MDS_CDSADIR_DL_PRIMARY_RECORDTYPE</string>
+ <key>ModuleName</key>
+ <string>AppleSDCSPDL</string>
+ <key>ProductVersion</key>
+ <string>0.1</string>
+ <key>QueryLimitsFlag</key>
+ <integer>0</integer>
+ <key>RelationalOps</key>
+ <array>
+ <string>CSSM_DB_EQUAL</string>
+ <string>CSSM_DB_LESS_THAN</string>
+ <string>CSSM_DB_GREATER_THAN</string>
+ <string>CSSM_DB_CONTAINS_FINAL_SUBSTRING</string>
+ <string>CSSM_DB_CONTAINS_INITIAL_SUBSTRING</string>
+ <string>CSSM_DB_CONTAINS</string>
+ <string></string>
+ </array>
+ <key>SampleTypes</key>
+ <array>
+ <string>CSSM_SAMPLE_TYPE_PASSWORD</string>
+ <string>CSSM_SAMPLE_TYPE_PROMPTED_PASSWORD</string>
+ <string>CSSM_SAMPLE_TYPE_PROTECTED_PASSWORD</string>
+ </array>
+ <key>Vendor</key>
+ <string>Apple Computer, Inc.</string>
+</dict>
+</plist>
Added: releases/Apple/OSX-10.6.7/Tokend-40596/CAC/mds/cac_smartcard.mdsinfo
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/CAC/mds/cac_smartcard.mdsinfo (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/CAC/mds/cac_smartcard.mdsinfo 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist SYSTEM "file://localhost/System/Library/DTDs/PropertyList.dtd">
+<plist version="0.9">
+<dict>
+ <key>MdsFileDescription</key>
+ <string>SD/CSPDL Generic Smartcard Information</string>
+ <key>MdsRecordType</key>
+ <string>MDS_CDSADIR_CSP_SC_INFO_RECORDTYPE</string>
+ <key>MdsFileType</key>
+ <string>PluginSpecific</string>
+ <key>ScVendor</key>
+ <string>Generic</string>
+ <key>ScVersion</key>
+ <string>unknown</string>
+ <key>ScFirmwareVersion</key>
+ <string>CACViewerPlugin</string>
+ <key>ScFlags</key> <!-- @@@ dynamic -->
+ <integer>0</integer>
+ <key>ScCustomFlags</key>
+ <integer>0</integer>
+</dict>
+</plist>
Added: releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGApplet.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGApplet.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGApplet.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,436 @@
+/*
+ * CACNGApplet.cpp
+ * Tokend
+ *
+ * Created by harningt on 9/30/09.
+ * Copyright 2009 TrustBearer Labs. All rights reserved.
+ *
+ */
+
+
+#include "CACNGApplet.h"
+#include <security_utilities/pcsc++.h>
+
+#include "CACNGToken.h"
+#include "CACNGError.h"
+
+#include "CompressionTool.h"
+
+#include "TLV.h"
+
+/* FOR KEYSIZE CALCULATION */
+#include <Security/Security.h>
+
+#define PIV_CLA_STANDARD 0x00
+#define PIV_INS_GET_DATA 0xCB // [SP800731 7.1.2]
+
+// 0x00 0xCB
+#define PIV_GETDATA_APDU PIV_CLA_STANDARD, PIV_INS_GET_DATA, 0x3F, 0xFF
+#define PIV_GETDATA_CONT_APDU 0x00, 0xC0, 0x00, 0x00
+
+#define PIV_GETDATA_RESPONSE_TAG 0x53
+#define PIV_GETDATA_TAG_CERTIFICATE 0x70
+#define PIV_GETDATA_TAG_CERTINFO 0x71
+#define PIV_GETDATA_TAG_MSCUID 0x72
+#define PIV_GETDATA_TAG_ERRORDETECTION 0xFE
+
+#define PIV_GETDATA_COMPRESSION_MASK 0x81
+
+CACNGCacApplet::CACNGCacApplet(CACNGToken &token, const byte_string &applet, const byte_string &object)
+:token(token), applet(applet), object(object)
+{
+}
+
+void CACNGCacApplet::select()
+{
+ byte_string result;
+ uint32_t code = token.exchangeAPDU(applet, result);
+ CACNGError::check(code);
+ if (!object.empty()) {
+ result.resize(0);
+ code = token.exchangeAPDU(object, result);
+ CACNGError::check(code);
+ }
+}
+
+CACNGIDObject::CACNGIDObject(CACNGToken &token, shared_ptr<CACNGSelectable> applet, const std::string &description)
+:token(token), applet(applet), keySize(0), description(description)
+{
+}
+
+
+size_t CACNGIDObject::getKeySize()
+{
+ if (keySize == ~(size_t)0)
+ CACNGError::throwMe(SCARD_RETURNED_DATA_CORRUPTED);
+ if (keySize != 0)
+ return keySize;
+ byte_string cert = read();
+ SecCertificateRef certRef = 0;
+ SecKeyRef keyRef = 0;
+ /* Parse certificate for size */
+ CSSM_DATA certData;
+ certData.Data = (uint8_t*)&cert[0];
+ certData.Length = cert.size();
+ const CSSM_KEY *cssmKey = NULL;
+ OSStatus status = SecCertificateCreateFromData(&certData, CSSM_CERT_X_509v3, CSSM_CERT_ENCODING_BER, &certRef);
+ if(status != noErr) goto done;
+ status = SecCertificateCopyPublicKey(certRef, &keyRef);
+ if(status != noErr) goto done;
+ status = SecKeyGetCSSMKey(keyRef, &cssmKey);
+ if(status != noErr) goto done;
+ keySize = cssmKey->KeyHeader.LogicalKeySizeInBits;
+done:
+ if(keyRef)
+ CFRelease(keyRef);
+ if(certRef)
+ CFRelease(certRef);
+ if (keySize == 0) {
+ keySize = ~(size_t)0;
+ CACNGError::throwMe(SCARD_RETURNED_DATA_CORRUPTED);
+ }
+ return keySize;
+}
+
+CACNGCacIDObject::CACNGCacIDObject(CACNGToken &token, shared_ptr<CACNGSelectable> applet, const std::string &description)
+:CACNGIDObject(token, applet, description)
+{
+}
+
+/*
+ See NIST IR 6887 – 2003 EDITION, GSC-IS VERSION 2.1
+ 5.3.4 Generic Container Provider Virtual Machine Card Edge Interface
+ for a description of how this command works
+
+ READ BUFFER 0x80 0x52 Off/H Off/L 0x02 <buffer & number bytes to read> –
+ */
+static size_t read_cac_buffer_size(CACNGToken &token, bool isTbuffer)
+{
+ unsigned char apdu[] = { 0x80, 0x52, 0x00, 0x00, 0x02, isTbuffer ? 0x01 : 0x02, 0x02 };
+ unsigned char result[4];
+ size_t resultLength = sizeof(result);
+ uint32_t cacresult = token.exchangeAPDU(apdu, sizeof(apdu), result, resultLength);
+ CACNGError::check(cacresult);
+ return result[0] | result[1] << 8;
+}
+
+static void read_cac_buffer(CACNGToken &token, bool isTbuffer, byte_string &result)
+{
+ size_t size = read_cac_buffer_size(token, isTbuffer);
+ result.resize(size + 2);
+ unsigned int offset, bytes_left;
+ const unsigned int MAX_READ = 0xFF;
+ for (offset = 2, bytes_left = size; bytes_left;)
+ {
+ // resultLength = size + 2 - offset;
+ unsigned char toread = bytes_left > MAX_READ ? MAX_READ : bytes_left;
+ unsigned char apdu[] = {
+ 0x80, 0x52, offset >> 8, offset & 0xFF, 0x02, isTbuffer ? 0x01 : 0x02, toread
+ };
+ size_t resultLength = toread + 2;
+ uint32_t cacresult = token.exchangeAPDU(apdu, sizeof(apdu),
+ &result[offset - 2],
+ resultLength);
+
+ CACNGError::check(cacresult);
+
+ if (resultLength - 2 != toread)
+ PCSC::Error::throwMe(SCARD_E_PROTO_MISMATCH);
+
+ resultLength -= 2;
+ offset += resultLength;
+ bytes_left -= resultLength;
+ }
+ /* Trim off status bytes */
+ result.resize(result.size() - 2);
+}
+
+byte_string CACNGCacIDObject::read()
+{
+ byte_string result;
+ CssmData data;
+ if (token.cachedObject(0, description.c_str(), data))
+ {
+ result.assign((uint8_t*)data.data(), (uint8_t*)data.data() + data.length());
+ return result;
+ }
+
+ PCSC::Transaction _(token);
+ token.select(applet);
+
+ read_cac_buffer(token, false, result);
+
+ if (result[0] != 0) {
+ /* The certificate is compressed */
+ result = CompressionTool::zlib_decompress(result.begin() + 1, result.end());
+ } else {
+ /* Remove marker byte */
+ result.erase(result.begin());
+ }
+
+ data.Data = &result[0];
+ data.Length = result.size();
+ token.cacheObject(0, description.c_str(), data);
+ return result;
+}
+
+byte_string CACNGCacIDObject::crypt(const byte_string &input)
+{
+ byte_string result;
+ if (input.size() > keySize / 8)
+ CssmError::throwMe(CSSMERR_CSP_BLOCK_SIZE_MISMATCH);
+
+ //if (sign != mSignOnly)
+ // CssmError::throwMe(CSSMERR_CSP_KEY_USAGE_INCORRECT);
+
+ PCSC::Transaction _(token);
+ token.select(applet);
+
+ byte_string apdu;
+
+ size_t resultLength = keySize / 8 + 2;
+ result.resize(resultLength);
+ const size_t CHUNK_SIZE = 128;
+
+ for (unsigned i = 0; i < input.size(); i += CHUNK_SIZE)
+ {
+ const uint8_t next_chunk = min(input.size() - i, CHUNK_SIZE);
+ apdu.resize(5 + next_chunk);
+ apdu[0] = 0x80;
+ apdu[1] = 0x42;
+ apdu[2] = ((input.size() - i) > CHUNK_SIZE) ? 0x80 : 0x00;
+ apdu[3] = 0x00;
+ apdu[4] = next_chunk;
+ memcpy(&apdu[5], &input[i], next_chunk);
+ resultLength = result.size();
+ CACNGError::check(token.exchangeAPDU(&apdu[0], next_chunk + 5, &result[0],
+ resultLength));
+ }
+ if (resultLength != keySize / 8 + 2) {
+ secdebug("cac", " %s: computeCrypt: expected size: %ld, got: %ld",
+ description.c_str(), keySize / 8 + 2, resultLength);
+ PCSC::Error::throwMe(SCARD_E_PROTO_MISMATCH);
+ }
+ /* Trim off status bytes */
+ result.resize(resultLength - 2);
+ return result;
+}
+
+CACNGPivApplet::CACNGPivApplet(CACNGToken &token, const byte_string &applet)
+:token(token), applet(applet)
+{
+}
+
+void CACNGPivApplet::select()
+{
+ byte_string result;
+ uint32_t code = token.exchangeAPDU(applet, result);
+ CACNGError::check(code);
+}
+
+CACNGPivIDObject::CACNGPivIDObject(CACNGToken &token, shared_ptr<CACNGSelectable> applet, const std::string &description, const byte_string &oid, uint8_t keyRef)
+:CACNGIDObject(token, applet, description), oid(oid), keyRef(keyRef)
+{
+}
+
+static void read_piv_object(CACNGToken &token, const byte_string &oid, byte_string &result)
+{
+ TLV oidValue(0x5C, oid);
+ byte_string tagged_oid = oidValue.encode();
+ static const unsigned char INITIAL_APDU[] = { PIV_GETDATA_APDU };
+ /* TODO: Build from ground-up */
+ byte_string initialApdu;
+ initialApdu.reserve(sizeof(INITIAL_APDU) + 1 + tagged_oid.size());
+ initialApdu.insert(initialApdu.begin(), INITIAL_APDU, INITIAL_APDU + sizeof(INITIAL_APDU));
+ initialApdu.push_back((uint8_t)tagged_oid.size());
+ initialApdu += tagged_oid;
+
+ static const unsigned char CONTINUATION_APDU[] = { PIV_GETDATA_CONT_APDU, 0x00 /* LENGTH LOCATION */ };
+ byte_string continuationApdu(CONTINUATION_APDU, CONTINUATION_APDU + sizeof(CONTINUATION_APDU));
+
+ byte_string *apdu = &initialApdu;
+
+ uint32_t rx;
+ do
+ {
+ rx = token.exchangeAPDU(*apdu, result);
+ secdebug("pivtokend", "exchangeAPDU result %02X", rx);
+
+ if ((rx & 0xFF00) != SCARD_BYTES_LEFT_IN_SW2 &&
+ (rx & 0xFF00) != SCARD_SUCCESS)
+ CACNGError::check(rx);
+
+ // Switch to the continuation APDU after first exchange
+ apdu = &continuationApdu;
+
+ // Number of bytes to fetch next time around is in the last byte returned.
+ // For all except the penultimate read, this is 0, indicating that the
+ // token should read all bytes.
+ apdu->back() = static_cast<unsigned char>(rx & 0xFF);
+ } while ((rx & 0xFF00) == SCARD_BYTES_LEFT_IN_SW2);
+
+ // Start to parse the BER-TLV encoded data. In the end, we only return the
+ // main data part of this but we need to step through the rest first
+ // The certficates are the only types we parse here
+ if (result.size()<=0)
+ return;
+ if (result[0] != PIV_GETDATA_RESPONSE_TAG)
+ CACNGError::throwMe(SCARD_RETURNED_DATA_CORRUPTED);
+
+}
+
+byte_string CACNGPivIDObject::read()
+{
+ byte_string result;
+ PCSC::Transaction _(token);
+ token.select(applet);
+
+ read_piv_object(token, oid, result);
+ /* Decode/decompress the certificate */
+ bool hasCertificateData = false;
+ bool isCompressed = false;
+
+ // 00000000 53 82 04 84 70 82 04 78 78 da 33 68 62 db 61 d0
+ TLV_ref tlv;
+ TLVList list;
+ try {
+ tlv = TLV::parse(result);
+ list = tlv->getInnerValues();
+ } catch(...) {
+ CACNGError::throwMe(SCARD_RETURNED_DATA_CORRUPTED);
+ }
+
+ for(TLVList::const_iterator iter = list.begin(); iter != list.end(); ++iter) {
+ const byte_string &tagString = (*iter)->getTag();
+ const byte_string &value = (*iter)->getValue();
+ if(tagString.size() != 1)
+ CACNGError::throwMe(SCARD_RETURNED_DATA_CORRUPTED);
+ uint8_t tag = tagString[0];
+ switch (tag) {
+ case PIV_GETDATA_TAG_CERTIFICATE: // 0x70
+ result = value;
+ hasCertificateData = true;
+ break;
+ case PIV_GETDATA_TAG_CERTINFO: // 0x71
+ if(value.size() != 1)
+ CACNGError::throwMe(SCARD_RETURNED_DATA_CORRUPTED);
+ secdebug("pivtokend", "CertInfo byte: %02X", value[0]);
+ isCompressed = value[0] & PIV_GETDATA_COMPRESSION_MASK;
+ break;
+ case PIV_GETDATA_TAG_MSCUID: // 0x72 -- should be of length 3...
+ break;
+ case PIV_GETDATA_TAG_ERRORDETECTION:
+ break;
+ case 0:
+ case 0xFF:
+ break;
+ default:
+ CACNGError::throwMe(SCARD_RETURNED_DATA_CORRUPTED);
+ break;
+ }
+ }
+
+ /* No cert data ? */
+ if(!hasCertificateData)
+ CACNGError::throwMe(SCARD_RETURNED_DATA_CORRUPTED);
+ if (isCompressed) {
+ return CompressionTool::zlib_decompress(result);
+ }
+
+ return result;
+}
+
+byte_string CACNGPivIDObject::crypt(const byte_string &input)
+{
+ byte_string result;
+ /* Allow all key usage, certificates determine validity */
+ unsigned char algRef;
+ switch (keySize) {
+ case 1024:
+ algRef = 0x06;
+ break;
+ case 2048:
+ algRef = 0x07;
+ break;
+ default:
+ /* Cannot use a key ~= 1024 or 2048 bits yet */
+ CssmError::throwMe(CSSMERR_CSP_KEY_USAGE_INCORRECT);
+ break;
+ }
+
+ /* Build the BER-Encoded message */
+ /* Template: 0x7C L { 0x82 0x00, 0x81 L data } .. 2 tag+lengths + 1 tag-0 */
+ TLVList commandList;
+ commandList.push_back(TLV_ref(new TLV(0x82)));
+ commandList.push_back(TLV_ref(new TLV(0x81, input)));
+ TLV_ref command = TLV_ref(new TLV(0x7C, commandList));
+
+ /* TODO: Evaluate result length handling */
+ /* At least enough to contain BER-TLV */
+ size_t resultLength = keySize / 8;
+ resultLength += 1 + TLV::encodedLength(resultLength); // RESPONSE
+ resultLength += 1 + 1; // Potential empty response-tlv
+ resultLength += 1 + TLV::encodedLength(resultLength); // TLV containing response
+ /* Round out resultLength to a multiple of 256 */
+ resultLength = resultLength + resultLength % 256 + 256;
+ // Ensure that there's enough space to prevent unnecessary resizing
+ result.reserve(resultLength);
+
+ byte_string commandString = command->encode();
+
+ PCSC::Transaction _(token);
+ token.select(applet);
+
+ CACNGError::check(token.exchangeChainedAPDU(0x00, 0x87, algRef, keyRef, commandString, result));
+
+ /* DECODE 0x7C */
+ TLV_ref tlv;
+ try {
+ tlv = TLV::parse(result);
+ } catch(...) {
+ secure_zero(result);
+ CACNGError::throwMe(SCARD_RETURNED_DATA_CORRUPTED);
+ }
+ secure_zero(result);
+ if(tlv->getTag() != (unsigned char*)"\x7C") {
+ PCSC::Error::throwMe(SCARD_E_PROTO_MISMATCH);
+ }
+ byte_string tagData;
+ try {
+ TLVList list = tlv->getInnerValues();
+ TLVList::const_iterator iter = find_if(list.begin(), list.end(), TagPredicate(0x82));
+ if(iter != list.end())
+ tagData = (*iter)->getValue();
+ } catch(...) {
+ }
+ if(tagData.size() == 0) {
+ PCSC::Error::throwMe(SCARD_E_PROTO_MISMATCH);
+ }
+
+ if(tagData.size() != keySize / 8) { // Not enough data at all..
+ secure_zero(tagData);
+ PCSC::Error::throwMe(SCARD_E_PROTO_MISMATCH);
+ }
+
+ result.swap(tagData);
+ /* zero-out tagData */
+ secure_zero(tagData);
+
+ return result;
+}
+
+CACNGCacBufferObject::CACNGCacBufferObject(CACNGToken &token, shared_ptr<CACNGSelectable> applet, bool isTbuffer)
+:token(token), applet(applet), isTbuffer(isTbuffer)
+{
+}
+
+byte_string CACNGCacBufferObject::read()
+{
+ byte_string result;
+
+ PCSC::Transaction _(token);
+ token.select(applet);
+ read_cac_buffer(token, isTbuffer, result);
+
+ return result;
+}
Added: releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGApplet.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGApplet.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGApplet.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,135 @@
+/*
+ * CACNGApplet.h
+ * Tokend
+ *
+ * Created by harningt on 9/30/09.
+ * Copyright 2009 TrustBearer Labs. All rights reserved.
+ *
+ */
+#ifndef CACNGAPPLET_H
+#define CACNGAPPLET_H
+
+#include "byte_string.h"
+#include <security_utilities/utilities.h>
+
+#include <tr1/memory>
+using std::tr1::shared_ptr;
+
+class CACNGToken;
+
+class CACNGSelectable
+{
+ NOCOPY(CACNGSelectable)
+public:
+ CACNGSelectable() {}
+ virtual ~CACNGSelectable() {}
+
+protected:
+ virtual void select() = 0;
+ friend class CACNGToken;
+};
+
+class CACNGReadable
+{
+ NOCOPY(CACNGReadable)
+public:
+ CACNGReadable() {}
+ virtual ~CACNGReadable() {}
+ virtual byte_string read() = 0;
+};
+
+class CACNGCryptable
+{
+ NOCOPY(CACNGCryptable)
+public:
+ CACNGCryptable() {}
+ virtual ~CACNGCryptable() {}
+ virtual byte_string crypt(const byte_string &input) = 0;
+};
+
+class CACNGCacApplet : public CACNGSelectable
+{
+ NOCOPY(CACNGCacApplet);
+public:
+ CACNGCacApplet(CACNGToken &token, const byte_string &applet, const byte_string &object);
+ virtual ~CACNGCacApplet() {}
+
+protected:
+ void select();
+
+ CACNGToken &token;
+private:
+ const byte_string applet;
+ const byte_string object;
+};
+
+
+class CACNGPivApplet : public CACNGSelectable
+{
+ NOCOPY(CACNGPivApplet)
+public:
+ CACNGPivApplet(CACNGToken &token, const byte_string &applet);
+ virtual ~CACNGPivApplet() {}
+
+protected:
+ CACNGToken &token;
+ void select();
+
+private:
+ const byte_string applet;
+};
+
+class CACNGIDObject : public CACNGReadable, public CACNGCryptable
+{
+ NOCOPY(CACNGIDObject);
+public:
+ CACNGIDObject(CACNGToken &token, shared_ptr<CACNGSelectable> applet, const std::string &description);
+
+ size_t getKeySize();
+protected:
+ CACNGToken &token;
+ shared_ptr<CACNGSelectable> applet;
+
+ size_t keySize;
+ const std::string description;
+};
+
+class CACNGCacIDObject : public CACNGIDObject
+{
+ NOCOPY(CACNGCacIDObject);
+public:
+ CACNGCacIDObject(CACNGToken &token, shared_ptr<CACNGSelectable> applet, const std::string &description);
+ virtual ~CACNGCacIDObject() {}
+ byte_string read();
+ byte_string crypt(const byte_string &input);
+};
+
+class CACNGPivIDObject : public CACNGIDObject
+{
+ NOCOPY(CACNGPivIDObject)
+public:
+ CACNGPivIDObject(CACNGToken &token, shared_ptr<CACNGSelectable> applet, const std::string &description, const byte_string &oid, uint8_t keyRef);
+ virtual ~CACNGPivIDObject() {}
+
+ byte_string read();
+ byte_string crypt(const byte_string &input);
+private:
+ const byte_string oid;
+ const uint8_t keyRef;
+};
+
+class CACNGCacBufferObject : public CACNGReadable
+{
+ NOCOPY(CACNGCacBufferObject);
+public:
+ CACNGCacBufferObject(CACNGToken &token, shared_ptr<CACNGSelectable> applet, bool isTbuffer);
+ virtual ~CACNGCacBufferObject() {}
+
+ byte_string read();
+private:
+ CACNGToken &token;
+ shared_ptr<CACNGSelectable> applet;
+ bool isTbuffer;
+};
+
+#endif /* CACNGAPPLET_H */
Added: releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGAttributeCoder.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGAttributeCoder.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGAttributeCoder.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,68 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * CACNGAttributeCoder.cpp
+ * TokendMuscle
+ */
+
+#include "CACNGAttributeCoder.h"
+
+#include "Adornment.h"
+#include "MetaAttribute.h"
+#include "MetaRecord.h"
+#include "CACNGRecord.h"
+#include "CACNGToken.h"
+
+#include <Security/SecKeychainItem.h>
+#include <security_cdsa_utilities/cssmkey.h>
+
+using namespace Tokend;
+
+
+//
+// CACNGDataAttributeCoder
+//
+CACNGDataAttributeCoder::~CACNGDataAttributeCoder()
+{
+}
+
+void CACNGDataAttributeCoder::decode(TokenContext *tokenContext,
+ const MetaAttribute &metaAttribute, Record &record)
+{
+ CACNGRecord &cacRecord = dynamic_cast<CACNGRecord &>(record);
+ record.attributeAtIndex(metaAttribute.attributeIndex(),
+ cacRecord.getDataAttribute(tokenContext));
+}
+
+CACNGKeySizeAttributeCoder::~CACNGKeySizeAttributeCoder()
+{
+}
+
+void CACNGKeySizeAttributeCoder::decode(TokenContext *TokenContext,
+ const MetaAttribute &MetaAttribute, Record &record)
+{
+ CACNGKeyRecord &cacRecord = dynamic_cast<CACNGKeyRecord &>(record);
+ record.attributeAtIndex(MetaAttribute.attributeIndex(),
+ new Tokend::Attribute((uint32_t)cacRecord.sizeInBits()));
+}
Added: releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGAttributeCoder.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGAttributeCoder.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGAttributeCoder.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,67 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * CACNGAttributeCoder.h
+ * TokendMuscle
+ */
+
+#ifndef _CACNGATTRIBUTECODER_H_
+#define _CACNGATTRIBUTECODER_H_
+
+#include "AttributeCoder.h"
+#include <string>
+
+#include <PCSC/musclecard.h>
+
+
+//
+// A coder that reads the data of an object
+//
+class CACNGDataAttributeCoder : public Tokend::AttributeCoder
+{
+ NOCOPY(CACNGDataAttributeCoder)
+public:
+
+ CACNGDataAttributeCoder() {}
+ virtual ~CACNGDataAttributeCoder();
+
+ virtual void decode(Tokend::TokenContext *tokenContext,
+ const Tokend::MetaAttribute &metaAttribute, Tokend::Record &record);
+};
+
+//
+// A coder that produces the LogicalKeySizeInBits of a key
+//
+class CACNGKeySizeAttributeCoder : public Tokend::AttributeCoder
+{
+ NOCOPY(CACNGKeySizeAttributeCoder)
+public:
+ CACNGKeySizeAttributeCoder() {}
+ virtual ~CACNGKeySizeAttributeCoder();
+
+ virtual void decode(Tokend::TokenContext *tokenContext, const Tokend::MetaAttribute &metaAttribute, Tokend::Record &record);
+};
+
+#endif /* !_CACNGATTRIBUTECODER_H_ */
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGError.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGError.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGError.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,91 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * CACNGError.cpp
+ * TokendMuscle
+ */
+
+#include "CACNGError.h"
+
+#include <Security/cssmerr.h>
+
+//
+// CACNGError exceptions
+//
+CACNGError::CACNGError(uint16_t sw) : SCardError(sw)
+{
+ IFDEBUG(debugDiagnose(this));
+}
+
+CACNGError::~CACNGError() throw ()
+{
+}
+
+const char *CACNGError::what() const throw ()
+{ return "CACNG error"; }
+
+OSStatus CACNGError::osStatus() const
+{
+ switch (statusWord)
+ {
+ case CACNG_AUTHENTICATION_FAILED_0:
+ case CACNG_AUTHENTICATION_FAILED_1:
+ case CACNG_AUTHENTICATION_FAILED_2:
+ case CACNG_AUTHENTICATION_FAILED_3:
+ return CSSM_ERRCODE_OPERATION_AUTH_DENIED;
+ default:
+ return SCardError::osStatus();
+ }
+}
+
+void CACNGError::throwMe(uint16_t sw)
+{ throw CACNGError(sw); }
+
+#if !defined(NDEBUG)
+
+void CACNGError::debugDiagnose(const void *id) const
+{
+ secdebug("exception", "%p CACNGError %s (%04hX)",
+ id, errorstr(statusWord), statusWord);
+}
+
+const char *CACNGError::errorstr(uint16_t sw) const
+{
+ switch (sw)
+ {
+ case CACNG_AUTHENTICATION_FAILED_0:
+ return "Authentication failed, 0 retries left.";
+ case CACNG_AUTHENTICATION_FAILED_1:
+ return "Authentication failed, 1 retry left.";
+ case CACNG_AUTHENTICATION_FAILED_2:
+ return "Authentication failed, 2 retries left.";
+ case CACNG_AUTHENTICATION_FAILED_3:
+ return "Authentication failed, 3 retries left.";
+ default:
+ return SCardError::errorstr(sw);
+ }
+}
+
+#endif //NDEBUG
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGError.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGError.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGError.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,61 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * CACNGError.h
+ * TokendMuscle
+ */
+
+#ifndef _CACNGERROR_H_
+#define _CACNGERROR_H_
+
+#include "SCardError.h"
+
+/** Entered PIN is not correct and pin was blocked. */
+#define CACNG_AUTHENTICATION_FAILED_0 0x6300
+/** Entered PIN is not correct, 1 try left. */
+#define CACNG_AUTHENTICATION_FAILED_1 0x6301
+/** Entered PIN is not correct, 2 tries left. */
+#define CACNG_AUTHENTICATION_FAILED_2 0x6302
+/** Entered PIN is not correct, 3 tries left. */
+#define CACNG_AUTHENTICATION_FAILED_3 0x6303
+
+class CACNGError : public Tokend::SCardError
+{
+protected:
+ CACNGError(uint16_t sw);
+ virtual ~CACNGError() throw ();
+public:
+ OSStatus osStatus() const;
+ virtual const char *what () const throw ();
+
+ static void check(uint16_t sw) { if (sw != SCARD_SUCCESS) throwMe(sw); }
+ static void throwMe(uint16_t sw) __attribute__((noreturn));
+
+protected:
+ IFDEBUG(void debugDiagnose(const void *id) const;)
+ IFDEBUG(const char *errorstr(uint16_t sw) const;)
+};
+
+#endif /* !_CACNGERROR_H_ */
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGKeyHandle.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGKeyHandle.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGKeyHandle.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,213 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * CACNGKeyHandle.cpp
+ * TokendMuscle
+ */
+
+#include "CACNGKeyHandle.h"
+
+#include "CACNGRecord.h"
+#include "CACNGToken.h"
+
+#include "byte_string.h"
+#include "Padding.h"
+
+#include <security_utilities/debugging.h>
+#include <security_utilities/utilities.h>
+#include <security_cdsa_utilities/cssmerrors.h>
+#include <Security/cssmerr.h>
+
+
+//
+// CACNGKeyHandle
+//
+CACNGKeyHandle::CACNGKeyHandle(CACNGToken &cacToken,
+ const Tokend::MetaRecord &metaRecord, CACNGKeyRecord &cacKey) :
+ Tokend::KeyHandle(metaRecord, &cacKey),
+ mToken(cacToken),
+ mKey(cacKey)
+{
+}
+
+CACNGKeyHandle::~CACNGKeyHandle()
+{
+}
+
+void CACNGKeyHandle::getKeySize(CSSM_KEY_SIZE &keySize)
+{
+ secdebug("crypto", "getKeySize");
+ keySize.LogicalKeySizeInBits = mKey.sizeInBits(); // Logical key size in bits
+ keySize.EffectiveKeySizeInBits = mKey.sizeInBits(); // Effective key size in bits
+}
+
+uint32 CACNGKeyHandle::getOutputSize(const Context &context, uint32 inputSize,
+ bool encrypting)
+{
+ secdebug("crypto", "getOutputSize");
+ if (encrypting)
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+ return inputSize; //accurate for crypto used on CACNG cards
+}
+
+void CACNGKeyHandle::generateSignature(const Context &context,
+ CSSM_ALGORITHMS alg, const CssmData &input, CssmData &signature)
+{
+ secdebug("crypto", "generateSignature alg: %u signOnly: %u",
+ context.algorithm(), alg);
+ IFDUMPING("crypto", context.dump("signature context"));
+
+ if (context.type() != CSSM_ALGCLASS_SIGNATURE)
+ CssmError::throwMe(CSSMERR_CSP_INVALID_CONTEXT);
+
+ if (context.algorithm() != CSSM_ALGID_RSA)
+ CssmError::throwMe(CSSMERR_CSP_INVALID_ALGORITHM);
+
+ // Get padding, but default to pkcs1 style padding
+ uint32 padding = CSSM_PADDING_PKCS1;
+ context.getInt(CSSM_ATTRIBUTE_PADDING, padding);
+
+ byte_string inputData(input.Data, input.Data + input.Length);
+
+ Padding::apply(inputData, mKey.sizeInBits() / 8, padding, alg);
+
+ // @@@ Switch to using tokend allocators
+ byte_string outputData(mKey.sizeInBits() / 8);
+ size_t outputLength = outputData.size();
+
+ // Sign the inputData using the token
+ mKey.computeCrypt(mToken, true, &inputData[0], inputData.size(),
+ &outputData[0], outputLength);
+
+ signature.Data = malloc_copy(outputData);
+ signature.Length = outputLength;
+}
+
+void CACNGKeyHandle::verifySignature(const Context &context,
+ CSSM_ALGORITHMS signOnly, const CssmData &input, const CssmData &signature)
+{
+ secdebug("crypto", "verifySignature");
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+}
+
+void CACNGKeyHandle::generateMac(const Context &context,
+ const CssmData &input, CssmData &output)
+{
+ secdebug("crypto", "generateMac");
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+}
+
+void CACNGKeyHandle::verifyMac(const Context &context,
+ const CssmData &input, const CssmData &compare)
+{
+ secdebug("crypto", "verifyMac");
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+}
+
+void CACNGKeyHandle::encrypt(const Context &context,
+ const CssmData &clear, CssmData &cipher)
+{
+ secdebug("crypto", "encrypt");
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+}
+
+void CACNGKeyHandle::decrypt(const Context &context,
+ const CssmData &cipher, CssmData &clear)
+{
+ secdebug("crypto", "decrypt alg: %u", context.algorithm());
+ IFDUMPING("crypto", context.dump("decrypt context"));
+
+ if (context.type() != CSSM_ALGCLASS_ASYMMETRIC)
+ CssmError::throwMe(CSSMERR_CSP_INVALID_CONTEXT);
+
+ if (context.algorithm() != CSSM_ALGID_RSA)
+ CssmError::throwMe(CSSMERR_CSP_INVALID_ALGORITHM);
+
+ /* Check for supported padding */
+ uint32 padding = context.getInt(CSSM_ATTRIBUTE_PADDING);
+ if(!Padding::canRemove(padding))
+ CssmError::throwMe(CSSMERR_CSP_INVALID_ATTR_PADDING);
+
+ size_t keyLength = mKey.sizeInBits() / 8;
+ if (cipher.length() % keyLength != 0)
+ CssmError::throwMe(CSSMERR_CSP_INPUT_LENGTH_ERROR);
+
+ // @@@ Add support for multiples of keyLength by doing multiple blocks
+ if (cipher.length() != keyLength)
+ CssmError::throwMe(CSSMERR_CSP_INPUT_LENGTH_ERROR);
+
+ // @@@ Use a secure allocator for this.
+ byte_string outputData(keyLength);
+ uint8 *output = &outputData[0];
+ size_t outputLength = keyLength;
+
+ secdebug("crypto", "decrypt: card supports RSA_NOPAD");
+ // Decrypt the inputData using the token
+ mKey.computeCrypt(mToken, false, cipher.Data, cipher.Length, output,
+ outputLength);
+
+ if (outputLength != keyLength)
+ CssmError::throwMe(CSSMERR_CSP_INVALID_DATA);
+ Padding::remove(outputData, padding);
+
+ // @@@ Switch to using tokend allocators
+ clear.Data = malloc_copy(outputData);
+ clear.Length = outputData.size();
+}
+
+void CACNGKeyHandle::exportKey(const Context &context,
+ const AccessCredentials *cred, CssmKey &wrappedKey)
+{
+ secdebug("crypto", "exportKey");
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+}
+
+void CACNGKeyHandle::getAcl(const char *tag, uint32 &count, AclEntryInfo *&aclList)
+{
+ mKey.getAcl(tag, count, aclList);
+}
+
+void CACNGKeyHandle::getOwner(AclOwnerPrototype &owner)
+{
+ mKey.getOwner(owner);
+}
+
+//
+// CACNGKeyHandleFactory
+//
+CACNGKeyHandleFactory::~CACNGKeyHandleFactory()
+{
+}
+
+
+Tokend::KeyHandle *CACNGKeyHandleFactory::keyHandle(
+ Tokend::TokenContext *tokenContext, const Tokend::MetaRecord &metaRecord,
+ Tokend::Record &record) const
+{
+ CACNGKeyRecord &key = dynamic_cast<CACNGKeyRecord &>(record);
+ CACNGToken &cacToken = static_cast<CACNGToken &>(*tokenContext);
+ return new CACNGKeyHandle(cacToken, metaRecord, key);
+}
+
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGKeyHandle.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGKeyHandle.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGKeyHandle.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,95 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * CACNGKeyHandle.h
+ * TokendMuscle
+ */
+
+#ifndef _CACNGKEYHANDLE_H_
+#define _CACNGKEYHANDLE_H_
+
+#include "KeyHandle.h"
+
+class CACNGToken;
+class CACNGKeyRecord;
+
+
+//
+// A KeyHandle object which implements the crypto interface to muscle.
+//
+class CACNGKeyHandle: public Tokend::KeyHandle
+{
+ NOCOPY(CACNGKeyHandle)
+public:
+ CACNGKeyHandle(CACNGToken &cacToken, const Tokend::MetaRecord &metaRecord,
+ CACNGKeyRecord &cacKey);
+ ~CACNGKeyHandle();
+
+ virtual void getKeySize(CSSM_KEY_SIZE &keySize);
+ virtual uint32 getOutputSize(const Context &context, uint32 inputSize,
+ bool encrypting);
+ virtual void generateSignature(const Context &context,
+ CSSM_ALGORITHMS signOnly, const CssmData &input, CssmData &signature);
+ virtual void verifySignature(const Context &context,
+ CSSM_ALGORITHMS signOnly, const CssmData &input,
+ const CssmData &signature);
+ virtual void generateMac(const Context &context, const CssmData &input,
+ CssmData &output);
+ virtual void verifyMac(const Context &context, const CssmData &input,
+ const CssmData &compare);
+ virtual void encrypt(const Context &context, const CssmData &clear,
+ CssmData &cipher);
+ virtual void decrypt(const Context &context, const CssmData &cipher,
+ CssmData &clear);
+
+ virtual void exportKey(const Context &context,
+ const AccessCredentials *cred, CssmKey &wrappedKey);
+
+ virtual void getOwner(AclOwnerPrototype &owner);
+ virtual void getAcl(const char *tag, uint32 &count, AclEntryInfo *&auths);
+
+private:
+ CACNGToken &mToken;
+ CACNGKeyRecord &mKey;
+};
+
+
+//
+// A factory that creates CACNGKeyHandle objects.
+//
+class CACNGKeyHandleFactory : public Tokend::KeyHandleFactory
+{
+ NOCOPY(CACNGKeyHandleFactory)
+public:
+ CACNGKeyHandleFactory() {}
+ virtual ~CACNGKeyHandleFactory();
+
+ virtual Tokend::KeyHandle *keyHandle(Tokend::TokenContext *tokenContext,
+ const Tokend::MetaRecord &metaRecord, Tokend::Record &record) const;
+};
+
+
+#endif /* !_CACNGKEYHANDLE_H_ */
+
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGRecord.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGRecord.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGRecord.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,168 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * CACNGRecord.cpp
+ * TokendMuscle
+ */
+
+#include "CACNGRecord.h"
+
+#include "CACNGError.h"
+#include "CACNGToken.h"
+#include "Attribute.h"
+#include "MetaAttribute.h"
+#include "MetaRecord.h"
+#include <security_cdsa_client/aclclient.h>
+#include <Security/SecKey.h>
+
+//
+// CACNGRecord
+//
+CACNGRecord::~CACNGRecord()
+{
+}
+
+
+//
+// CACNGCertificateRecord
+//
+CACNGCertificateRecord::~CACNGCertificateRecord()
+{
+}
+
+Tokend::Attribute *CACNGCertificateRecord::getDataAttribute(Tokend::TokenContext *tokenContext)
+{
+ byte_string result = identity->read();
+
+ CssmData data(malloc_copy(result), result.size());
+ return new Tokend::Attribute(data.Data, data.Length);
+}
+
+//
+// CACNGKeyRecord
+//
+CACNGKeyRecord::CACNGKeyRecord(shared_ptr<CACNGIDObject> identity, const char *description, const Tokend::MetaRecord &metaRecord, bool signOnly, bool requireNewPin /* = false */)
+: CACNGRecord(description), identity(identity), mSignOnly(signOnly), requireNewPin(requireNewPin)
+{
+ attributeAtIndex(metaRecord.metaAttribute(kSecKeyDecrypt).attributeIndex(),
+ //new Tokend::Attribute(!signOnly));
+ new Tokend::Attribute(true));
+ attributeAtIndex(metaRecord.metaAttribute(kSecKeyUnwrap).attributeIndex(),
+ //new Tokend::Attribute(!signOnly));
+ new Tokend::Attribute(true));
+ attributeAtIndex(metaRecord.metaAttribute(kSecKeySign).attributeIndex(),
+ //new Tokend::Attribute(signOnly));
+ new Tokend::Attribute(true));
+}
+
+CACNGKeyRecord::~CACNGKeyRecord()
+{
+}
+
+
+void CACNGKeyRecord::computeCrypt(CACNGToken &token, bool sign,
+ const unsigned char *data, size_t dataLength, unsigned char *output,
+ size_t &outputLength)
+{
+ if (requireNewPin) {
+ token.verifyCachedPin(2);
+ }
+ byte_string result = identity->crypt(byte_string(data, data + dataLength));
+
+ if (outputLength < result.size())
+ CssmError::throwMe(CSSMERR_CSP_BLOCK_SIZE_MISMATCH);
+
+ outputLength = result.size();
+ memcpy(output, &result[0], outputLength);
+}
+
+void CACNGKeyRecord::getAcl(const char *tag, uint32 &count, AclEntryInfo *&acls)
+{
+ // 2010.03.01 -SG- added tmptag adjusting to API change in 10.6.0
+ char tmptag[20];
+ const uint32 slot = 1; // hardwired for now, but...
+ snprintf(tmptag, sizeof(tmptag), "PIN%d", slot);
+
+ if (!mAclEntries) {
+ mAclEntries.allocator(Allocator::standard());
+ // Anyone can read the DB record for this key (which is a reference
+ // CSSM_KEY)
+ mAclEntries.add(CssmClient::AclFactory::AnySubject(
+ mAclEntries.allocator()),
+ AclAuthorizationSet(CSSM_ACL_AUTHORIZATION_DB_READ, 0));
+ if (requireNewPin) {
+ mAclEntries.add(CssmClient::AclFactory::PinSubject(
+ mAclEntries.allocator(), 2),
+ AclAuthorizationSet(CSSM_ACL_AUTHORIZATION_SIGN, CSSM_ACL_AUTHORIZATION_DECRYPT, 0), tmptag);
+ if (0x9000 != token->pinStatus(2)) {
+ CssmData prompt;
+ mAclEntries.add(CssmClient::AclFactory::PromptPWSubject(mAclEntries.allocator(), prompt),
+ AclAuthorizationSet(CSSM_ACL_AUTHORIZATION_SIGN, CSSM_ACL_AUTHORIZATION_DECRYPT, 0), tmptag);
+ }
+ } else {
+ // Using this key to sign or decrypt will require PIN1
+ mAclEntries.add(CssmClient::AclFactory::PinSubject(
+ mAclEntries.allocator(), 1),
+ AclAuthorizationSet(CSSM_ACL_AUTHORIZATION_SIGN, CSSM_ACL_AUTHORIZATION_DECRYPT, 0), tmptag);
+ }
+ }
+ count = mAclEntries.size();
+ acls = mAclEntries.entries();
+}
+
+void CACNGKeyRecord::getOwner(AclOwnerPrototype &owner)
+{
+ if (!mAclOwner) {
+ mAclOwner.allocator(Allocator::standard());
+ mAclOwner = CssmClient::AclFactory::PinSubject(Allocator::standard(), requireNewPin ? 2 : 1);
+ }
+ owner = mAclOwner;
+}
+//
+// CACNGDataRecord
+//
+CACNGDataRecord::~CACNGDataRecord()
+{
+}
+
+Tokend::Attribute *CACNGDataRecord::getDataAttribute(Tokend::TokenContext *tokenContext)
+{
+ byte_string data = buffer->read();
+ return new Tokend::Attribute(&data[0], data.size());
+}
+
+void CACNGDataRecord::getAcl(const char *tag, uint32 &count, AclEntryInfo *&acls)
+{
+
+ if (!mAclEntries) {
+ mAclEntries.allocator(Allocator::standard());
+ // Reading this objects data requires PIN1
+ mAclEntries.add(CssmClient::AclFactory::PinSubject(
+ mAclEntries.allocator(), 1),
+ AclAuthorizationSet(CSSM_ACL_AUTHORIZATION_DB_READ, 0));
+ }
+ count = mAclEntries.size();
+ acls = mAclEntries.entries();
+}
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGRecord.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGRecord.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGRecord.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,108 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * CACNGRecord.h
+ * TokendMuscle
+ */
+
+#ifndef _CACNGRECORD_H_
+#define _CACNGRECORD_H_
+
+#include "Record.h"
+#include "CACNGApplet.h"
+
+#include <security_cdsa_utilities/context.h>
+
+class CACNGToken;
+
+class CACNGRecord : public Tokend::Record
+{
+ NOCOPY(CACNGRecord)
+public:
+ CACNGRecord(const char *description) :
+ mDescription(description) {}
+ ~CACNGRecord();
+
+ virtual const char *description() { return mDescription; }
+
+protected:
+ const char *mDescription;
+};
+
+
+class CACNGCertificateRecord : public CACNGRecord
+{
+ NOCOPY(CACNGCertificateRecord)
+public:
+ CACNGCertificateRecord(
+ shared_ptr<CACNGIDObject> identity,
+ const char *description) :
+ CACNGRecord(description), identity(identity) {}
+ ~CACNGCertificateRecord();
+
+ virtual Tokend::Attribute *getDataAttribute(Tokend::TokenContext *tokenContext);
+private:
+ shared_ptr<CACNGIDObject> identity;
+};
+
+class CACNGKeyRecord : public CACNGRecord
+{
+ NOCOPY(CACNGKeyRecord)
+public:
+ CACNGKeyRecord(shared_ptr<CACNGIDObject> identity, const char *description, const Tokend::MetaRecord &metaRecord, bool signOnly, bool requireNewPin = false);
+ ~CACNGKeyRecord();
+
+ size_t sizeInBits() const { return identity->getKeySize(); }
+ virtual void computeCrypt(CACNGToken &cacToken, bool sign, const unsigned char *data,
+ size_t dataLength, unsigned char *result, size_t &resultLength);
+
+ virtual void getOwner(AclOwnerPrototype &owner);
+ virtual void getAcl(const char *tag, uint32 &count,
+ AclEntryInfo *&aclList);
+private:
+ shared_ptr<CACNGIDObject> identity;
+ const bool mSignOnly;
+ AutoAclEntryInfoList mAclEntries;
+ AutoAclOwnerPrototype mAclOwner;
+ const bool requireNewPin;
+};
+
+class CACNGDataRecord : public CACNGRecord
+{
+ NOCOPY(CACNGDataRecord)
+public:
+ CACNGDataRecord(shared_ptr<CACNGReadable> buffer, const char *description) :
+ CACNGRecord(description), buffer(buffer) {}
+ ~CACNGDataRecord();
+
+ virtual Tokend::Attribute *getDataAttribute(Tokend::TokenContext *tokenContext);
+ virtual void getAcl(const char *tag, uint32 &count, AclEntryInfo *&aclList);
+protected:
+ shared_ptr<CACNGReadable> buffer;
+ AutoAclEntryInfoList mAclEntries;
+};
+
+#endif /* !_CACNGRECORD_H_ */
+
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGSchema.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGSchema.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGSchema.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,96 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * CACNGSchema.cpp
+ * TokendMuscle
+ */
+
+#include "CACNGSchema.h"
+
+#include "MetaAttribute.h"
+#include "MetaRecord.h"
+
+#include <Security/SecCertificate.h>
+#include <Security/SecKeychainItem.h>
+#include <Security/SecKey.h>
+
+using namespace Tokend;
+
+CACNGSchema::CACNGSchema() :
+ mKeyAlgorithmCoder(uint32(CSSM_ALGID_RSA))
+{
+}
+
+CACNGSchema::~CACNGSchema()
+{
+}
+
+Tokend::Relation *CACNGSchema::createKeyRelation(CSSM_DB_RECORDTYPE keyType)
+{
+ Relation *rn = createStandardRelation(keyType);
+
+ // Set up coders for key records.
+ MetaRecord &mr = rn->metaRecord();
+ mr.keyHandleFactory(&mCACNGKeyHandleFactory);
+
+ // Print name of a key might as well be the key name.
+ mr.attributeCoder(kSecKeyPrintName, &mDescriptionCoder);
+
+ // Other key valuess
+ mr.attributeCoder(kSecKeyKeyType, &mKeyAlgorithmCoder);
+ mr.attributeCoder(kSecKeyKeySizeInBits, &mKeySizeCoder);
+ mr.attributeCoder(kSecKeyEffectiveKeySize, &mKeySizeCoder);
+
+ // Key attributes
+ mr.attributeCoder(kSecKeyExtractable, &mFalseCoder);
+ mr.attributeCoder(kSecKeySensitive, &mTrueCoder);
+ mr.attributeCoder(kSecKeyModifiable, &mFalseCoder);
+ mr.attributeCoder(kSecKeyPrivate, &mTrueCoder);
+ mr.attributeCoder(kSecKeyNeverExtractable, &mTrueCoder);
+ mr.attributeCoder(kSecKeyAlwaysSensitive, &mTrueCoder);
+
+ // Key usage
+ mr.attributeCoder(kSecKeyEncrypt, &mFalseCoder);
+ mr.attributeCoder(kSecKeyWrap, &mFalseCoder);
+ mr.attributeCoder(kSecKeyVerify, &mFalseCoder);
+ mr.attributeCoder(kSecKeyDerive, &mFalseCoder);
+ mr.attributeCoder(kSecKeySignRecover, &mFalseCoder);
+ mr.attributeCoder(kSecKeyVerifyRecover, &mFalseCoder);
+
+ return rn;
+}
+
+void CACNGSchema::create()
+{
+ Schema::create();
+
+ createStandardRelation(CSSM_DL_DB_RECORD_X509_CERTIFICATE);
+ createKeyRelation(CSSM_DL_DB_RECORD_PRIVATE_KEY);
+ Relation *rn_gen = createStandardRelation(CSSM_DL_DB_RECORD_GENERIC);
+
+ // Create the generic table
+ MetaRecord &mr_gen = rn_gen->metaRecord();
+ mr_gen.attributeCoderForData(&mCACNGDataAttributeCoder);
+}
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGSchema.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGSchema.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGSchema.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,66 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * CACNGSchema.h
+ * TokendMuscle
+ */
+
+#ifndef _CACNGSCHEMA_H_
+#define _CACNGSCHEMA_H_
+
+#include "Schema.h"
+#include "CACNGAttributeCoder.h"
+#include "CACNGKeyHandle.h"
+
+namespace Tokend
+{
+ class Relation;
+ class MetaRecord;
+ class AttributeCoder;
+}
+
+class CACNGSchema : public Tokend::Schema
+{
+ NOCOPY(CACNGSchema)
+public:
+ CACNGSchema();
+ virtual ~CACNGSchema();
+
+ virtual void create();
+
+protected:
+ Tokend::Relation *createKeyRelation(CSSM_DB_RECORDTYPE keyType);
+
+private:
+ // Coders we need.
+ CACNGDataAttributeCoder mCACNGDataAttributeCoder;
+
+ Tokend::ConstAttributeCoder mKeyAlgorithmCoder;
+ CACNGKeySizeAttributeCoder mKeySizeCoder;
+
+ CACNGKeyHandleFactory mCACNGKeyHandleFactory;
+};
+
+#endif /* !_CACNGSCHEMA_H_ */
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGToken.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGToken.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGToken.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,729 @@
+/*
+ * Copyright (c) 2004,2007 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * CACNGToken.cpp
+ * TokendMuscle
+ */
+
+#include "CACNGToken.h"
+
+#include "Adornment.h"
+#include "AttributeCoder.h"
+#include "CACNGError.h"
+#include "CACNGRecord.h"
+#include "CACNGSchema.h"
+#include <security_cdsa_client/aclclient.h>
+#include <map>
+#include <vector>
+
+using CssmClient::AclFactory;
+
+#define PIV_CLA_STANDARD 0x00
+#define CLA_STANDARD 0x00
+#define INS_SELECT_FILE 0xA4
+#define INS_GET_DATA 0xCA
+
+#define SELECT_APPLET CLA_STANDARD, INS_SELECT_FILE, 0x04, 0x00
+
+#define SELECT_CACNG_APPLET SELECT_APPLET, 0x07, 0xA0, 0x00, 0x00, 0x00, 0x79
+
+#define SELECT_CACNG_OBJECT CLA_STANDARD, INS_SELECT_FILE, 0x02, 0x00, 0x02
+
+#define SELECT_CACNG_APPLET_PKI SELECT_CACNG_APPLET, 0x01
+#define SELECT_CACNG_APPLET_PIN SELECT_CACNG_APPLET, 0x03, 0x00
+
+static const unsigned char kSelectCardManagerApplet[] =
+ { SELECT_APPLET, 0x07, 0xA0, 0x00, 0x00, 0x00, 0x03, 0x00, 0x00 };
+
+static const unsigned char kSelectCACNGAppletPKI[] =
+ { SELECT_CACNG_APPLET_PKI, 0x00 };
+
+static const unsigned char kSelectCACNGObjectPKIID[] =
+ { SELECT_CACNG_OBJECT, 0x01, 0x00 };
+static const unsigned char kSelectCACNGObjectPKIESig[] =
+ { SELECT_CACNG_OBJECT, 0x01, 0x01 };
+static const unsigned char kSelectCACNGObjectPKIECry[] =
+ { SELECT_CACNG_OBJECT, 0x01, 0x02 };
+
+static const unsigned char kSelectCACNGObjectPN[] =
+ { SELECT_CACNG_OBJECT, 0x02, 0x00 };
+static const unsigned char kSelectCACNGObjectPL[] =
+ { SELECT_CACNG_OBJECT, 0x02, 0x01 };
+/* Unknown objects... */
+static const unsigned char kSelectCACNGObjectBS[] =
+ { SELECT_CACNG_OBJECT, 0x02, 0x02 };
+static const unsigned char kSelectCACNGObjectOB[] =
+ { SELECT_CACNG_OBJECT, 0x02, 0x03 };
+
+static const unsigned char kSelectCACNGAppletPIN[] =
+ { SELECT_CACNG_APPLET_PIN };
+
+
+#define SELECT_PIV_APPLET_VERS 0x10, 0x00, 0x01, 0x00
+#define SELECT_PIV_APPLET_SHORT SELECT_APPLET, 0x07, 0xA0, 0x00, 0x00, 0x03, 0x08, 0x00, 0x00
+#define SELECT_PIV_APPLET_LONG SELECT_APPLET, 0x0B, 0xA0, 0x00, 0x00, 0x03, 0x08, 0x00, 0x00, SELECT_PIV_APPLET_VERS
+
+static const unsigned char kSelectPIVApplet[] =
+ { SELECT_PIV_APPLET_LONG };
+
+// X.509 Certificate for PIV Authentication 2.16.840.1.101.3.7.2.1.1 '5FC105' M
+#define PIV_OBJECT_ID_X509_CERTIFICATE_PIV_AUTHENTICATION 0x5F, 0xC1, 0x05
+
+static const unsigned char oidX509CertificatePIVAuthentication[] = { PIV_OBJECT_ID_X509_CERTIFICATE_PIV_AUTHENTICATION };
+
+#define PIV_KEYREF_PIV_AUTHENTICATION 0x9A
+
+CACNGToken::CACNGToken() :
+ mCacPinStatus(0),mPivPinStatus(0)
+{
+ mTokenContext = this;
+ mSession.open();
+
+ /* Change pin only works if one of the CACNG applets are selected. */
+ byte_string pinAppletId(kSelectCACNGAppletPIN, kSelectCACNGAppletPIN + sizeof(kSelectCACNGAppletPIN));
+ shared_ptr<CACNGSelectable> cacPinApplet(new CACNGCacApplet(*this, pinAppletId, byte_string()));
+ this->cacPinApplet = cacPinApplet;
+
+ byte_string cardManagerAppletId(kSelectCardManagerApplet, kSelectCardManagerApplet + sizeof(kSelectCardManagerApplet));
+ shared_ptr<CACNGSelectable> cardManagerApplet(new CACNGCacApplet(*this, cardManagerAppletId, byte_string()));
+ this->cardManagerApplet = cardManagerApplet;
+
+ byte_string selectPivApplet(kSelectPIVApplet, kSelectPIVApplet + sizeof(kSelectPIVApplet));
+ shared_ptr<CACNGSelectable> pivApplet(new CACNGPivApplet(*this, selectPivApplet));
+ this->pivApplet = pivApplet;
+}
+
+CACNGToken::~CACNGToken()
+{
+ delete mSchema;
+ /* XXX: Wipe out cached pin */
+ secure_resize(cached_piv_pin, 0);
+}
+
+bool CACNGToken::identify()
+{
+ try
+ {
+ byte_string pkiApplet(kSelectCACNGAppletPKI, kSelectCACNGAppletPKI + sizeof(kSelectCACNGAppletPKI));
+ byte_string pkiIdObject(kSelectCACNGObjectPKIID, kSelectCACNGObjectPKIID + sizeof(kSelectCACNGObjectPKIID));
+ byte_string pkiESigObject(kSelectCACNGObjectPKIESig, kSelectCACNGObjectPKIESig + sizeof(kSelectCACNGObjectPKIESig));
+ shared_ptr<CACNGSelectable> idApplet(new CACNGCacApplet(*this, pkiApplet, pkiIdObject));
+ shared_ptr<CACNGSelectable> eSigApplet(new CACNGCacApplet(*this, pkiApplet, pkiESigObject));
+ select(idApplet);
+ select(eSigApplet);
+ return true;
+ }
+ catch (const PCSC::Error &error)
+ {
+ if (error.error == SCARD_E_PROTO_MISMATCH)
+ return false;
+ throw;
+ }
+}
+
+void CACNGToken::select(shared_ptr<CACNGSelectable> &selectable)
+{
+ if (isInTransaction() &&
+ (currentSelectable == selectable))
+ return;
+ /* XXX: Resets PIV pin status to match card behavior */
+// if (selectable != pivApplet)
+ mPivPinStatus = 0;
+ selectable->select();
+ if (isInTransaction()) {
+ currentSelectable = selectable;
+ }
+}
+
+uint32_t CACNGToken::exchangeAPDU(const unsigned char *apdu, size_t apduLength,
+ unsigned char *result, size_t &resultLength)
+{
+ size_t savedLength = resultLength;
+
+ ISO7816Token::transmit(apdu, apduLength, result, resultLength);
+ if (resultLength == 2 && result[0] == 0x61)
+ {
+ resultLength = savedLength;
+ size_t expectedLength = result[1];
+ unsigned char getResult[] = { 0x00, 0xC0, 0x00, 0x00, expectedLength };
+ if (expectedLength == 0) expectedLength = 256;
+ ISO7816Token::transmit(getResult, sizeof(getResult), result, resultLength);
+ if (resultLength - 2 != expectedLength)
+ {
+ if (resultLength < 2)
+ PCSC::Error::throwMe(SCARD_E_PROTO_MISMATCH);
+ else
+ CACNGError::throwMe((result[resultLength - 2] << 8)
+ + result[resultLength - 1]);
+ }
+ }
+
+ if (resultLength < 2)
+ PCSC::Error::throwMe(SCARD_E_PROTO_MISMATCH);
+
+ return (result[resultLength - 2] << 8) + result[resultLength - 1];
+}
+
+void CACNGToken::didDisconnect()
+{
+ PCSC::Card::didDisconnect();
+ currentSelectable.reset();
+ mCacPinStatus = 0;
+ mPivPinStatus = 0;
+ /* XXX: Wipe out cached pin */
+ secure_resize(cached_piv_pin, 0);
+}
+
+void CACNGToken::didEnd()
+{
+ PCSC::Card::didEnd();
+ currentSelectable.reset();
+ mCacPinStatus = 0;
+ mPivPinStatus = 0;
+ /* XXX: Wipe out cached pin */
+ secure_resize(cached_piv_pin, 0);
+}
+
+void CACNGToken::changePIN(int pinNum,
+ const unsigned char *oldPin, size_t oldPinLength,
+ const unsigned char *newPin, size_t newPinLength)
+{
+ if (pinNum != 1)
+ CssmError::throwMe(CSSM_ERRCODE_SAMPLE_VALUE_NOT_SUPPORTED);
+
+ if (oldPinLength < 4 || oldPinLength > 8 ||
+ newPinLength < 4 || newPinLength > 8)
+ CssmError::throwMe(CSSM_ERRCODE_INVALID_SAMPLE_VALUE);
+
+ PCSC::Transaction _(*this);
+ select(cacPinApplet);
+
+ unsigned char apdu[] =
+ {
+ 0x80, 0x24, 0x01, 0x00, 0x10,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
+ };
+
+ memcpy(apdu + 5, oldPin, oldPinLength);
+ memcpy(apdu + 13, newPin, newPinLength);
+
+ unsigned char result[2];
+ size_t resultLength = sizeof(result);
+
+ mCacPinStatus = exchangeAPDU(apdu, sizeof(apdu), result, resultLength);
+ memset(apdu + 5, 0, 16);
+ CACNGError::check(mCacPinStatus);
+
+ /* XXX: Wipe out cached pin */
+ secure_resize(cached_piv_pin, 0);
+}
+
+uint32_t CACNGToken::cacPinStatus()
+{
+ if (mCacPinStatus && isInTransaction()) {
+ secdebug("adhoc", "returning cached PIN status 0x%x", mCacPinStatus);
+ return mCacPinStatus;
+ }
+
+ PCSC::Transaction _(*this);
+ /* Verify pin only works if one of the CACNG applets are selected. */
+ select(cacPinApplet);
+
+ unsigned char result[2];
+ size_t resultLength = sizeof(result);
+ unsigned char apdu[] = { 0x00, 0x20, 0x00, 0x00 };
+
+ mCacPinStatus = exchangeAPDU(apdu, 4, result, resultLength);
+ if ((mCacPinStatus & 0xFF00) != 0x6300
+ && mCacPinStatus != SCARD_AUTHENTICATION_BLOCKED)
+ CACNGError::check(mCacPinStatus);
+
+ secdebug("adhoc", "new PIN status=0x%x", mCacPinStatus);
+ return mCacPinStatus;
+}
+
+uint32_t CACNGToken::pivPinStatus()
+{
+ if (mPivPinStatus && isInTransaction()) {
+ secdebug("adhoc", "returning cached PIN status 0x%x", mPivPinStatus);
+ return mPivPinStatus;
+ }
+ if (currentSelectable != pivApplet)
+ return SCARD_NOT_AUTHORIZED;
+ PCSC::Transaction _(*this);
+ /* Check PIV pin only works if one of the PIV applets are selected. */
+ select(pivApplet);
+
+ unsigned char result[2];
+ size_t resultLength = sizeof(result);
+ unsigned char apdu[] = { 0x00, 0x20, 0x00, 0x00 };
+
+ mPivPinStatus = exchangeAPDU(apdu, 4, result, resultLength);
+ if ((mPivPinStatus & 0xFF00) != 0x6300
+ && mPivPinStatus != SCARD_AUTHENTICATION_BLOCKED)
+ CACNGError::check(mPivPinStatus);
+
+ secdebug("adhoc", "new PIN status=0x%x", mPivPinStatus);
+ return mPivPinStatus;
+}
+
+uint32_t CACNGToken::pinStatus(int pinNum)
+{
+ switch (pinNum) {
+ case 1:
+ return cacPinStatus();
+ case 2:
+ return pivPinStatus();
+ default:
+ CssmError::throwMe(CSSM_ERRCODE_SAMPLE_VALUE_NOT_SUPPORTED);
+ }
+}
+
+static void verify_cac(CACNGToken &token, const unsigned char *pin, size_t pinLength)
+{
+ token.select(token.cacPinApplet);
+
+ unsigned char apdu[] =
+ {
+ 0x00, 0x20, 0x00, 0x00, 0x08,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
+ };
+
+#if defined(CACNG_PROTECTED_MODE)
+ memcpy(apdu + 5, "77777777", 8);
+#else
+ memcpy(apdu + 5, pin, pinLength);
+#endif
+
+ unsigned char result[2];
+ size_t resultLength = sizeof(result);
+
+ token.mCacPinStatus = token.exchangeAPDU(apdu, sizeof(apdu), result, resultLength);
+ memset(apdu + 5, 0, 8);
+ CACNGError::check(token.mCacPinStatus);
+}
+
+
+
+static void verify_piv(CACNGToken &token, const unsigned char *pin, size_t pinLength)
+{
+ unsigned char apdu[] =
+ {
+ 0x00, 0x20, 0x00, 0x80, 0x08,
+ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
+ };
+
+#if defined(CACNG_PROTECTED_MODE)
+ memcpy(apdu + 5, "77777777", 8);
+#else
+ memcpy(apdu + 5, pin, pinLength);
+#endif
+
+ unsigned char result[2];
+ size_t resultLength = sizeof(result);
+ token.select(token.pivApplet);
+ token.mPivPinStatus = token.exchangeAPDU(apdu, sizeof(apdu), result, resultLength);
+ memset(apdu + 5, 0, 8);
+ CACNGError::check(token.mPivPinStatus);
+}
+
+void CACNGToken::verifyPIN(int pinNum,
+ const unsigned char *pin, size_t pinLength)
+{
+ if (pinNum != 1 && pinNum != 2)
+ CssmError::throwMe(CSSM_ERRCODE_SAMPLE_VALUE_NOT_SUPPORTED);
+ PCSC::Transaction _(*this);
+ switch (pinNum) {
+ case 1:
+ if (pinLength < 4 || pinLength > 8)
+ CssmError::throwMe(CSSM_ERRCODE_INVALID_SAMPLE_VALUE);
+
+ /* Verify pin only works if one of the CACNG applets are selected. */
+ verify_cac(*this, pin, pinLength);
+
+ // Start a new transaction which we never get rid of until someone calls
+ // unverifyPIN()
+ begin();
+ break;
+ case 2:
+ if (pinLength < 1 || pinLength > 8)
+ CssmError::throwMe(CSSM_ERRCODE_INVALID_SAMPLE_VALUE);
+ /* Verify pin only works if one of the CACNG applets are selected. */
+ verify_piv(*this, pin, pinLength);
+ /* XXX: CACHED PIN */
+ cached_piv_pin.assign(pin, pin + pinLength);
+ // Start a new transaction which we never get rid of until someone calls
+ // unverifyPIN()
+ begin();
+ break;
+ }
+}
+
+void CACNGToken::verifyCachedPin(int pinNum)
+{
+ if (pinNum != 2)
+ return;
+ /* XXX: PIN CACHE */
+ if (cached_piv_pin.empty())
+ return;
+ try {
+ verify_piv(*this, &cached_piv_pin[0], cached_piv_pin.size());
+ } catch (...) {
+ /* XXX: Wipe out cache if anything goes wrong */
+ secure_resize(cached_piv_pin, 0);
+ throw;
+ }
+}
+
+void CACNGToken::unverifyPIN(int pinNum)
+{
+ if (pinNum != -1)
+ CssmError::throwMe(CSSM_ERRCODE_SAMPLE_VALUE_NOT_SUPPORTED);
+ /* XXX: Wipe out cached pin */
+ secure_resize(cached_piv_pin, 0);
+ end(SCARD_RESET_CARD);
+}
+
+uint32_t CACNGToken::getData(unsigned char *result, size_t &resultLength)
+{
+ PCSC::Transaction _(*this);
+ try
+ {
+ select(cardManagerApplet);
+ }
+ catch (const PCSC::Error &error)
+ {
+ return error.error;
+ }
+
+ unsigned char apdu[] = { 0x80, INS_GET_DATA, 0x9F, 0x7F, 0x2D };
+ return exchangeAPDU(apdu, sizeof(apdu), result, resultLength);
+}
+
+uint32 CACNGToken::probe(SecTokendProbeFlags flags,
+ char tokenUid[TOKEND_MAX_UID])
+{
+ uint32 score = Tokend::ISO7816Token::probe(flags, tokenUid);
+
+ bool doDisconnect = false; /*!(flags & kSecTokendProbeKeepToken); */
+
+ try
+ {
+// PCSC::Card::reconnect(SCARD_SHARE_SHARED, SCARD_PROTOCOL_T1);
+ if (!identify())
+ doDisconnect = true;
+ else
+ {
+ unsigned char result[0x2F];
+ size_t resultLength = sizeof(result);
+ (void)getData(result, resultLength);
+ /* Score of 200 to ensure that CACNG "wins" for Hybrid CACNG/PIV cards */
+ score = 300;
+ // Now stick in the bytes returned by getData into the
+ // tokenUid.
+ if(resultLength > 20)
+ {
+ sprintf(tokenUid,
+ "CACNG-%02X%02X-%02X%02X-%02X%02X-%02X%02X-%02X%02X",
+ result[3], result[4], result[5], result[6], result[19],
+ result[20], result[15], result[16], result[17],
+ result[18]);
+ }
+ else
+ {
+ /* Cannot generated a tokenUid given the returned data.
+ * Generate time-based tokenUid to permit basic caching */
+ unsigned char buffer[80];
+ time_t now;
+ struct tm* timestruct = localtime(&now);
+ /* Print out the # of seconds since EPOCH UTF */
+ strftime(reinterpret_cast<char *>(buffer), 80, "%s", timestruct);
+ snprintf(tokenUid, TOKEND_MAX_UID, "CACNG-%s", buffer);
+ }
+ Tokend::ISO7816Token::name(tokenUid);
+ secdebug("probe", "recognized %s", tokenUid);
+ }
+ }
+ catch (...)
+ {
+ doDisconnect = true;
+ score = 0;
+ }
+
+ if (doDisconnect)
+ disconnect();
+
+ return score;
+}
+
+void CACNGToken::establish(const CSSM_GUID *guid, uint32 subserviceId,
+ SecTokendEstablishFlags flags, const char *cacheDirectory,
+ const char *workDirectory, char mdsDirectory[PATH_MAX],
+ char printName[PATH_MAX])
+{
+ Tokend::ISO7816Token::establish(guid, subserviceId, flags,
+ cacheDirectory, workDirectory, mdsDirectory, printName);
+
+ mSchema = new CACNGSchema();
+ mSchema->create();
+
+ populate();
+}
+
+//
+// Database-level ACLs
+//
+void CACNGToken::getOwner(AclOwnerPrototype &owner)
+{
+ // we don't really know (right now), so claim we're owned by PIN #0
+ if (!mAclOwner)
+ {
+ mAclOwner.allocator(Allocator::standard());
+ mAclOwner = AclFactory::PinSubject(Allocator::standard(), 0);
+ }
+ owner = mAclOwner;
+}
+
+
+void CACNGToken::getAcl(const char *tag, uint32 &count, AclEntryInfo *&acls)
+{
+ Allocator &alloc = Allocator::standard();
+
+ if (unsigned pin = pinFromAclTag(tag, "?")) {
+ static AutoAclEntryInfoList acl;
+ acl.clear();
+ acl.allocator(alloc);
+ uint32_t status = this->pinStatus(pin);
+ if (status == SCARD_SUCCESS)
+ acl.addPinState(pin, CSSM_ACL_PREAUTH_TRACKING_AUTHORIZED);
+ else if (status >= CACNG_AUTHENTICATION_FAILED_0 && status <= CACNG_AUTHENTICATION_FAILED_3)
+ acl.addPinState(pin, 0, status - CACNG_AUTHENTICATION_FAILED_0);
+ else
+ acl.addPinState(pin, CSSM_ACL_PREAUTH_TRACKING_UNKNOWN);
+ count = acl.size();
+ acls = acl.entries();
+ return;
+ }
+
+ // mAclEntries sets the handle of each AclEntryInfo to the
+ // offset in the array.
+
+ // get pin list, then for each pin
+ if (!mAclEntries) {
+ mAclEntries.allocator(alloc);
+ // Anyone can read the attributes and data of any record on this token
+ // (it's further limited by the object itself).
+ mAclEntries.add(CssmClient::AclFactory::AnySubject(
+ mAclEntries.allocator()),
+ AclAuthorizationSet(CSSM_ACL_AUTHORIZATION_DB_READ, 0));
+ // We support PIN1 with either a passed in password
+ // subject or a prompted password subject.
+ mAclEntries.addPin(AclFactory::PWSubject(alloc), 1);
+ mAclEntries.addPin(AclFactory::PWSubject(alloc), 2);
+ mAclEntries.addPin(AclFactory::PromptPWSubject(alloc, CssmData()), 1);
+ mAclEntries.addPin(AclFactory::PromptPWSubject(alloc, CssmData()), 2);
+ }
+ count = mAclEntries.size();
+ acls = mAclEntries.entries();
+}
+
+
+#pragma mark ---------------- CACNG Specific --------------
+
+uint32_t CACNGToken::exchangeAPDU(const byte_string &apdu, byte_string &result)
+{
+ static const uint8_t GET_RESULT_TEMPLATE [] = { 0x00, 0xC0, 0x00, 0x00, 0xFF };
+ byte_string getResult(GET_RESULT_TEMPLATE, GET_RESULT_TEMPLATE + sizeof(GET_RESULT_TEMPLATE));
+ const int SIZE_INDEX = 4;
+
+ transmit(apdu, result);
+ /* Keep pulling more data */
+ while (result.size() >= 2 && result[result.size() - 2] == 0x61)
+ {
+ size_t expectedLength = result[result.size() - 1];
+ if(expectedLength == 0) /* 256-byte case .. */
+ expectedLength = 256;
+ getResult[SIZE_INDEX] = expectedLength;
+ // Trim off status bytes
+ result.resize(result.size() - 2);
+ size_t appended = transmit(getResult, result);
+ if (appended != (expectedLength + 2))
+ {
+ if (appended < 2)
+ PCSC::Error::throwMe(SCARD_E_PROTO_MISMATCH);
+ else
+ CACNGError::throwMe((result[result.size() - 2] << 8)
+ + result[result.size() - 1]);
+ }
+ }
+
+ if (result.size() < 2)
+ PCSC::Error::throwMe(SCARD_E_PROTO_MISMATCH);
+ uint16_t ret = (result[result.size() - 2] << 8) + result[result.size() - 1];
+ // Trim off status bytes
+ result.resize(result.size() - 2);
+ return ret;
+}
+
+size_t CACNGToken::transmit(const byte_string::const_iterator &apduBegin, const byte_string::const_iterator &apduEnd, byte_string &result) {
+ const size_t BUFFER_SIZE = 1024;
+ size_t resultLength = BUFFER_SIZE;
+ size_t index = result.size();
+ /* To prevent data leaking, secure byte_string resize takes place */
+ secure_resize(result, result.size() + BUFFER_SIZE);
+ ISO7816Token::transmit(&(*apduBegin), (size_t)(apduEnd - apduBegin), &result[0]+ index, resultLength);
+ /* Trims the data, no expansion occurs */
+ result.resize(index + resultLength);
+ return resultLength;
+}
+
+
+uint32_t CACNGToken::exchangeChainedAPDU(
+ unsigned char cla, unsigned char ins,
+ unsigned char p1, unsigned char p2,
+ const byte_string &data,
+ byte_string &result)
+{
+ byte_string apdu;
+ apdu.reserve(5 + data.size());
+ apdu.resize(5);
+ apdu[0] = cla;
+ apdu[1] = ins;
+ apdu[2] = p1;
+ apdu[3] = p2;
+
+ apdu[0] |= 0x10;
+ apdu += data;
+ const size_t BASE_CHUNK_LENGTH = 255;
+ size_t chunkLength;
+ byte_string::const_iterator iter;
+ /* Chain data and skip last chunk since its in the receiving end */
+ for(iter = data.begin(); (iter + BASE_CHUNK_LENGTH) < data.end(); iter += BASE_CHUNK_LENGTH) {
+ chunkLength = std::min(BASE_CHUNK_LENGTH, (size_t)(data.end() - iter));
+ apdu[4] = chunkLength & 0xFF;
+ /* Don't send Le */
+ transmit(apdu.begin(), apdu.begin() + 5 + chunkLength, result);
+ /* No real data should come back until chaining is complete */
+ if(result.size() != 2)
+ PCSC::Error::throwMe(SCARD_E_PROTO_MISMATCH);
+ else
+ CACNGError::check(result[result.size() - 2] << 8 | result[result.size() - 1]);
+ /* Trim off result SW */
+ result.resize(result.size() - 2);
+ // Trim off old data
+ apdu.erase(apdu.begin() + 5, apdu.begin() + 5 + chunkLength);
+ }
+ apdu[0] &= ~0x10;
+ apdu[4] = (apdu.size() - 5) & 0xFF;
+ /* LE BYTE? */
+ return exchangeAPDU(apdu, result);
+}
+
+
+void CACNGToken::populate()
+{
+ secdebug("populate", "CACNGToken::populate() begin");
+ Tokend::Relation &certRelation =
+ mSchema->findRelation(CSSM_DL_DB_RECORD_X509_CERTIFICATE);
+ Tokend::Relation &privateKeyRelation =
+ mSchema->findRelation(CSSM_DL_DB_RECORD_PRIVATE_KEY);
+ Tokend::Relation &dataRelation =
+ mSchema->findRelation(CSSM_DL_DB_RECORD_GENERIC);
+
+ byte_string pkiApplet(kSelectCACNGAppletPKI, kSelectCACNGAppletPKI + sizeof(kSelectCACNGAppletPKI));
+
+ shared_ptr<CACNGSelectable> idApplet(new CACNGCacApplet(*this, pkiApplet,
+ byte_string(kSelectCACNGObjectPKIID, kSelectCACNGObjectPKIID + sizeof(kSelectCACNGObjectPKIID))));
+ shared_ptr<CACNGSelectable> sigApplet(new CACNGCacApplet(*this, pkiApplet,
+ byte_string(kSelectCACNGObjectPKIESig, kSelectCACNGObjectPKIESig + sizeof(kSelectCACNGObjectPKIESig))));
+ shared_ptr<CACNGSelectable> encApplet(new CACNGCacApplet(*this, pkiApplet,
+ byte_string(kSelectCACNGObjectPKIECry, kSelectCACNGObjectPKIECry + sizeof(kSelectCACNGObjectPKIECry))));
+
+ shared_ptr<CACNGIDObject> idObject(new CACNGCacIDObject(*this, idApplet, "Identity Certificate"));
+ shared_ptr<CACNGIDObject> sigObject(new CACNGCacIDObject(*this, sigApplet, "Email Signature Certificate"));
+ shared_ptr<CACNGIDObject> encObject(new CACNGCacIDObject(*this, encApplet, "Email Encryption Certificate"));
+ RefPointer<Tokend::Record> idCert(new CACNGCertificateRecord(idObject, "Identity Certificate"));
+ RefPointer<Tokend::Record> eSigCert(new CACNGCertificateRecord(sigObject, "Email Signing Certificate"));
+ RefPointer<Tokend::Record> eCryCert(new CACNGCertificateRecord(encObject, "Email Encryption Certificate"));
+
+#if 1
+ certRelation.insertRecord(idCert);
+ certRelation.insertRecord(eSigCert);
+ certRelation.insertRecord(eCryCert);
+
+ RefPointer<Tokend::Record> idKey(new CACNGKeyRecord(idObject, "Identity Private Key",
+ privateKeyRelation.metaRecord(), true));
+ RefPointer<Tokend::Record> eSigKey(new CACNGKeyRecord(sigObject, "Email Signing Private Key",
+ privateKeyRelation.metaRecord(), true));
+ RefPointer<Tokend::Record> eCryKey(new CACNGKeyRecord(encObject, "Email Encryption Private Key",
+ privateKeyRelation.metaRecord(), false));
+
+ privateKeyRelation.insertRecord(idKey);
+ privateKeyRelation.insertRecord(eSigKey);
+ privateKeyRelation.insertRecord(eCryKey);
+
+ idKey->setAdornment(mSchema->publicKeyHashCoder().certificateKey(),
+ new Tokend::LinkedRecordAdornment(idCert));
+ eSigKey->setAdornment(mSchema->publicKeyHashCoder().certificateKey(),
+ new Tokend::LinkedRecordAdornment(eSigCert));
+ eCryKey->setAdornment(mSchema->publicKeyHashCoder().certificateKey(),
+ new Tokend::LinkedRecordAdornment(eCryCert));
+#endif
+ static const char *applets[][3] = {
+ {(char*)kSelectCACNGObjectPN, "PNTB", "PNVB"},
+ {(char*)kSelectCACNGObjectPL, "PLTB", "PLVB"},
+ {(char*)kSelectCACNGObjectBS, "BSTB", "BSVB"},
+ {(char*)kSelectCACNGObjectOB, "OBTB", "OBVB"},
+ {NULL, NULL, NULL}
+ };
+ for (int i = 0; applets[i][0]; i++) {
+ shared_ptr<CACNGSelectable> applet(new CACNGCacApplet(
+ *this,
+ pkiApplet,
+ byte_string(applets[i][0], applets[i][0] + 7)));
+ shared_ptr<CACNGReadable> tbuffer(new CACNGCacBufferObject(*this, applet, true));
+ shared_ptr<CACNGReadable> vbuffer(new CACNGCacBufferObject(*this, applet, false));
+ dataRelation.insertRecord(new CACNGDataRecord(tbuffer, applets[i][1]));
+ dataRelation.insertRecord(new CACNGDataRecord(vbuffer, applets[i][2]));
+ }
+
+ /* PIV AUTH KEY */
+ byte_string pivAuthOid(oidX509CertificatePIVAuthentication, oidX509CertificatePIVAuthentication + sizeof(oidX509CertificatePIVAuthentication));
+
+ shared_ptr<CACNGIDObject> pivAuthObject(new CACNGPivIDObject(*this, pivApplet, "Piv Authentication Certificate", pivAuthOid, PIV_KEYREF_PIV_AUTHENTICATION));
+ RefPointer<Tokend::Record> pivAuthCert(new CACNGCertificateRecord(pivAuthObject, "Piv Authentication Certificate"));
+
+ certRelation.insertRecord(pivAuthCert);
+
+ RefPointer<Tokend::Record> pivAuthKey(new CACNGKeyRecord(pivAuthObject, "Piv Authentication Private Key",
+ privateKeyRelation.metaRecord(), true, true));
+ privateKeyRelation.insertRecord(pivAuthKey);
+
+ pivAuthKey->setAdornment(mSchema->publicKeyHashCoder().certificateKey(),
+ new Tokend::LinkedRecordAdornment(pivAuthCert));
+
+ secdebug("populate", "CACNGToken::populate() end");
+}
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGToken.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGToken.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CACNGToken.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,114 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * CACNGToken.h
+ * TokendMuscle
+ */
+
+#ifndef _CACNGTOKEN_H_
+#define _CACNGTOKEN_H_
+
+#include <Token.h>
+#include "TokenContext.h"
+
+#include <security_utilities/pcsc++.h>
+
+#include "byte_string.h"
+
+#include "CACNGApplet.h"
+
+class CACNGSchema;
+
+//
+// "The" token
+//
+class CACNGToken : public Tokend::ISO7816Token
+{
+ NOCOPY(CACNGToken)
+public:
+ CACNGToken();
+ ~CACNGToken();
+
+ virtual void didDisconnect();
+ virtual void didEnd();
+
+ virtual uint32 probe(SecTokendProbeFlags flags,
+ char tokenUid[TOKEND_MAX_UID]);
+ virtual void establish(const CSSM_GUID *guid, uint32 subserviceId,
+ SecTokendEstablishFlags flags, const char *cacheDirectory,
+ const char *workDirectory, char mdsDirectory[PATH_MAX],
+ char printName[PATH_MAX]);
+ virtual void getOwner(AclOwnerPrototype &owner);
+ virtual void getAcl(const char *tag, uint32 &count, AclEntryInfo *&acls);
+
+ virtual void changePIN(int pinNum,
+ const unsigned char *oldPin, size_t oldPinLength,
+ const unsigned char *newPin, size_t newPinLength);
+ uint32_t pivPinStatus();
+ uint32_t cacPinStatus();
+ virtual uint32_t pinStatus(int pinNum);
+ virtual void verifyPIN(int pinNum, const unsigned char *pin, size_t pinLength);
+ void verifyCachedPin(int pinNum);
+ virtual void unverifyPIN(int pinNum);
+
+ bool identify();
+ void select(shared_ptr<CACNGSelectable> &obj);
+
+ uint32_t exchangeAPDU(const unsigned char *apdu, size_t apduLength,
+ unsigned char *result, size_t &resultLength);
+
+ uint32_t getData(unsigned char *result, size_t &resultLength);
+
+ uint32_t exchangeAPDU(const byte_string& apdu, byte_string &result);
+ uint32_t exchangeChainedAPDU(
+ unsigned char cla, unsigned char ins,
+ unsigned char p1, unsigned char p2,
+ const byte_string &data,
+ byte_string &result);
+protected:
+ void populate();
+
+ size_t transmit(const byte_string &apdu, byte_string &result) {
+ return transmit(apdu.begin(), apdu.end(), result);
+ }
+ size_t transmit(const byte_string::const_iterator &apduBegin, const byte_string::const_iterator &apduEnd, byte_string &result);
+
+public:
+ shared_ptr<CACNGSelectable> currentSelectable;
+ uint32_t mCacPinStatus;
+ uint32_t mPivPinStatus;
+ shared_ptr<CACNGSelectable> cacPinApplet;
+ shared_ptr<CACNGSelectable> cardManagerApplet;
+ shared_ptr<CACNGSelectable> pivApplet;
+
+ // temporary ACL cache hack - to be removed
+ AutoAclOwnerPrototype mAclOwner;
+ AutoAclEntryInfoList mAclEntries;
+
+ byte_string cached_piv_pin;
+};
+
+
+#endif /* !_CACNGTOKEN_H_ */
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CompressionTool.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CompressionTool.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CompressionTool.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,51 @@
+/*
+ * CompressionTool.cpp
+ * Tokend
+ *
+ * Created by harningt on 9/30/09.
+ * Copyright 2009 TrustBearer Labs. All rights reserved.
+ *
+ */
+
+
+#include "CompressionTool.h"
+#include <security_cdsa_utilities/cssmerrors.h>
+#include <Security/cssmerr.h>
+
+#include <zlib.h>
+
+using namespace Security;
+
+byte_string CompressionTool::zlib_decompress(const byte_string::const_iterator &begin, const byte_string::const_iterator &end)
+{
+ static const int CHUNK_SIZE = 4096;
+ byte_string output;
+ int ret;
+ z_stream strm;
+ memset(&strm, 0, sizeof(strm));
+ ret = inflateInit2(&strm, 15 + 32); /* Handle optional zlib/gzip headers */
+ if (ret != Z_OK)
+ CssmError::throwMe(CSSMERR_DL_DATABASE_CORRUPT);
+ strm.avail_in = end - begin;
+ strm.next_in = (uint8_t*)&*begin;
+ do {
+ uint8_t buffer[CHUNK_SIZE];
+ strm.avail_out = sizeof(buffer);
+ strm.next_out = buffer;
+ ret = inflate(&strm, Z_NO_FLUSH);
+ switch (ret) {
+ case Z_NEED_DICT:
+ ret = Z_DATA_ERROR;
+ case Z_DATA_ERROR:
+ case Z_MEM_ERROR:
+ (void)inflateEnd(&strm);
+ CssmError::throwMe(CSSMERR_DL_DATABASE_CORRUPT);
+ }
+ size_t available = sizeof(buffer) - strm.avail_out;
+ output.insert(output.end(), buffer, buffer + available);
+ } while (strm.avail_out == 0);
+ (void)inflateEnd(&strm);
+ if (ret != Z_STREAM_END)
+ CssmError::throwMe(CSSMERR_DL_DATABASE_CORRUPT);
+ return output;
+}
\ No newline at end of file
Added: releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CompressionTool.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CompressionTool.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/CompressionTool.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,19 @@
+/*
+ * CompressionTool.h
+ * Tokend
+ *
+ * Created by harningt on 9/30/09.
+ * Copyright 2009 TrustBearer Labs. All rights reserved.
+ *
+ */
+
+
+#include "byte_string.h"
+
+class CompressionTool {
+public:
+ static byte_string zlib_decompress(const byte_string &compressedData) {
+ return zlib_decompress(compressedData.begin(), compressedData.end());
+ }
+ static byte_string zlib_decompress(const byte_string::const_iterator &begin, const byte_string::const_iterator &end);
+};
\ No newline at end of file
Added: releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/Info.plist
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/Info.plist (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/Info.plist 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+ <key>CFBundleDevelopmentRegion</key>
+ <string>English</string>
+ <key>CFBundleExecutable</key>
+ <string>CACNG</string>
+ <key>CFBundleIdentifier</key>
+ <string>com.apple.tokend.cacng</string>
+ <key>CFBundleInfoDictionaryVersion</key>
+ <string>6.0</string>
+ <key>CFBundleName</key>
+ <string>CACNG</string>
+ <key>CFBundlePackageType</key>
+ <string>????</string>
+ <key>CFBundleShortVersionString</key>
+ <string>3.0</string>
+ <key>CFBundleSignature</key>
+ <string>????</string>
+ <key>CFBundleVersion</key>
+ <string>40596</string>
+</dict>
+</plist>
Added: releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/Padding.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/Padding.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/Padding.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,162 @@
+/*
+ * Copyright (c) 2008 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+#include "Padding.h"
+
+#include <Security/cssmerr.h>
+//#include "PIVUtilities.h"
+
+using namespace Security;
+
+/* PKCS#1 DigestInfo header for SHA1 */
+static const unsigned char sha1sigheader[] =
+{
+ 0x30, // SEQUENCE
+ 0x21, // LENGTH
+ 0x30, // SEQUENCE
+ 0x09, // LENGTH
+ 0x06, 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1a, // SHA1 OID (1 4 14 3 2 26)
+ 0x05, 0x00, // OPTIONAL ANY algorithm params (NULL)
+ 0x04, 0x14 // OCTECT STRING (20 bytes)
+};
+
+/* PKCS#1 DigestInfo header for MD5 */
+static const unsigned char md5sigheader[] =
+{
+ 0x30, // SEQUENCE
+ 0x20, // LENGTH
+ 0x30, // SEQUENCE
+ 0x0C, // LENGTH
+ // MD5 OID (1 2 840 113549 2 5)
+ 0x06, 0x08, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x02, 0x05,
+ 0x05, 0x00, // OPTIONAL ANY algorithm params (NULL)
+ 0x04, 0x10 // OCTECT STRING (16 bytes)
+};
+
+void Padding::apply(byte_string &data, size_t keySize, CSSM_PADDING padding, CSSM_ALGORITHMS hashAlg) throw(CssmError) {
+ // Calculate which hash-header to use
+ const unsigned char *header;
+ size_t headerLength;
+ switch(hashAlg) {
+ case CSSM_ALGID_SHA1:
+ if (data.size() != 20)
+ CssmError::throwMe(CSSMERR_CSP_BLOCK_SIZE_MISMATCH);
+ header = sha1sigheader;
+ headerLength = sizeof(sha1sigheader);
+ break;
+ case CSSM_ALGID_MD5:
+ if (data.size() != 16)
+ CssmError::throwMe(CSSMERR_CSP_BLOCK_SIZE_MISMATCH);
+ header = md5sigheader;
+ headerLength = sizeof(md5sigheader);
+ break;
+ case CSSM_ALGID_NONE:
+ // Special case used by SSL it's an RSA signature, without the ASN1 stuff
+ header = NULL;
+ headerLength = 0;
+ break;
+ default:
+ CssmError::throwMe(CSSMERR_CSP_INVALID_DIGEST_ALGORITHM);
+ }
+ // Reserve memory and insert the header before the data
+ data.reserve(keySize);
+ if(headerLength > 0) {
+ data.insert(data.begin(), header, header + headerLength);
+ }
+ // Calculate and apply padding
+ switch (padding) {
+ case CSSM_PADDING_NONE:
+ if(data.size() != keySize)
+ CssmError::throwMe(CSSMERR_CSP_BLOCK_SIZE_MISMATCH);
+ break;
+ case CSSM_PADDING_PKCS1:
+ {
+ // 2010.03.01 -SG- bracket case statements to address compiler changes
+ // Pad using PKCS1 v1.5 signature padding ( 00 01 FF FF.. 00 | M)
+ if(data.size() + 11 > keySize)
+ CssmError::throwMe(CSSMERR_CSP_BLOCK_SIZE_MISMATCH);
+ int markerByteLocation = keySize - data.size() - 1;
+ data.insert(data.begin(), keySize - data.size(), 0xFF);
+ data[0] = 0;
+ data[1] = 1;
+ data[markerByteLocation] = 0;
+ break;
+ }
+ default:
+ CssmError::throwMe(CSSMERR_CSP_INVALID_ATTR_PADDING);
+ }
+}
+
+void Padding::remove(byte_string &data, CSSM_PADDING padding) throw(CssmError) {
+ // Calculate and remove padding while validating
+ switch (padding) {
+ case CSSM_PADDING_NONE:
+ break;
+ case CSSM_PADDING_PKCS1:
+ unsigned i;
+ /* Handles PKCS1 v1.5
+ * signatures 00 01 FF FF.. 00 | M
+ * and encrypted data 00 02 NZ NZ.. 00 | M (NZ = non-zero random value)
+ */
+ if(data[0] != 0 || (data[1] != 1 && data[1] != 2))
+ CssmError::throwMe(CSSMERR_CSP_INVALID_DATA);
+ for(i = 2; i < data.size() && data[i] != 0x00; i++) {}
+ /* Assume empty data is invalid */
+ if(data.size() - i == 0)
+ CssmError::throwMe(CSSMERR_CSP_INVALID_DATA);
+ secure_erase(data, data.begin(), data.begin() + i + 1);
+ break;
+ default:
+ CssmError::throwMe(CSSMERR_CSP_INVALID_ATTR_PADDING);
+ }
+}
+
+bool Padding::canApply(CSSM_PADDING padding, CSSM_ALGORITHMS hashAlg) throw() {
+ switch(padding) {
+ case CSSM_PADDING_NONE:
+ case CSSM_PADDING_PKCS1:
+ break;
+ default:
+ return false;
+ }
+ switch(hashAlg) {
+ case CSSM_ALGID_NONE:
+ case CSSM_ALGID_SHA1:
+ case CSSM_ALGID_MD5:
+ break;
+ default:
+ return false;
+ }
+ return true;
+}
+
+bool Padding::canRemove(CSSM_PADDING padding) throw() {
+ switch(padding) {
+ case CSSM_PADDING_NONE:
+ case CSSM_PADDING_PKCS1:
+ break;
+ default:
+ return false;
+ }
+ return true;
+}
\ No newline at end of file
Added: releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/Padding.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/Padding.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/Padding.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,51 @@
+/*
+ * Copyright (c) 2008 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+#ifndef PADDING_H
+#define PADDING_H
+
+#include "byte_string.h"
+#include <Security/cssmtype.h>
+#include <security_cdsa_utilities/cssmerrors.h>
+
+using namespace Security;
+
+/** Utility class to unify padding/hash-header handling
+ *
+ */
+class Padding {
+public:
+ /** Applies padding and hash-headers for signing */
+ static void apply(byte_string &data, size_t keySize, CSSM_PADDING padding = CSSM_PADDING_NONE, CSSM_ALGORITHMS hashAlg = CSSM_ALGID_NONE) throw(CssmError);
+ /** Removes padding for decryption
+ * Note: Securely eliminates data such that the 'leftover' bytes are not left to be read after data's destruction
+ */
+ static void remove(byte_string &data, CSSM_PADDING padding = CSSM_PADDING_NONE) throw(CssmError);
+
+ /** Returns boolean whether a specific padding/hash-header can be applied */
+ static bool canApply(CSSM_PADDING padding = CSSM_PADDING_NONE, CSSM_ALGORITHMS hashAlg = CSSM_ALGID_NONE) throw();
+ /** Returns boolean whether a specific padding can be removed */
+ static bool canRemove(CSSM_PADDING padding) throw();
+};
+
+#endif
\ No newline at end of file
Added: releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/TLV.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/TLV.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/TLV.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,185 @@
+/*
+ * Copyright (c) 2008 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+#include "TLV.h"
+
+#include <iomanip>
+#include <iostream>
+#include <limits>
+
+using namespace std;
+
+TLV::TLV() throw()
+:tag(), value(NULL), innerValues(NULL) {
+}
+
+TLV::TLV(unsigned char tag) throw()
+:tag(1, tag), value(NULL), innerValues(NULL) {
+}
+
+TLV::TLV(const byte_string& tag) throw()
+:tag(tag), value(NULL), innerValues(NULL) {
+}
+
+TLV::TLV(unsigned char tag, const byte_string& value) throw()
+:tag(1, tag), value(new byte_string(value)), innerValues(NULL) {
+}
+
+TLV::TLV(const byte_string& tag, const byte_string& value) throw()
+:tag(tag), value(new byte_string(value)), innerValues(NULL) {
+}
+
+TLV::TLV(uint8_t tag, const TLVList &tlv) throw()
+:tag(1, tag), value(NULL), innerValues(new TLVList(tlv)) {
+}
+
+TLV::TLV(const byte_string &tag, const TLVList &tlv) throw()
+:tag(tag), value(NULL), innerValues(new TLVList(tlv)) {
+}
+
+TLV_ref TLV::parse(const byte_string &in) throw(std::runtime_error) {
+ byte_string::const_iterator begin = in.begin();
+ return parse(begin, in.end());
+}
+
+byte_string TLV::encode() const throw() {
+ byte_string out;
+ encode(out);
+ return out;
+}
+
+void TLV::encode(byte_string &out) const throw() {
+ const byte_string &tag = getTag();
+ // Puts the tag
+ out += tag;
+ // Puts the length
+ encodeLength(valueLength(), out);
+
+#if 1
+ // Non-caching version since the TLV is expected to be
+ // thrown away after encoding
+ // If there is a value, put that
+ if(value.get()) {
+ out += *value;
+ return;
+ }
+ if(!innerValues.get())
+ return;
+ // Else if there are innerValues, encode those out
+ encodeSequence(*innerValues, out);
+#else
+ // Obtain the value in a cached manner
+ const byte_string &value = getValue();
+ out += value;
+#endif
+}
+
+const TLVList &TLV::getInnerValues() const throw(std::runtime_error) {
+ /* If there is a cached innervalues version, output it
+ * else parse any existing TLV data and use that */
+ if(innerValues.get()) return *innerValues;
+ if(!value.get()) {
+ innerValues.reset(new TLVList());
+ return *innerValues;
+ }
+ innerValues.reset(new TLVList());
+ byte_string::const_iterator begin = value->begin();
+ parseSequence(begin, (byte_string::const_iterator)value->end(), *innerValues);
+
+ return *innerValues;
+}
+
+const byte_string &TLV::getValue() const throw() {
+ /* If there is a cached value version, output it
+ * else encode any existing TLV data and use that */
+ if(value.get()) return *value;
+ if(!innerValues.get()) {
+ value.reset(new byte_string());
+ return *value;
+ }
+ value.reset(new byte_string());
+ encodeSequence(*innerValues, *value);
+ return *value;
+}
+
+size_t TLV::length() const throw() {
+ size_t innerLength = valueLength();
+ return tag.size() + encodedLength(innerLength) + innerLength;
+}
+
+void TLV::encodeLength(size_t value, byte_string &out) throw() {
+ /* Encode and output the length according to BER-TLV encoding rules */
+ static const size_t MAX_VALUE = std::numeric_limits<size_t>::max();
+ static const size_t highbyte = (MAX_VALUE ^ (MAX_VALUE >> 8));
+ static const size_t shiftbyte = (sizeof(size_t) - 1) * 8;
+ if (value < 0x80) {
+ out += (unsigned char)(value & 0x7F);
+ return;
+ }
+ size_t size = sizeof(value), i;
+ while(0 == (value & highbyte) && size > 0) {
+ value <<= 8;
+ size--;
+ }
+ out += (unsigned char)(0x80 | size);
+ for(i = 0; i < size; i++) {
+ out += (unsigned char)((value >> shiftbyte) & 0xFF);
+ value <<= 8;
+ }
+}
+
+size_t TLV::encodedLength(size_t value) throw() {
+ if(value < 0x80)
+ return 1;
+ /* Values larger than 0x7F must be encoded in the form (Length-Bytes) (Length) */
+ static const size_t MAX_VALUE = std::numeric_limits<size_t>::max();
+ /* EX: 0xFF000000 - for size_t == 32-bit */
+ static const size_t highbyte = (MAX_VALUE ^ (MAX_VALUE >> 8));
+ size_t size = sizeof(value);
+ /* Check for the highest byte that contains a value */
+ while(0 == (value & highbyte) && size > 0) {
+ value <<= 8;
+ size--;
+ }
+ /* + 1 for byte-size byte
+ * Size encoded as (0x80 + N) [N-bytes]
+ * Max size-bytes == 127
+ */
+ return size + 1;
+}
+
+void TLV::encodeSequence(const TLVList &tlv, byte_string &out) throw() {
+ for(TLVList::const_iterator iter = tlv.begin(); iter < tlv.end(); iter++)
+ (*iter)->encode(out);
+}
+
+size_t TLV::valueLength() const throw() {
+ /* Calculate the length of a value, either by its actual value length
+ * or calculated length based on contained TLV values */
+ if(value.get()) return value->size();
+ if(!innerValues.get()) return 0;
+ size_t retValue = 0;
+ for(TLVList::const_iterator iter = innerValues->begin(); iter < innerValues->end(); iter++)
+ retValue += (*iter)->length();
+ return retValue;
+}
Added: releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/TLV.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/TLV.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/TLV.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,143 @@
+/*
+ * Copyright (c) 2008 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+#ifndef TLV_H
+#define TLV_H
+
+#include <tr1/memory>
+
+#include <stdexcept>
+
+#include <sstream>
+#include <vector>
+
+#ifndef NOCOPY
+#define NOCOPY(Type) private: Type(const Type &); void operator = (const Type &);
+#endif
+
+#include "byte_string.h"
+
+class TLV;
+typedef std::tr1::shared_ptr<TLV> TLV_ref;
+typedef std::vector<TLV_ref> TLVList;
+
+/** Utility class to simplify TLV parsing and encoding
+ * Condition of proper behavior (assume sizeof(size_t) => ptr size):
+ * 32-bit: Total data < 4GB
+ * 64-bit: Total data < 4GB * 4GB
+ */
+class TLV {
+ NOCOPY(TLV);
+public:
+ TLV() throw();
+ TLV(uint8_t tag) throw();
+ TLV(const byte_string &tag) throw();
+ TLV(uint8_t tag, const byte_string &value) throw();
+ TLV(const byte_string &tag, const byte_string &value) throw();
+ TLV(const byte_string &tag, const TLVList &tlv) throw();
+ TLV(uint8_t tag, const TLVList &tlv) throw();
+
+ /* Parses a byte_string as a TLV value - ignores trailing bytes
+ * Throws an error if the encoding is invalid
+ */
+ static TLV_ref parse(const byte_string &data) throw(std::runtime_error);
+
+ /* Parses an entire sequence of bytes as a TLV value
+ * - ignores trailing bytes, iter points to byte after TLV
+ * Can accept forward iterators to bytes or pointers to bytes for the range
+ * Ex: byte_string::iterator, unsigned char *
+ * Throws an error if the encoding is invalid
+ */
+ template<typename ForwardIterator>
+ static TLV_ref parse(ForwardIterator &iter, const ForwardIterator &end) throw(std::runtime_error);
+
+ /* Obtains the tag of this TLV */
+ const byte_string &getTag() const throw() { return tag; }
+
+ /* Encodes this TLV into a new byte_string */
+ byte_string encode() const throw();
+ /* Encodes this TLV, appending the data to 'out' */
+ void encode(byte_string &out) const throw();
+ /* Decodes the value of this TLV as a sequence of TLVs */
+ const TLVList &getInnerValues() const throw(std::runtime_error);
+ /* Obtains the value of this TLV */
+ const byte_string &getValue() const throw();
+
+ /* Calculates the length of this TLV */
+ size_t length() const throw();
+
+private:
+ byte_string tag;
+ /* cached/assigned value as a string */
+ mutable std::auto_ptr<byte_string> value;
+ /* cached/assigned value as a TLV sequence */
+ mutable std::auto_ptr<TLVList> innerValues;
+
+ /* Parses an entire sequence of bytes as a sequence of TLV values, appending them to tlv
+ * Can accept forward iterators to bytes or pointers to bytes for the range
+ * Ex: byte_string::iterator, unsigned char *
+ * Throws an error if the encoding is invalid
+ */
+ template<typename ForwardIterator>
+ static void parseSequence(ForwardIterator &iter, const ForwardIterator &end, TLVList &tlv) throw(std::runtime_error);
+
+ /* Parses the ber-encoded length from a sequence of bytes
+ * Can accept forward iterators to bytes or pointers to bytes for the range
+ * Ex: byte_string::iterator, unsigned char *
+ * Throws an error if the encoding is invalid
+ */
+ template<typename ForwardIterator>
+ static size_t parseLength(ForwardIterator &iter, const ForwardIterator &end) throw(std::runtime_error);
+
+ /* ber-encodes an integer and writes it's output to 'out' */
+ static void encodeLength(size_t value, byte_string &out) throw();
+public:
+ /* Obtains the length of a ber-encoded integer that would contain the value */
+ static size_t encodedLength(size_t value) throw();
+private:
+ /* Encodes a sequence of TLVs, writing the to 'out' */
+ static void encodeSequence(const TLVList &tlv, byte_string &out) throw();
+
+ /* Calculates the total length of the value */
+ size_t valueLength() const throw();
+};
+
+class TagPredicate {
+public:
+ TagPredicate(uint8_t tag) throw()
+ :tag(1, tag) {
+ }
+ TagPredicate(const byte_string &tag) throw()
+ :tag(tag) {
+ }
+ bool operator() (const TLV_ref &tlv) throw() {
+ return this->tag == tlv->getTag();
+ }
+private:
+ byte_string tag;
+};
+
+/* TEMPLATE DEFINITIONS */
+#include "TLVTemplates.h"
+
+#endif
Added: releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/TLVTemplates.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/TLVTemplates.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/TLVTemplates.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,104 @@
+/*
+ * Copyright (c) 2008 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+template<typename ForwardIterator>
+void TLV::parseSequence(ForwardIterator &iter, const ForwardIterator &end, TLVList &tlv) throw(std::runtime_error) {
+ /* While there is still data inbetween the iterators */
+ while(iter < end) {
+ /* parse TLV structures and append them to the list */
+ TLV_ref ref = TLV::parse(iter, end);
+ tlv.push_back(ref);
+ }
+}
+
+template<typename ForwardIterator>
+TLV_ref TLV::parse(ForwardIterator &iter, const ForwardIterator &end) throw(std::runtime_error) {
+ byte_string tag;
+ uint8_t ch;
+ if(iter >= end) throw std::runtime_error("Invalid TLV-encoding");
+ /* Read the first byte as the tag */
+ ch = *iter++;
+ tag += ch;
+ if(iter >= end) throw std::runtime_error("Invalid TLV-encoding");
+ /* If the tag is flagged as a multibyte tag */
+ if((ch & 0x1F) == 0x1F) { /* Multibyte tag */
+ do {
+ ch = *iter++;
+ tag += ch;
+ if(iter >= end) throw std::runtime_error("Invalid TLV-encoding");
+ /* Read more until there are no more bytes w/o the high-bit set */
+ } while((ch & 0x80) != 0);
+ }
+ /* Parse the length of the contained value */
+ size_t length = parseLength(iter, end);
+ ForwardIterator begin = iter;
+ iter += length;
+ /* The iterator is permitted to be at the very and at this point */
+ if(iter > end) throw std::runtime_error("Invalid TLV-encoding");
+ /* Return a new TLV with the calculated tag and value */
+ return TLV_ref(new TLV(tag, byte_string(begin, iter)));
+}
+
+/*
+ BER-TLV
+ Reference: http://www.cardwerk.com/smartcards/smartcard_standard_ISO7816-4_annex-d.aspx
+
+ In short form, the length field consists of a single byte where the bit B8 shall be set to 0 and
+ the bits B7-B1 shall encode an integer equal to the number of bytes in the value field. Any length
+ from 0-127 can thus be encoded by 1 byte.
+
+ In long form, the length field consists of a leading byte where the bit B8 shall be set to 1 and
+ the B7-B1 shall not be all equal, thus encoding a positive integer equal to the number of subsequent
+ bytes in the length field. Those subsequent bytes shall encode an integer equal to the number of bytes
+ in the value field. Any length within the APDU limit (up to 65535) can thus be encoded by 3 bytes.
+
+ NOTE - ISO/IEC 7816 does not use the indefinite lengths specified by the basic encoding rules of
+ ASN.1 (see ISO/IEC 8825).
+
+ Sample data (from a certficate GET DATA):
+
+ 00000000 53 82 04 84 70 82 04 78 78 da 33 68 62 db 61 d0
+ 00000010 c4 ba 60 01 33 13 23 13 13 97 e2 dc 88 f7 0c 40
+ 00000020 20 da 63 c0 cb c6 a9 d5 e6 d1 f6 9d 97 91 91 95
+ ....
+ 00000460 1f 22 27 83 ef fe ed 5e 7a f3 e8 b6 dc 6b 3f dc
+ 00000470 4c be bc f5 bf f2 70 7e 6b d0 4c 00 80 0d 3f 1f
+ 00000480 71 01 80 72 03 49 44 41
+
+*/
+template<typename ForwardIterator>
+size_t TLV::parseLength(ForwardIterator &iter, const ForwardIterator &end) throw(std::runtime_error) {
+ // Parse a BER length field. Returns the value of the length
+ uint8_t ch = *iter++;
+ if (!(ch & 0x80)) // single byte
+ return static_cast<uint32_t>(ch);
+ size_t result = 0;
+ uint8_t byteLen = ch & 0x7F;
+ for(;byteLen > 0; byteLen--) {
+ if(iter == end)
+ throw std::runtime_error("Invalid BER-encoded length");
+ ch = *iter++;
+ result = (result << 8) | static_cast<uint8_t>(ch);
+ }
+ return result;
+}
Added: releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/byte_string.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/byte_string.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/byte_string.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,114 @@
+/*
+ * Copyright (c) 2008 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+#ifndef BYTE_STRING
+#define BYTE_STRING
+
+#include <CoreServices/../Frameworks/CarbonCore.framework/Headers/MacTypes.h>
+#include <vector>
+
+/** Utility definition and additional operators to make working with
+ * sequences of bytes more easy and less error/leak-prone
+ */
+typedef std::vector<uint8_t> byte_string;
+
+inline bool operator==(const byte_string &l, const byte_string::value_type &value) {
+ return l.size() == 1 && l.at(0) == value;
+}
+
+inline byte_string &operator+=(byte_string &l, const byte_string::value_type &value) {
+ l.push_back(value);
+ return l;
+}
+inline byte_string &operator+=(byte_string &l, const char &value) {
+ l.push_back(value);
+ return l;
+}
+
+inline byte_string &operator+=(byte_string &l, const byte_string::value_type *value) {
+ l.insert(l.end(), value, value + strlen((char*)value));
+ return l;
+}
+
+inline byte_string &operator+=(byte_string &l, const byte_string &r) {
+ l.insert(l.end(), r.begin(), r.end());
+ return l;
+}
+
+/* RHS must be null-terminated */
+inline bool operator==(const byte_string& l, const byte_string::value_type* r) {
+ byte_string::size_type lSize = l.size();
+ byte_string::size_type rSize = strlen((const char*)r);
+ if(lSize != rSize)
+ return false;
+ return equal(l.begin(), l.end(), r);
+}
+
+inline bool operator!=(const byte_string& l, const byte_string::value_type* r) {
+ return !(l == r);
+}
+
+inline unsigned char *malloc_copy(const byte_string::const_iterator &begin, const byte_string::const_iterator &end) {
+ size_t len = end - begin;
+ unsigned char *output = (unsigned char*)malloc(len);
+ if(!output)
+ return NULL;
+ memcpy(output, &*begin, len);
+ return output;
+}
+inline unsigned char *malloc_copy(const byte_string &l) {
+ return malloc_copy(l.begin(), l.end());
+}
+
+#include <algorithm>
+
+template<typename T>
+inline void secure_zero(T &l) {
+ std::fill(l.begin(), l.end(), typename T::value_type());
+}
+
+template<typename T>
+inline void secure_erase(T &data, const typename T::iterator &first, const typename T::iterator &last) {
+ /* Partly borrowing from alg used by normal 'erase' */
+ typename T::iterator newEnd(std::copy(last, data.end(), first));
+ // Filling w/ defaults to null values out
+ std::fill(newEnd, data.end(), typename T::value_type());
+ data.erase(newEnd, data.end());
+}
+
+template<typename T>
+inline void secure_resize(T &data, const size_t newSize) {
+ // Simple case where no re-allocation occurs
+ if(data.capacity() >= newSize) {
+ data.resize(newSize);
+ return;
+ }
+ // Re-allocation will occur, need to use temporary buffer...
+ T temporary(data);
+ secure_zero(data);
+ data.resize(newSize);
+ copy(temporary.begin(), temporary.end(), data.begin());
+ secure_zero(temporary);
+}
+
+#endif
Added: releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/cacng.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/cacng.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/cacng.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,52 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * cac.cpp - CACNGtokend main program
+ */
+
+#include "CACNGToken.h"
+
+int main(int argc, const char *argv[])
+{
+ secdebug("CACNG .tokend", "main starting with %d arguments", argc);
+ secdelay("/tmp/delay/CACNG");
+
+#if 0
+ setenv("DEBUGSCOPE", "-mutex,walkers", 0);
+ setenv("DEBUGOPTIONS", "scope,thread,date", 0);
+ setenv("DEBUGDEST", "/var/tmp/securityd-log", 0);
+ setenv("DEBUGDUMP", "stdout", 0);
+#endif
+
+ token = new CACNGToken();
+ try {
+ int ret = SecTokendMain(argc, argv, token->callbacks(), token->support());
+ delete token;
+ return ret;
+ } catch (...) {
+ delete token;
+ return -1;
+ }
+}
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/mds/cacng_csp_capabilities.mdsinfo
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/mds/cacng_csp_capabilities.mdsinfo (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/mds/cacng_csp_capabilities.mdsinfo 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist SYSTEM "file://localhost/System/Library/DTDs/PropertyList.dtd">
+<plist version="0.9">
+<dict>
+ <key>Capabilities</key>
+ <string>file:cacng_csp_capabilities_common.mds</string>
+ <key>MdsFileDescription</key>
+ <string>CACNG Token CSPDL CSP Capabilities</string>
+ <key>MdsFileType</key>
+ <string>PluginSpecific</string>
+ <key>MdsRecordType</key>
+ <string>MDS_CDSADIR_CSP_CAPABILITY_RECORDTYPE</string>
+</dict>
+</plist>
Added: releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/mds/cacng_csp_capabilities_common.mds
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/mds/cacng_csp_capabilities_common.mds (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/mds/cacng_csp_capabilities_common.mds 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,903 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<array>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_SHA1</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_OUTPUT_SIZE</string>
+ <key>AttributeValue</key>
+ <integer>20</integer>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_DIGEST</string>
+ <key>Description</key>
+ <string>SHA1 Digest</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_MD5</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_OUTPUT_SIZE</string>
+ <key>AttributeValue</key>
+ <integer>16</integer>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_DIGEST</string>
+ <key>Description</key>
+ <string>MD5 Digest</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_MD2</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_OUTPUT_SIZE</string>
+ <key>AttributeValue</key>
+ <integer>16</integer>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_DIGEST</string>
+ <key>Description</key>
+ <string>MD2 Digest</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_RSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>RSA Key Pair Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_DES</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_KEY_LENGTH</string>
+ <key>AttributeValue</key>
+ <integer>64</integer>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>DES Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_3DES_3KEY</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_KEY_LENGTH</string>
+ <key>AttributeValue</key>
+ <integer>192</integer>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>3DES Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_RC2</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>RC2 Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_RC4</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>RC4 Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_RC5</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>RC5 Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_CAST</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>New item</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>CAST Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_BLOWFISH</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>Blowfish Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_SHA1HMAC</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>SHA1HMAC Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_MD5HMAC</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>MD5HMAC Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_AES</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_KEY_LENGTH</string>
+ <key>AttributeValue</key>
+ <array>
+ <integer>128</integer>
+ <integer>192</integer>
+ <integer>256</integer>
+ </array>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>AES Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_ASC</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>ASC Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_FEE</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_KEY_LENGTH</string>
+ <key>AttributeValue</key>
+ <array>
+ <integer>31</integer>
+ <integer>127</integer>
+ <integer>128</integer>
+ <integer>161</integer>
+ <integer>192</integer>
+ </array>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>FEE Key Pair Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_DSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>DSA Key Pair Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_PKCS5_PBKDF2</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_DERIVEKEY</string>
+ <key>Description</key>
+ <string>PKCS5 Key Derivation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_PKCS5_PBKDF1_MD5</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_DERIVEKEY</string>
+ <key>Description</key>
+ <string>PKCS5 PBKDF1 MD5 Key Derivation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_PKCS5_PBKDF1_MD2</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_DERIVEKEY</string>
+ <key>Description</key>
+ <string>PKCS5 PBKDF1 MD2 Key Derivation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_PKCS5_PBKDF1_SHA1</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_DERIVEKEY</string>
+ <key>Description</key>
+ <string>PKCS5 PBKDF1 SHA1 Key Derivation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_DES</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_MODE</string>
+ <key>AttributeValue</key>
+ <array>
+ <integer>2</integer>
+ <integer>3</integer>
+ <integer>5</integer>
+ <integer>6</integer>
+ </array>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SYMMETRIC</string>
+ <key>Description</key>
+ <string>DES Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_3DES_3KEY_EDE</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_MODE</string>
+ <key>AttributeValue</key>
+ <array>
+ <integer>2</integer>
+ <integer>3</integer>
+ <integer>5</integer>
+ <integer>6</integer>
+ </array>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SYMMETRIC</string>
+ <key>Description</key>
+ <string>3DES EDE Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_AES</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_MODE</string>
+ <key>AttributeValue</key>
+ <array>
+ <integer>2</integer>
+ <integer>3</integer>
+ <integer>5</integer>
+ <integer>6</integer>
+ </array>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SYMMETRIC</string>
+ <key>Description</key>
+ <string>AES Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_RC4</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_MODE</string>
+ <key>AttributeValue</key>
+ <array>
+ <integer>0</integer>
+ </array>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SYMMETRIC</string>
+ <key>Description</key>
+ <string>RC4 Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_RC5</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_MODE</string>
+ <key>AttributeValue</key>
+ <array>
+ <integer>2</integer>
+ <integer>3</integer>
+ <integer>5</integer>
+ <integer>6</integer>
+ </array>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SYMMETRIC</string>
+ <key>Description</key>
+ <string>RC5 Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_BLOWFISH</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_MODE</string>
+ <key>AttributeValue</key>
+ <array>
+ <integer>2</integer>
+ <integer>3</integer>
+ <integer>5</integer>
+ <integer>6</integer>
+ </array>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SYMMETRIC</string>
+ <key>Description</key>
+ <string>Blowfish Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_CAST</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_MODE</string>
+ <key>AttributeValue</key>
+ <array>
+ <integer>2</integer>
+ <integer>3</integer>
+ <integer>5</integer>
+ <integer>6</integer>
+ </array>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SYMMETRIC</string>
+ <key>Description</key>
+ <string>CAST Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_RSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_ASYMMETRIC</string>
+ <key>Description</key>
+ <string>RSA Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_FEEDEXP</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_ASYMMETRIC</string>
+ <key>Description</key>
+ <string>FEEDExp Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_FEED</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_ASYMMETRIC</string>
+ <key>Description</key>
+ <string>FEED Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_SHA1WithRSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>SHA1 With RSA Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_MD5WithRSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>MD5 With RSA Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_MD2WithRSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>MD2 With RSA Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_RSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>Raw RSA Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_SHA1WithDSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>SHA1 With DSA Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_DSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>Raw DSA Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_FEE_MD5</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>MD5 with FEE Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_FEE_SHA1</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>SHA1 with FEE Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_FEE</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>Raw FEE Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_SHA1WithECDSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>SHA1 with ECDSA Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_ECDSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>Raw ECDSA Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_SHA1HMAC</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_OUTPUT_SIZE</string>
+ <key>AttributeValue</key>
+ <integer>20</integer>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_MAC</string>
+ <key>Description</key>
+ <string>SHA1HMAC MAC</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_SHA1HMAC_LEGACY</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_OUTPUT_SIZE</string>
+ <key>AttributeValue</key>
+ <integer>20</integer>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_MAC</string>
+ <key>Description</key>
+ <string>SHA1HMAC MAC Legacy</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_APPLE_YARROW</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_RANDOMGEN</string>
+ <key>Description</key>
+ <string>Yarrow PRNG</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+</array>
+</plist>
Added: releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/mds/cacng_csp_primary.mdsinfo
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/mds/cacng_csp_primary.mdsinfo (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/mds/cacng_csp_primary.mdsinfo 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,44 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist SYSTEM "file://localhost/System/Library/DTDs/PropertyList.dtd">
+<plist version="0.9">
+<dict>
+ <key>AclSubjectTypes</key>
+ <array>
+ <string>CSSM_ACL_SUBJECT_TYPE_PASSWORD</string>
+ <string>CSSM_ACL_SUBJECT_TYPE_PROMPTED_PASSWORD</string>
+ <string>CSSM_ACL_SUBJECT_TYPE_PROTECTED_PASSWORD</string>
+ </array>
+ <key>AuthTags</key>
+ <!-- @@@ complete this -->
+ <array>
+ <string>CSSM_ACL_AUTHORIZATION_ANY</string>
+ </array>
+ <key>CspCustomFlags</key>
+ <integer>0</integer>
+ <key>CspFlags</key>
+ <!-- @@@ dynamic -->
+ <string>CSSM_CSP_STORES_PRIVATE_KEYS | CSSM_CSP_STORES_PUBLIC_KEYS | CSSM_CSP_STORES_CERTIFICATES | CSSM_CSP_STORES_GENERIC</string>
+ <key>CspType</key>
+ <string>CSSM_CSP_HARDWARE</string>
+ <key>MdsFileDescription</key>
+ <string>Token CSPDL CSP Primary info</string>
+ <key>MdsFileType</key>
+ <string>PluginSpecific</string>
+ <key>MdsRecordType</key>
+ <string>MDS_CDSADIR_CSP_PRIMARY_RECORDTYPE</string>
+ <key>ModuleName</key>
+ <string>AppleSDCSPDL</string>
+ <key>ProductVersion</key>
+ <string>0.1</string>
+ <key>SampleTypes</key>
+ <array>
+ <string>CSSM_SAMPLE_TYPE_PASSWORD</string>
+ <string>CSSM_SAMPLE_TYPE_PROMPTED_PASSWORD</string>
+ <string>CSSM_SAMPLE_TYPE_PROTECTED_PASSWORD</string>
+ </array>
+ <key>UseeTags</key>
+ <array/>
+ <key>Vendor</key>
+ <string>Apple Computer, Inc.</string>
+</dict>
+</plist>
Added: releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/mds/cacng_dl_primary.mdsinfo
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/mds/cacng_dl_primary.mdsinfo (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/mds/cacng_dl_primary.mdsinfo 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,55 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist SYSTEM "file://localhost/System/Library/DTDs/PropertyList.dtd">
+<plist version="0.9">
+<dict>
+ <key>AclSubjectTypes</key>
+ <array>
+ <string>CSSM_ACL_SUBJECT_TYPE_PASSWORD</string>
+ <string>CSSM_ACL_SUBJECT_TYPE_PROMPTED_PASSWORD</string>
+ <string>CSSM_ACL_SUBJECT_TYPE_PROTECTED_PASSWORD</string>
+ </array>
+ <key>AuthTags</key>
+ <array>
+ <!-- @@@ complete this -->
+ <string>CSSM_ACL_AUTHORIZATION_ANY</string>
+ </array>
+ <key>ConjunctiveOps</key>
+ <array>
+ <string>CSSM_DB_NONE</string>
+ <string>CSSM_DB_AND</string>
+ <string>CSSM_DB_OR</string>
+ </array>
+ <key>DLType</key>
+ <string>CSSM_DL_FFS</string>
+ <key>MdsFileDescription</key>
+ <string>Token CSPDL DL Primary info</string>
+ <key>MdsFileType</key>
+ <string>PluginSpecific</string>
+ <key>MdsRecordType</key>
+ <string>MDS_CDSADIR_DL_PRIMARY_RECORDTYPE</string>
+ <key>ModuleName</key>
+ <string>AppleSDCSPDL</string>
+ <key>ProductVersion</key>
+ <string>0.1</string>
+ <key>QueryLimitsFlag</key>
+ <integer>0</integer>
+ <key>RelationalOps</key>
+ <array>
+ <string>CSSM_DB_EQUAL</string>
+ <string>CSSM_DB_LESS_THAN</string>
+ <string>CSSM_DB_GREATER_THAN</string>
+ <string>CSSM_DB_CONTAINS_FINAL_SUBSTRING</string>
+ <string>CSSM_DB_CONTAINS_INITIAL_SUBSTRING</string>
+ <string>CSSM_DB_CONTAINS</string>
+ <string></string>
+ </array>
+ <key>SampleTypes</key>
+ <array>
+ <string>CSSM_SAMPLE_TYPE_PASSWORD</string>
+ <string>CSSM_SAMPLE_TYPE_PROMPTED_PASSWORD</string>
+ <string>CSSM_SAMPLE_TYPE_PROTECTED_PASSWORD</string>
+ </array>
+ <key>Vendor</key>
+ <string>Apple Computer, Inc.</string>
+</dict>
+</plist>
Added: releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/mds/cacng_smartcard.mdsinfo
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/mds/cacng_smartcard.mdsinfo (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/CACNG/mds/cacng_smartcard.mdsinfo 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist SYSTEM "file://localhost/System/Library/DTDs/PropertyList.dtd">
+<plist version="0.9">
+<dict>
+ <key>MdsFileDescription</key>
+ <string>SD/CSPDL Generic Smartcard Information</string>
+ <key>MdsRecordType</key>
+ <string>MDS_CDSADIR_CSP_SC_INFO_RECORDTYPE</string>
+ <key>MdsFileType</key>
+ <string>PluginSpecific</string>
+ <key>ScVendor</key>
+ <string>Generic</string>
+ <key>ScVersion</key>
+ <string>unknown</string>
+ <key>ScFirmwareVersion</key>
+ <string>CACNGViewerPlugin</string>
+ <key>ScFlags</key> <!-- @@@ dynamic -->
+ <integer>0</integer>
+ <key>ScCustomFlags</key>
+ <integer>0</integer>
+</dict>
+</plist>
Added: releases/Apple/OSX-10.6.7/Tokend-40596/ChangeLog
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/ChangeLog (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/ChangeLog 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,734 @@
+# do not edit -- automatically generated by arch changelog
+# arch-tag: automatic-ChangeLog--mb at apple.com--SmartCards-2004/Tokend--Tiger--1.0
+#
+
+2005-03-04 23:03:18 GMT Michael Brouwer <mb at apple.com> patch-25
+
+ Summary:
+ Change version to 11
+ Revision:
+ Tokend--Tiger--1.0--patch-25
+
+ Change version to 11
+
+
+ modified files:
+ ChangeLog Tokend.xcode/project.pbxproj
+
+
+2005-03-04 23:02:35 GMT Michael Brouwer <mb at apple.com> patch-24
+
+ Summary:
+ Integrated <rdar://problem/4020193> Digital signature fails on some JPKI smartcard.
+ Revision:
+ Tokend--Tiger--1.0--patch-24
+
+
+
+ Patches applied:
+
+ * mb at apple.com--SmartCards-2004/Tokend--radar--4020193--base-0
+ tag of mb at apple.com--SmartCards-2004/Tokend--Tiger--1.0--patch-23
+
+ * mb at apple.com--SmartCards-2004/Tokend--radar--4020193--patch-1
+ Fix digital signatures for all card types.
+
+
+ modified files:
+ ChangeLog JPKI/JPKIToken.cpp
+
+ new patches:
+ mb at apple.com--SmartCards-2004/Tokend--radar--4020193--base-0
+ mb at apple.com--SmartCards-2004/Tokend--radar--4020193--patch-1
+
+
+2005-02-24 23:11:27 GMT Michael Brouwer <mb at apple.com> patch-23
+
+ Summary:
+ Bumped to Tokend-10
+ Revision:
+ Tokend--Tiger--1.0--patch-23
+
+ Bumped to Tokend-10
+
+
+ modified files:
+ ChangeLog Tokend.xcode/project.pbxproj
+
+
+2005-02-24 23:10:22 GMT Michael Brouwer <mb at apple.com> patch-22
+
+ Summary:
+
+ Revision:
+ Tokend--Tiger--1.0--patch-22
+
+
+ modified files:
+ ChangeLog JPKI/JPKIToken.cpp
+
+ new patches:
+ mb at apple.com--SmartCards-2004/Tokend--radar--4007295--base-0
+ mb at apple.com--SmartCards-2004/Tokend--radar--4007295--patch-1
+
+
+2005-02-18 01:01:27 GMT Michael Brouwer <mb at apple.com> patch-21
+
+ Summary:
+ Bumped to Tokend-9
+ Revision:
+ Tokend--Tiger--1.0--patch-21
+
+
+ modified files:
+ ChangeLog Tokend.xcode/project.pbxproj
+
+
+2005-02-18 01:01:00 GMT Michael Brouwer <mb at apple.com> patch-20
+
+ Summary:
+ <rdar://problem/4004417> Non-Java CAC cards not recognized by Tokend
+ Revision:
+ Tokend--Tiger--1.0--patch-20
+
+ * CAC/CACToken.cpp:
+ (CACToken::getData): Don't throw if the select of the
+ cardmanager applet fails, return an error instead.
+
+ modified files:
+ CAC/CACToken.cpp ChangeLog
+
+
+2005-01-28 18:17:15 GMT Michael Brouwer <mb at apple.com> patch-19
+
+ Summary:
+ Removed diffs that stupid tla added on it's own.
+ Revision:
+ Tokend--Tiger--1.0--patch-19
+
+
+ removed files:
+ diffs
+
+ modified files:
+ ChangeLog
+
+
+2005-01-28 18:16:33 GMT Michael Brouwer <mb at apple.com> patch-18
+
+ Summary:
+ <rdar://problem/3917232> No PINs are asked for JPKI smartcards
+ Revision:
+ Tokend--Tiger--1.0--patch-18
+
+ * Tokend/Token.cpp:
+ (Token::authenticate): Don't throw for non pin samples. Also
+ added some secdebug statements.
+
+ new files:
+ diffs
+
+ modified files:
+ ChangeLog Tokend.xcode/project.pbxproj Tokend/Token.cpp
+
+
+2005-01-21 19:34:54 GMT Michael Brouwer <mb at apple.com> patch-17
+
+ Summary:
+ Deal with edge case.
+ Revision:
+ Tokend--Tiger--1.0--patch-17
+
+ If we read exactly to the end of a file by chance, the next read
+ will return SCARD_WRONG_PARAMETER_P1_P2 since the offset in P1, P2
+ is past the end of the file now.
+
+ modified files:
+ BELPIC/BELPICToken.cpp ChangeLog
+
+
+2005-01-21 19:07:22 GMT Michael Brouwer <mb at apple.com> patch-16
+
+ Summary:
+ Workaround for <rdar://problem/3964795> CCID reader driver doesn't work with BELPIC cards
+ Revision:
+ Tokend--Tiger--1.0--patch-16
+
+ * BELPIC/BELPICToken.cpp:
+ (BELPICToken::readBinary) Deal with the reader returning less
+ than the amount of bytes requested (instead of returning how many
+ bytes are left in an error code) and treat such a response as the
+ end of the file.
+
+ modified files:
+ BELPIC/BELPICToken.cpp ChangeLog
+
+
+2005-01-21 01:24:01 GMT Michael Brouwer <mb at apple.com> patch-15
+
+ Summary:
+ Bumped to Tokend-7
+ Revision:
+ Tokend--Tiger--1.0--patch-15
+
+
+ modified files:
+ ChangeLog Tokend.xcode/project.pbxproj
+
+
+2005-01-20 00:31:12 GMT Michael Brouwer <mb at apple.com> patch-14
+
+ Summary:
+ Added lock/isLocked and changepin support.
+ Revision:
+ Tokend--Tiger--1.0--patch-14
+
+
+ modified files:
+ BELPIC/BELPICRecord.cpp BELPIC/BELPICToken.cpp
+ BELPIC/BELPICToken.h CAC/CACToken.cpp CAC/CACToken.h
+ CAC/Info.plist ChangeLog JPKI/JPKIToken.cpp JPKI/JPKIToken.h
+ Tokend/Record.cpp Tokend/Record.h Tokend/RecordHandle.cpp
+ Tokend/RecordHandle.h Tokend/Token.cpp Tokend/Token.h
+
+
+2004-12-16 01:07:56 GMT Michael Brouwer <mb at apple.com> patch-13
+
+ Summary:
+ Fixed security_aggregate builds
+ Revision:
+ Tokend--Tiger--1.0--patch-13
+
+ Don't throw when probe fails, return a score of 0 instead this
+ reduces exceptions in securityd.
+
+ Link all tokend's against _nopic static frameworks.
+
+ modified files:
+ BELPIC/BELPICToken.cpp CAC/CACToken.cpp ChangeLog
+ JPKI/JPKIToken.cpp Tokend.xcode/project.pbxproj
+
+
+2004-12-10 21:55:06 GMT Michael Brouwer <mb at apple.com> patch-12
+
+ Summary:
+ Fix build failures
+ Revision:
+ Tokend--Tiger--1.0--patch-12
+
+ Don't include libtokend.a in the targets directly, but rather use
+ the OTHER_LDFLAGS_variant to do so.
+ Add GCC_DYNAMIC_NO_PIC = YES to all targets.
+
+ modified files:
+ ChangeLog Tokend.xcode/project.pbxproj
+
+
+2004-12-10 19:53:52 GMT Michael Brouwer <mb at apple.com> patch-11
+
+ Summary:
+ Bumped version to 6
+ Revision:
+ Tokend--Tiger--1.0--patch-11
+
+
+ modified files:
+ ChangeLog Tokend.xcode/project.pbxproj
+
+
+2004-12-10 19:52:25 GMT Michael Brouwer <mb at apple.com> patch-10
+
+ Summary:
+ Integrated Tokend--radar--3856105
+ Revision:
+ Tokend--Tiger--1.0--patch-10
+
+
+
+ Patches applied:
+
+ * mb at apple.com--SmartCards-2004/Tokend--radar--3856105--base-0
+ tag of mb at apple.com--SmartCards-2004/Tokend--Tiger--1.0--patch-5
+
+ * mb at apple.com--SmartCards-2004/Tokend--radar--3856105--patch-1
+ Build a static lib with the shared C++ code.
+
+ * mb at apple.com--SmartCards-2004/Tokend--radar--3856105--patch-2
+ Seperate mds file for each tokend
+
+ * mb at apple.com--SmartCards-2004/Tokend--radar--3856105--patch-3
+ Removed obsolete files.
+
+ * mb at apple.com--SmartCards-2004/Tokend--radar--3856105--patch-4
+ Made tokend's depend on libtokend.a
+
+ * mb at apple.com--SmartCards-2004/Tokend--radar--3856105--patch-5
+ Moved transmitAPDU method from JPKIToken to ISO7816Token
+
+ * mb at apple.com--SmartCards-2004/Tokend--radar--3856105--patch-6
+ Picked up changes from trunk
+
+ * mb at apple.com--SmartCards-2004/Tokend--radar--3856105--patch-7
+ Wrap everything to less than 80 columns.
+
+ * mb at apple.com--SmartCards-2004/Tokend--radar--3856105--patch-8
+ Added SCardError for generic error handeling
+
+ * mb at apple.com--SmartCards-2004/Tokend--radar--3856105--patch-9
+ Remove common code for common coders
+
+ * mb at apple.com--SmartCards-2004/Tokend--radar--3856105--patch-10
+ Integrated changes up to Tokend--submission--5
+
+ * mb at apple.com--SmartCards-2004/Tokend--radar--3856105--patch-11
+ Use fast path versions of CSSMERR_DL_ENDOFDATA
+
+
+ new files:
+ BELPIC/mds/.arch-ids/=id
+ BELPIC/mds/.arch-ids/belpic_csp_capabilities.mdsinfo.id
+ BELPIC/mds/.arch-ids/belpic_csp_capabilities_common.mds.id
+ BELPIC/mds/.arch-ids/belpic_csp_primary.mdsinfo.id
+ BELPIC/mds/.arch-ids/belpic_dl_primary.mdsinfo.id
+ BELPIC/mds/.arch-ids/belpic_smartcard.mdsinfo.id
+ BELPIC/mds/belpic_csp_capabilities.mdsinfo
+ BELPIC/mds/belpic_csp_capabilities_common.mds
+ BELPIC/mds/belpic_csp_primary.mdsinfo
+ BELPIC/mds/belpic_dl_primary.mdsinfo
+ BELPIC/mds/belpic_smartcard.mdsinfo CAC/mds/.arch-ids/=id
+ CAC/mds/.arch-ids/cac_csp_capabilities.mdsinfo.id
+ CAC/mds/.arch-ids/cac_csp_capabilities_common.mds.id
+ CAC/mds/.arch-ids/cac_csp_primary.mdsinfo.id
+ CAC/mds/.arch-ids/cac_dl_primary.mdsinfo.id
+ CAC/mds/.arch-ids/cac_smartcard.mdsinfo.id
+ CAC/mds/cac_csp_capabilities.mdsinfo
+ CAC/mds/cac_csp_capabilities_common.mds
+ CAC/mds/cac_csp_primary.mdsinfo CAC/mds/cac_dl_primary.mdsinfo
+ CAC/mds/cac_smartcard.mdsinfo JPKI/mds/.arch-ids/=id
+ JPKI/mds/.arch-ids/jpki_csp_capabilities.mdsinfo.id
+ JPKI/mds/.arch-ids/jpki_csp_capabilities_common.mds.id
+ JPKI/mds/.arch-ids/jpki_csp_primary.mdsinfo.id
+ JPKI/mds/.arch-ids/jpki_dl_primary.mdsinfo.id
+ JPKI/mds/.arch-ids/jpki_smartcard.mdsinfo.id
+ JPKI/mds/jpki_csp_capabilities.mdsinfo
+ JPKI/mds/jpki_csp_capabilities_common.mds
+ JPKI/mds/jpki_csp_primary.mdsinfo
+ JPKI/mds/jpki_dl_primary.mdsinfo
+ JPKI/mds/jpki_smartcard.mdsinfo Tokend/SCardError.cpp
+ Tokend/SCardError.h
+
+ removed files:
+ BELPIC/BELPICAttributeCoder.cpp BELPIC/BELPICAttributeCoder.h
+ MSCTokendTest/.arch-ids/=id MSCTokendTest/TokenCollection.cpp
+ MSCTokendTest/TokenCollection.h MSCTokendTest/main.cpp
+ MSCTokendTest/muscletest.c MSCTokendTest/unused.h
+ includes/.arch-ids/=id includes/cryptoki.h
+ includes/cryptoki_unix.h includes/cryptoki_win32.h
+ includes/p11x_msc.h includes/pkcs11.h includes/pkcs11f.h
+ includes/pkcs11t.h
+
+ modified files:
+ BELPIC/BELPICError.cpp BELPIC/BELPICError.h
+ BELPIC/BELPICKeyHandle.cpp BELPIC/BELPICKeyHandle.h
+ BELPIC/BELPICRecord.cpp BELPIC/BELPICRecord.h
+ BELPIC/BELPICSchema.cpp BELPIC/BELPICSchema.h
+ BELPIC/BELPICToken.cpp BELPIC/BELPICToken.h
+ CAC/CACAttributeCoder.cpp CAC/CACAttributeCoder.h
+ CAC/CACError.cpp CAC/CACError.h CAC/CACKeyHandle.cpp
+ CAC/CACKeyHandle.h CAC/CACRecord.cpp CAC/CACRecord.h
+ CAC/CACSchema.cpp CAC/CACSchema.h CAC/CACToken.cpp
+ CAC/CACToken.h ChangeLog JPKI/JPKIAttributeCoder.cpp
+ JPKI/JPKIAttributeCoder.h JPKI/JPKIError.cpp JPKI/JPKIError.h
+ JPKI/JPKIKeyHandle.cpp JPKI/JPKIKeyHandle.h
+ JPKI/JPKIRecord.cpp JPKI/JPKIRecord.h JPKI/JPKISchema.cpp
+ JPKI/JPKISchema.h JPKI/JPKIToken.cpp JPKI/JPKIToken.h
+ MuscleCard/KeyRecord.cpp MuscleCard/KeyRecord.h
+ MuscleCard/MuscleCardAttributeCoder.cpp
+ MuscleCard/MuscleCardAttributeCoder.h
+ MuscleCard/MuscleCardKeyHandle.cpp
+ MuscleCard/MuscleCardSchema.cpp MuscleCard/MuscleCardSchema.h
+ MuscleCard/MuscleCardToken.cpp
+ MuscleCard/mds/musclecard_csp_capabilities.mdsinfo
+ Tokend.xcode/project.pbxproj Tokend/Adornment.cpp
+ Tokend/Adornment.h Tokend/AttributeCoder.cpp
+ Tokend/AttributeCoder.h Tokend/Cursor.cpp Tokend/Cursor.h
+ Tokend/DbValue.cpp Tokend/DbValue.h Tokend/KeyHandle.cpp
+ Tokend/KeyHandle.h Tokend/MetaAttribute.cpp
+ Tokend/MetaAttribute.h Tokend/MetaRecord.cpp
+ Tokend/MetaRecord.h Tokend/PKCS11Object.cpp
+ Tokend/PKCS11Object.h Tokend/Record.cpp Tokend/Record.h
+ Tokend/RecordHandle.cpp Tokend/RecordHandle.h
+ Tokend/Relation.cpp Tokend/Schema.cpp Tokend/Schema.h
+ Tokend/SelectionPredicate.cpp Tokend/SelectionPredicate.h
+ Tokend/Token.cpp Tokend/Token.h
+
+ renamed files:
+ Msc/.arch-ids/=id
+ ==> MuscleCard/Msc/.arch-ids/=id
+ mds/.arch-ids/=id
+ ==> MuscleCard/mds/.arch-ids/=id
+ mds/.arch-ids/musclecard_csp_capabilities.mdsinfo.id
+ ==> MuscleCard/mds/.arch-ids/musclecard_csp_capabilities.mdsinfo.id
+ mds/.arch-ids/musclecard_csp_capabilities_common.mds.id
+ ==> MuscleCard/mds/.arch-ids/musclecard_csp_capabilities_common.mds.id
+ mds/.arch-ids/musclecard_csp_primary.mdsinfo.id
+ ==> MuscleCard/mds/.arch-ids/musclecard_csp_primary.mdsinfo.id
+ mds/.arch-ids/musclecard_dl_primary.mdsinfo.id
+ ==> MuscleCard/mds/.arch-ids/musclecard_dl_primary.mdsinfo.id
+ mds/.arch-ids/musclecard_smartcard.mdsinfo.id
+ ==> MuscleCard/mds/.arch-ids/musclecard_smartcard.mdsinfo.id
+
+ new directories:
+ BELPIC/mds BELPIC/mds/.arch-ids CAC/mds CAC/mds/.arch-ids
+ JPKI/mds JPKI/mds/.arch-ids MuscleCard/Msc/.arch-ids
+ MuscleCard/mds/.arch-ids
+
+ removed directories:
+ MSCTokendTest MSCTokendTest/.arch-ids Msc/.arch-ids includes
+ includes/.arch-ids mds/.arch-ids
+
+ renamed directories:
+ Msc
+ ==> MuscleCard/Msc
+ mds
+ ==> MuscleCard/mds
+
+ new patches:
+ mb at apple.com--SmartCards-2004/Tokend--radar--3856105--base-0
+ mb at apple.com--SmartCards-2004/Tokend--radar--3856105--patch-1
+ mb at apple.com--SmartCards-2004/Tokend--radar--3856105--patch-2
+ mb at apple.com--SmartCards-2004/Tokend--radar--3856105--patch-3
+ mb at apple.com--SmartCards-2004/Tokend--radar--3856105--patch-4
+ mb at apple.com--SmartCards-2004/Tokend--radar--3856105--patch-5
+ mb at apple.com--SmartCards-2004/Tokend--radar--3856105--patch-6
+ mb at apple.com--SmartCards-2004/Tokend--radar--3856105--patch-7
+ mb at apple.com--SmartCards-2004/Tokend--radar--3856105--patch-8
+ mb at apple.com--SmartCards-2004/Tokend--radar--3856105--patch-9
+ mb at apple.com--SmartCards-2004/Tokend--radar--3856105--patch-10
+ mb at apple.com--SmartCards-2004/Tokend--radar--3856105--patch-11
+
+
+2004-11-16 21:56:12 GMT Michael Brouwer <mb at apple.com> patch-9
+
+ Summary:
+ Merged changes on Tokend--submission--5 branch
+ Revision:
+ Tokend--Tiger--1.0--patch-9
+
+
+ modified files:
+ ChangeLog Tokend.xcode/project.pbxproj
+
+ new patches:
+ mb at apple.com--SmartCards-2004/Tokend--submission--5--base-0
+ mb at apple.com--SmartCards-2004/Tokend--submission--5--patch-1
+
+
+2004-11-16 03:10:34 GMT Perry The Cynic <perry at apple.com> patch-8
+
+ Summary:
+ Shut up the compiler (warnings). No functional change.
+ Revision:
+ Tokend--Tiger--1.0--patch-8
+
+
+ modified files:
+ ChangeLog
+
+
+2004-11-16 02:58:23 GMT Perry The Cynic <perry at apple.com> patch-7
+
+ Summary:
+ Track changes for PR-3862948
+ Revision:
+ Tokend--Tiger--1.0--patch-7
+
+
+
+ modified files:
+ ChangeLog Tokend/Token.cpp Tokend/Token.h
+
+
+2004-10-28 18:08:53 GMT Michael Brouwer <mb at apple.com> patch-6
+
+ Summary:
+ Integrated Tokend--radar--3836842
+ Revision:
+ Tokend--Tiger--1.0--patch-6
+
+ * Token.cpp
+ (Token::cacheObject): Don't throw if writing the cache object
+ fails for some reason. In addition try to unlink the object
+ if something does go wrong while writing it.
+
+ Patches applied:
+
+ * mb at apple.com--SmartCards-2004/Tokend--radar--3836842--base-0
+ tag of mb at apple.com--SmartCards-2004/Tokend--Tiger--1.0--patch-5
+
+ * mb at apple.com--SmartCards-2004/Tokend--radar--3836842--patch-1
+ Make it non fatal to not be able to write to the cache.
+
+
+ modified files:
+ ChangeLog Tokend/Token.cpp
+
+ new patches:
+ mb at apple.com--SmartCards-2004/Tokend--radar--3836842--base-0
+ mb at apple.com--SmartCards-2004/Tokend--radar--3836842--patch-1
+
+
+2004-10-27 19:07:13 GMT Michael Brouwer <mb at apple.com> patch-5
+
+ Summary:
+ Bumped version to 4
+ Revision:
+ Tokend--Tiger--1.0--patch-5
+
+
+ modified files:
+ BELPIC/Info.plist CAC/Info.plist ChangeLog JPKI/Info.plist
+ MuscleCard/Info.plist Tokend.xcode/project.pbxproj
+
+
+2004-10-27 19:04:17 GMT Michael Brouwer <mb at apple.com> patch-4
+
+ Summary:
+ Integrated Tokend--radar--3829126
+ Revision:
+ Tokend--Tiger--1.0--patch-4
+
+ * (testcms.sh): Switch order of encrypt and sign tests.
+
+ new files:
+ JPKI/.arch-ids/=id JPKI/.arch-ids/Info.plist.id
+ JPKI/Info.plist JPKI/JPKIAttributeCoder.cpp
+ JPKI/JPKIAttributeCoder.h JPKI/JPKIError.cpp JPKI/JPKIError.h
+ JPKI/JPKIKeyHandle.cpp JPKI/JPKIKeyHandle.h
+ JPKI/JPKIRecord.cpp JPKI/JPKIRecord.h JPKI/JPKISchema.cpp
+ JPKI/JPKISchema.h JPKI/JPKIToken.cpp JPKI/JPKIToken.h
+ JPKI/jpki.cpp
+
+ modified files:
+ BELPIC/BELPICToken.cpp ChangeLog Tokend.xcode/project.pbxproj
+ testcms.sh
+
+ new directories:
+ JPKI JPKI/.arch-ids
+
+ new patches:
+ mb at apple.com--SmartCards-2004/Tokend--radar--3829126--base-0
+ mb at apple.com--SmartCards-2004/Tokend--radar--3829126--patch-1
+ mb at apple.com--SmartCards-2004/Tokend--radar--3829126--patch-2
+ mb at apple.com--SmartCards-2004/Tokend--radar--3829126--patch-3
+
+
+2004-10-08 00:40:45 GMT Michael Brouwer <mb at apple.com> patch-3
+
+ Summary:
+ Merged Tokend--radar--3825493 branch
+ Revision:
+ Tokend--Tiger--1.0--patch-3
+
+ Bumped version number to 3 in preperation of next submission.
+
+ Patches applied:
+
+ * mb at apple.com--SmartCards-2004/Tokend--radar--3825493--base-0
+ tag of mb at apple.com--SmartCards-2004/Tokend--Tiger--1.0--base-0
+
+ * mb at apple.com--SmartCards-2004/Tokend--radar--3825493--patch-1
+ BELPIC card works 90%
+
+ * mb at apple.com--SmartCards-2004/Tokend--radar--3825493--patch-2
+ Make key#3 use a prompted password acl instead of a pin acl
+
+ * mb at apple.com--SmartCards-2004/Tokend--radar--3825493--patch-3
+ Disabled decrypt since BELPIC cards can't
+
+ * mb at apple.com--SmartCards-2004/Tokend--radar--3825493--patch-4
+ Merged changes from Tokend--submission--1 though Tokend--submission--2
+
+ * mb at apple.com--SmartCards-2004/Tokend--radar--3825493--patch-5
+ Added BELPIC target to world and made world the default target
+
+ * mb at apple.com--SmartCards-2004/Tokend--radar--3825493--patch-6
+ Key#2 should work again now.
+
+ * mb at apple.com--SmartCards-2004/Tokend--radar--3825493--patch-7
+ Fixed ACL stuff
+
+
+ new files:
+ ChangeLog
+
+ removed files:
+ ChangeLog
+
+ modified files:
+ BELPIC/BELPICAttributeCoder.cpp BELPIC/BELPICKeyHandle.cpp
+ BELPIC/BELPICKeyHandle.h BELPIC/BELPICRecord.cpp
+ BELPIC/BELPICRecord.h BELPIC/BELPICToken.cpp
+ BELPIC/BELPICToken.h BELPIC/Info.plist CAC/CACRecord.cpp
+ CAC/CACRecord.h CAC/CACToken.cpp CAC/Info.plist
+ MuscleCard/Info.plist MuscleCard/MuscleCardKeyHandle.cpp
+ MuscleCard/MuscleCardToken.cpp Tokend.xcode/project.pbxproj
+ Tokend/Record.cpp
+
+ new patches:
+ mb at apple.com--SmartCards-2004/Tokend--radar--3825493--base-0
+ mb at apple.com--SmartCards-2004/Tokend--radar--3825493--patch-1
+ mb at apple.com--SmartCards-2004/Tokend--radar--3825493--patch-2
+ mb at apple.com--SmartCards-2004/Tokend--radar--3825493--patch-3
+ mb at apple.com--SmartCards-2004/Tokend--radar--3825493--patch-4
+ mb at apple.com--SmartCards-2004/Tokend--radar--3825493--patch-5
+ mb at apple.com--SmartCards-2004/Tokend--radar--3825493--patch-6
+ mb at apple.com--SmartCards-2004/Tokend--radar--3825493--patch-7
+
+
+2004-10-06 01:21:04 GMT Michael Brouwer <mb at apple.com> patch-2
+
+ Summary:
+ Fixed verification failure
+ Revision:
+ Tokend--Tiger--1.0--patch-2
+
+ Remove Info.plist from each target's Bundle Resources section.
+ Bump version number to 2
+
+ modified files:
+ BELPIC/Info.plist CAC/Info.plist MuscleCard/Info.plist
+ Tokend.xcode/project.pbxproj
+
+
+2004-10-05 21:21:00 GMT John Hurley <jhurley at apple.com> patch-1
+
+ Summary:
+ don't copy stack into data buffer for PNTB etc.
+ Revision:
+ Tokend--Tiger--1.0--patch-1
+
+ don't need to call memcpy
+ <rdar://problem/3827355> Tokend incorrectly gets personnel data from CAC card
+
+ modified files:
+ CAC/CACRecord.cpp
+
+
+2004-10-04 19:31:43 GMT Michael Brouwer <mb at apple.com> base-0
+
+ Summary:
+ tag of mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-102
+ Revision:
+ Tokend--Tiger--1.0--base-0
+
+ (automatically generated log message)
+
+ new patches:
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--base-0
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-1
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-2
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-3
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-4
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-5
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-6
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-7
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-8
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-9
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-10
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-11
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-12
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-13
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-14
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-15
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-16
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-17
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-18
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-19
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-20
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-21
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-22
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-23
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-24
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-25
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-26
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-27
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-28
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-29
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-30
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-31
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-32
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-33
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-34
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-35
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-36
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-37
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-38
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-39
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-40
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-41
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-42
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-43
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-44
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-45
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-46
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-47
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-48
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-49
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-50
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-51
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-52
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-53
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-54
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-55
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-56
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-57
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-58
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-59
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-60
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-61
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-62
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-63
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-64
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-65
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-66
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-67
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-68
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-69
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-70
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-71
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-72
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-73
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-74
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-75
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-76
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-77
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-78
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-79
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-80
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-81
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-82
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-83
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-84
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-85
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-86
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-87
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-88
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-89
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-90
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-91
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-92
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-93
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-94
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-95
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-96
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-97
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-98
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-99
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-100
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-101
+ mb at apple.com--SmartCards-2004/TokendMuscle--Tiger--1.0--patch-102
+ mb at apple.com--SmartCards-2004/TokendMuscle--cacreorg--1.0--base-0
+ mb at apple.com--SmartCards-2004/TokendMuscle--cacreorg--1.0--patch-1
+
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/Info-tokend__Upgraded_.plist
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/Info-tokend__Upgraded_.plist (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/Info-tokend__Upgraded_.plist 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,5 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict/>
+</plist>
Added: releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Info.plist
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Info.plist (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Info.plist 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+ <key>CFBundleDevelopmentRegion</key>
+ <string>English</string>
+ <key>CFBundleExecutable</key>
+ <string>MuscleCard</string>
+ <key>CFBundleIdentifier</key>
+ <string>com.apple.tokend.musclecard</string>
+ <key>CFBundleInfoDictionaryVersion</key>
+ <string>6.0</string>
+ <key>CFBundleName</key>
+ <string>MuscleCard</string>
+ <key>CFBundlePackageType</key>
+ <string>????</string>
+ <key>CFBundleShortVersionString</key>
+ <string>2.0</string>
+ <key>CFBundleSignature</key>
+ <string>????</string>
+ <key>CFBundleVersion</key>
+ <string>40596</string>
+</dict>
+</plist>
Added: releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/KeyRecord.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/KeyRecord.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/KeyRecord.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,38 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * KeyRecord.cpp
+ * TokendMuscle
+ */
+
+#include "KeyRecord.h"
+#include "Msc/MscObject.h"
+#include <Security/SecKey.h>
+
+using namespace Tokend;
+
+KeyRecord::~KeyRecord()
+{
+}
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/KeyRecord.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/KeyRecord.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/KeyRecord.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,54 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * KeyRecord.h
+ * TokendMuscle
+ */
+
+#ifndef _KEYRECORD_H_
+#define _KEYRECORD_H_
+
+#include "Msc/MscKey.h"
+#include "Record.h"
+
+#include <string>
+
+class MscObject;
+
+class KeyRecord : public Tokend::Record
+{
+ NOCOPY(KeyRecord)
+public:
+ KeyRecord(MscKey& key) : mKey(key) {}
+ //KeyRecord(const MSCKeyInfo& keyInfo,MscTokenConnection *connection) : MscKey(keyInfo,connection) {}
+ virtual ~KeyRecord();
+
+ MscKey &key() { return mKey; }
+private:
+ MscKey &mKey;
+};
+
+#endif /* !_KEYRECORD_H_ */
+
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscACL.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscACL.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscACL.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,31 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * MscACL.cpp
+ * TokendMuscle
+ */
+
+#include "MscACL.h"
+
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscACL.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscACL.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscACL.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,57 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * MscACL.h
+ * TokendMuscle
+ */
+
+#ifndef _MSCACL_H_
+#define _MSCACL_H_
+
+#include <PCSC/musclecard.h>
+
+#if 0
+class MscACL
+{
+public:
+ typedef struct
+ {
+ MSCUShort16 readPermission;
+ MSCUShort16 writePermission;
+ MSCUShort16 usePermission;
+ }
+ MSCKeyACL, *MSCLPKeyACL;
+
+ typedef struct
+ {
+ MSCUShort16 readPermission;
+ MSCUShort16 writePermission;
+ MSCUShort16 deletePermission;
+ }
+ MSCObjectACL, *MSCLPObjectACL, MSCCertACL, *MSCLPCertACL;
+};
+#endif
+
+#endif /* !_MSCACL_H_ */
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscError.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscError.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscError.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,143 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * MscError.cpp
+ * TokendMuscle
+ */
+
+#include "MscError.h"
+
+//
+// MacOSError exceptions
+//
+MscError::MscError(int err) : error(err)
+{
+ IFDEBUG(debugDiagnose(this));
+}
+
+const char *MscError::what() const throw ()
+{ return "Musclecard error"; }
+
+OSStatus MscError::osStatus() const
+{ return error; }
+
+int MscError::unixError() const
+{
+ switch (error)
+ {
+ default:
+ // cannot map this to errno space
+ return -1;
+ }
+}
+
+void MscError::throwMe(int error)
+{ throw MscError(error); }
+
+#if !defined(NDEBUG)
+void MscError::debugDiagnose(const void *id) const
+{
+ secdebug("exception", "%p MscError %s (%d)",
+ id, mscerrorstr(error), error);
+}
+
+const char *MscError::mscerrorstr(int err) const
+{
+ switch (err)
+ {
+ // Musclecard Errors
+ case MSC_SUCCESS: return "Success";
+ case MSC_NO_MEMORY_LEFT: return "There have been memory problems on the card";
+ case MSC_AUTH_FAILED: return "Entered PIN is not correct";
+ case MSC_OPERATION_NOT_ALLOWED: return "Required operation is not allowed in actual circumstances";
+ case MSC_INCONSISTENT_STATUS: return "Required operation is inconsistent with memory contents";
+ case MSC_UNSUPPORTED_FEATURE: return "Required feature is not (yet) supported";
+ case MSC_UNAUTHORIZED: return "Required operation was not authorized because of a lack of privileges";
+ case MSC_OBJECT_NOT_FOUND: return "Required object is missing";
+ case MSC_OBJECT_EXISTS: return "New object ID already in use";
+ case MSC_INCORRECT_ALG: return "Algorithm specified is not correct";
+ case MSC_SIGNATURE_INVALID: return "Verify operation detected an invalid signature";
+ case MSC_IDENTITY_BLOCKED: return "Operation has been blocked for security reason";
+ case MSC_UNSPECIFIED_ERROR: return "Unspecified error";
+ case MSC_TRANSPORT_ERROR: return "PCSC and driver transport errors";
+ case MSC_INVALID_PARAMETER: return "Invalid parameter given";
+ case MSC_INCORRECT_P1: return "Incorrect P1 parameter";
+ case MSC_INCORRECT_P2: return "Incorrect P2 parameter";
+ case MSC_SEQUENCE_END: return "End of sequence";
+ case MSC_INTERNAL_ERROR: return "For debugging purposes - Internal error";
+ case MSC_CANCELLED: return "A blocking event has been cancelled";
+ case MSC_INSUFFICIENT_BUFFER: return "The buffer provided is too short";
+ case MSC_UNRECOGNIZED_TOKEN: return "The selected token is not recognized";
+ case MSC_SERVICE_UNRESPONSIVE: return "The PC/SC services is not available";
+ case MSC_TIMEOUT_OCCURRED: return "The action has timed out";
+ case MSC_TOKEN_REMOVED: return "The token has been removed";
+ case MSC_TOKEN_RESET: return "The token has been reset";
+ case MSC_TOKEN_INSERTED: return "The token has been inserted";
+ case MSC_TOKEN_UNRESPONSIVE: return "The token is unresponsive";
+ case MSC_INVALID_HANDLE: return "The handle is invalid";
+ case MSC_SHARING_VIOLATION: return "Invalid sharing";
+
+ // PCSC Errors
+ case SCARD_S_SUCCESS:
+ case SCARD_E_CANCELLED:
+ case SCARD_E_CANT_DISPOSE:
+ case SCARD_E_INSUFFICIENT_BUFFER:
+ case SCARD_E_INVALID_ATR:
+ case SCARD_E_INVALID_HANDLE:
+ case SCARD_E_INVALID_PARAMETER:
+ case SCARD_E_INVALID_TARGET:
+ case SCARD_E_INVALID_VALUE:
+ case SCARD_E_NO_MEMORY:
+ case SCARD_F_COMM_ERROR:
+ case SCARD_F_INTERNAL_ERROR:
+ case SCARD_F_UNKNOWN_ERROR:
+ case SCARD_F_WAITED_TOO_LONG:
+ case SCARD_E_UNKNOWN_READER:
+ case SCARD_E_TIMEOUT:
+ case SCARD_E_SHARING_VIOLATION:
+ case SCARD_E_NO_SMARTCARD:
+ case SCARD_E_UNKNOWN_CARD:
+ case SCARD_E_PROTO_MISMATCH:
+ case SCARD_E_NOT_READY:
+ case SCARD_E_SYSTEM_CANCELLED:
+ case SCARD_E_NOT_TRANSACTED:
+ case SCARD_E_READER_UNAVAILABLE:
+ case SCARD_W_UNSUPPORTED_CARD:
+ case SCARD_W_UNRESPONSIVE_CARD:
+ case SCARD_W_UNPOWERED_CARD:
+ case SCARD_W_RESET_CARD:
+ case SCARD_W_REMOVED_CARD:
+ case SCARD_E_PCI_TOO_SMALL:
+ case SCARD_E_READER_UNSUPPORTED:
+ case SCARD_E_DUPLICATE_READER:
+ case SCARD_E_CARD_UNSUPPORTED:
+ case SCARD_E_NO_SERVICE:
+ case SCARD_E_SERVICE_STOPPED:
+ return pcsc_stringify_error(err);
+ default:
+ return "Unknown error";
+ }
+}
+#endif //NDEBUG
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscError.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscError.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscError.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,56 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * MscError.h
+ * TokendMuscle
+ */
+
+#ifndef _MSCERROR_H_
+#define _MSCERROR_H_
+
+#include <security_utilities/debugging.h>
+#include <security_utilities/errors.h>
+#include <PCSC/musclecard.h>
+#include <PCSC/pcsclite.h>
+
+class MscError : public Security::CommonError
+{
+protected:
+ MscError(int err);
+public:
+ const int error;
+ virtual OSStatus osStatus() const;
+ virtual int unixError() const;
+ virtual const char *what () const throw ();
+
+ static void check(OSStatus status) { if (status!=MSC_SUCCESS && status!=SCARD_S_SUCCESS) throwMe(status); }
+ static void throwMe(int err) __attribute__((noreturn));
+
+protected:
+ IFDEBUG(void debugDiagnose(const void *id) const;)
+ IFDEBUG(const char *mscerrorstr(int err) const;)
+};
+
+#endif /* !_MSCERROR_H_ */
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscKey.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscKey.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscKey.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,170 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * MscKey.cpp
+ * TokendMuscle
+ */
+
+#include "MscKey.h"
+#include "MscError.h"
+
+void MscKey::importKey(const MSCKeyACL& keyACL,const void *keyBlob,size_t keyBlobSize,
+ MSCKeyPolicy& keyPolicy,MSCPVoid32 pAddParams, MSCUChar8 addParamsSize)
+{
+ MSC_RV rv = MSCImportKey(&Required(mConnection),number(),const_cast<MSCKeyACL *>(&keyACL),
+ reinterpret_cast<MSCPUChar8>(const_cast<void *>(keyBlob)),keyBlobSize,&keyPolicy,pAddParams,addParamsSize);
+ if (rv!=MSC_SUCCESS)
+ MscError::throwMe(rv);
+}
+
+void MscKey::exportKey(void *keyBlob,size_t keyBlobSize,MSCPVoid32 pAddParams, MSCUChar8 addParamsSize)
+{
+ uint32_t kbs = keyBlobSize;
+ MSC_RV rv = MSCExportKey(&Required(mConnection),number(),
+ reinterpret_cast<MSCPUChar8>(keyBlob),&kbs,pAddParams,addParamsSize);
+ if (rv!=MSC_SUCCESS)
+ MscError::throwMe(rv);
+}
+
+void MscKey::extAuthenticate(MSCUChar8 cipherMode,MSCUChar8 cipherDirection,const char *pData,size_t dataSize)
+{
+ MSC_RV rv = MSCExtAuthenticate(&Required(mConnection),number(),cipherMode,cipherDirection,
+ reinterpret_cast<unsigned char *>(const_cast<char *>(pData)),dataSize);
+ if (rv!=MSC_SUCCESS)
+ MscError::throwMe(rv);
+}
+
+void MscKey::convert(CssmKey &cssmk)
+{
+ cssmk.header().cspGuid(Guid::overlay(gGuidAppleSdCSPDL));
+
+ switch (type())
+ {
+ case MSC_KEY_RSA_PRIVATE:
+ case MSC_KEY_RSA_PRIVATE_CRT:
+ case MSC_KEY_RSA_PUBLIC:
+ cssmk.algorithm(CSSM_ALGID_RSA);
+ break;
+
+ case MSC_KEY_DSA_PRIVATE:
+ case MSC_KEY_DSA_PUBLIC:
+ cssmk.algorithm(CSSM_ALGID_DSA);
+ break;
+
+ case MSC_KEY_DES:
+ cssmk.algorithm(CSSM_ALGID_DES);
+ break;
+ case MSC_KEY_3DES:
+ // @@@ Which algid is this?
+ cssmk.algorithm(CSSM_ALGID_3DES);
+ //cssmk.algorithm(CSSM_ALGID_3DES_3KEY_EDE);
+ //cssmk.algorithm(CSSM_ALGID_3DES_2KEY_EDE);
+ //cssmk.algorithm(CSSM_ALGID_3DES_1KEY_EEE);
+ //cssmk.algorithm(CSSM_ALGID_3DES_3KEY_EEE);
+ //cssmk.algorithm(CSSM_ALGID_3DES_2KEY_EEE);
+ break;
+ case MSC_KEY_3DES3:
+ // @@@ Which algid is this?
+ cssmk.algorithm(CSSM_ALGID_3DES_3KEY_EDE);
+ //cssmk.algorithm(CSSM_ALGID_3DES_3KEY_EEE);
+ break;
+ default:
+ cssmk.algorithm(CSSM_ALGID_CUSTOM);
+ break;
+ }
+
+ cssmk.blobType(CSSM_KEYBLOB_REFERENCE); // Keys are always reference keys
+ cssmk.blobFormat(CSSM_KEYBLOB_REF_FORMAT_INTEGER);
+ switch (type())
+ {
+ case MSC_KEY_RSA_PRIVATE:
+ case MSC_KEY_RSA_PRIVATE_CRT:
+ case MSC_KEY_DSA_PRIVATE:
+ cssmk.keyClass(CSSM_KEYCLASS_PRIVATE_KEY);
+ break;
+ case MSC_KEY_RSA_PUBLIC:
+ case MSC_KEY_DSA_PUBLIC:
+ cssmk.keyClass(CSSM_KEYCLASS_PUBLIC_KEY);
+ break;
+ case MSC_KEY_DES:
+ case MSC_KEY_3DES:
+ case MSC_KEY_3DES3:
+ cssmk.keyClass(CSSM_KEYCLASS_SESSION_KEY);
+ break;
+ default:
+ cssmk.keyClass(CSSM_KEYCLASS_OTHER);
+ break;
+ }
+
+ cssmk.header().LogicalKeySizeInBits = size();
+
+ cssmk.setAttribute(CSSM_KEYATTR_PERMANENT);
+ if (acl().read() != MSC_AUT_NONE)
+ cssmk.setAttribute(CSSM_KEYATTR_EXTRACTABLE);
+ else
+ cssmk.setAttribute(CSSM_KEYATTR_SENSITIVE);
+
+ if (acl().write() != MSC_AUT_NONE)
+ cssmk.setAttribute(CSSM_KEYATTR_MODIFIABLE);
+
+ if (acl().use() != MSC_AUT_ALL)
+ cssmk.setAttribute(CSSM_KEYATTR_PRIVATE);
+
+ // Muscle doesn't really encode these values.
+ cssmk.clearAttribute(CSSM_KEYATTR_ALWAYS_SENSITIVE | CSSM_KEYATTR_NEVER_EXTRACTABLE);
+
+ // Set up key usage fields
+ MSCUShort16 cipherDirection = keyPolicy.cipherDirection;
+ if (cipherDirection & MSC_KEYPOLICY_DIR_SIGN)
+ cssmk.usage(CSSM_KEYUSE_SIGN);
+ if (cipherDirection & MSC_KEYPOLICY_DIR_VERIFY)
+ cssmk.usage(CSSM_KEYUSE_VERIFY);
+ if (cipherDirection & MSC_KEYPOLICY_DIR_ENCRYPT)
+ cssmk.usage(CSSM_KEYUSE_ENCRYPT | CSSM_KEYUSE_WRAP);
+ if (cipherDirection & MSC_KEYPOLICY_DIR_DECRYPT)
+ cssmk.usage(CSSM_KEYUSE_DECRYPT | CSSM_KEYUSE_UNWRAP);
+ // @@@ no mapping to CSSM_KEYUSE_ANY, CSSM_KEYUSE_SIGN_RECOVER, CSSM_KEYUSE_VERIFY_RECOVER, CSSM_KEYUSE_DERIVE
+}
+
+void MscKey::computeCrypt(MSCUChar8 cipherMode, MSCUChar8 cipherDirection,
+ const MSCUChar8 *inputData, size_t inputDataSize,
+ MSCUChar8 *outputData, size_t &outputDataSize)
+{
+ MSCCryptInit cryptInit = { number(), cipherMode, cipherDirection, };
+ uint32_t outsz = outputDataSize;
+ MSC_RV rv = MSCComputeCrypt(mConnection, &cryptInit, const_cast<MSCUChar8 *>(inputData),
+ inputDataSize, outputData, &outsz);
+ outputDataSize = outsz;
+ if (rv != MSC_SUCCESS)
+ MscError::throwMe(rv);
+}
+
+
+#if defined(DEBUGDUMP)
+void MscKey::debugDump()
+{
+ Debug::dump("key: %hhu type: 0x%02hhX size: %hu policy(mode: 0x%04hX direction: 0x%04hX) acl(read: 0x%04hX write: 0x%04hX use: 0x%04hX)\n", keyNum, keyType, keySize, keyPolicy.cipherMode, keyPolicy.cipherDirection, keyACL.readPermission, keyACL.writePermission, keyACL.usePermission);
+}
+#endif /* !defined(DEBUGDUMP) */
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscKey.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscKey.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscKey.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,65 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * MscKey.h
+ * TokendMuscle
+ */
+
+#ifndef _MSCKEY_H_
+#define _MSCKEY_H_
+
+#include <PCSC/musclecard.h>
+#include "MscWrappers.h"
+#include "MscTokenConnection.h"
+#include <security_utilities/debugging.h>
+#include <security_cdsa_utilities/cssmkey.h>
+
+class MscKey : public MscKeyInfo
+{
+public:
+ MscKey() { }
+ MscKey(unsigned int keyNum, MscTokenConnection *connection);
+ MscKey(const MSCKeyInfo& keyInfo,MscTokenConnection *connection) :
+ MscKeyInfo(keyInfo), mConnection(connection) {}
+ virtual ~MscKey() {};
+
+ void importKey(const MSCKeyACL& keyACL,const void *keyBlob,size_t keyBlobSize,
+ MSCKeyPolicy& keyPolicy,MSCPVoid32 pAddParams=NULL, MSCUChar8 addParamsSize=0);
+ void exportKey(void *keyBlob,size_t keyBlobSize,MSCPVoid32 pAddParams=NULL, MSCUChar8 addParamsSize=0);
+ void extAuthenticate(MSCUChar8 cipherMode,MSCUChar8 cipherDirection,const char *pData,size_t dataSize);
+ void convert(CssmKey &cssmk);
+ void computeCrypt(MSCUChar8 cipherMode, MSCUChar8 cipherDirection,
+ const MSCUChar8 *inputData, size_t inputDataSize,
+ MSCUChar8 *outputData, size_t &outputDataSize);
+
+ MscTokenConnection &connection() { return *mConnection; }
+
+ IFDUMP(void debugDump());
+
+protected:
+ MscTokenConnection *mConnection;
+};
+
+#endif /* !_MSCKEY_H_ */
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscObject.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscObject.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscObject.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,117 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * MscObject.cpp
+ * TokendMuscle
+ */
+
+#include "MscObject.h"
+#include "MscError.h"
+
+MscObject::MscObject(const char *objectID,MscTokenConnection *connection) :
+ mConnection(connection), mData(NULL), mDataLoaded(false), mAttributesLoaded(false)
+{
+ ::memcpy(mInfo.objectID,objectID,sizeof(mInfo.objectID));
+}
+
+MscObject::MscObject(const MSCObjectInfo& info,MscTokenConnection *connection) :
+ mInfo(info), mConnection(connection), mData(NULL), mDataLoaded(false), mAttributesLoaded(true)
+{
+ // Note: if we are constructed with an MSCObjectInfo, we already have our attributes
+}
+
+MscObject::~MscObject()
+{
+ if (mData)
+ free(mData);
+}
+
+void MscObject::create(const char *objectID,u_int32_t objectSize,const MscObjectACL& objectACL)
+{
+ // This reserves space on the card for a new object
+ // It must be called before the object can be written
+ MSC_RV rv = MSCCreateObject(mConnection,const_cast<char *>(&Required(objectID)),objectSize,
+ const_cast<MSCObjectACL *>((MSCObjectACL *)&objectACL));
+ if (rv!=MSC_SUCCESS)
+ MscError::throwMe(rv);
+}
+
+void MscObject::deleteobj(const char *objectID,bool zeroFlag)
+{
+ // This deletes an object on the card
+ MSC_RV rv = MSCDeleteObject(mConnection,const_cast<char *>(&Required(objectID)),zeroFlag);
+ if (rv!=MSC_SUCCESS)
+ MscError::throwMe(rv);
+}
+
+void MscObject::read()
+{
+ LPRWEventCallback rwCallback = NULL;
+ MSCPVoid32 addParams = NULL;
+ getAttributes();
+
+ if (mDataLoaded)
+ return;
+
+ MSCULong32 readSz = mInfo.size();
+ MSC_RV rv = MSCReadAllocateObject(mConnection, const_cast<char *>(mInfo.objid()),
+ reinterpret_cast<MSCPUChar8 *>(&mData),&readSz, rwCallback, addParams);
+ if (rv!=MSC_SUCCESS)
+ MscError::throwMe(rv);
+
+ mDataLoaded = true;
+}
+
+void MscObject::write(const char *dataToWrite,size_t dataSize)
+{
+ MSCULong32 offset = 0;
+ LPRWEventCallback rwCallback = NULL;
+ MSCPVoid32 addParams = NULL;
+
+ MSC_RV rv = MSCWriteObject(mConnection, const_cast<char *>(mInfo.objid()), offset,
+ reinterpret_cast<unsigned char *>(const_cast<char *>(dataToWrite)),dataSize, rwCallback, addParams);
+ if (rv!=MSC_SUCCESS)
+ MscError::throwMe(rv);
+ mDataLoaded = false;
+}
+
+#ifdef _DEBUG_OSTREAM
+std::ostream& operator << (std::ostream& strm, const MscObject& obj)
+{
+ strm << "Obj: " << obj.mInfo;
+ return strm;
+}
+#endif
+
+#pragma mark ---------------- Utility methods --------------
+
+void MscObject::getAttributes(bool refresh)
+{
+ if (refresh || !mAttributesLoaded)
+ {
+ (Required(mConnection)).getObjectAttributes(mInfo.objid(),mInfo);
+ mAttributesLoaded = true;
+ }
+}
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscObject.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscObject.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscObject.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,72 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * MscObject.h
+ * TokendMuscle
+ */
+
+#ifndef _MSCOBJECT_H_
+#define _MSCOBJECT_H_
+
+#include "MscWrappers.h"
+#include "MscTokenConnection.h"
+#include <PCSC/musclecard.h>
+
+class MscObject
+{
+ NOCOPY(MscObject)
+public:
+ MscObject(const char *objectID,MscTokenConnection *connection);
+ MscObject(const MSCObjectInfo& info,MscTokenConnection *connection);
+ virtual ~MscObject();
+
+ virtual void create(const char *objectID,u_int32_t objectSize,const MscObjectACL& objectACL=MscObjectACL());
+ virtual void deleteobj(const char *objectID,bool zeroFlag);
+ virtual void write(const char *dataToWrite,size_t dataSize);
+ virtual void read();
+
+ virtual const void *data() { if (!mDataLoaded) read(); return reinterpret_cast<const void *>(mData); }
+ virtual uint32 size() const { return mInfo.size(); }
+ virtual const char *objid() const { return mInfo.objid(); }
+
+#ifdef _DEBUG_OSTREAM
+ friend std::ostream& operator << (std::ostream& strm, const MscObject& obj);
+#endif
+
+protected:
+ MscObjectInfo mInfo;
+ MscTokenConnection *mConnection;
+ char *mData;
+ mutable bool mDataLoaded;
+ mutable bool mAttributesLoaded;
+
+ void getAttributes(bool refresh=false);
+};
+
+#ifdef _DEBUG_OSTREAM
+std::ostream& operator << (std::ostream& strm, const MscObject& ee);
+#endif
+
+#endif /* !_MSCOBJECT_H_ */
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscPIN.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscPIN.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscPIN.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,65 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * MscPIN.cpp
+ * TokendMuscle
+ */
+
+#include "MscPIN.h"
+#include "MscError.h"
+
+void MscPIN::create(unsigned int pinNum,unsigned int pinAttempts,const char *PIN, size_t PINSize,
+ const char *unblockPIN, size_t unblockPINSize)
+{
+ MSC_RV rv = MSCCreatePIN(&Required(mConnection),pinNum,pinAttempts,
+ reinterpret_cast<unsigned char *>(const_cast<char *>(PIN)),PINSize,
+ reinterpret_cast<unsigned char *>(const_cast<char *>(unblockPIN)),unblockPINSize);
+ if (rv!=MSC_SUCCESS)
+ MscError::throwMe(rv);
+}
+
+void MscPIN::change(unsigned int pinNum,const char *oldPIN, size_t oldPINSize,const char *newPIN, size_t newPINSize)
+{
+ MSC_RV rv = MSCChangePIN(&Required(mConnection),pinNum,
+ reinterpret_cast<unsigned char *>(const_cast<char *>(oldPIN)),oldPINSize,
+ reinterpret_cast<unsigned char *>(const_cast<char *>(newPIN)),newPINSize);
+ if (rv!=MSC_SUCCESS)
+ MscError::throwMe(rv);
+}
+
+void MscPIN::unblock(unsigned int pinNum,const char *unblockCode, size_t unblockCodeSize)
+{
+ MSC_RV rv = MSCUnblockPIN(&Required(mConnection),pinNum,
+ reinterpret_cast<unsigned char *>(const_cast<char *>(unblockCode)),unblockCodeSize);
+ if (rv!=MSC_SUCCESS)
+ MscError::throwMe(rv);
+}
+
+void MscPIN::list(MSCUShort16& mask)
+{
+ MSC_RV rv = MSCListPINs(&Required(mConnection),&mask);
+ if (rv!=MSC_SUCCESS)
+ MscError::throwMe(rv);
+}
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscPIN.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscPIN.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscPIN.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,54 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * MscPIN.h
+ * TokendMuscle
+ */
+
+#ifndef _MSCPIN_H_
+#define _MSCPIN_H_
+
+#include "MscWrappers.h"
+#include "MscTokenConnection.h"
+#include <PCSC/musclecard.h>
+
+class MscPIN
+{
+public:
+ MscPIN() { }
+ MscPIN(MscTokenConnection *connection) { mConnection = connection; }
+ virtual ~MscPIN() {};
+
+ void create(unsigned int pinNum,unsigned int pinAttempts,const char *PIN, size_t PINSize,
+ const char *unblockPIN, size_t unblockPINSize);
+ void change(unsigned int pinNum,const char *oldPIN, size_t oldPINSize,const char *newPIN, size_t newPINSize);
+ void unblock(unsigned int pinNum,const char *unblockCode, size_t unblockCodeSize);
+ void list(MSCUShort16& mask);
+
+protected:
+ MscTokenConnection *mConnection;
+};
+
+#endif /* !_MSCPIN_H_ */
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscToken.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscToken.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscToken.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,93 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * MscToken.cpp
+ * TokendMuscle
+ */
+
+#include <iostream>
+#include "MscToken.h"
+#include "MscError.h"
+
+#include <Security/cssmtype.h>
+#include <PCSC/pcsclite.h>
+#include <PCSC/musclecard.h>
+
+#include <security_cdsa_utilities/cssmdb.h>
+
+void MscToken::loadobjects()
+{
+ for (MSCUChar8 seqOption = MSC_SEQUENCE_RESET;;)
+ {
+ MSCObjectInfo objInfo;
+ MSC_RV rv = MSCListObjects(mConnection, seqOption, &objInfo);
+ if (rv!=MSC_SUCCESS)
+ break; //MscError::throwMe(rv);
+ const char *objid = MscObjectInfo::overlay(&objInfo)->objid();
+ MscObject *obj = new MscObject(objInfo,mConnection);
+ mObjects.insert(pair<std::string,MscObject *>(std::string(objid),obj));
+ seqOption = MSC_SEQUENCE_NEXT;
+ }
+
+ for (MSCUChar8 seqOption = MSC_SEQUENCE_RESET;;)
+ {
+ MSCKeyInfo keyInfo;
+ MSC_RV rv = MSCListKeys(mConnection, seqOption, &keyInfo);
+ if (rv!=MSC_SUCCESS)
+ break; //MscError::throwMe(rv);
+ MscKey *xkey = new MscKey(keyInfo,mConnection);
+ mKeys.insert(pair<MSCUChar8,MscKey *>(xkey->number(),xkey));
+ seqOption = MSC_SEQUENCE_NEXT;
+ }
+}
+
+void MscToken::dumpobjects()
+{
+ ConstObjIterator obji = mObjects.begin();
+ for (;obji!=mObjects.end();obji++)
+ std::cout << (*obji).second << std::endl;
+
+#if 0
+ ConstKeyIterator keyi = mKeys.begin();
+ for (;keyi!=mKeys.end();keyi++)
+ std::cout << (*keyi).second << std::endl;
+#endif
+}
+
+MscObject &MscToken::getObject(const std::string &objID)
+{
+ ConstObjIterator obji = mObjects.find(objID);
+ if (obji==mObjects.end())
+ CssmError::throwMe(CSSM_ERRCODE_INVALID_CONTEXT_HANDLE);
+ return *(obji->second);
+}
+
+MscKey &MscToken::getKey(MSCUChar8 keyNum)
+{
+ ConstKeyIterator keyi = mKeys.find(keyNum);
+ if (keyi==mKeys.end())
+ CssmError::throwMe(CSSM_ERRCODE_INVALID_CONTEXT_HANDLE);
+ return *(keyi->second);
+}
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscToken.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscToken.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscToken.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,88 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * MscToken.h
+ * TokendMuscle
+ */
+
+#ifndef _MSCTOKEN_H_
+#define _MSCTOKEN_H_
+
+#include <PCSC/musclecard.h>
+#include <map>
+#include "MscWrappers.h"
+#include "MscObject.h"
+#include "MscKey.h"
+#include "TokenContext.h"
+
+/*
+ Token contains:
+ - <set> of keys
+ - <set> of objects
+*/
+class MscToken: public Tokend::TokenContext
+{
+public:
+ MscToken();
+ MscToken(MSCTokenConnection *connection) : mConnection(MscTokenConnection::optional(connection)) {};
+ virtual ~MscToken() {};
+
+ typedef std::map<std::string, MscObject *> ObjectMap;
+ typedef ObjectMap::iterator ObjIterator;
+ typedef ObjectMap::const_iterator ConstObjIterator;
+
+ typedef std::map<MSCUChar8, MscKey *> KeyMap;
+ typedef KeyMap::iterator KeyIterator;
+ typedef KeyMap::const_iterator ConstKeyIterator;
+
+ void loadobjects();
+ void dumpobjects();
+
+ MscObject &getObject(const std::string &objID);
+ MscKey &getKey(MSCUChar8 keyNum);
+
+ friend std::ostream& operator << (std::ostream& strm, const MscToken& oa);
+
+protected:
+ MscTokenConnection *mConnection;
+ ObjectMap mObjects;
+ KeyMap mKeys;
+
+public:
+ // Iterators for moving through records
+
+ ConstObjIterator begin() const { return ConstObjIterator(mObjects.begin()); }
+ ConstObjIterator end() const { return ConstObjIterator(mObjects.end()); }
+
+ ObjIterator begin() { return ObjIterator(mObjects.begin()); }
+ ObjIterator end() { return ObjIterator(mObjects.end()); }
+
+ ConstKeyIterator kbegin() const { return ConstKeyIterator(mKeys.begin()); }
+ ConstKeyIterator kend() const { return ConstKeyIterator(mKeys.end()); }
+};
+
+std::ostream& operator << (std::ostream& strm, const MscToken& oa);
+
+#endif /* !_MSCTOKEN_H_ */
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscTokenConnection.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscTokenConnection.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscTokenConnection.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,273 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * MscTokenConnection.cpp
+ * TokendMuscle
+ */
+
+#include <iostream>
+#include "MscTokenConnection.h"
+#include "MscError.h"
+
+MscTokenConnection::MscTokenConnection(const MSCTokenInfo &rTokenInfo)
+{
+ // @@@ assume that we will call MSCEstablishConnection, which should set us up
+ secdebug("connection", "Calling MscTokenConnection::MscTokenConnection");
+ clearPod();
+// ::memcpy(&tokenInfo,&rTokenInfo,sizeof(MSCTokenInfo));
+// std::cout << "Dump: \n" << tokenInfo << std::endl;
+ ::memcpy(&mLocalTokenInfo,&rTokenInfo,sizeof(MSCTokenInfo));
+#ifdef _DEBUG_OSTREAM
+ std::cout << "Dump: \n" << mLocalTokenInfo << std::endl;
+#endif
+}
+
+MscTokenConnection::MscTokenConnection(const MSCTokenConnection &rTokenConnection)
+{
+ // Set basic fields
+ hContext = rTokenConnection.hContext; // Handle to resource manager
+ hCard = rTokenConnection.hCard; // Handle to the connection
+ ioType->dwProtocol = rTokenConnection.ioType->dwProtocol; // Protocol identifier
+ ioType->cbPciLength = rTokenConnection.ioType->cbPciLength; // Protocol Control Inf Length
+ macSize = rTokenConnection.macSize; // Size of the MAC code
+ loggedIDs = rTokenConnection.loggedIDs; // Verification bit mask
+ shareMode = rTokenConnection.shareMode; // Sharing mode for this
+
+ // Now copy the strings
+ ::strncpy(reinterpret_cast<char *>(pMac), reinterpret_cast<const char *>(rTokenConnection.pMac),
+ min(static_cast<size_t>(rTokenConnection.macSize),sizeof(pMac))); // Token name
+}
+
+// strncpy(char * restrict dst, const char * restrict src, size_t len);
+
+MscTokenConnection &MscTokenConnection::operator = (const MSCTokenConnection &rTokenConnection)
+{
+ // how do we avoid duplication of copy constructor code?
+
+ // Set basic fields
+ hContext = rTokenConnection.hContext; // Handle to resource manager
+ hCard = rTokenConnection.hCard; // Handle to the connection
+ ioType->dwProtocol = rTokenConnection.ioType->dwProtocol; // Protocol identifier
+ ioType->cbPciLength = rTokenConnection.ioType->cbPciLength; // Protocol Control Inf Length
+ macSize = rTokenConnection.macSize; // Size of the MAC code
+ loggedIDs = rTokenConnection.loggedIDs; // Verification bit mask
+ shareMode = rTokenConnection.shareMode; // Sharing mode for this
+
+ // Now copy the strings
+ ::strncpy(reinterpret_cast<char *>(pMac), reinterpret_cast<const char *>(rTokenConnection.pMac),
+ min(static_cast<size_t>(rTokenConnection.macSize),sizeof(pMac))); // Token name
+
+ return *this;
+}
+
+void MscTokenConnection::connect(const char *applicationName,MSCULong32 sharingMode)
+{
+ // Establishes a connection to the specified token
+ MSC_RV rv = MSCReleaseConnection(this, MSC_RESET_TOKEN);
+
+ rv = MSCEstablishConnection(&mLocalTokenInfo, sharingMode,
+ reinterpret_cast<unsigned char *>(const_cast<char *>(applicationName)),
+ applicationName?strlen(applicationName):0, this); // NULL,0 => use default applet
+ if (rv!=MSC_SUCCESS)
+ MscError::throwMe(rv);
+}
+
+void MscTokenConnection::release(MSCULong32 endAction)
+{
+ // Releases a connection to the specified token
+ MSC_RV rv = MSCReleaseConnection(this,endAction);
+ if (rv!=MSC_SUCCESS)
+ MscError::throwMe(rv);
+}
+
+void MscTokenConnection::beginTransaction()
+{
+ // Locks a transaction to the token
+ MSC_RV rv = MSCBeginTransaction(this);
+ if (rv!=MSC_SUCCESS)
+ MscError::throwMe(rv);
+}
+
+void MscTokenConnection::endTransaction(MSCULong32 endAction)
+{
+ // Releases a locked transaction to the token
+ MSC_RV rv = MSCEndTransaction(this,endAction);
+ if (rv!=MSC_SUCCESS)
+ MscError::throwMe(rv);
+}
+
+void MscTokenConnection::logoutAll()
+{
+ // Releases a connection to the specified token
+ MSC_RV rv = MSCLogoutAll(this);
+ if (rv!=MSC_SUCCESS)
+ MscError::throwMe(rv);
+}
+
+void MscTokenConnection::verifyPIN(MSCUChar8 pinNum,std::string pin)
+{
+ // Releases a locked transaction to the token
+ MSC_RV rv = MSCVerifyPIN(this,pinNum,reinterpret_cast<unsigned char *>(const_cast<char *>(pin.c_str())),pin.length());
+ if (rv!=MSC_SUCCESS)
+ {
+ std::cout << "*** PIN verify failed!!! ***" << std::endl;
+ MscError::throwMe(rv);
+ }
+}
+
+unsigned int MscTokenConnection::listPins()
+{
+ MSCUShort16 mask;
+ MSC_RV rv = MSCListPINs(this, &mask);
+ if (rv != MSC_SUCCESS)
+ MscError::throwMe(rv);
+ return mask;
+}
+
+void MscTokenConnection::selectAID(std::string aid)
+{
+// selectAID(reinterpret_cast<MSCUChar8 *>(aid.c_str()), aid.length());
+ selectAID(aid.c_str(), aid.length());
+}
+
+void MscTokenConnection::selectAID(const char */* aidValue */, MSCULong32 /* aidSize */)
+{
+ // Selects applet - Not to be used by applications
+ // MSCSelectAID is not exported!!
+// MSC_RV rv = MSCSelectAID(this,reinterpret_cast<unsigned char *>(const_cast<char *>(aidValue)),aidSize); /* MSC_SUCCESS */
+ MSC_RV rv = MSC_UNSUPPORTED_FEATURE; //MSCSelectAID(this,reinterpret_cast<unsigned char *>(const_cast<char *>(aidValue)),aidSize); /* */
+ if (rv!=MSC_SUCCESS)
+ MscError::throwMe(rv);
+}
+
+void MscTokenConnection::writeFramework(const MSCInitTokenParams& initParams)
+{
+ // Pre-personalization function
+ MSC_RV rv = MSCWriteFramework(this,const_cast<MSCInitTokenParams *>(&initParams));
+ if (rv!=MSC_SUCCESS)
+ MscError::throwMe(rv);
+}
+
+void MscTokenConnection::getKeyAttributes(MSCUChar8 keyNumber,MSCKeyInfo& keyInfo)
+{
+ //
+ MSC_RV rv = MSCGetKeyAttributes(this,keyNumber,&keyInfo);
+ if (rv!=MSC_SUCCESS)
+ MscError::throwMe(rv);
+}
+
+void MscTokenConnection::getObjectAttributes(std::string objectID,MSCObjectInfo& objectInfo)
+{
+ //
+ MSC_RV rv = MSCGetObjectAttributes(this,const_cast<char *>(objectID.c_str()),&objectInfo);
+ if (rv!=MSC_SUCCESS)
+ MscError::throwMe(rv);
+}
+
+void MscTokenConnection::getStatus(MSCStatusInfo& statusInfo)
+{
+ // Pre-personalization function
+ MSC_RV rv = MSCGetStatus(this,&statusInfo);
+ if (rv!=MSC_SUCCESS)
+ MscError::throwMe(rv);
+}
+
+#pragma mark ---------------- Token state methods --------------
+
+bool MscTokenConnection::tokenWasReset()
+{
+ // Was the token reset ?
+ return MSCIsTokenReset(this);
+}
+
+bool MscTokenConnection::clearReset()
+{
+ // Clear the Reset state
+ return MSCClearReset(this);
+}
+
+bool MscTokenConnection::moved()
+{
+ // Was the token moved (removed, removed/inserted) ?
+ return MSCIsTokenMoved(this);
+}
+
+bool MscTokenConnection::changed()
+{
+ // Did any state change with the token ?
+ return MSCIsTokenChanged(this);
+}
+
+bool MscTokenConnection::known()
+{
+ // Did any state change with the token ?
+ return MSCIsTokenKnown(this);
+}
+
+#pragma mark ---------------- Capability methods --------------
+
+MSCULong32 MscTokenConnection::getCapabilities(MSCULong32 tag)
+{
+ MSCULong32 cap;
+ MSCULong32 size;
+ MSC_RV rv = MSCGetCapabilities(this, tag,
+ reinterpret_cast<MSCPUChar8>(&cap), &size);
+ if (rv != MSC_SUCCESS)
+ MscError::throwMe(rv);
+
+ if (size == 1)
+ return *reinterpret_cast<uint8_t *>(&cap);
+ else if (size == 2)
+ return *reinterpret_cast<uint16_t *>(&cap);
+ else
+ return cap;
+}
+
+void MscTokenConnection::extendedFeature(MSCULong32 extFeature,MSCPUChar8 outData,MSCULong32 outLength,
+ MSCPUChar8 inData, MSCPULong32 inLength)
+{
+ MSC_RV rv = MSCExtendedFeature(this,extFeature,outData,outLength,inData,inLength);
+ if (rv!=MSC_SUCCESS)
+ MscError::throwMe(rv);
+}
+
+#pragma mark ---------------- Key methods --------------
+
+void MscTokenConnection::generateKeys(MSCUChar8 prvKeyNum,MSCUChar8 pubKeyNum,MSCGenKeyParams& params)
+{
+ MSC_RV rv = MSCGenerateKeys(this,prvKeyNum,pubKeyNum,¶ms);
+ if (rv!=MSC_SUCCESS)
+ MscError::throwMe(rv);
+}
+
+#pragma mark ---------------- Misc methods --------------
+
+void MscTokenConnection::getChallenge(const char *seed,size_t seedSize,const char *randomData,size_t randomDataSize)
+{
+ MSC_RV rv = MSCGetChallenge(this,reinterpret_cast<unsigned char *>(const_cast<char *>(seed)),seedSize,
+ reinterpret_cast<unsigned char *>(const_cast<char *>(randomData)),randomDataSize);
+ if (rv!=MSC_SUCCESS)
+ MscError::throwMe(rv);
+}
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscTokenConnection.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscTokenConnection.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscTokenConnection.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,110 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * MscTokenConnection.h
+ * TokendMuscle
+ */
+
+#ifndef _MSCTOKENCONNECTION_H_
+#define _MSCTOKENCONNECTION_H_
+
+#include <PCSC/musclecard.h>
+#include <security_utilities/utilities.h>
+//#include <sstream>
+#include <map>
+#include <set>
+#include "MscWrappers.h"
+
+class MscTokenConnection : public Security::PodWrapper<MscTokenConnection, MSCTokenConnection>
+{
+public:
+ MscTokenConnection() { memset(this, 0, sizeof(*this)); }
+ MscTokenConnection(const MSCTokenInfo &rTokenInfo);
+ MscTokenConnection(const MSCTokenConnection &rTokenConnection);
+
+ MscTokenConnection &operator = (const MSCTokenConnection &rTokenInfo);
+
+ // Accessors
+ MSCULong32 context() const { return hContext; } // Handle to resource manager
+ const MSCTokenInfo& tinfo() const { return tokenInfo; } // token information
+ const MSCTokenInfo& info() const { return mLocalTokenInfo; } // token information
+
+ const MSCUChar8 *mac() const { return pMac; } // MAC code
+ MSCULong32 macsize() const { return macSize; } // Size of the MAC code
+
+ // calls to muscle layer
+
+ void connect(const char *applicationName=NULL,MSCULong32 sharingMode=MSC_SHARE_SHARED);
+ void release(MSCULong32 endAction=SCARD_LEAVE_CARD);
+ void beginTransaction();
+ void endTransaction(MSCULong32 endAction=SCARD_LEAVE_CARD);
+ void logoutAll();
+
+ void verifyPIN(MSCUChar8 pinNum,std::string pin);
+ unsigned int listPins();
+
+ void selectAID(std::string aid);
+ void selectAID(const char *aidValue, MSCULong32 aidSize);
+ void writeFramework(const MSCInitTokenParams& initParams);
+
+ void getKeyAttributes(MSCUChar8 keyNumber,MSCKeyInfo& keyInfo);
+ void getObjectAttributes(std::string objectID,MSCObjectInfo& objectInfo);
+
+ void getStatus(MSCStatusInfo& statusInfo);
+
+ bool tokenWasReset();
+ bool clearReset();
+ bool moved();
+ bool changed();
+ bool known();
+
+ MSCULong32 getCapabilities(MSCULong32 Tag);
+ void extendedFeature(MSCULong32 extFeature,MSCPUChar8 outData,MSCULong32 outLength,
+ MSCPUChar8 inData, MSCPULong32 inLength);
+
+ void generateKeys(MSCUChar8 prvKeyNum,MSCUChar8 pubKeyNum, MSCGenKeyParams& params);
+ void getChallenge(const char *seed,size_t seedSize,const char *randomData,size_t randomDataSize);
+
+protected:
+ MSCTokenInfo mLocalTokenInfo;
+};
+
+#if 0
+ typedef struct
+ {
+ MSCLong32 hContext; /* */
+ MSCLong32 hCard; /* Handle to the connection */
+ LPSCARD_IO_REQUEST ioType; /* Type of protocol */
+ MSCPVoid32 tokenLibHandle; /* Handle to token library */
+ CFDyLibPointers libPointers; /* Function pointers */
+ MSCTokenInfo tokenInfo; /* */
+ MSCUChar8 loggedIDs; /* Verification bit mask */
+ MSCULong32 shareMode; /* Sharing mode for this */
+ LPRWEventCallback rwCallback; /* Registered callback */
+ }
+ MSCTokenConnection, *MSCLPTokenConnection;
+#endif
+
+#endif /* !_MSCTOKENCONNECTION_H_ */
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscWrappers.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscWrappers.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscWrappers.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,155 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * MscWrappers.cpp
+ * TokendMuscle
+ */
+
+#include "MscWrappers.h"
+
+inline bool operator == (const MSCObjectInfo &s1, const MSCObjectInfo &s2)
+{
+ return ::strcmp(s1.objectID,s2.objectID)==0;
+}
+
+inline bool operator != (const MSCObjectInfo &s1, const MSCObjectInfo &s2)
+{
+ return !(s1 == s2);
+}
+
+MscTokenInfo::MscTokenInfo(const MSCTokenInfo &rTokenInfo)
+{
+ // Set basic fields
+ tokenAppLen = rTokenInfo.tokenAppLen; // Default AID Length
+ tokenIdLength = rTokenInfo.tokenIdLength; // ID Length (ATR Length)
+ tokenState = rTokenInfo.tokenState; // State (dwEventState)
+ tokenType = rTokenInfo.tokenType; // Type - RFU
+ addParams = rTokenInfo.addParams; // Additional Data
+ addParamsSize = rTokenInfo.addParamsSize; // Size of additional data
+
+ // Now copy the strings
+ ::memcpy(tokenName, rTokenInfo.tokenName, sizeof(tokenName)); // Token name
+ ::memcpy(slotName, rTokenInfo.slotName, sizeof(slotName)); // Slot/reader name
+ ::memcpy(svProvider, rTokenInfo.svProvider, sizeof(svProvider)); // Library
+ ::memcpy(reinterpret_cast<unsigned char *>(tokenId), reinterpret_cast<const unsigned char *>(rTokenInfo.tokenId), sizeof(tokenId)); // Token ID (ATR)
+ ::memcpy(reinterpret_cast<unsigned char *>(tokenApp), reinterpret_cast<const unsigned char *>(rTokenInfo.tokenApp), sizeof(tokenApp)); // Default app ID
+}
+
+MscTokenInfo::MscTokenInfo(const SCARD_READERSTATE &readerState)
+{
+ // An ss is enough info to be able to open a connection
+ ::memset(this, 0, sizeof(*this)); // overkill, but what the heck
+ ::strncpy(slotName, readerState.szReader, sizeof(slotName)); // Slot/reader name
+ size_t idsz = min(size_t(readerState.cbAtr),size_t(sizeof(tokenId)));
+ ::memcpy(reinterpret_cast<unsigned char *>(tokenId), reinterpret_cast<const unsigned char *>(readerState.rgbAtr), idsz); // Token ID (ATR)
+ tokenIdLength = idsz;
+ tokenState = readerState.dwEventState;
+}
+
+MscTokenInfo &MscTokenInfo::operator = (const MSCTokenInfo &rTokenInfo)
+{
+ // how do we avoid duplication of copy constructor code?
+
+ // Set basic fields
+ tokenAppLen = rTokenInfo.tokenAppLen; // Default AID Length
+ tokenIdLength = rTokenInfo.tokenIdLength; // ID Length (ATR Length)
+ tokenState = rTokenInfo.tokenState; // State (dwEventState)
+ tokenType = rTokenInfo.tokenType; // Type - RFU
+ addParams = rTokenInfo.addParams; // Additional Data
+ addParamsSize = rTokenInfo.addParamsSize; // Size of additional data
+
+ // Now copy the strings
+ ::memcpy(tokenName, rTokenInfo.tokenName, sizeof(tokenName)); // Token name
+ ::memcpy(slotName, rTokenInfo.slotName, sizeof(slotName)); // Slot/reader name
+ ::memcpy(svProvider, rTokenInfo.svProvider, sizeof(svProvider)); // Library
+ ::memcpy(reinterpret_cast<unsigned char *>(tokenId), reinterpret_cast<const unsigned char *>(rTokenInfo.tokenId), sizeof(tokenId)); // Token ID (ATR)
+ ::memcpy(reinterpret_cast<unsigned char *>(tokenApp), reinterpret_cast<const unsigned char *>(rTokenInfo.tokenApp), sizeof(tokenApp)); // Default app ID
+
+ return *this;
+}
+
+#pragma mark ---------------- ostream methods --------------
+
+#ifdef _DEBUG_OSTREAM
+
+#include <iomanip>
+
+std::ostream& operator << (std::ostream& strm, const MscObjectACL& oa)
+{
+ strm << "RD: " << oa.readPermission << " WR: " << oa.writePermission << " DEL: " << oa.deletePermission;
+ return strm;
+}
+
+std::ostream& operator << (std::ostream& strm, const MscObjectInfo& oi)
+{
+ strm << "ID: " << oi.objectID << " Size: " << oi.objectSize << " ACL: " << MscObjectACL(oi.objectACL);
+ return strm;
+}
+
+std::ostream& operator << (std::ostream& strm, const MscTokenInfo& ti)
+{
+ strm << "Token name : " << ti.tname() << "\n";
+ strm << "Slot name : " << ti.sname() << "\n";
+ strm << "Token id (ATR) : [" << std::dec << ti.tokenIdLength << "] ";
+ const unsigned char *tid = ti.tid();
+ for (unsigned int jx=0;jx < ti.tokenIdLength;jx++)
+ {
+ strm << std::hex << std::uppercase << std::setw(2) << std::setfill('0') << static_cast<unsigned int>(tid[jx]);
+ if (((jx+1) % 4)==0)
+ strm << " ";
+ }
+ strm << "\nToken state : " << ti.tokenState << "\n";
+ strm << "Provider : " << ti.provider() << "\n";
+ strm << "App ID : [" << std::dec << ti.tokenAppLen << "] " << ti.app() << "\n";
+ strm << "Type : " << ti.tokenType << "\n"; // Type - RFU
+
+ strm << "Addl Params : [" << ti.addParamsSize << "] " << ti.app() << "\n";
+ const unsigned char *tap = reinterpret_cast<const unsigned char *>(ti.addParams);
+ for (unsigned int jx=0;jx < ti.addParamsSize;jx++)
+ strm << std::hex << std::uppercase << std::setw(2) << std::setfill('0') << tap[jx];
+// strm << std::hex << std::uppercase << std::setw(2) << std::setfill('0') << static_cast<unsigned int>(tap[jx]);
+ return strm;
+}
+
+std::ostream& operator << (std::ostream& strm, const MscStatusInfo& si)
+{
+// strm << "GetStatus returns : " << MscError(rv) << "\n";
+ strm << "Protocol version : 0x" <<
+ std::hex << std::uppercase << std::setw(4) << std::setfill('0') << si.appVersion << "\n";
+ strm << "Applet version : 0x" <<
+ std::hex << std::uppercase << std::setw(4) << std::setfill('0') << si.swVersion << "\n";
+ strm << "Total object memory : " <<
+ std::dec << std::setw(8) << std::setfill('0') << si.totalMemory << "\n";
+ strm << "Free object memory : " <<
+ std::dec << std::setw(8) << std::setfill('0') << si.freeMemory << "\n";
+ strm << "Number of used PINs : " <<
+ std::dec << std::setw(2) << std::setfill('0') << si.usedPINs << "\n";
+ strm << "Number of used Keys : " <<
+ std::dec << std::setw(2) << std::setfill('0') << si.usedKeys << "\n";
+ strm << "Currently logged identities : 0x" <<
+ std::hex << std::uppercase << std::setw(4) << std::setfill('0') << si.loggedID << "\n";
+ return strm;
+}
+#endif // _DEBUG_OSTREAM
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscWrappers.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscWrappers.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/Msc/MscWrappers.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,161 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * MscWrappers.h
+ * TokendMuscle
+ */
+
+#ifndef _MSCWRAPPERS_H_
+#define _MSCWRAPPERS_H_
+
+#include <PCSC/musclecard.h>
+#include <security_utilities/utilities.h>
+
+#ifdef _DEBUG_OSTREAM
+ #include <ostream>
+#endif
+
+#include <Security/cssmerr.h>
+#include <security_cdsa_utilities/cssmbridge.h>
+#include <security_cdsa_utilities/cssmerrors.h>
+
+class MscKeyACL : public Security::PodWrapper<MscKeyACL, MSCKeyACL>
+{
+public:
+ MscKeyACL() { }
+ MscKeyACL(MSCUShort16 rd, MSCUShort16 wr, MSCUShort16 us) { readPermission = rd; writePermission = wr; usePermission = us; }
+ MscKeyACL(MSCUShort16 perm) { readPermission = writePermission = usePermission = perm; }
+
+ MSCUShort16 read() const { return readPermission; }
+ MSCUShort16 write() const { return writePermission; }
+ MSCUShort16 use() const { return usePermission; }
+};
+
+class MscObjectACL : public Security::PodWrapper<MscObjectACL, MSCObjectACL>
+{
+public:
+ MscObjectACL() { }
+ MscObjectACL(MSCUShort16 rd, MSCUShort16 wr, MSCUShort16 delx) { readPermission = rd; writePermission = wr; deletePermission = delx; }
+ MscObjectACL(MSCUShort16 perm) { readPermission = writePermission = deletePermission = perm; }
+ MscObjectACL(const MSCObjectACL &rObjectACL) { readPermission = rObjectACL.readPermission; writePermission = rObjectACL.writePermission; deletePermission = rObjectACL.deletePermission; }
+
+ MSCUShort16 read() const { return readPermission; }
+ MSCUShort16 write() const { return writePermission; }
+ MSCUShort16 del() const { return deletePermission; }
+// operator uint32 () const { return effective(); }
+
+#ifdef _DEBUG_OSTREAM
+ friend std::ostream& operator << (std::ostream& strm, const MscObjectACL& oa);
+#endif
+};
+
+class MscKeyPolicy : public Security::PodWrapper<MscKeyPolicy, MSCKeyPolicy>
+{
+public:
+ MscKeyPolicy() { }
+ MscKeyPolicy(MSCUShort16 modex, MSCUShort16 dir) { cipherMode = modex; cipherDirection = dir; }
+
+ MSCUShort16 mode() const { return cipherMode; }
+ MSCUShort16 direction() const { return cipherDirection; }
+};
+
+class MscKeyInfo : public Security::PodWrapper<MscKeyInfo, MSCKeyInfo>
+{
+public:
+ // Note: these memcpy operations also copy keyPartner & keyMapping
+ // See Guid in cssmpods.h for template template
+ MscKeyInfo() { ::memset(this, 0, sizeof(*this)); }
+ MscKeyInfo(const MSCKeyInfo &rKeyInfo) { ::memcpy(this, &rKeyInfo, sizeof(*this)); }
+
+ MscKeyInfo &operator = (const MSCKeyInfo &rKeyInfo)
+ { ::memcpy(this, &rKeyInfo, sizeof(MSCKeyInfo)); return *this; }
+
+ MSCUChar8 number() const { return keyNum; }
+ MSCUChar8 type() const { return keyType; }
+ MSCULong32 size() const { return keySize; }
+ MscKeyACL &acl() { return MscKeyACL::overlay(keyACL); }
+ const MscKeyACL &acl() const { return MscKeyACL::overlay(keyACL); }
+ MscKeyPolicy &policy() { return MscKeyPolicy::overlay(keyPolicy); }
+ const MscKeyPolicy &policy() const { return MscKeyPolicy::overlay(keyPolicy); }
+};
+
+class MscObjectInfo : public Security::PodWrapper<MscObjectInfo, MSCObjectInfo>
+{
+public:
+ MscObjectInfo() { memset(this, 0, sizeof(*this)); }
+ MscObjectInfo(const MSCObjectInfo &rObjectInfo) { ::memcpy(this, &rObjectInfo, sizeof(*this)); }
+
+ MscObjectInfo &operator = (const MSCObjectInfo &rObjectInfo)
+ { ::memcpy(this, &rObjectInfo, sizeof(MSCObjectInfo)); return *this; }
+
+ const char *objid() const { return reinterpret_cast<const char *>(objectID); }
+ MSCULong32 size() const { return objectSize; }
+
+#ifdef _DEBUG_OSTREAM
+ friend std::ostream& operator << (std::ostream& strm, const MscObjectInfo& ee);
+#endif
+};
+
+class MscTokenInfo : public Security::PodWrapper<MscTokenInfo, MSCTokenInfo>
+{
+public:
+ MscTokenInfo() { memset(this, 0, sizeof(*this)); }
+ MscTokenInfo(const MSCTokenInfo &rTokenInfo);
+ MscTokenInfo(const SCARD_READERSTATE &readerState); // An SCARD_READERSTATE is enough info to be able to open a connection
+
+ MscTokenInfo &operator = (const MSCTokenInfo &rTokenInfo);
+
+ const char *tname() const { return tokenName; }
+ const char *sname() const { return slotName; }
+ const char *provider() const { return svProvider; }
+ const unsigned char *tid() const { return reinterpret_cast<const unsigned char *>(tokenId); }
+ const char *app() const { return reinterpret_cast<const char *>(tokenApp); }
+
+#ifdef _DEBUG_OSTREAM
+ friend std::ostream& operator << (std::ostream& strm, const MscTokenInfo& ti);
+#endif
+};
+
+class MscStatusInfo : public Security::PodWrapper<MscStatusInfo, MSCStatusInfo>
+{
+public:
+ MscStatusInfo() { memset(this, 0, sizeof(*this)); }
+ MscStatusInfo(const MscStatusInfo &rTokenInfo);
+
+ MscStatusInfo &operator = (const MscStatusInfo &rTokenInfo);
+
+#ifdef _DEBUG_OSTREAM
+ friend std::ostream& operator << (std::ostream& strm, const MscStatusInfo& ti);
+#endif
+};
+
+#ifdef _DEBUG_OSTREAM
+std::ostream& operator << (std::ostream& strm, const MscObjectACL& oa);
+std::ostream& operator << (std::ostream& strm, const MscObjectInfo& ee);
+std::ostream& operator << (std::ostream& strm, const MscTokenInfo& ti);
+std::ostream& operator << (std::ostream& strm, const MscStatusInfo& ti);
+#endif
+
+#endif /* !_MSCWRAPPERS_H_ */
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/MuscleCardAttributeCoder.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/MuscleCardAttributeCoder.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/MuscleCardAttributeCoder.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,224 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * MuscleCardAttributeCoder.cpp
+ * TokendMuscle
+ */
+
+#include "MuscleCardAttributeCoder.h"
+
+#include "MetaAttribute.h"
+#include "MetaRecord.h"
+#include "TokenRecord.h"
+#include "KeyRecord.h"
+#include "Msc/MscToken.h"
+#include "Msc/MscObject.h"
+
+#include <Security/SecKeychainItem.h>
+#include <security_cdsa_utilities/cssmkey.h>
+
+using namespace Tokend;
+
+#pragma mark ---------------- Muscle/P11 specific Coder methods --------------
+
+//
+// KeyExtractableAttributeCoder
+//
+KeyExtractableAttributeCoder::~KeyExtractableAttributeCoder() {}
+
+void KeyExtractableAttributeCoder::decode(Tokend::TokenContext *tokenContext,
+ const Tokend::MetaAttribute &metaAttribute, Tokend::Record &record)
+{
+ KeyRecord &keyRecord = dynamic_cast<KeyRecord &>(record);
+ bool value = keyRecord.key().acl().read() != MSC_AUT_NONE;
+ record.attributeAtIndex(metaAttribute.attributeIndex(), new Attribute(value));
+}
+
+
+//
+// KeySensitiveAttributeCoder
+//
+KeySensitiveAttributeCoder::~KeySensitiveAttributeCoder() {}
+
+void KeySensitiveAttributeCoder::decode(Tokend::TokenContext *tokenContext, const Tokend::MetaAttribute &metaAttribute,
+ Tokend::Record &record)
+{
+ KeyRecord &keyRecord = dynamic_cast<KeyRecord &>(record);
+ bool value = keyRecord.key().acl().read() == MSC_AUT_NONE;
+ record.attributeAtIndex(metaAttribute.attributeIndex(), new Attribute(value));
+}
+
+
+//
+// KeyModifiableAttributeCoder
+//
+KeyModifiableAttributeCoder::~KeyModifiableAttributeCoder() {}
+
+void KeyModifiableAttributeCoder::decode(Tokend::TokenContext *tokenContext,
+ const Tokend::MetaAttribute &metaAttribute, Tokend::Record &record)
+{
+ KeyRecord &keyRecord = dynamic_cast<KeyRecord &>(record);
+ bool value = keyRecord.key().acl().write() != MSC_AUT_NONE;
+ record.attributeAtIndex(metaAttribute.attributeIndex(), new Attribute(value));
+}
+
+
+//
+// KeyPrivateAttributeCoder
+//
+KeyPrivateAttributeCoder::~KeyPrivateAttributeCoder() {}
+
+void KeyPrivateAttributeCoder::decode(Tokend::TokenContext *tokenContext,
+ const Tokend::MetaAttribute &metaAttribute, Tokend::Record &record)
+{
+ KeyRecord &keyRecord = dynamic_cast<KeyRecord &>(record);
+ bool value = keyRecord.key().acl().use() != MSC_AUT_ALL;
+ record.attributeAtIndex(metaAttribute.attributeIndex(), new Attribute(value));
+}
+
+
+//
+// KeyDirectionAttributeCoder
+//
+KeyDirectionAttributeCoder::~KeyDirectionAttributeCoder() {}
+
+void KeyDirectionAttributeCoder::decode(Tokend::TokenContext *tokenContext,
+ const Tokend::MetaAttribute &metaAttribute, Tokend::Record &record)
+{
+ KeyRecord &keyRecord = dynamic_cast<KeyRecord &>(record);
+ bool value = (keyRecord.key().policy().direction() & mMask);
+ record.attributeAtIndex(metaAttribute.attributeIndex(), new Attribute(value));
+}
+
+
+//
+// KeySizeAttributeCoder
+//
+KeySizeAttributeCoder::~KeySizeAttributeCoder() {}
+
+void KeySizeAttributeCoder::decode(Tokend::TokenContext *tokenContext,
+ const Tokend::MetaAttribute &metaAttribute, Tokend::Record &record)
+{
+ uint32 keySize = dynamic_cast<KeyRecord &>(record).key().size();
+ record.attributeAtIndex(metaAttribute.attributeIndex(), new Attribute(keySize));
+}
+
+
+//
+// KeyAlgorithmAttributeCoder
+//
+KeyAlgorithmAttributeCoder::~KeyAlgorithmAttributeCoder() {}
+
+void KeyAlgorithmAttributeCoder::decode(Tokend::TokenContext *tokenContext,
+ const Tokend::MetaAttribute &metaAttribute, Tokend::Record &record)
+{
+ uint32_t keyType = dynamic_cast<KeyRecord &>(record).key().type();
+ uint32 algID;
+
+ switch (keyType)
+ {
+ case MSC_KEY_RSA_PRIVATE:
+ case MSC_KEY_RSA_PRIVATE_CRT:
+ case MSC_KEY_RSA_PUBLIC:
+ algID = CSSM_ALGID_RSA;
+ break;
+
+ case MSC_KEY_DSA_PRIVATE:
+ case MSC_KEY_DSA_PUBLIC:
+ algID = CSSM_ALGID_DSA;
+ break;
+
+ case MSC_KEY_DES:
+ algID = CSSM_ALGID_DES;
+ break;
+ case MSC_KEY_3DES:
+ // @@@ Which algid is this?
+ algID = CSSM_ALGID_3DES;
+ //algID = CSSM_ALGID_3DES_3KEY_EDE;
+ //algID = CSSM_ALGID_3DES_2KEY_EDE;
+ //algID = CSSM_ALGID_3DES_1KEY_EEE;
+ //algID = CSSM_ALGID_3DES_3KEY_EEE;
+ //algID = CSSM_ALGID_3DES_2KEY_EEE;
+ break;
+ case MSC_KEY_3DES3:
+ // @@@ Which algid is this?
+ algID = CSSM_ALGID_3DES_3KEY_EDE;
+ //algID = CSSM_ALGID_3DES_3KEY_EEE;
+ break;
+ default:
+ secdebug("coder", "unknown MSC_KEY_TYPE: %02X r: %p rid: %08X aid: %u", keyType,
+ &record, metaAttribute.metaRecord().relationId(), metaAttribute.attributeId());
+ algID = CSSM_ALGID_CUSTOM;
+ break;
+ }
+
+ record.attributeAtIndex(metaAttribute.attributeIndex(), new Attribute(algID));
+}
+
+
+//
+// KeyNameAttributeCoder
+//
+KeyNameAttributeCoder::~KeyNameAttributeCoder() {}
+
+void KeyNameAttributeCoder::decode(Tokend::TokenContext *tokenContext,
+ const Tokend::MetaAttribute &metaAttribute, Tokend::Record &record)
+{
+ MSCUChar8 keyNumber = dynamic_cast<KeyRecord &>(record).key().number();
+ char buf[5];
+ int used = snprintf(buf, 5, "K%u", keyNumber);
+ record.attributeAtIndex(metaAttribute.attributeIndex(), new Attribute(buf, used));
+}
+
+//
+// ObjectIDAttributeCoder
+//
+ObjectIDAttributeCoder::~ObjectIDAttributeCoder()
+{
+}
+
+void ObjectIDAttributeCoder::decode(TokenContext *tokenContext, const MetaAttribute &metaAttribute, Record &record)
+{
+ // fill in data with object name from MscObjectInfo
+ TokenRecord &tokenRecord = dynamic_cast<TokenRecord &>(record);
+ record.attributeAtIndex(metaAttribute.attributeIndex(), new Attribute(tokenRecord.objid()));
+}
+
+
+//
+// MscDataAttributeCoder
+//
+MscDataAttributeCoder::~MscDataAttributeCoder()
+{
+}
+
+void MscDataAttributeCoder::decode(TokenContext *tokenContext, const MetaAttribute &metaAttribute, Record &record)
+{
+ TokenRecord &trec = dynamic_cast<TokenRecord &>(record);
+ MscToken &tok = dynamic_cast<MscToken &>(*tokenContext);
+ MscObject &obj = tok.getObject(trec.objid());
+ secdebug("dcoder", "getting object %s of size %d", trec.objid().c_str(), obj.size());
+ record.attributeAtIndex(metaAttribute.attributeIndex(), new Attribute(obj.data(), obj.size()));
+}
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/MuscleCardAttributeCoder.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/MuscleCardAttributeCoder.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/MuscleCardAttributeCoder.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,187 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * MuscleCardAttributeCoder.h
+ * TokendMuscle
+ */
+
+#ifndef _MUSCLECARDATTRIBUTECODER_H_
+#define _MUSCLECARDATTRIBUTECODER_H_
+
+#include "AttributeCoder.h"
+#include <string>
+
+#include <PCSC/musclecard.h>
+
+//
+// A coder that produces a boolean value based on whether a key is extractable
+//
+class KeyExtractableAttributeCoder : public Tokend::AttributeCoder
+{
+ NOCOPY(KeyExtractableAttributeCoder)
+public:
+ KeyExtractableAttributeCoder() {}
+ virtual ~KeyExtractableAttributeCoder();
+
+ virtual void decode(Tokend::TokenContext *tokenContext, const Tokend::MetaAttribute &metaAttribute,
+ Tokend::Record &record);
+};
+
+
+//
+// A coder that produces a boolean value based on whether a key is sensitive
+//
+class KeySensitiveAttributeCoder : public Tokend::AttributeCoder
+{
+ NOCOPY(KeySensitiveAttributeCoder)
+public:
+ KeySensitiveAttributeCoder() {}
+ virtual ~KeySensitiveAttributeCoder();
+
+ virtual void decode(Tokend::TokenContext *tokenContext, const Tokend::MetaAttribute &metaAttribute,
+ Tokend::Record &record);
+};
+
+
+//
+// A coder that produces a boolean value based on whether a key is modifiable
+//
+class KeyModifiableAttributeCoder : public Tokend::AttributeCoder
+{
+ NOCOPY(KeyModifiableAttributeCoder)
+public:
+ KeyModifiableAttributeCoder() {}
+ virtual ~KeyModifiableAttributeCoder();
+
+ virtual void decode(Tokend::TokenContext *tokenContext, const Tokend::MetaAttribute &metaAttribute,
+ Tokend::Record &record);
+};
+
+
+//
+// A coder that produces a boolean value based on whether a key is private
+//
+class KeyPrivateAttributeCoder : public Tokend::AttributeCoder
+{
+ NOCOPY(KeyPrivateAttributeCoder)
+public:
+ KeyPrivateAttributeCoder() {}
+ virtual ~KeyPrivateAttributeCoder();
+
+ virtual void decode(Tokend::TokenContext *tokenContext, const Tokend::MetaAttribute &metaAttribute,
+ Tokend::Record &record);
+};
+
+
+//
+// A coder that produces a boolean value based on an AND of mask and the direction of a key
+//
+class KeyDirectionAttributeCoder : public Tokend::AttributeCoder
+{
+ NOCOPY(KeyDirectionAttributeCoder)
+public:
+ KeyDirectionAttributeCoder(MSCUShort16 mask) : mMask(mask) {}
+ virtual ~KeyDirectionAttributeCoder();
+
+ virtual void decode(Tokend::TokenContext *tokenContext, const Tokend::MetaAttribute &metaAttribute,
+ Tokend::Record &record);
+private:
+ MSCUShort16 mMask;
+};
+
+
+//
+// A coder that produces the LogicalKeySizeInBits of a key
+//
+class KeySizeAttributeCoder : public Tokend::AttributeCoder
+{
+ NOCOPY(KeySizeAttributeCoder)
+public:
+ KeySizeAttributeCoder() {}
+ virtual ~KeySizeAttributeCoder();
+
+ virtual void decode(Tokend::TokenContext *tokenContext, const Tokend::MetaAttribute &metaAttribute, Tokend::Record &record);
+};
+
+
+//
+// A coder produces a CSSM_ALGID from a key
+//
+class KeyAlgorithmAttributeCoder : public Tokend::AttributeCoder
+{
+ NOCOPY(KeyAlgorithmAttributeCoder)
+public:
+ KeyAlgorithmAttributeCoder() {}
+ virtual ~KeyAlgorithmAttributeCoder();
+
+ virtual void decode(Tokend::TokenContext *tokenContext, const Tokend::MetaAttribute &metaAttribute, Tokend::Record &record);
+};
+
+
+//
+// A coder that reads the name of a key
+//
+class KeyNameAttributeCoder : public Tokend::AttributeCoder
+{
+ NOCOPY(KeyNameAttributeCoder)
+public:
+
+ KeyNameAttributeCoder() {}
+ virtual ~KeyNameAttributeCoder();
+
+ virtual void decode(Tokend::TokenContext *tokenContext, const Tokend::MetaAttribute &metaAttribute, Tokend::Record &record);
+};
+
+
+//
+// A coder that reads the object id of an object
+//
+class ObjectIDAttributeCoder : public Tokend::AttributeCoder
+{
+ NOCOPY(ObjectIDAttributeCoder)
+public:
+
+ ObjectIDAttributeCoder() {}
+ virtual ~ObjectIDAttributeCoder();
+
+ virtual void decode(Tokend::TokenContext *tokenContext, const Tokend::MetaAttribute &metaAttribute, Tokend::Record &record);
+};
+
+//
+// A coder that reads the data of an object
+//
+class MscDataAttributeCoder : public Tokend::AttributeCoder
+{
+ NOCOPY(MscDataAttributeCoder)
+public:
+
+ MscDataAttributeCoder() {}
+ virtual ~MscDataAttributeCoder();
+
+ virtual void decode(Tokend::TokenContext *tokenContext, const Tokend::MetaAttribute &metaAttribute, Tokend::Record &record);
+};
+
+
+#endif /* !_MUSCLECARDATTRIBUTECODER_H_ */
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/MuscleCardKeyHandle.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/MuscleCardKeyHandle.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/MuscleCardKeyHandle.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,518 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * MuscleCardKeyHandle.cpp
+ * TokendMuscle
+ */
+
+#include "MuscleCardKeyHandle.h"
+
+#include "KeyRecord.h"
+#include "Msc/MscError.h"
+#include "Msc/MscKey.h"
+#include "Msc/MscToken.h"
+
+#include <security_utilities/debugging.h>
+#include <security_utilities/utilities.h>
+#include <security_cdsa_utilities/cssmerrors.h>
+#include <security_cdsa_client/aclclient.h>
+#include <Security/cssmerr.h>
+
+using CssmClient::AclFactory;
+
+
+//
+// MuscleCardKeyHandle
+//
+MuscleCardKeyHandle::MuscleCardKeyHandle(const Tokend::MetaRecord &metaRecord,
+ Tokend::Record &record, MscKey &key) :
+ Tokend::KeyHandle(metaRecord, &record),
+ mKey(key)
+{
+}
+
+MuscleCardKeyHandle::~MuscleCardKeyHandle()
+{
+}
+
+void MuscleCardKeyHandle::getKeySize(CSSM_KEY_SIZE &keySize)
+{
+ secdebug("crypto", "getKeySize");
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+}
+
+uint32 MuscleCardKeyHandle::getOutputSize(const Context &context, uint32 inputSize, bool encrypting)
+{
+ secdebug("crypto", "getOutputSize");
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+}
+
+static const MSCUChar8 sha1sigheader[] =
+{
+ 0x30, // SEQUENCE
+ 0x21, // LENGTH
+ 0x30, // SEQUENCE
+ 0x09, // LENGTH
+ 0x06, 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1a, // SHA1 OID (1 4 14 3 2 26)
+ 0x05, 0x00, // OPTIONAL ANY algorithm params (NULL)
+ 0x04, 0x14 // OCTECT STRING (20 bytes)
+};
+
+static const MSCUChar8 md5sigheader[] =
+{
+ 0x30, // SEQUENCE
+ 0x20, // LENGTH
+ 0x30, // SEQUENCE
+ 0x0C, // LENGTH
+ 0x06, 0x08, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x02, 0x05, // MD5 OID (1 2 840 113549 2 5)
+ 0x05, 0x00, // OPTIONAL ANY algorithm params (NULL)
+ 0x04, 0x10 // OCTECT STRING (16 bytes)
+};
+
+void MuscleCardKeyHandle::generateSignature(const Context &context,
+ CSSM_ALGORITHMS signOnly, const CssmData &input, CssmData &signature)
+{
+ secdebug("crypto", "generateSignature alg: %u signOnly: %u", context.algorithm(), signOnly);
+ IFDUMPING("crypto", context.dump("signature context"));
+
+ if (context.type() != CSSM_ALGCLASS_SIGNATURE)
+ CssmError::throwMe(CSSMERR_CSP_INVALID_CONTEXT);
+
+ if (context.algorithm() != CSSM_ALGID_RSA)
+ CssmError::throwMe(CSSMERR_CSP_INVALID_ALGORITHM);
+
+ // Find out if we are doing a SHA1 or MD5 signature and setup header to point to the right asn1 blob.
+ MSCPCUChar8 header;
+ MSCULong32 headerLength;
+ if (signOnly == CSSM_ALGID_SHA1)
+ {
+ if (input.Length != 20)
+ CssmError::throwMe(CSSMERR_CSP_BLOCK_SIZE_MISMATCH);
+
+ header = sha1sigheader;
+ headerLength = sizeof(sha1sigheader);
+ }
+ else if (signOnly == CSSM_ALGID_MD5)
+ {
+ if (input.Length != 16)
+ CssmError::throwMe(CSSMERR_CSP_BLOCK_SIZE_MISMATCH);
+
+ header = md5sigheader;
+ headerLength = sizeof(md5sigheader);
+ }
+ else if (signOnly == CSSM_ALGID_NONE)
+ {
+ // Special case used by SSL it's an RSA signature, without the ASN1 stuff
+ header = NULL;
+ headerLength = 0;
+ }
+ else
+ CssmError::throwMe(CSSMERR_CSP_INVALID_DIGEST_ALGORITHM);
+
+ // Create an input buffer in which we construct the data we will send to the token.
+ MSCUChar8 cipherMode;
+ MSCULong32 inputDataSize = headerLength + input.Length;
+ MSCULong32 keyLength = mKey.size() / 8;
+ auto_array<MSCUChar8> inputData(keyLength);
+ MSCPUChar8 to = inputData.get();
+
+ // Get padding, but default to pkcs1 style padding
+ uint32 padding = CSSM_PADDING_PKCS1;
+ context.getInt(CSSM_ATTRIBUTE_PADDING, padding);
+
+ // Figure out whether the underlying token supports RSA_NOPAD, if so we generate our own padding if not,
+ // we let the card do the PKCS1 padding itself.
+ MSCULong32 rsaCapabilities = mKey.connection().getCapabilities(MSC_TAG_CAPABLE_RSA);
+ if (rsaCapabilities & MSC_CAPABLE_RSA_NOPAD)
+ {
+ secdebug("crypto", "generateSignature: card supports RSA_NOPAD");
+ cipherMode = MSC_MODE_RSA_NOPAD;
+
+ if (padding == CSSM_PADDING_PKCS1)
+ {
+ // Add PKCS1 style padding
+ *(to++) = 0;
+ *(to++) = 1; /* Private Key Block Type. */
+ MSCULong32 padLength = keyLength - 3 - inputDataSize;
+ memset(to, 0xff, padLength);
+ to += padLength;
+ *(to++) = 0;
+ inputDataSize = keyLength;
+ }
+ else if (padding == CSSM_PADDING_NONE)
+ {
+ // Token will fail if the input data isn't exactly keysize / 8 octects long
+ }
+ else
+ CssmError::throwMe(CSSMERR_CSP_INVALID_ATTR_PADDING);
+ }
+ else if (rsaCapabilities & MSC_CAPABLE_RSA_PKCS1)
+ {
+ if (padding != CSSM_PADDING_PKCS1)
+ CssmError::throwMe(CSSMERR_CSP_INVALID_ATTR_PADDING);
+
+ secdebug("crypto", "generateSignature: card only supports RSA_PKCS1");
+ cipherMode = MSC_MODE_RSA_PAD_PKCS1;
+ }
+ else
+ {
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED); // @@@ Look for a better error.
+ }
+
+ // Now copy the ASN1 header into the input buffer.
+ // This header is the DER encoding of
+ // DigestInfo ::= SEQUENCE { digestAlgorithm AlgorithmIdentifier, digest OCTET STRING }
+ // Where AlgorithmIdentifier ::= SEQUENCE { algorithm OBJECT IDENTIFIER, parameters OPTIONAL ANY }
+ if (headerLength)
+ {
+ memcpy(to, header, headerLength);
+ to += headerLength;
+ }
+
+ // Finally copy the passed in data to the input buffer.
+ memcpy(to, input.Data, input.Length);
+
+ // @@@ Switch to using tokend allocators
+ MSCPUChar8 outputData = reinterpret_cast<MSCPUChar8>(malloc(keyLength));
+ size_t outputLength = keyLength;
+ try
+ {
+ // Sign the inputData using the token
+ mKey.computeCrypt(cipherMode, MSC_DIR_SIGN, inputData.get(), inputDataSize, outputData, outputLength);
+ }
+ catch (...)
+ {
+ // @@@ Switch to using tokend allocators
+ free(outputData);
+ throw;
+ }
+
+ signature.Data = outputData;
+ signature.Length = outputLength;
+}
+
+void MuscleCardKeyHandle::verifySignature(const Context &context,
+ CSSM_ALGORITHMS signOnly, const CssmData &input, const CssmData &signature)
+{
+ secdebug("crypto", "verifySignature");
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+}
+
+void MuscleCardKeyHandle::generateMac(const Context &context,
+ const CssmData &input, CssmData &output)
+{
+ secdebug("crypto", "generateMac");
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+}
+
+void MuscleCardKeyHandle::verifyMac(const Context &context,
+ const CssmData &input, const CssmData &compare)
+{
+ secdebug("crypto", "verifyMac");
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+}
+
+void MuscleCardKeyHandle::encrypt(const Context &context,
+ const CssmData &clear, CssmData &cipher)
+{
+ secdebug("crypto", "encrypt");
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+}
+
+void MuscleCardKeyHandle::decrypt(const Context &context,
+ const CssmData &cipher, CssmData &clear)
+{
+ secdebug("crypto", "decrypt alg: %u", context.algorithm());
+ IFDUMPING("crypto", context.dump("decrypt context"));
+
+ if (context.type() != CSSM_ALGCLASS_ASYMMETRIC)
+ CssmError::throwMe(CSSMERR_CSP_INVALID_CONTEXT);
+
+ if (context.algorithm() != CSSM_ALGID_RSA)
+ CssmError::throwMe(CSSMERR_CSP_INVALID_ALGORITHM);
+
+ size_t keyLength = mKey.size() / 8;
+ if (cipher.length() % keyLength != 0)
+ CssmError::throwMe(CSSMERR_CSP_INPUT_LENGTH_ERROR);
+
+ // @@@ Add support for multiples of keyLength by doing multiple blocks
+ if (cipher.length() != keyLength)
+ CssmError::throwMe(CSSMERR_CSP_INPUT_LENGTH_ERROR);
+
+ // @@@ Use a secure allocator for this.
+ auto_array<uint8> outputData(keyLength);
+ uint8 *output = outputData.get();
+ size_t outputLength = keyLength;
+
+ // Figure out whether the underlying token supports RSA_NOPAD, if so we remove the padding
+ // ourselves if not, we let the card remove the PKCS1 padding.
+ MSCULong32 rsaCapabilities = mKey.connection().getCapabilities(MSC_TAG_CAPABLE_RSA);
+ if (rsaCapabilities & MSC_CAPABLE_RSA_NOPAD)
+ {
+ secdebug("crypto", "decrypt: card supports RSA_NOPAD");
+ // Decrypt the inputData using the token
+ mKey.computeCrypt(MSC_MODE_RSA_NOPAD, MSC_DIR_DECRYPT, cipher.Data, cipher.Length, output, outputLength);
+
+ // Now check for proper pkcs1 type 2 padding and remove it.
+ if (outputLength != keyLength || *(output++) != 0 || *(output++) != 2)
+ CssmError::throwMe(CSSMERR_CSP_INVALID_DATA);
+
+ /* Skip over padding data */
+ outputLength -= 2; // We already skiped the 00 02 at the start of the block.
+ size_t padSize;
+ for (padSize = 0; padSize < outputLength; ++padSize)
+ if (*(output++) == 0) break;
+
+ if (padSize == outputLength || padSize < 8)
+ CssmError::throwMe(CSSMERR_CSP_INVALID_DATA);
+
+ outputLength -= padSize + 1; /* Don't count the 00 at the end of the padding. */
+ }
+ else if (rsaCapabilities & MSC_CAPABLE_RSA_PKCS1)
+ {
+ secdebug("crypto", "generateSignature: card only supports RSA_PKCS1");
+ // Decrypt the inputData using the token
+ mKey.computeCrypt(MSC_MODE_RSA_PAD_PKCS1, MSC_DIR_DECRYPT, cipher.Data, cipher.Length, output, outputLength);
+ }
+ else
+ {
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED); // @@@ Look for a better error.
+ }
+
+ // @@@ Switch to using tokend allocators
+ clear.Data = reinterpret_cast<uint8 *>(malloc(outputLength));
+ // Finally copy the result into the clear buffer and set the length.
+ memcpy(clear.Data, output, outputLength);
+ clear.Length = outputLength;
+}
+
+void MuscleCardKeyHandle::exportKey(const Context &context, const AccessCredentials *cred,
+ CssmKey &wrappedKey)
+{
+ wrappedKey.clearPod();
+ wrappedKey.header().HeaderVersion = CSSM_KEYHEADER_VERSION;
+ wrappedKey.header().cspGuid(Guid::overlay(gGuidAppleSdCSPDL));
+ wrappedKey.blobType(CSSM_KEYBLOB_RAW);
+
+ uint32_t keyType = mKey.type();
+ uint32 algID;
+ uint32 keyClass;
+ CSSM_KEYBLOB_FORMAT format;
+
+ switch (keyType)
+ {
+ case MSC_KEY_RSA_PRIVATE:
+ format = CSSM_KEYBLOB_RAW_FORMAT_NONE;
+ keyClass = CSSM_KEYCLASS_PRIVATE_KEY;
+ algID = CSSM_ALGID_RSA;
+ break;
+
+ case MSC_KEY_RSA_PRIVATE_CRT:
+ format = CSSM_KEYBLOB_RAW_FORMAT_PKCS1;
+ keyClass = CSSM_KEYCLASS_PRIVATE_KEY;
+ algID = CSSM_ALGID_RSA;
+ break;
+
+ case MSC_KEY_RSA_PUBLIC:
+ format = CSSM_KEYBLOB_RAW_FORMAT_PKCS1;
+ keyClass = CSSM_KEYCLASS_PUBLIC_KEY;
+ algID = CSSM_ALGID_RSA;
+ break;
+
+ case MSC_KEY_DSA_PRIVATE:
+ format = CSSM_KEYBLOB_RAW_FORMAT_FIPS186;
+ keyClass = CSSM_KEYCLASS_PRIVATE_KEY;
+ algID = CSSM_ALGID_DSA;
+ break;
+
+ case MSC_KEY_DSA_PUBLIC:
+ format = CSSM_KEYBLOB_RAW_FORMAT_FIPS186;
+ keyClass = CSSM_KEYCLASS_PUBLIC_KEY;
+ algID = CSSM_ALGID_DSA;
+ break;
+
+ case MSC_KEY_DES:
+ format = CSSM_KEYBLOB_RAW_FORMAT_NONE;
+ keyClass = CSSM_KEYCLASS_SESSION_KEY;
+ algID = CSSM_ALGID_DES;
+ break;
+
+ case MSC_KEY_3DES:
+ format = CSSM_KEYBLOB_RAW_FORMAT_NONE;
+ keyClass = CSSM_KEYCLASS_SESSION_KEY;
+ // @@@ Which algid is this?
+ algID = CSSM_ALGID_3DES;
+ //algID = CSSM_ALGID_3DES_3KEY_EDE;
+ //algID = CSSM_ALGID_3DES_2KEY_EDE;
+ //algID = CSSM_ALGID_3DES_1KEY_EEE;
+ //algID = CSSM_ALGID_3DES_3KEY_EEE;
+ //algID = CSSM_ALGID_3DES_2KEY_EEE;
+ break;
+
+ case MSC_KEY_3DES3:
+ format = CSSM_KEYBLOB_RAW_FORMAT_NONE;
+ keyClass = CSSM_KEYCLASS_SESSION_KEY;
+ // @@@ Which algid is this?
+ algID = CSSM_ALGID_3DES_3KEY_EDE;
+ //algID = CSSM_ALGID_3DES_3KEY_EEE;
+ break;
+
+ default:
+ format = CSSM_KEYBLOB_RAW_FORMAT_OTHER;
+ keyClass = CSSM_KEYCLASS_OTHER;
+ algID = CSSM_ALGID_CUSTOM;
+ break;
+ }
+
+ wrappedKey.blobFormat(format);
+ wrappedKey.algorithm(algID);
+ wrappedKey.keyClass(keyClass);
+ wrappedKey.header().LogicalKeySizeInBits = mKey.size() / 8;
+
+ wrappedKey.header().KeyAttr = CSSM_KEYATTR_MODIFIABLE | CSSM_KEYATTR_EXTRACTABLE;
+
+#if 0
+ CSSM_KEYUSE usage =
+ (mr.metaAttribute(kSecKeyEncrypt).attribute(tokenContext, record).boolValue() ? CSSM_KEYUSE_ENCRYPT : 0)
+ | (mr.metaAttribute(kSecKeyDecrypt).attribute(tokenContext, record).boolValue() ? CSSM_KEYUSE_DECRYPT : 0)
+ | (mr.metaAttribute(kSecKeySign).attribute(tokenContext, record).boolValue() ? CSSM_KEYUSE_SIGN : 0)
+ | (mr.metaAttribute(kSecKeyVerify).attribute(tokenContext, record).boolValue() ? CSSM_KEYUSE_VERIFY : 0)
+ | (mr.metaAttribute(kSecKeySignRecover).attribute(tokenContext, record).boolValue() ? CSSM_KEYUSE_SIGN_RECOVER : 0)
+ | (mr.metaAttribute(kSecKeyVerifyRecover).attribute(tokenContext, record).boolValue() ? CSSM_KEYUSE_VERIFY_RECOVER : 0)
+ | (mr.metaAttribute(kSecKeyWrap).attribute(tokenContext, record).boolValue() ? CSSM_KEYUSE_WRAP : 0)
+ | (mr.metaAttribute(kSecKeyUnwrap).attribute(tokenContext, record).boolValue() ? CSSM_KEYUSE_UNWRAP : 0)
+ | (mr.metaAttribute(kSecKeyDerive).attribute(tokenContext, record).boolValue() ? CSSM_KEYUSE_DERIVE : 0);
+ if (usage == (CSSM_KEYUSE_ENCRYPT | CSSM_KEYUSE_DECRYPT | CSSM_KEYUSE_SIGN | CSSM_KEYUSE_VERIFY
+ | CSSM_KEYUSE_SIGN_RECOVER | CSSM_KEYUSE_VERIFY_RECOVER
+ | CSSM_KEYUSE_WRAP | CSSM_KEYUSE_UNWRAP | CSSM_KEYUSE_DERIVE))
+ usage = CSSM_KEYUSE_ANY;
+
+ wrappedKey.header().KeyUsage = usage;
+#else
+ wrappedKey.header().KeyUsage = CSSM_KEYUSE_ANY;
+#endif
+
+ wrappedKey.KeyData.Length = mKey.size() / 8;
+ void *buffer = malloc(wrappedKey.KeyData.Length);
+ wrappedKey.KeyData.Data = reinterpret_cast<uint8 *>(buffer);
+ mKey.exportKey(buffer, wrappedKey.KeyData.Length);
+}
+
+void MuscleCardKeyHandle::getOwner(AclOwnerPrototype &owner)
+{
+ // we don't really know (right now), so claim we're owned by PIN #0
+ if (!mAclOwner) {
+ Allocator &alloc = Allocator::standard();
+ mAclOwner.allocator(alloc);
+
+ unsigned int acl = mKey.keyACL.readPermission;
+ if (acl == MSC_AUT_NONE)
+ acl = mKey.keyACL.writePermission;
+ if (acl == MSC_AUT_NONE)
+ acl = mKey.keyACL.usePermission;
+ if (acl == MSC_AUT_NONE) {
+ // nobody can do anything with this key? how useless...
+ mAclOwner = AclFactory::NobodySubject(alloc);
+ } else if (acl == MSC_AUT_ALL) {
+ // no restrictions - an ANY ACL
+ mAclOwner = AclFactory::AnySubject(alloc);
+ } else {
+ // we don't currently support ownership by multiple PINs:
+ // pick the first one and ignore the rest
+ for (unsigned n = 0; n < 5; n++)
+ if (acl & (MSC_AUT_PIN_0 << n)) {
+ mAclOwner = AclFactory::PinSubject(alloc, n);
+ break;
+ }
+ // ignoring the KEY and USER bits -- whatever they might be
+ }
+ }
+ owner = mAclOwner;
+}
+
+void MuscleCardKeyHandle::getAcl(const char *tag, uint32 &count, AclEntryInfo *&acls)
+{
+ // we don't (yet) support queries by tag
+ if (tag)
+ CssmError::throwMe(CSSM_ERRCODE_INVALID_ACL_ENTRY_TAG);
+
+ if (!mAclEntries) {
+ mAclEntries.allocator(Allocator::standard());
+ // Anyone can read the DB record for this key (which is a reference CSSM_KEY)
+ mAclEntries.add(CssmClient::AclFactory::AnySubject(mAclEntries.allocator()),
+ AclAuthorizationSet(CSSM_ACL_AUTHORIZATION_DB_READ, 0));
+ // READ -> unwrap (extract)
+ keyAcl(mKey.keyACL.readPermission, AclAuthorizationSet(
+ CSSM_ACL_AUTHORIZATION_EXPORT_CLEAR,
+ CSSM_ACL_AUTHORIZATION_EXPORT_WRAPPED,
+ 0));
+ // WRITE is currently ignored
+ // USE will have to serve for all crypto operations (pity that)
+ keyAcl(mKey.keyACL.usePermission, AclAuthorizationSet(
+ CSSM_ACL_AUTHORIZATION_ENCRYPT,
+ CSSM_ACL_AUTHORIZATION_DECRYPT,
+ CSSM_ACL_AUTHORIZATION_SIGN,
+ CSSM_ACL_AUTHORIZATION_MAC,
+ CSSM_ACL_AUTHORIZATION_DERIVE,
+ 0));
+ }
+ count = mAclEntries.size();
+ acls = mAclEntries.entries();
+}
+
+void MuscleCardKeyHandle::keyAcl(unsigned int acl, const AclAuthorizationSet &auths)
+{
+ Allocator &alloc = mAclEntries.allocator();
+ if (acl == MSC_AUT_NONE) {
+ // there's no way to do this... so say nothing
+ } else if (acl == MSC_AUT_ALL) {
+ // no restrictions - add an ANY ACL
+ mAclEntries.add(AclFactory::AnySubject(alloc), auths);
+ } else {
+ // general case: for each enabling PIN, issue an ACL entry
+ // (we could form a 1-of-n ACL, but that would complicate the sample set)
+ for (unsigned n = 0; n < 5; n++)
+ if (acl & (MSC_AUT_PIN_0 << n))
+ mAclEntries.add(AclFactory::PinSubject(alloc, n), auths);
+ // ignoring the KEY and USER bits -- whatever they might be
+ }
+}
+
+
+//
+// MuscleCardKeyHandleFactory
+//
+MuscleCardKeyHandleFactory::~MuscleCardKeyHandleFactory()
+{
+}
+
+
+Tokend::KeyHandle *MuscleCardKeyHandleFactory::keyHandle(Tokend::TokenContext *tokenContext,
+ const Tokend::MetaRecord &metaRecord, Tokend::Record &record) const
+{
+ KeyRecord &keyRecord = dynamic_cast<KeyRecord &>(record);
+ return new MuscleCardKeyHandle(metaRecord, record, keyRecord.key());
+}
+
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/MuscleCardKeyHandle.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/MuscleCardKeyHandle.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/MuscleCardKeyHandle.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,90 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * MuscleCardKeyHandle.h
+ * TokendMuscle
+ */
+
+#ifndef _MUSCLECARDKEYHANDLE_H_
+#define _MUSCLECARDKEYHANDLE_H_
+
+#include "KeyHandle.h"
+
+class MscKey;
+
+//
+// A KeyHandle object which implements the crypto interface to muscle.
+//
+class MuscleCardKeyHandle: public Tokend::KeyHandle
+{
+ NOCOPY(MuscleCardKeyHandle)
+public:
+ MuscleCardKeyHandle(const Tokend::MetaRecord &metaRecord,
+ Tokend::Record &record, MscKey &key);
+ ~MuscleCardKeyHandle();
+
+ virtual void getKeySize(CSSM_KEY_SIZE &keySize);
+ virtual uint32 getOutputSize(const Context &context, uint32 inputSize, bool encrypting);
+ virtual void generateSignature(const Context &context, CSSM_ALGORITHMS signOnly, const CssmData &input, CssmData &signature);
+ virtual void verifySignature(const Context &context, CSSM_ALGORITHMS signOnly, const CssmData &input, const CssmData &signature);
+ virtual void generateMac(const Context &context, const CssmData &input, CssmData &output);
+ virtual void verifyMac(const Context &context, const CssmData &input, const CssmData &compare);
+ virtual void encrypt(const Context &context, const CssmData &clear, CssmData &cipher);
+ virtual void decrypt(const Context &context, const CssmData &cipher, CssmData &clear);
+
+ virtual void exportKey(const Context &context, const AccessCredentials *cred,
+ CssmKey &wrappedKey);
+
+ virtual void getOwner(AclOwnerPrototype &owner);
+ virtual void getAcl(const char *tag, uint32 &count, AclEntryInfo *&aclList);
+
+private:
+ MscKey &mKey;
+
+ // temporary ACL cache hack - to be removed
+ AutoAclOwnerPrototype mAclOwner;
+ AutoAclEntryInfoList mAclEntries;
+
+ void keyAcl(unsigned int acl, const AclAuthorizationSet &auths);
+};
+
+
+//
+// A factory that creates MuscleCardKeyHandle objects.
+//
+class MuscleCardKeyHandleFactory : public Tokend::KeyHandleFactory
+{
+ NOCOPY(MuscleCardKeyHandleFactory)
+public:
+ MuscleCardKeyHandleFactory() {}
+ virtual ~MuscleCardKeyHandleFactory();
+
+ virtual Tokend::KeyHandle *keyHandle(Tokend::TokenContext *tokenContext,
+ const Tokend::MetaRecord &metaRecord, Tokend::Record &record) const;
+};
+
+
+#endif /* !_MUSCLECARDKEYHANDLE_H_ */
+
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/MuscleCardSchema.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/MuscleCardSchema.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/MuscleCardSchema.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,120 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * MuscleCardSchema.cpp
+ * TokendMuscle
+ */
+
+#include "MuscleCardSchema.h"
+
+#include "MetaAttribute.h"
+#include "MetaRecord.h"
+
+#include <PCSC/musclecard.h>
+#include <Security/SecCertificate.h>
+#include <Security/SecKeychainItem.h>
+#include <Security/SecKey.h>
+
+using namespace Tokend;
+
+MuscleCardSchema::MuscleCardSchema() :
+ mEncryptCoder(MSC_KEYPOLICY_DIR_ENCRYPT),
+ mDecryptCoder(MSC_KEYPOLICY_DIR_DECRYPT),
+ mSignCoder(MSC_KEYPOLICY_DIR_SIGN),
+ mVerifyCoder(MSC_KEYPOLICY_DIR_VERIFY)
+{
+}
+
+MuscleCardSchema::~MuscleCardSchema()
+{
+}
+
+Tokend::Relation *MuscleCardSchema::createKeyRelation(CSSM_DB_RECORDTYPE keyType)
+{
+ Relation *rn = createStandardRelation(keyType);
+
+ // Set up coders for key records.
+ MetaRecord &mr = rn->metaRecord();
+ mr.keyHandleFactory(&mMuscleCardKeyHandleFactory);
+
+ // Print name of a key might as well be the key name.
+ mr.attributeCoder(kSecKeyPrintName, &mKeyNameCoder);
+
+ // Other key valuess
+ mr.attributeCoder(kSecKeyKeyType, &mKeyAlgorithmCoder);
+ mr.attributeCoder(kSecKeyKeySizeInBits, &mKeySizeCoder);
+ // @@@ Should be different for 3DES keys.
+ mr.attributeCoder(kSecKeyEffectiveKeySize, &mKeySizeCoder);
+
+ // Key attributes
+ mr.attributeCoder(kSecKeyExtractable, &mKeyExtractableCoder);
+ mr.attributeCoder(kSecKeySensitive, &mKeySensitiveCoder);
+ mr.attributeCoder(kSecKeyModifiable, &mKeyModifiableCoder);
+ mr.attributeCoder(kSecKeyPrivate, &mKeyPrivateCoder);
+ // Made up since muscle doesn't tell us these.
+ mr.attributeCoder(kSecKeyNeverExtractable, &mFalseCoder);
+ mr.attributeCoder(kSecKeyAlwaysSensitive, &mFalseCoder);
+
+ // Key usage
+ mr.attributeCoder(kSecKeyEncrypt, &mEncryptCoder);
+ mr.attributeCoder(kSecKeyDecrypt, &mDecryptCoder);
+ mr.attributeCoder(kSecKeyWrap, &mEncryptCoder);
+ mr.attributeCoder(kSecKeyUnwrap, &mDecryptCoder);
+ mr.attributeCoder(kSecKeySign, &mSignCoder);
+ mr.attributeCoder(kSecKeyVerify, &mVerifyCoder);
+ // Made up since muscle doesn't tell us these.
+ mr.attributeCoder(kSecKeyDerive, &mFalseCoder);
+ mr.attributeCoder(kSecKeySignRecover, &mFalseCoder);
+ mr.attributeCoder(kSecKeyVerifyRecover, &mFalseCoder);
+
+ return rn;
+}
+
+void MuscleCardSchema::create()
+{
+ Schema::create();
+
+ /* Relation *rn_priv = */ createKeyRelation(CSSM_DL_DB_RECORD_PRIVATE_KEY);
+ Relation *rn_publ = createKeyRelation(CSSM_DL_DB_RECORD_PUBLIC_KEY);
+ Relation *rn_symm = createKeyRelation(CSSM_DL_DB_RECORD_SYMMETRIC_KEY);
+ Relation *rn_ce = createStandardRelation(CSSM_DL_DB_RECORD_X509_CERTIFICATE);
+
+ // @@@ We need a coder that calculates the public key hash of a public key
+ rn_publ->metaRecord().attributeCoder(kSecKeyLabel, &mZeroCoder);
+
+ // For symmetric keys we use the object id as the label.
+ rn_symm->metaRecord().attributeCoder(kSecKeyLabel, &mKeyNameCoder);
+
+ // Set coders for certificate attributes.
+ MetaRecord &mr_cert = rn_ce->metaRecord();
+ mr_cert.attributeCoderForData(&mMscDataAttributeCoder);
+
+ // Create the generic table
+ // @@@ HARDWIRED @@@
+ Relation *rn_gen = createStandardRelation(CSSM_DL_DB_RECORD_GENERIC);
+ MetaRecord &mr_gen = rn_gen->metaRecord();
+ mr_gen.attributeCoderForData(&mMscDataAttributeCoder);
+ mr_gen.attributeCoder(kSecLabelItemAttr, &mObjectIDCoder);
+}
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/MuscleCardSchema.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/MuscleCardSchema.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/MuscleCardSchema.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,80 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * MuscleCardSchema.h
+ * TokendMuscle
+ */
+
+#ifndef _MUSCLECARDSCHEMA_H_
+#define _MUSCLECARDSCHEMA_H_
+
+#include "Schema.h"
+#include "MuscleCardAttributeCoder.h"
+#include "MuscleCardKeyHandle.h"
+
+namespace Tokend
+{
+ class Relation;
+ class MetaRecord;
+ class AttributeCoder;
+}
+
+class MuscleCardSchema : public Tokend::Schema
+{
+ NOCOPY(MuscleCardSchema)
+public:
+ MuscleCardSchema();
+ virtual ~MuscleCardSchema();
+
+ virtual void create();
+protected:
+ Tokend::Relation *createKeyRelation(CSSM_DB_RECORDTYPE keyType);
+
+private:
+ // Coders we need.
+ MscDataAttributeCoder mMscDataAttributeCoder;
+ ObjectIDAttributeCoder mObjectIDCoder;
+ KeyNameAttributeCoder mKeyNameCoder;
+
+ KeyAlgorithmAttributeCoder mKeyAlgorithmCoder;
+
+ // Coders for attributes of keys
+ KeyExtractableAttributeCoder mKeyExtractableCoder;
+ KeySensitiveAttributeCoder mKeySensitiveCoder;
+ KeyModifiableAttributeCoder mKeyModifiableCoder;
+ KeyPrivateAttributeCoder mKeyPrivateCoder;
+
+ // Coders for Directions (or usage bits) of keys
+ KeyDirectionAttributeCoder mEncryptCoder;
+ KeyDirectionAttributeCoder mDecryptCoder;
+ KeyDirectionAttributeCoder mSignCoder;
+ KeyDirectionAttributeCoder mVerifyCoder;
+
+ KeySizeAttributeCoder mKeySizeCoder;
+
+ MuscleCardKeyHandleFactory mMuscleCardKeyHandleFactory;
+};
+
+#endif /* !_MUSCLECARDSCHEMA_H_ */
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/MuscleCardToken.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/MuscleCardToken.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/MuscleCardToken.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,297 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * MuscleCardToken.cpp
+ * TokendMuscle
+ */
+
+#include "MuscleCardToken.h"
+#include "Adornment.h"
+
+#include "Adornment.h"
+#include "AttributeCoder.h"
+#include "KeyRecord.h"
+#include "TokenRecord.h"
+#include "Msc/MscToken.h"
+#include "Msc/MscTokenConnection.h"
+#include "Msc/MscWrappers.h"
+#include "MuscleCardSchema.h"
+#include <security_cdsa_client/aclclient.h>
+#include <map>
+#include <vector>
+
+using CssmClient::AclFactory;
+
+
+MuscleCardToken::MuscleCardToken() : mConnection(NULL)
+{
+}
+
+MuscleCardToken::~MuscleCardToken()
+{
+ delete mTokenContext;
+ delete mSchema;
+ delete mConnection;
+}
+
+uint32 MuscleCardToken::probe(SecTokendProbeFlags flags, char tokenUid[TOKEND_MAX_UID])
+{
+ MscTokenInfo tinfo(*(*startupReaderInfo)());
+ MscTokenConnection tc(tinfo);
+ tc.connect();
+ tc.release();
+ if (flags!=kSecTokendProbeDefault)
+ ;
+ return 50;
+}
+
+void MuscleCardToken::establish(const CSSM_GUID *guid, uint32 subserviceId,
+ SecTokendEstablishFlags flags, const char *cacheDirectory, const char *workDirectory,
+ char mdsDirectory[PATH_MAX], char printName[PATH_MAX])
+{
+ MscTokenInfo tinfo(*(*startupReaderInfo)());
+ mConnection = new MscTokenConnection(tinfo);
+ mConnection->connect();
+ ::strncpy(printName, mConnection->tokenInfo.tokenName, PATH_MAX);
+ mTokenContext = new MscToken(mConnection);
+ static_cast<MscToken *>(mTokenContext)->loadobjects();
+ mSchema = new MuscleCardSchema();
+ mSchema->create();
+
+ populate();
+}
+
+//
+// Authenticate to the token
+//
+void MuscleCardToken::authenticate(CSSM_DB_ACCESS_TYPE mode, const AccessCredentials *cred)
+{
+ if (cred) {
+ if (cred->tag() && !strncmp(cred->tag(), "PIN", 3)) { // tag="PINk"; unlock a PIN
+ if (cred->size() != 1)
+ CssmError::throwMe(CSSM_ERRCODE_INVALID_SAMPLE_VALUE); // just one, please
+ const TypedList &sample = (*cred)[0];
+ switch (sample.type()) {
+ case CSSM_SAMPLE_TYPE_PASSWORD:
+ case CSSM_SAMPLE_TYPE_PROMPTED_PASSWORD:
+ {
+ unsigned int slot;
+ sscanf(cred->tag()+3, "%d", &slot); // "PINn"
+ secdebug("muscleacl", "verifying PIN%d", slot);
+ mConnection->verifyPIN(slot, sample[1].toString());
+ secdebug("muscleacl", "verify successful");
+ }
+ break;
+ default:
+ secdebug("muscleacl", "sample type %d not supported", sample.type());
+ CssmError::throwMe(CSSM_ERRCODE_ACL_SUBJECT_TYPE_NOT_SUPPORTED);
+ }
+ } else
+ secdebug("muscleacl", "authenticate without PIN tag ignored");
+ } else
+ secdebug("muscleacl", "authenticate(NULL) ignored");
+}
+
+
+//
+// Database-level ACLs
+//
+void MuscleCardToken::getOwner(AclOwnerPrototype &owner)
+{
+ // MUSCLE defines ACLs on card initialization, but doesn't seem to allow
+ // them to be read out after the card has been personalized.
+ // In absence of any meaningful information, blame PIN #0.
+ if (!mAclOwner) {
+ mAclOwner.allocator(Allocator::standard());
+ mAclOwner = AclFactory::PinSubject(Allocator::standard(), 0);
+ }
+ owner = mAclOwner;
+}
+
+
+void MuscleCardToken::getAcl(const char *tag, uint32 &count, AclEntryInfo *&acls)
+{
+ // we don't (yet) support queries by tag
+ if (tag)
+ CssmError::throwMe(CSSM_ERRCODE_INVALID_ACL_ENTRY_TAG);
+
+ Allocator &alloc = Allocator::standard();
+ // get pin list, then for each pin
+ if (!mAclEntries) {
+ mAclEntries.allocator(alloc);
+ // Anyone can read any record from this db.
+ // We don't support insertion modification or deletion yet.
+ mAclEntries.add(CssmClient::AclFactory::AnySubject(mAclEntries.allocator()),
+ AclAuthorizationSet(CSSM_ACL_AUTHORIZATION_DB_READ, 0));
+ // for each PIN on the card...
+ unsigned int pins = mConnection->listPins();
+ for (unsigned n = 0; n < 16; n++)
+ if (pins & (1 << n)) {
+ // add a PIN slot for PASSWORD and PROTECTED_PASSWORD credentials
+ mAclEntries.addPin(AclFactory::PWSubject(alloc), n);
+ mAclEntries.addPin(AclFactory::PromptPWSubject(alloc, CssmData()), n);
+ }
+ }
+
+ // return the ACL vector
+ count = mAclEntries.size();
+ acls = mAclEntries.entries();
+}
+
+
+#pragma mark ---------------- CAC Specific --------------
+
+void MuscleCardToken::populate()
+{
+ secdebug("populate", "MuscleCardToken::populate() begin");
+
+ Tokend::Relation &certRelation = mSchema->findRelation(CSSM_DL_DB_RECORD_X509_CERTIFICATE);
+ Tokend::Relation &dataRelation = mSchema->findRelation(CSSM_DL_DB_RECORD_GENERIC);
+ Tokend::Relation &privateKeyRelation = mSchema->findRelation(CSSM_DL_DB_RECORD_PRIVATE_KEY);
+ Tokend::Relation &publicKeyRelation = mSchema->findRelation(CSSM_DL_DB_RECORD_PUBLIC_KEY);
+ Tokend::Relation &symmetricKeyRelation = mSchema->findRelation(CSSM_DL_DB_RECORD_SYMMETRIC_KEY);
+
+ // Map from number to certs.
+ typedef std::map< UInt32, RefPointer<Tokend::Record> > CertificateMap;
+ CertificateMap certificates;
+
+ typedef std::vector<RefPointer<KeyRecord> > KeyVector;
+ KeyVector keys;
+
+ // The first time through, we insert cert and data records. We skip attribute records
+ // so that we can add them as adornments to records that will exist after this pass
+ for (MscToken::ObjIterator it = static_cast<MscToken *>(mTokenContext)->begin();
+ it != static_cast<MscToken *>(mTokenContext)->end();
+ ++it)
+ {
+ MscObject *obj = it->second;
+ std::string objid = obj->objid();
+
+ secdebug("populate", "Found object with id: %s", objid.c_str());
+
+ switch (objid[0])
+ {
+ case 'C': // insert in cert relation
+ {
+ RefPointer<Tokend::Record> record(new TokenRecord(objid));
+ certRelation.insertRecord(record);
+ UInt32 certNum = atoi(objid.c_str() + 1);
+ certificates.insert(std::pair<UInt32, RefPointer<Tokend::Record> >(certNum, record));
+ }
+ break;
+ case 'k': // this will become an adornment for key record
+#if 0
+ {
+ // @@@ Move this define to a msc header
+#define CKO_CAC_PRIVATE_KEY 0x03000000
+ RefPointer<KeyRecord> keyRecord(new KeyRecord(*obj));
+ uint32_t cka_class = keyRecord->attributeValueAsUint32(CKA_CLASS);
+ switch (cka_class)
+ {
+ case CKO_PRIVATE_KEY:
+ case CKO_CAC_PRIVATE_KEY:
+ secdebug("populate", "Inserting private key with id: %s CKA_CLASS: %08X", objid.c_str(), cka_class);
+ privateKeyRelation.insertRecord(keyRecord);
+ keys.push_back(keyRecord);
+ break;
+ case CKO_PUBLIC_KEY:
+ case CKO_SECRET_KEY:
+ default:
+ secdebug("populate", "Ignoring key with id: %s CKA_CLASS: %08X", objid.c_str(), cka_class);
+ break;
+ }
+ }
+ break;
+#endif
+ case 'c': // this might become an adornment for cert record
+ secdebug("populate", "Ignoring object with id: %s", objid.c_str());
+ break;
+ default: // insert as data record
+ {
+ RefPointer<Tokend::Record> record(new TokenRecord(objid));
+ dataRelation.insertRecord(record);
+ }
+ break;
+ }
+ }
+
+ // The first time through, we insert cert and data records. We skip attribute records
+ // so that we can add them as adornments to records that will exist after this pass
+ for (MscToken::ConstKeyIterator it = static_cast<MscToken *>(mTokenContext)->kbegin();
+ it != static_cast<MscToken *>(mTokenContext)->kend();
+ ++it)
+ {
+ MscKey *key = it->second;
+ IFDUMPING("key", key->debugDump());
+ {
+ RefPointer<KeyRecord> keyRecord(new KeyRecord(*key));
+ uint32_t type = key->type();
+ switch (type)
+ {
+ case MSC_KEY_RSA_PRIVATE:
+ case MSC_KEY_RSA_PRIVATE_CRT:
+ case MSC_KEY_DSA_PRIVATE:
+ secdebug("populate", "Inserting private key with type: %02X", type);
+ privateKeyRelation.insertRecord(keyRecord);
+ keys.push_back(keyRecord);
+ break;
+ case MSC_KEY_RSA_PUBLIC:
+ case MSC_KEY_DSA_PUBLIC:
+ secdebug("populate", "Inserting public key with type: %02X", type);
+ publicKeyRelation.insertRecord(keyRecord);
+ keys.push_back(keyRecord);
+ break;
+ case MSC_KEY_DES:
+ case MSC_KEY_3DES:
+ case MSC_KEY_3DES3:
+ secdebug("populate", "Inserting symmetric key with type: %02X", type);
+ symmetricKeyRelation.insertRecord(keyRecord);
+ keys.push_back(keyRecord);
+ break;
+ default:
+ secdebug("populate", "Ignoring key with type: %02X", type);
+ break;
+ }
+ }
+ }
+
+ for (KeyVector::const_iterator ks_it = keys.begin(); ks_it != keys.end(); ++ks_it)
+ {
+ UInt32 keyNum = (*ks_it)->key().number();
+ CertificateMap::const_iterator cs_it = certificates.find(keyNum);
+ if (cs_it == certificates.end())
+ {
+ secdebug("populate", "No certificate found for key: %lu", keyNum);
+ }
+ else
+ {
+ secdebug("populate", "Linked key: K%lu to certificate C%lu", keyNum, keyNum);
+ (*ks_it)->setAdornment(mSchema->publicKeyHashCoder().certificateKey(),
+ new Tokend::LinkedRecordAdornment(cs_it->second));
+ }
+ }
+
+ secdebug("populate", "MuscleCardToken::populate() end");
+}
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/MuscleCardToken.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/MuscleCardToken.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/MuscleCardToken.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,68 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * MuscleCardToken.h
+ * TokendMuscle
+ */
+
+#ifndef _MUSCLECARDTOKEN_H_
+#define _MUSCLECARDTOKEN_H_
+
+#include <Token.h>
+
+class MscTokenConnection;
+
+//
+// "The" token
+//
+class MuscleCardToken : public Tokend::Token
+{
+ NOCOPY(MuscleCardToken)
+public:
+ MuscleCardToken();
+ ~MuscleCardToken();
+
+ virtual uint32 probe(SecTokendProbeFlags flags, char tokenUid[TOKEND_MAX_UID]);
+ virtual void establish(const CSSM_GUID *guid, uint32 subserviceId,
+ SecTokendEstablishFlags flags, const char *cacheDirectory, const char *workDirectory,
+ char mdsDirectory[PATH_MAX], char printName[PATH_MAX]);
+ virtual void authenticate(CSSM_DB_ACCESS_TYPE mode, const AccessCredentials *cred);
+ virtual void getOwner(AclOwnerPrototype &owner);
+ virtual void getAcl(const char *tag, uint32 &count, AclEntryInfo *&acls);
+
+protected:
+
+ void populate();
+
+public:
+ MscTokenConnection *mConnection;
+
+ // temporary ACL cache hack - to be removed
+ AutoAclOwnerPrototype mAclOwner;
+ AutoAclEntryInfoList mAclEntries;
+};
+
+
+#endif /* !_MUSCLECARDTOKEN_H_ */
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/TokenRecord.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/TokenRecord.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/TokenRecord.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,42 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * TokenRecord.cpp
+ * TokendMuscle
+ */
+
+#include "TokenRecord.h"
+
+using namespace Tokend;
+
+TokenRecord::TokenRecord(const std::string &objectID) :
+ mObjectID(objectID)
+{
+}
+
+TokenRecord::~TokenRecord()
+{
+}
+
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/TokenRecord.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/TokenRecord.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/TokenRecord.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,50 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * TokenRecord.h
+ * TokendMuscle
+ */
+
+#ifndef _TOKENRECORD_H_
+#define _TOKENRECORD_H_
+
+#include "Record.h"
+#include <string>
+
+class TokenRecord : public Tokend::Record
+{
+ NOCOPY(TokenRecord)
+public:
+ TokenRecord(const std::string &objectID);
+ virtual ~TokenRecord();
+
+ std::string objid() const { return mObjectID; }
+
+private:
+ std::string mObjectID; // we don't need full MscObjectInfo, since MscToken only needs objid
+};
+
+#endif /* !_TOKENRECORD_H_ */
+
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/mds/musclecard_csp_capabilities.mdsinfo
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/mds/musclecard_csp_capabilities.mdsinfo (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/mds/musclecard_csp_capabilities.mdsinfo 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist SYSTEM "file://localhost/System/Library/DTDs/PropertyList.dtd">
+<plist version="0.9">
+<dict>
+ <key>Capabilities</key>
+ <string>file:musclecard_csp_capabilities_common.mds</string>
+ <key>MdsFileDescription</key>
+ <string>MuscleCard Token CSPDL CSP Capabilities</string>
+ <key>MdsFileType</key>
+ <string>PluginSpecific</string>
+ <key>MdsRecordType</key>
+ <string>MDS_CDSADIR_CSP_CAPABILITY_RECORDTYPE</string>
+</dict>
+</plist>
Added: releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/mds/musclecard_csp_capabilities_common.mds
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/mds/musclecard_csp_capabilities_common.mds (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/mds/musclecard_csp_capabilities_common.mds 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,903 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<array>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_SHA1</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_OUTPUT_SIZE</string>
+ <key>AttributeValue</key>
+ <integer>20</integer>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_DIGEST</string>
+ <key>Description</key>
+ <string>SHA1 Digest</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_MD5</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_OUTPUT_SIZE</string>
+ <key>AttributeValue</key>
+ <integer>16</integer>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_DIGEST</string>
+ <key>Description</key>
+ <string>MD5 Digest</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_MD2</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_OUTPUT_SIZE</string>
+ <key>AttributeValue</key>
+ <integer>16</integer>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_DIGEST</string>
+ <key>Description</key>
+ <string>MD2 Digest</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_RSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>RSA Key Pair Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_DES</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_KEY_LENGTH</string>
+ <key>AttributeValue</key>
+ <integer>64</integer>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>DES Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_3DES_3KEY</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_KEY_LENGTH</string>
+ <key>AttributeValue</key>
+ <integer>192</integer>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>3DES Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_RC2</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>RC2 Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_RC4</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>RC4 Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_RC5</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>RC5 Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_CAST</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>New item</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>CAST Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_BLOWFISH</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>Blowfish Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_SHA1HMAC</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>SHA1HMAC Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_MD5HMAC</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>MD5HMAC Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_AES</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_KEY_LENGTH</string>
+ <key>AttributeValue</key>
+ <array>
+ <integer>128</integer>
+ <integer>192</integer>
+ <integer>256</integer>
+ </array>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>AES Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_ASC</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>ASC Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_FEE</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_KEY_LENGTH</string>
+ <key>AttributeValue</key>
+ <array>
+ <integer>31</integer>
+ <integer>127</integer>
+ <integer>128</integer>
+ <integer>161</integer>
+ <integer>192</integer>
+ </array>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>FEE Key Pair Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_DSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>DSA Key Pair Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_PKCS5_PBKDF2</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_DERIVEKEY</string>
+ <key>Description</key>
+ <string>PKCS5 Key Derivation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_PKCS5_PBKDF1_MD5</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_DERIVEKEY</string>
+ <key>Description</key>
+ <string>PKCS5 PBKDF1 MD5 Key Derivation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_PKCS5_PBKDF1_MD2</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_DERIVEKEY</string>
+ <key>Description</key>
+ <string>PKCS5 PBKDF1 MD2 Key Derivation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_PKCS5_PBKDF1_SHA1</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_DERIVEKEY</string>
+ <key>Description</key>
+ <string>PKCS5 PBKDF1 SHA1 Key Derivation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_DES</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_MODE</string>
+ <key>AttributeValue</key>
+ <array>
+ <integer>2</integer>
+ <integer>3</integer>
+ <integer>5</integer>
+ <integer>6</integer>
+ </array>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SYMMETRIC</string>
+ <key>Description</key>
+ <string>DES Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_3DES_3KEY_EDE</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_MODE</string>
+ <key>AttributeValue</key>
+ <array>
+ <integer>2</integer>
+ <integer>3</integer>
+ <integer>5</integer>
+ <integer>6</integer>
+ </array>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SYMMETRIC</string>
+ <key>Description</key>
+ <string>3DES EDE Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_AES</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_MODE</string>
+ <key>AttributeValue</key>
+ <array>
+ <integer>2</integer>
+ <integer>3</integer>
+ <integer>5</integer>
+ <integer>6</integer>
+ </array>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SYMMETRIC</string>
+ <key>Description</key>
+ <string>AES Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_RC4</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_MODE</string>
+ <key>AttributeValue</key>
+ <array>
+ <integer>0</integer>
+ </array>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SYMMETRIC</string>
+ <key>Description</key>
+ <string>RC4 Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_RC5</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_MODE</string>
+ <key>AttributeValue</key>
+ <array>
+ <integer>2</integer>
+ <integer>3</integer>
+ <integer>5</integer>
+ <integer>6</integer>
+ </array>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SYMMETRIC</string>
+ <key>Description</key>
+ <string>RC5 Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_BLOWFISH</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_MODE</string>
+ <key>AttributeValue</key>
+ <array>
+ <integer>2</integer>
+ <integer>3</integer>
+ <integer>5</integer>
+ <integer>6</integer>
+ </array>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SYMMETRIC</string>
+ <key>Description</key>
+ <string>Blowfish Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_CAST</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_MODE</string>
+ <key>AttributeValue</key>
+ <array>
+ <integer>2</integer>
+ <integer>3</integer>
+ <integer>5</integer>
+ <integer>6</integer>
+ </array>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SYMMETRIC</string>
+ <key>Description</key>
+ <string>CAST Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_RSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_ASYMMETRIC</string>
+ <key>Description</key>
+ <string>RSA Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_FEEDEXP</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_ASYMMETRIC</string>
+ <key>Description</key>
+ <string>FEEDExp Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_FEED</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_ASYMMETRIC</string>
+ <key>Description</key>
+ <string>FEED Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_SHA1WithRSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>SHA1 With RSA Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_MD5WithRSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>MD5 With RSA Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_MD2WithRSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>MD2 With RSA Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_RSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>Raw RSA Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_SHA1WithDSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>SHA1 With DSA Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_DSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>Raw DSA Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_FEE_MD5</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>MD5 with FEE Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_FEE_SHA1</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>SHA1 with FEE Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_FEE</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>Raw FEE Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_SHA1WithECDSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>SHA1 with ECDSA Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_ECDSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>Raw ECDSA Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_SHA1HMAC</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_OUTPUT_SIZE</string>
+ <key>AttributeValue</key>
+ <integer>20</integer>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_MAC</string>
+ <key>Description</key>
+ <string>SHA1HMAC MAC</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_SHA1HMAC_LEGACY</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_OUTPUT_SIZE</string>
+ <key>AttributeValue</key>
+ <integer>20</integer>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_MAC</string>
+ <key>Description</key>
+ <string>SHA1HMAC MAC Legacy</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_APPLE_YARROW</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_RANDOMGEN</string>
+ <key>Description</key>
+ <string>Yarrow PRNG</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+</array>
+</plist>
Added: releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/mds/musclecard_csp_primary.mdsinfo
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/mds/musclecard_csp_primary.mdsinfo (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/mds/musclecard_csp_primary.mdsinfo 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,44 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist SYSTEM "file://localhost/System/Library/DTDs/PropertyList.dtd">
+<plist version="0.9">
+<dict>
+ <key>AclSubjectTypes</key>
+ <array>
+ <string>CSSM_ACL_SUBJECT_TYPE_PASSWORD</string>
+ <string>CSSM_ACL_SUBJECT_TYPE_PROMPTED_PASSWORD</string>
+ <string>CSSM_ACL_SUBJECT_TYPE_PROTECTED_PASSWORD</string>
+ </array>
+ <key>AuthTags</key>
+ <!-- @@@ complete this -->
+ <array>
+ <string>CSSM_ACL_AUTHORIZATION_ANY</string>
+ </array>
+ <key>CspCustomFlags</key>
+ <integer>0</integer>
+ <key>CspFlags</key>
+ <!-- @@@ dynamic -->
+ <string>CSSM_CSP_STORES_PRIVATE_KEYS | CSSM_CSP_STORES_PUBLIC_KEYS | CSSM_CSP_STORES_CERTIFICATES | CSSM_CSP_STORES_GENERIC</string>
+ <key>CspType</key>
+ <string>CSSM_CSP_HARDWARE</string>
+ <key>MdsFileDescription</key>
+ <string>Token CSPDL CSP Primary info</string>
+ <key>MdsFileType</key>
+ <string>PluginSpecific</string>
+ <key>MdsRecordType</key>
+ <string>MDS_CDSADIR_CSP_PRIMARY_RECORDTYPE</string>
+ <key>ModuleName</key>
+ <string>AppleSDCSPDL</string>
+ <key>ProductVersion</key>
+ <string>0.1</string>
+ <key>SampleTypes</key>
+ <array>
+ <string>CSSM_SAMPLE_TYPE_PASSWORD</string>
+ <string>CSSM_SAMPLE_TYPE_PROMPTED_PASSWORD</string>
+ <string>CSSM_SAMPLE_TYPE_PROTECTED_PASSWORD</string>
+ </array>
+ <key>UseeTags</key>
+ <array/>
+ <key>Vendor</key>
+ <string>Apple Computer, Inc.</string>
+</dict>
+</plist>
Added: releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/mds/musclecard_dl_primary.mdsinfo
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/mds/musclecard_dl_primary.mdsinfo (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/mds/musclecard_dl_primary.mdsinfo 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,55 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist SYSTEM "file://localhost/System/Library/DTDs/PropertyList.dtd">
+<plist version="0.9">
+<dict>
+ <key>AclSubjectTypes</key>
+ <array>
+ <string>CSSM_ACL_SUBJECT_TYPE_PASSWORD</string>
+ <string>CSSM_ACL_SUBJECT_TYPE_PROMPTED_PASSWORD</string>
+ <string>CSSM_ACL_SUBJECT_TYPE_PROTECTED_PASSWORD</string>
+ </array>
+ <key>AuthTags</key>
+ <array>
+ <!-- @@@ complete this -->
+ <string>CSSM_ACL_AUTHORIZATION_ANY</string>
+ </array>
+ <key>ConjunctiveOps</key>
+ <array>
+ <string>CSSM_DB_NONE</string>
+ <string>CSSM_DB_AND</string>
+ <string>CSSM_DB_OR</string>
+ </array>
+ <key>DLType</key>
+ <string>CSSM_DL_FFS</string>
+ <key>MdsFileDescription</key>
+ <string>Token CSPDL DL Primary info</string>
+ <key>MdsFileType</key>
+ <string>PluginSpecific</string>
+ <key>MdsRecordType</key>
+ <string>MDS_CDSADIR_DL_PRIMARY_RECORDTYPE</string>
+ <key>ModuleName</key>
+ <string>AppleSDCSPDL</string>
+ <key>ProductVersion</key>
+ <string>0.1</string>
+ <key>QueryLimitsFlag</key>
+ <integer>0</integer>
+ <key>RelationalOps</key>
+ <array>
+ <string>CSSM_DB_EQUAL</string>
+ <string>CSSM_DB_LESS_THAN</string>
+ <string>CSSM_DB_GREATER_THAN</string>
+ <string>CSSM_DB_CONTAINS_FINAL_SUBSTRING</string>
+ <string>CSSM_DB_CONTAINS_INITIAL_SUBSTRING</string>
+ <string>CSSM_DB_CONTAINS</string>
+ <string></string>
+ </array>
+ <key>SampleTypes</key>
+ <array>
+ <string>CSSM_SAMPLE_TYPE_PASSWORD</string>
+ <string>CSSM_SAMPLE_TYPE_PROMPTED_PASSWORD</string>
+ <string>CSSM_SAMPLE_TYPE_PROTECTED_PASSWORD</string>
+ </array>
+ <key>Vendor</key>
+ <string>Apple Computer, Inc.</string>
+</dict>
+</plist>
Added: releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/mds/musclecard_smartcard.mdsinfo
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/mds/musclecard_smartcard.mdsinfo (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/mds/musclecard_smartcard.mdsinfo 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist SYSTEM "file://localhost/System/Library/DTDs/PropertyList.dtd">
+<plist version="0.9">
+<dict>
+ <key>MdsFileDescription</key>
+ <string>SD/CSPDL Generic Smartcard Information</string>
+ <key>MdsRecordType</key>
+ <string>MDS_CDSADIR_CSP_SC_INFO_RECORDTYPE</string>
+ <key>MdsFileType</key>
+ <string>PluginSpecific</string>
+ <key>ScVendor</key>
+ <string>Generic</string>
+ <key>ScVersion</key>
+ <string>unknown</string>
+ <key>ScFirmwareVersion</key>
+ <string>unknown</string>
+ <key>ScFlags</key> <!-- @@@ dynamic -->
+ <integer>0</integer>
+ <key>ScCustomFlags</key>
+ <integer>0</integer>
+</dict>
+</plist>
Added: releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/musclecard.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/musclecard.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/MuscleCard/musclecard.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,38 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * musclecard.cpp - MuscleCard.tokend main program
+ */
+
+#include "MuscleCardToken.h"
+
+int main(int argc, const char *argv[])
+{
+ secdebug("tokendmuscle", "main starting with %d arguments", argc);
+ secdelay("/tmp/delay/MuscleCard");
+
+ token = new MuscleCardToken();
+ return SecTokendMain(argc, argv, token->callbacks(), token->support());
+}
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/PIV/Info.plist
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/PIV/Info.plist (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/PIV/Info.plist 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+ <key>CFBundleDevelopmentRegion</key>
+ <string>English</string>
+ <key>CFBundleExecutable</key>
+ <string>PIV</string>
+ <key>CFBundleIdentifier</key>
+ <string>com.apple.tokend.piv</string>
+ <key>CFBundleInfoDictionaryVersion</key>
+ <string>6.0</string>
+ <key>CFBundleName</key>
+ <string>PIV</string>
+ <key>CFBundlePackageType</key>
+ <string>????</string>
+ <key>CFBundleShortVersionString</key>
+ <string>2.2.1</string>
+ <key>CFBundleSignature</key>
+ <string>????</string>
+ <key>CFBundleVersion</key>
+ <string>40596</string>
+</dict>
+</plist>
Added: releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVAttributeCoder.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVAttributeCoder.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVAttributeCoder.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,70 @@
+/*
+ * Copyright (c) 2004-2007 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * PIVAttributeCoder.cpp
+ * TokendPIV
+ */
+
+/* ---------------------------------------------------------------------------
+ *
+ * This file should not need to be modified except for replacing
+ * "piv" with the name of your token
+ *
+ * ---------------------------------------------------------------------------
+*/
+
+#include "PIVAttributeCoder.h"
+
+#include "MetaAttribute.h"
+#include "MetaRecord.h"
+#include "PIVRecord.h"
+
+using namespace Tokend;
+
+//
+// PIVDataAttributeCoder
+//
+PIVDataAttributeCoder::~PIVDataAttributeCoder()
+{
+}
+
+void PIVDataAttributeCoder::decode(TokenContext *tokenContext,
+ const MetaAttribute &metaAttribute, Record &record)
+{
+ PIVRecord &pivRecord = dynamic_cast<PIVRecord &>(record);
+ record.attributeAtIndex(metaAttribute.attributeIndex(),
+ pivRecord.getDataAttribute(tokenContext));
+}
+
+//
+// PIVKeySizeAttributeCoder
+//
+PIVKeySizeAttributeCoder::~PIVKeySizeAttributeCoder() {}
+
+void PIVKeySizeAttributeCoder::decode(Tokend::TokenContext *tokenContext,
+ const Tokend::MetaAttribute &metaAttribute, Tokend::Record &record)
+{
+ uint32 keySize = dynamic_cast<PIVKeyRecord &>(record).sizeInBits();
+ record.attributeAtIndex(metaAttribute.attributeIndex(), new Attribute(keySize));
+}
Added: releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVAttributeCoder.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVAttributeCoder.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVAttributeCoder.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,74 @@
+/*
+ * Copyright (c) 2004-2007 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * PIVAttributeCoder.h
+ * TokendPIV
+ */
+
+/* ---------------------------------------------------------------------------
+ *
+ * This file should not need to be modified except for replacing
+ * "piv" with the name of your token
+ *
+ * ---------------------------------------------------------------------------
+*/
+
+#ifndef _PIVATTRIBUTECODER_H_
+#define _PIVATTRIBUTECODER_H_
+
+#include "AttributeCoder.h"
+#include <string>
+
+//
+// A coder that reads the data of an object
+//
+class PIVDataAttributeCoder : public Tokend::AttributeCoder
+{
+ NOCOPY(PIVDataAttributeCoder)
+public:
+
+ PIVDataAttributeCoder() {}
+ virtual ~PIVDataAttributeCoder();
+
+ virtual void decode(Tokend::TokenContext *tokenContext,
+ const Tokend::MetaAttribute &metaAttribute, Tokend::Record &record);
+};
+
+
+//
+// A coder that produces the LogicalKeySizeInBits of a key
+//
+class PIVKeySizeAttributeCoder : public Tokend::AttributeCoder
+{
+ NOCOPY(PIVKeySizeAttributeCoder)
+public:
+ PIVKeySizeAttributeCoder() {}
+ virtual ~PIVKeySizeAttributeCoder();
+
+ virtual void decode(Tokend::TokenContext *tokenContext, const Tokend::MetaAttribute &metaAttribute, Tokend::Record &record);
+};
+
+
+#endif /* !_PIVATTRIBUTECODER_H_ */
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVCCC.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVCCC.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVCCC.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,109 @@
+/*
+ * Copyright (c) 2004-2007 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * PIVCCC.cpp
+ * TokendPIV
+ */
+
+#include "PIVCCC.h"
+#include "PIVToken.h"
+#include "PIVError.h"
+
+#include "TLV.h"
+
+PIVCCC::PIVCCC(const byte_string &data) throw(PIVError)
+{
+ /* Upon construction, parse the input data */
+ parse(data);
+}
+
+PIVCCC::~PIVCCC()
+{
+}
+
+void PIVCCC::parse(const byte_string &data) throw(PIVError)
+{
+ /*
+ Sample CCC block
+
+ 53 44 F0 15 A0 00 00 03 08 01 02 20 50 50 00 11 07 00 00 83 58 00 00
+ 83 58 F1 01 21 F2 01 21 F3 00 F4 01 00 F5 01 10 F6 11 00 00 00 00 00
+ 00 00 00 00 00 00 00 00 00 00 00 00 F7 00 FA 00 FB 00 FC 00 FD 00 FE 00 90 00
+ */
+ // Parse the CCC as a TLV
+ TLV_ref tlv;
+ try {
+ tlv = TLV::parse(data);
+ } catch (std::runtime_error &e) {
+ PIVError::throwMe(SCARD_RETURNED_DATA_CORRUPTED);
+ }
+ // Check that the return-data tag is correct
+ if(tlv->getTag().size() != 1 || tlv->getTag()[0] != PIV_GETDATA_RESPONSE_TAG)
+ PIVError::throwMe(SCARD_RETURNED_DATA_CORRUPTED);
+
+ // Iterate over the TLV's contained values to check for desired/invalid values
+ TLVList list = tlv->getInnerValues();
+ for(TLVList::const_iterator iter = list.begin(); iter != list.end(); ++iter) {
+ // No known CCC tags of > 1 byte
+ if((*iter)->getTag().size() != 1)
+ PIVError::throwMe(SCARD_RETURNED_DATA_CORRUPTED);
+ uint8_t tag = (*iter)->getTag()[0];
+ switch (tag)
+ {
+ case PIV_CCC_TAG_CARD_IDENTIFIER: // 0xF0
+ // Store the card identifier value persistently
+ mIdentifier_content = (*iter)->getValue();
+ mIdentifier.Data = &mIdentifier_content[0];
+ mIdentifier.Length = mIdentifier_content.size();
+ break;
+ case PIV_CCC_TAG_CARD_CONTAINER_VERS: // 0xF1
+ case PIV_CCC_TAG_CARD_GRAMMAR_VERS: // 0xF2
+ case PIV_CCC_TAG_APPS_URL: // 0xF3
+ case PIV_CCC_TAG_IS_PKCS15: // 0xF4
+ case PIV_CCC_TAG_DATA_MODEL_NUMBER: // 0xF5
+ case PIV_CCC_TAG_ACL_RULE_TABLE: // 0xF6
+ case PIV_CCC_TAG_CARD_APDUS: // 0xF7
+ case PIV_CCC_TAG_REDIRECTION: // 0xFA
+ case PIV_CCC_TAG_CAPABILITY_TUPLES: // 0xFB
+ case PIV_CCC_TAG_STATUS_TUPLES: // 0xFC
+ case PIV_CCC_TAG_NEXT_CCC: // 0xFD
+ case PIV_CCC_TAG_EXTENDED_APP_URL: // 0xE3
+ case PIV_CCC_TAG_SEC_OBJECT_BUFFER: // 0xB4
+ case PIV_CCC_TAG_ERROR_DETECTION: // 0xFE
+ case 0:
+ case 0xFF:
+ // Permit these values, but throw them away
+ break;
+ default:
+ // Unknown data is an error condition
+ PIVError::throwMe(SCARD_RETURNED_DATA_CORRUPTED);
+ break;
+ }
+ }
+}
+
+std::string PIVCCC::hexidentifier() const
+{
+ return mIdentifier.toHex(); // hex string of binary blob
+}
Added: releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVCCC.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVCCC.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVCCC.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,67 @@
+/*
+ * Copyright (c) 2004-2007 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * PIVCCC.h
+ * TokendPIV
+ */
+
+#ifndef _PIVCCC_H_
+#define _PIVCCC_H_
+
+#include "PIVDefines.h"
+#include <security_cdsa_utilities/cssmdata.h>
+#include <string>
+#include "byte_string.h"
+#include "PIVError.h"
+
+class PIVCCC
+{
+public:
+ PIVCCC(const byte_string &data) throw(PIVError);
+ virtual ~PIVCCC();
+
+ const unsigned char *identifier() const { return mIdentifier; }
+ std::string hexidentifier() const;
+
+protected:
+
+ // Reference: SP 800-73-1 Appendix A
+ CssmData mIdentifier; // 0xF0 Card Identifier
+ // byte_string to contain the identifier
+ byte_string mIdentifier_content;
+
+#if 0
+ unsigned char ccversion; // Capability Container version number
+ unsigned char cgversion;
+ unsigned char mAppCardURL[128]; // 0xF3 Applications CardURL
+ bool pkcs15; // 0xF4 PKCS#15
+ unsigned char datamodelnumber; // 0xF5 Registered Data Model number
+ unsigned char mACLRuleTable[17]; // 0xF6 Access Control Rule Table
+#endif
+
+private:
+ void parse(const byte_string &data) throw(PIVError);
+};
+
+#endif /* !_PIVCCC_H_ */
Added: releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVDefines.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVDefines.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVDefines.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,404 @@
+/*
+ * Copyright (c) 2004-2007 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * PIVDefines.h
+ * TokendPIV
+ */
+
+#ifndef _PIVDEFINES_H_
+#define _PIVDEFINES_H_
+
+/*
+ For the PIV tokend, refer to NIST Specical Publication 800-73-1, "Interfaces
+ for Personal Identity Verification". The define for CLA_STANDARD comes from 2.3.3.1.1. [SP800731]
+ See Appendix A for useful codes.
+ Object identifiers: 4.2 OIDs and Tags of PIV Card Application Data Objects [SP800731]
+
+ The other publication referenced here is NIST IR 6887 - 2003 Edition (GSC-IS Version 2.1) [NISTIR6887]
+
+ Also useful is NIST Special Publication 800-85A [SP80085A]
+
+ P1 - Reference Control Parameter
+
+ See "Table 1. SP 800-73 Data Model Containers" for RID and object IDs for data objects (p 5)
+ See "Appendix A - PIV Data Model" for object IDs (p 45)
+*/
+
+#pragma mark ---------- PIV defines ----------
+
+#define PIV_CLA_STANDARD 0x00
+#define PIV_CLA_CHAIN 0x10
+#define PIV_INS_SELECT_FILE 0xA4
+#define PIV_INS_VERIFY_APDU 0x20 // SP800731 Section 2.3.3.2.1
+#define PIV_INS_CHANGE_REFERENCE_DATA 0x24 // [SP800731 7.2.2]
+#define PIV_INS_GET_DATA 0xCB // [SP800731 7.1.2]
+#define PIV_INS_GENERAL_AUTHENTICATE 0x87 // [SP800731 7.2.4]
+
+// Placeholders for fields in the APDU to be filled in programmatically
+#define TBD_ZERO 0x00
+#define TBD_FF 0xFF
+
+// These are from NISTIR6887 5.1.1.4 Select File APDU
+// They are the values for the P1 field
+#define SELECT_P1_EXPLICIT 0x00
+#define SELECT_P1_CHILDDF 0x01
+#define SELECT_P1_CHILDEF 0x02
+#define SELECT_P1_PARENTDF 0x03
+
+/*
+ Reference: [SP800731] Appendix A PIV Data Model (data sizes)
+
+ Name ID Size
+ Card Capabilities Container 0xDB00 266
+ Card Holder Unique Identifier 0x3000 3377
+ X.509 Certificates ------ 1651
+ Card Holder Fingerprints 0x6010 7768
+ Printed Information 0x3001 106
+ Card Holder Facial Image 0x6030 12704
+ Security Object 0x9000 1000
+*/
+
+#define PIV_MAX_DATA_SIZE (12704+1024) // plus some extra
+
+#pragma mark ---------- Object IDs on Token ----------
+
+/*
+ Object IDs for objects on token. All currently 3 hex bytes.
+ See 4.2 OIDs and Tags of PIV Card Application Data Objects [SP800731]
+
+ 4.1 PIV Card Application Data Objects [SP800731]
+ A PIV Card Application shall contain six mandatory data objects and five optional data object for
+ interoperable use. The six mandatory data objects for interoperable use are as follows:
+
+ 1. Card Capability Container
+ 2. Card Holder Unique Identifier
+ 3. X.509 Certificate for PIV Authentication
+ 4. Card Holder Fingerprint I
+ 5. Card Holder Fingerprint II2
+ 6. Security Object
+
+ The five optional data objects for interoperable use are as follows:
+
+ 1. Card Holder Facial Image
+ 2. Printed Information
+ 3. X.509 Certificate for PIV Digital Signature
+ 4. X.509 Certificate for PIV Key Management
+ 5. X.509 Certificate for Card Authentication
+*/
+
+// Card Capability Container 2.16.840.1.101.3.7.1.219.0 '5FC107' M
+#define PIV_OBJECT_ID_CARD_CAPABILITY_CONTAINER 0x5F, 0xC1, 0x07
+
+// Card Holder Unique Identifier 2.16.840.1.101.3.7.2.48.0 '5FC102' M [CHUID]
+#define PIV_OBJECT_ID_CARDHOLDER_UNIQUEID 0x5F, 0xC1, 0x02
+
+// Card Holder Fingerprints 2.16.840.1.101.3.7.2.96.16 '5FC103' M
+#define PIV_OBJECT_ID_CARDHOLDER_FINGERPRINTS 0x5F, 0xC1, 0x03
+
+// Printed Information 2.16.840.1.101.3.7.2.48.1 '5FC109' O
+#define PIV_OBJECT_ID_PRINTED_INFORMATION 0x5F, 0xC1, 0x09
+
+// Card Holder Facial Image 2.16.840.1.101.3.7.2.96.48 '5FC108' O
+#define PIV_OBJECT_ID_CARDHOLDER_FACIAL_IMAGE 0x5F, 0xC1, 0x08
+
+// X.509 Certificate for PIV Authentication 2.16.840.1.101.3.7.2.1.1 '5FC105' M
+#define PIV_OBJECT_ID_X509_CERTIFICATE_PIV_AUTHENTICATION 0x5F, 0xC1, 0x05
+
+// X.509 Certificate for Digital Signature 2.16.840.1.101.3.7.2.1.0 '5FC10A' O
+#define PIV_OBJECT_ID_X509_CERTIFICATE_DIGITAL_SIGNATURE 0x5F, 0xC1, 0x0A
+
+// X.509 Certificate for Key Management 2.16.840.1.101.3.7.2.1.2 '5FC10B' O
+#define PIV_OBJECT_ID_X509_CERTIFICATE_KEY_MANAGEMENT 0x5F, 0xC1, 0x0B
+
+// X.509 Certificate for Card Authentication 2.16.840.1.101.3.7.2.5.0 '5FC101' O
+#define PIV_OBJECT_ID_X509_CERTIFICATE_CARD_AUTHENTICATION 0x5F, 0xC1, 0x01
+
+// ----------------------------------------------------------------------------
+/*
+ Verify APDU [NISTIR6887 5.1.2.4]
+ Function Code 0x08
+ CLA 0x00
+ INS 0x20
+ P1 0x00
+ P2 0x00 for default key, 0x01 to 0x30 for key number
+ Lc Length of data field
+ Data Field Authentication data (i.e., password or PIN)
+ Le Empty
+
+ Note: If the Lc is 0x00 and the Data Field is empty, VERIFY returns the
+ number of tries remaining on the referenced PIN.
+
+ NB: "empty" in these documents seems to mean "not present", as opposed to zeros
+*/
+
+// 0x00 0x20 P1 P2
+#define PIV_VERIFY_APDU PIV_CLA_STANDARD, PIV_INS_VERIFY_APDU, 0x00, TBD_ZERO
+
+// Template for supplying a PIN to be verified
+// Lc
+#define PIV_VERIFY_APDU_TEMPLATE PIV_VERIFY_APDU, 0x08, TBD_FF, TBD_FF, TBD_FF, TBD_FF, \
+ TBD_FF, TBD_FF, TBD_FF, TBD_FF
+// Template used to check on the lock state only
+#define PIV_VERIFY_APDU_STATUS PIV_VERIFY_APDU, 0x00
+
+#define PIV_VERIFY_APDU_INDEX_KEY 3 // Index into APDU for PIN number (i.e. which PIN)
+#define PIV_VERIFY_APDU_INDEX_LEN 4 // Index into APDU for data length (always 8)
+#define PIV_VERIFY_APDU_INDEX_DATA 5 // Index into APDU for PIN data
+
+// Allowable values for P2 in VERIFY APDU
+// P2 0x00 for default key, 0x01 to 0x30 for key number
+#define PIV_VERIFY_KEY_NUMBER_DEFAULT 0x00
+#define PIV_VERIFY_KEY_NUMBER_MAX 0x30
+
+#define PIV_VERIFY_PIN_LENGTH_MIN 4
+#define PIV_VERIFY_PIN_LENGTH_MAX 8
+
+// ----------------------------------------------------------------------------
+/*
+ CHANGE REFERENCE DATA Card Command (i.e. change PIN) [SP800731 7.2.2]
+ Function Code 0x08
+ CLA 0x00
+ INS 0x24
+ P1 0x00
+ P2 0x00 for default key, 0x01 to 0x30 for key number
+ Lc Length of data field (always 0x10)
+ Data Field Current PIN reference data concatenated without delimitation with the
+ new PIN reference data, both PINs as described in 3.5.3
+ Le Empty
+*/
+
+#define PIV_CHANGE_REFERENCE_DATA_APDU PIV_CLA_STANDARD, PIV_INS_CHANGE_REFERENCE_DATA, 0x00, TBD_ZERO, TBD_ZERO
+// Template for supplying a PIN to be changed
+// similar to PIV_VERIFY_APDU_TEMPLATE except with space for 2 PINs
+#define PIV_CHANGE_REFERENCE_DATA_APDU_TEMPLATE \
+ PIV_CHANGE_REFERENCE_DATA_APDU, \
+ TBD_FF, TBD_FF, TBD_FF, TBD_FF, TBD_FF, TBD_FF, TBD_FF, TBD_FF, \
+ TBD_FF, TBD_FF, TBD_FF, TBD_FF, TBD_FF, TBD_FF, TBD_FF, TBD_FF, \
+ 0x00
+
+// Index into APDU for new PIN data
+#define PIV_CHANGE_REFERENCE_DATA_APDU_INDEX_DATA2 (PIV_VERIFY_APDU_INDEX_DATA + PIV_VERIFY_PIN_LENGTH_MAX)
+
+// ----------------------------------------------------------------------------
+
+/*
+ Reference: [SP800731]
+
+ 7.1.2 GET DATA Card Command
+ The GET DATA card command retrieves the data content of the single data object
+ whose tag is given in the data field.
+
+ Command Syntax
+ CLA 0x00
+ INS 0xCB
+ P1 0x3F
+ P2 0xFF
+ Lc 0x10
+ Data Field See Table 16.
+ Le Number of data content bytes to be retrieved.
+
+ Table 16. Data Objects in the Data Field of the GET DATA Card Command
+ Name Tag M/O Comment
+ Tag list 0x5C M BER-TLV tag of the data object to be retrieved. See Table 6.
+
+ Response Syntax
+ Data Field BER-TLV with the tag '53' containing in the value field the requested
+ data object.
+ SW1-SW2 Status word
+
+ SW1 SW2 Meaning
+ '61' 'xx' Successful execution where SW2 encodes the number of response
+ data bytes still available
+ '69' '82' Security status not satisfied
+ '6A' '82' Data object not found
+ '90' '00' Successful execution
+
+ Reference:
+ Get Cert
+ APDU: 00 CB 3F FF 05 5C 03 5F C1 05
+ APDU: 61 00
+
+ Get Printed Data
+ APDU: 00 CB 3F FF 05 5C 03 5F C1 09
+ APDU: 61 44
+*/
+
+// 0x00 0xCB
+#define PIV_GETDATA_APDU PIV_CLA_STANDARD, PIV_INS_GET_DATA, 0x3F, 0xFF
+// Template for getting data
+// 00 CB 3F FF Lc Tag Len OID1 OID2 OID3
+#define PIV_GETDATA_APDU_TEMPLATE PIV_GETDATA_APDU, TBD_ZERO, 0x5C, TBD_ZERO, TBD_FF, TBD_FF, TBD_FF
+
+#define PIV_GETDATA_APDU_INDEX_LEN 4 // Index into APDU for APDU data length (this is TLV<OID>) [Lc]
+#define PIV_GETDATA_APDU_INDEX_OIDLEN 6 // Index into APDU for requested length of data
+#define PIV_GETDATA_APDU_INDEX_OID 7 // Index into APDU for object ID
+
+#define PIV_GETDATA_CONT_APDU_TEMPLATE 0x00, 0xC0, 0x00, 0x00, TBD_ZERO
+
+#define PIV_GETDATA_CONT_APDU_INDEX_LEN 4 // Index into CONT APDU for requested length of data
+
+#define PIV_GETDATA_RESPONSE_TAG 0x53
+#define PIV_GETDATA_TAG_CERTIFICATE 0x70
+#define PIV_GETDATA_TAG_CERTINFO 0x71
+#define PIV_GETDATA_TAG_MSCUID 0x72
+#define PIV_GETDATA_TAG_ERRORDETECTION 0xFE
+
+/*
+ Reference: [SP800731] Appendix A PIV Data Model
+
+ CertInfo::= BIT STRING {
+ CompressionTypeMsb(0), // 0 = no compression and 1 = gzip compression.
+ CompressionTypeLsb(1), // shall be set to "0" for PIV Applications
+ IsX509(2), // shall be set to "0" for PIV Applications
+ RFU3(3),
+ RFU4(4),
+ RFU5(5),
+ RFU6(6),
+ RFU7(7)
+ }
+
+ Note: the compression mask below should only be 0x80, but NASA cards use 0x01 (??)
+*/
+#define PIV_GETDATA_COMPRESSION_MASK 0x81
+
+// ----------------------------------------------------------------------------
+
+/*
+Card Identifier 0xF0 Fixed 21
+Capability Container version number 0xF1 Fixed 1
+Capability Grammar version number 0xF2 Fixed 1
+Applications CardURL 0xF3 Variable 128
+PKCS#15 0xF4 Fixed 1
+Registered Data Model number 0xF5 Fixed 1
+Access Control Rule Table 0xF6 Fixed 17
+CARD APDUs 0xF7 Fixed 0
+Redirection Tag 0xFA Fixed 0
+Capability Tuples (CTs) 0xFB Fixed 0
+Status Tuples (STs) 0xFC Fixed 0
+*/
+
+#define PIV_CCC_TAG_CARD_IDENTIFIER 0xF0
+#define PIV_CCC_TAG_CARD_CONTAINER_VERS 0xF1
+#define PIV_CCC_TAG_CARD_GRAMMAR_VERS 0xF2
+#define PIV_CCC_TAG_APPS_URL 0xF3
+#define PIV_CCC_TAG_IS_PKCS15 0xF4
+#define PIV_CCC_TAG_DATA_MODEL_NUMBER 0xF5
+#define PIV_CCC_TAG_ACL_RULE_TABLE 0xF6
+#define PIV_CCC_TAG_CARD_APDUS 0xF7
+#define PIV_CCC_TAG_REDIRECTION 0xFA
+#define PIV_CCC_TAG_CAPABILITY_TUPLES 0xFB
+#define PIV_CCC_TAG_STATUS_TUPLES 0xFC
+#define PIV_CCC_TAG_NEXT_CCC 0xFD
+#define PIV_CCC_TAG_EXTENDED_APP_URL 0xE3
+#define PIV_CCC_TAG_SEC_OBJECT_BUFFER 0xB4
+#define PIV_CCC_TAG_ERROR_DETECTION 0xFE
+
+#define PIV_CCC_SZ_CARD_IDENTIFIER 21
+
+// ----------------------------------------------------------------------------
+
+/*
+ Reference: [SP800-78-1] 6. Identifiers for PIV Card Interfaces
+
+ Key References:
+*/
+#define PIV_KEYREF_PIV_AUTHENTICATION 0x9A
+#define PIV_KEYREF_PIV_CARD_MANAGEMENT 0x9B
+#define PIV_KEYREF_PIV_DIGITAL_SIGNATURE 0x9C
+#define PIV_KEYREF_PIV_KEY_MANAGEMENT 0x9D
+#define PIV_KEYREF_PIV_CARD_AUTHENTICATION 0x9E
+
+/*
+ Algorithm Identifiers:
+ (Listing Only RSA)
+*/
+/* NOTE: After 2008/12/31 user keys will no longer be issued as 1024 */
+#define PIV_KEYALG_RSA_1024 0x06
+#define PIV_KEYALG_RSA_2048 0x07
+
+/*
+ Reference: [SP800-73-1]
+
+ 7.2.4 General Authenticate Command
+ The GENERAL AUTHENTICATE card command performs a cryptographic operation such as an
+ authentication protocol using the data provided in the data field of the command and returns the result of
+ the cryptographic operation in the response data field.
+ The GENERAL AUTHENTICATE command shall be used to authenticate the card or a card application
+ to the client-application (INTERNAL AUTHENTICATE), to authenticate an entity to the card
+ (EXTERNAL AUTHENTICATE), and to perform a mutual authentication between the card and an entity
+ external to the card (MUTUAL AUTHENTICATE).
+ The GENERAL AUTHENTICATE command shall be used to realize the signing functionality on the
+ PIV client-application programming interface. Data sent to the card is expected to be hashed off-card.
+ The GENERAL AUTHENTICATE command supports command chaining to permit the uninterrupted
+ transmission of long command data fields to the PIV Card Application. If a card command other than the
+ GENERAL AUTHENTICATICATE command is received by the PIV Card Application before the
+ termination of a GENERAL AUTHENTICATE chain, the PIV Card Application shall rollback to the
+ state it was in immediately prior to the reception of the first command in the interrupted chain. In other
+ words, an interrupted GENERAL AUTHENTICATE chain has no effect on the PIV Card Application.
+
+ Command Syntax
+ CLA '00' or '10' indicating command chaining.
+ INS '87'
+ P1 Algorithm reference
+ P2 Key reference
+ Lc Length of data field
+ Data Field See Table 17.
+ Le Absent or length of expected response
+
+ Table 17. Data Objects in the Dynamic Authentication Template (Tag '7C')
+ Name Tag M/O Description
+ Witness '80' C Demonstration of knowledge of a fact without revealing
+ the fact. An empty witness is a request for a witness.
+ Challenge '81' C One or more random numbers or byte sequences to be
+ used in the authentication protocol.
+ Response '82' C A sequence of bytes encoding a response step in an
+ authentication protocol.
+ Committed '83' C Hash-code of a large random number including one or
+ challenge more challenges
+ Authentication '84' C Hash-code of one or more data fields and a witness data code object.
+
+ The data objects that appear in the dynamic authentication template (tag '7C') in the data field of the
+ GENERAL AUTHENTICATE card command depend on the authentication protocol being executed.
+
+ Response Syntax
+ Data Field Absent or authentication-related data
+ SW1-SW2 Status word
+
+ == How to use for signing/decrypting ==
+ Build output data structure:
+ 0x7C BER-LENGTH // Dynamic Auth Template
+ 0x82 0x00 // Request for Response
+ 0x81 BER-LENGTH // 'Challenge' the card for crypto
+ data
+ Assuming 256-bytes sendable each time
+ while remaining data left
+ if there will be more after this
+ SEND 0x10 0x87 ALG KEY LEN (data chunk)
+ else
+ SEND 0x00 0x87 ALG KEY LEN (data chunk)
+*/
+
+// ----------------------------------------------------------------------------
+
+#endif /* !_PIVDEFINES_H_ */
Added: releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVError.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVError.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVError.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,114 @@
+/*
+ * Copyright (c) 2004-2007 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * PIVError.cpp
+ * TokendPIV
+ */
+
+/* ---------------------------------------------------------------------------
+ *
+ * MODIFY
+ * - Fill in your token specific error codes below
+ *
+ * ---------------------------------------------------------------------------
+*/
+
+/*
+ Errors:
+ card blocked: shall not be made and the PIV Card Application shall return the status word '69 83'.
+*/
+
+#include "PIVError.h"
+
+#include <Security/cssmerr.h>
+
+//
+// PIVError exceptions
+//
+PIVError::PIVError(uint16_t sw) : SCardError(sw)
+{
+#if MAX_OS_X_VERSION_MIN_REQUIRED <= MAX_OS_X_VERSION_10_5
+ IFDEBUG(debugDiagnose(this));
+#else
+ SECURITY_EXCEPTION_THROW_OTHER(this, sw, (char *)"PIV");
+#endif
+}
+
+PIVError::~PIVError() throw ()
+{
+}
+
+const char *PIVError::what() const throw ()
+{ return "PIV error"; }
+
+OSStatus PIVError::osStatus() const
+{
+ switch (statusWord)
+ {
+ case PIV_AUTHENTICATION_FAILED_0:
+ case PIV_AUTHENTICATION_FAILED_1:
+ case PIV_AUTHENTICATION_FAILED_2:
+ case PIV_AUTHENTICATION_FAILED_3:
+ return CSSM_ERRCODE_OPERATION_AUTH_DENIED;
+ // At least leave the default case
+ default:
+ return SCardError::osStatus();
+ }
+}
+
+void PIVError::throwMe(uint16_t sw)
+{ throw PIVError(sw); }
+
+#if !defined(NDEBUG)
+
+#if MAX_OS_X_VERSION_MIN_REQUIRED <= MAX_OS_X_VERSION_10_5
+
+void PIVError::debugDiagnose(const void *id) const
+{
+ secdebug("exception", "%p PIVError %s (%04hX)",
+ id, errorstr(statusWord), statusWord);
+}
+
+#endif // MAX_OS_X_VERSION_MIN_REQUIRED <= MAX_OS_X_VERSION_10_5
+
+const char *PIVError::errorstr(uint16_t sw) const
+{
+ switch (sw)
+ {
+ case PIV_AUTHENTICATION_FAILED_0:
+ return "Authentication failed, 0 retries left.";
+ case PIV_AUTHENTICATION_FAILED_1:
+ return "Authentication failed, 1 retry left.";
+ case PIV_AUTHENTICATION_FAILED_2:
+ return "Authentication failed, 2 retries left.";
+ case PIV_AUTHENTICATION_FAILED_3:
+ return "Authentication failed, 3 retries left.";
+ // At least leave the default case
+ default:
+ return SCardError::errorstr(sw);
+ }
+}
+
+#endif //NDEBUG
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVError.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVError.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVError.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,72 @@
+/*
+ * Copyright (c) 2004-2007 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * PIVError.h
+ * TokendPIV
+ */
+
+/* ---------------------------------------------------------------------------
+ *
+ * MODIFY
+ * - Fill in your token specific error codes below
+ *
+ * ---------------------------------------------------------------------------
+*/
+
+#ifndef _PIVERROR_H_
+#define _PIVERROR_H_
+
+#include "SCardError.h"
+
+
+/** Entered PIN is not correct and pin was blocked. */
+#define PIV_AUTHENTICATION_FAILED_0 0x6300
+/** Entered PIN is not correct, 1 try left. */
+#define PIV_AUTHENTICATION_FAILED_1 0x6301
+/** Entered PIN is not correct, 2 tries left. */
+#define PIV_AUTHENTICATION_FAILED_2 0x6302
+/** Entered PIN is not correct, 3 tries left. */
+#define PIV_AUTHENTICATION_FAILED_3 0x6303
+
+class PIVError : public Tokend::SCardError
+{
+protected:
+ PIVError(uint16_t sw);
+ virtual ~PIVError() throw ();
+public:
+ OSStatus osStatus() const;
+ virtual const char *what () const throw ();
+
+ static void check(uint16_t sw) { if (sw != SCARD_SUCCESS) throwMe(sw); }
+ static void throwMe(uint16_t sw) __attribute__((noreturn));
+
+protected:
+#if MAX_OS_X_VERSION_MIN_REQUIRED <= MAX_OS_X_VERSION_10_5
+ IFDEBUG(void debugDiagnose(const void *id) const;)
+#endif
+ IFDEBUG(const char *errorstr(uint16_t sw) const;)
+};
+
+#endif /* !_CACERROR_H_ */
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVKeyHandle.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVKeyHandle.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVKeyHandle.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,211 @@
+/*
+ * Copyright (c) 2004-2007 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * PIVKeyHandle.cpp
+ * TokendPIV
+ */
+
+#include "PIVKeyHandle.h"
+
+#include "PIVRecord.h"
+#include "PIVToken.h"
+
+#include <security_utilities/debugging.h>
+#include <security_utilities/utilities.h>
+#include <security_cdsa_utilities/cssmerrors.h>
+#include <Security/cssmerr.h>
+
+#include "byte_string.h"
+
+#include "PIVUtilities.h"
+#include "Padding.h"
+
+//
+// PIVKeyHandle
+//
+PIVKeyHandle::PIVKeyHandle(PIVToken &pivToken,
+ const Tokend::MetaRecord &metaRecord, PIVKeyRecord &pivKey) :
+ Tokend::KeyHandle(metaRecord, &pivKey),
+ mToken(pivToken),
+ mKey(pivKey)
+{
+}
+
+PIVKeyHandle::~PIVKeyHandle()
+{
+}
+
+void PIVKeyHandle::getKeySize(CSSM_KEY_SIZE &keySize)
+{
+ secdebug("crypto", "getKeySize");
+ keySize.LogicalKeySizeInBits = mKey.sizeInBits();
+ keySize.EffectiveKeySizeInBits = mKey.sizeInBits();
+}
+
+uint32 PIVKeyHandle::getOutputSize(const Context &context, uint32 inputSize,
+ bool encrypting)
+{
+ secdebug("crypto", "getOutputSize");
+ if (encrypting)
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+ return inputSize; //accurate for crypto used on PIV cards
+}
+
+
+void PIVKeyHandle::generateSignature(const Context &context,
+ CSSM_ALGORITHMS alg, const CssmData &input, CssmData &signature)
+{
+ // MODIFY: This routine may have to be modified
+ // See comment at top of file
+ secdebug("crypto", "generateSignature alg: %u sigAlg: %u",
+ context.algorithm(), alg);
+ IFDUMPING("crypto", context.dump("signature context"));
+
+ if (context.type() != CSSM_ALGCLASS_SIGNATURE)
+ CssmError::throwMe(CSSMERR_CSP_INVALID_CONTEXT);
+
+ if (context.algorithm() != CSSM_ALGID_RSA)
+ CssmError::throwMe(CSSMERR_CSP_INVALID_ALGORITHM);
+
+ // Create an input buffer in which we construct the data we will send to the token.
+ byte_string inputData(input.Data, input.Data + input.Length);
+
+ // Get padding, but default to pkcs1 style padding
+ uint32 padding = CSSM_PADDING_PKCS1;
+ context.getInt(CSSM_ATTRIBUTE_PADDING, padding);
+
+ Padding::apply(inputData, mKey.sizeInBits() / 8, padding, alg);
+
+ // @@@ Switch to using tokend allocators
+ /* Use ref to a new buffer item to keep the data around after the function ends */
+ size_t keyLength = mKey.sizeInBits() / 8;
+ byte_string outputData;
+ outputData.reserve(keyLength);
+
+ const AccessCredentials *cred = context.get<const AccessCredentials>(CSSM_ATTRIBUTE_ACCESS_CREDENTIALS);
+ // Sign the inputData using the token
+ mKey.computeCrypt(mToken, true, cred, inputData, outputData);
+
+ signature.Data = malloc_copy(outputData);
+ signature.Length = outputData.size();
+}
+
+void PIVKeyHandle::verifySignature(const Context &context,
+ CSSM_ALGORITHMS signOnly, const CssmData &input, const CssmData &signature)
+{
+ secdebug("crypto", "verifySignature");
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+}
+
+void PIVKeyHandle::generateMac(const Context &context,
+ const CssmData &input, CssmData &output)
+{
+ secdebug("crypto", "generateMac");
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+}
+
+void PIVKeyHandle::verifyMac(const Context &context,
+ const CssmData &input, const CssmData &compare)
+{
+ secdebug("crypto", "verifyMac");
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+}
+
+void PIVKeyHandle::encrypt(const Context &context,
+ const CssmData &clear, CssmData &cipher)
+{
+ secdebug("crypto", "encrypt");
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+}
+
+void PIVKeyHandle::decrypt(const Context &context,
+ const CssmData &cipher, CssmData &clear)
+{
+ // MODIFY: This routine may have to be modified
+ // See comment at top of file
+ secdebug("crypto", "decrypt alg: %u", context.algorithm());
+ IFDUMPING("crypto", context.dump("decrypt context"));
+
+ if (context.type() != CSSM_ALGCLASS_ASYMMETRIC)
+ CssmError::throwMe(CSSMERR_CSP_INVALID_CONTEXT);
+
+ if (context.algorithm() != CSSM_ALGID_RSA)
+ CssmError::throwMe(CSSMERR_CSP_INVALID_ALGORITHM);
+
+ /* Check for supported padding */
+ uint32 padding = context.getInt(CSSM_ATTRIBUTE_PADDING);
+ if(!Padding::canRemove(padding))
+ CssmError::throwMe(CSSMERR_CSP_INVALID_ATTR_PADDING);
+
+ size_t keyLength = mKey.sizeInBits() / 8;
+ if (cipher.length() % keyLength != 0)
+ CssmError::throwMe(CSSMERR_CSP_INPUT_LENGTH_ERROR);
+
+ // @@@ Use a secure allocator for this.
+ /* Use ref to a new buffer item to keep the data around after the function ends */
+ byte_string outputData;
+ outputData.reserve(cipher.Length);
+ // --- support for multiples of keyLength by doing multiple blocks
+ for(size_t i = 0; i < cipher.Length; i += keyLength) {
+ byte_string inputData(cipher.Data + i, cipher.Data + i + keyLength);
+ byte_string tmpOutput;
+ tmpOutput.reserve(keyLength);
+ secdebug("crypto", "decrypt: card supports RSA_NOPAD");
+ const AccessCredentials *cred = context.get<const AccessCredentials>(CSSM_ATTRIBUTE_ACCESS_CREDENTIALS);
+ // Decrypt the inputData using the token
+ mKey.computeCrypt(mToken, false, cred, inputData, tmpOutput);
+ Padding::remove(tmpOutput, padding);
+ outputData += tmpOutput;
+ /* Clear out temporary output */
+ secure_zero(tmpOutput);
+ }
+
+ clear.Data = malloc_copy(outputData);
+ clear.Length = outputData.size();
+}
+
+void PIVKeyHandle::exportKey(const Context &context,
+ const AccessCredentials *cred, CssmKey &wrappedKey)
+{
+ secdebug("crypto", "exportKey");
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+}
+
+//
+// PIVKeyHandleFactory
+//
+PIVKeyHandleFactory::~PIVKeyHandleFactory()
+{
+}
+
+
+Tokend::KeyHandle *PIVKeyHandleFactory::keyHandle(
+ Tokend::TokenContext *tokenContext, const Tokend::MetaRecord &metaRecord,
+ Tokend::Record &record) const
+{
+ PIVKeyRecord &key = dynamic_cast<PIVKeyRecord &>(record);
+ PIVToken &pivToken = static_cast<PIVToken &>(*tokenContext);
+ return new PIVKeyHandle(pivToken, metaRecord, key);
+}
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVKeyHandle.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVKeyHandle.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVKeyHandle.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,103 @@
+/*
+ * Copyright (c) 2004-2007 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * PIVKeyHandle.h
+ * TokendPIV
+ */
+
+#ifndef _PIVKEYHANDLE_H_
+#define _PIVKEYHANDLE_H_
+
+#include "KeyHandle.h"
+
+#include <deque>
+#include "byte_string.h"
+#include "SecureBufferAllocator.h"
+
+class PIVToken;
+class PIVKeyRecord;
+
+//
+// A KeyHandle object which implements the crypto interface to piv.
+//
+class PIVKeyHandle: public Tokend::KeyHandle
+{
+ NOCOPY(PIVKeyHandle)
+public:
+ PIVKeyHandle(PIVToken &cacToken, const Tokend::MetaRecord &metaRecord,
+ PIVKeyRecord &cacKey);
+ ~PIVKeyHandle();
+
+ virtual void getKeySize(CSSM_KEY_SIZE &keySize);
+ virtual uint32 getOutputSize(const Context &context, uint32 inputSize,
+ bool encrypting);
+ virtual void generateSignature(const Context &context,
+ CSSM_ALGORITHMS signOnly, const CssmData &input, CssmData &signature);
+ virtual void verifySignature(const Context &context,
+ CSSM_ALGORITHMS alg, const CssmData &input,
+ const CssmData &signature);
+ virtual void generateMac(const Context &context, const CssmData &input,
+ CssmData &output);
+ virtual void verifyMac(const Context &context, const CssmData &input,
+ const CssmData &compare);
+ virtual void encrypt(const Context &context, const CssmData &clear,
+ CssmData &cipher);
+ /* Implemented such that the decrypted data has limited external exposure
+ * Value is, however, cached until destroyed */
+ virtual void decrypt(const Context &context, const CssmData &cipher,
+ CssmData &clear);
+
+ virtual void exportKey(const Context &context,
+ const AccessCredentials *cred, CssmKey &wrappedKey);
+private:
+ PIVToken &mToken;
+ PIVKeyRecord &mKey;
+ /* Fixed queue of crypto data to keep the CssmData values used
+ * so that when the Key Handle keys away, the CssmData references go away.
+ * Fixed queue to prevent unbounded growth.
+ * TODO: Need spec on how to do this 'right' -- preferred setup would be for
+ * the data buffer be provided
+ */
+// static const unsigned MAX_BUFFERS = 2;
+// SecureBufferAllocator<MAX_BUFFERS> bufferAllocator;
+};
+
+
+//
+// A factory that creates PIVKeyHandle objects.
+//
+class PIVKeyHandleFactory : public Tokend::KeyHandleFactory
+{
+ NOCOPY(PIVKeyHandleFactory)
+public:
+ PIVKeyHandleFactory() {}
+ virtual ~PIVKeyHandleFactory();
+
+ virtual Tokend::KeyHandle *keyHandle(Tokend::TokenContext *tokenContext,
+ const Tokend::MetaRecord &metaRecord, Tokend::Record &record) const;
+};
+
+
+#endif /* !_PIVKEYHANDLE_H_ */
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVRecord.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVRecord.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVRecord.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,281 @@
+/*
+ * Copyright (c) 2004-2007 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * PIVRecord.cpp
+ * TokendPIV
+ */
+
+#include "PIVRecord.h"
+#include "PIVDefines.h"
+
+#include "PIVError.h"
+#include "PIVToken.h"
+#include "Attribute.h"
+#include "MetaAttribute.h"
+#include "MetaRecord.h"
+#include <security_cdsa_client/aclclient.h>
+#include <Security/SecKey.h>
+
+#include <algorithm> /* min, find_if */
+
+#include "TLV.h"
+#include "PIVUtilities.h"
+
+//
+// PIVRecord
+//
+PIVRecord::~PIVRecord()
+{
+}
+
+//
+// PIVDataRecord
+//
+PIVDataRecord::~PIVDataRecord()
+{
+}
+
+
+//
+// PIVCertificateRecord
+//
+PIVCertificateRecord::~PIVCertificateRecord()
+{
+}
+
+//
+// PIVProtectedRecord
+//
+PIVProtectedRecord::~PIVProtectedRecord()
+{
+}
+
+void PIVProtectedRecord::getAcl(const char *tag, uint32 &count, AclEntryInfo *&acls)
+{
+ if (!mAclEntries) {
+ mAclEntries.allocator(Allocator::standard());
+ // Reading this object's data requires PIN1
+ mAclEntries.add(CssmClient::AclFactory::PinSubject(
+ mAclEntries.allocator(), 1),
+ AclAuthorizationSet(CSSM_ACL_AUTHORIZATION_DB_READ, 0));
+ }
+ count = mAclEntries.size();
+ acls = mAclEntries.entries();
+}
+
+Tokend::Attribute *PIVDataRecord::getDataAttribute(Tokend::TokenContext *tokenContext)
+{
+ PIVToken &pivToken = dynamic_cast<PIVToken &>(*tokenContext);
+ if(mAllowCaching && lastAttribute.get())
+ return lastAttribute.get();
+
+ byte_string data;
+
+ pivToken.getDataCore(mApplication, description(), mIsCertificate, mAllowCaching, data);
+ /* Tokend::Attribute creates a copy of data */
+ lastAttribute.reset(new Tokend::Attribute(&data[0], data.size()));
+ return lastAttribute.get();
+}
+
+//
+// PIVKeyRecord
+//
+PIVKeyRecord::PIVKeyRecord(const unsigned char *application, size_t applicationSize,
+ const char *description, const Tokend::MetaRecord &metaRecord,
+ unsigned char keyRef, size_t keySize) :
+ PIVRecord(application, applicationSize, description),
+ keyRef(keyRef), keySize(keySize)
+{
+ /* Allow all keys to decrypt, unwrap, sign */
+ attributeAtIndex(metaRecord.metaAttribute(kSecKeyDecrypt).attributeIndex(),
+ new Tokend::Attribute(true));
+ attributeAtIndex(metaRecord.metaAttribute(kSecKeyUnwrap).attributeIndex(),
+ new Tokend::Attribute(true));
+ attributeAtIndex(metaRecord.metaAttribute(kSecKeySign).attributeIndex(),
+ new Tokend::Attribute(true));
+}
+
+PIVKeyRecord::~PIVKeyRecord()
+{
+}
+
+size_t PIVKeyRecord::sizeInBits() const {
+ return keySize;
+}
+
+/*
+ MODIFY - This is where most of the crypto functions end up, and
+ this will be the main place to actually talk with the token.
+*/
+
+void PIVKeyRecord::computeCrypt(PIVToken &pivToken, bool sign, // MODIFY
+ const AccessCredentials *cred,
+ const byte_string &data, byte_string &output)
+{
+ if (data.size() != sizeInBits() / 8)
+ CssmError::throwMe(CSSMERR_CSP_BLOCK_SIZE_MISMATCH);
+
+ /* Allow all key usage, certificates determine validity */
+ unsigned char algRef;
+ switch (sizeInBits()) {
+ case 1024:
+ algRef = PIV_KEYALG_RSA_1024;
+ break;
+ case 2048:
+ algRef = PIV_KEYALG_RSA_2048;
+ break;
+ default:
+ /* Cannot use a key ~= 1024 or 2048 bits yet */
+ CssmError::throwMe(CSSMERR_CSP_KEY_USAGE_INCORRECT);
+ break;
+ }
+
+ /* Build the BER-Encoded message */
+ /* Template: 0x7C L { 0x82 0x00, 0x81 L data } .. 2 tag+lengths + 1 tag-0 */
+ TLVList commandList;
+ commandList.push_back(TLV_ref(new TLV(0x81, data)));
+ commandList.push_back(TLV_ref(new TLV(0x82)));
+ TLV_ref command = TLV_ref(new TLV(0x7C, commandList));
+
+ /* TODO: Evaluate result length handling */
+ /* At least enough to contain BER-TLV */
+ size_t resultLength = sizeInBits() / 8;
+ resultLength += 1 + TLV::encodedLength(resultLength); // RESPONSE
+ resultLength += 1 + 1; // Potential empty response-tlv
+ resultLength += 1 + TLV::encodedLength(resultLength); // TLV containing response
+ /* Round out resultLength to a multiple of 256 */
+ resultLength = resultLength + resultLength % 256 + 256;
+ // Ensure that there's enough space to prevent unnecessary resizing
+ output.reserve(resultLength);
+
+ PCSC::Transaction _(pivToken);
+ pivToken.selectDefault();
+ /* Support for the signing key w/ user-consent pin */
+ if (cred)
+ {
+ uint32 size = cred->size();
+ for (uint32 ix = 0; ix < size; ++ix)
+ {
+ const TypedList &sample = (*cred)[ix];
+ if (sample.type() == CSSM_SAMPLE_TYPE_PROMPTED_PASSWORD
+ && sample.length() == 2)
+ {
+ CssmData &pin = sample[1].data();
+ if (pin.Length > 0)
+ {
+ pivToken.verifyPIN(1, pin.Data, pin.Length);
+ break;
+ }
+ else if (pin.Length == 0)
+ {
+ // %%% <rdar://4334623>
+ // PIN previously verified by securityd;
+ // continue to look at remaining samples
+ }
+ else
+ {
+ CssmError::throwMe(CSSM_ERRCODE_SAMPLE_VALUE_NOT_SUPPORTED);
+ }
+ }
+ }
+ }
+
+ byte_string commandString = command->encode();
+ PIVError::check(pivToken.exchangeChainedAPDU(0x00, 0x87, algRef, keyRef, commandString, output));
+
+ /* DECODE 0x7C */
+ TLV_ref tlv;
+ try {
+ tlv = TLV::parse(output);
+ } catch(...) {
+ secure_zero(output);
+ PIVError::throwMe(SCARD_RETURNED_DATA_CORRUPTED);
+ }
+ secure_zero(output);
+ if(tlv->getTag() != (unsigned char*)"\x7C") {
+ secdebug("piv", " %s: computeCrypt: missing response tag: 0x%.2X",
+ description(), 0x7C);
+ PCSC::Error::throwMe(SCARD_E_PROTO_MISMATCH);
+ }
+ byte_string tagData;
+ try {
+ TLVList list = tlv->getInnerValues();
+ TLVList::const_iterator iter = find_if(list.begin(), list.end(), TagPredicate(0x82));
+ if(iter != list.end())
+ tagData = (*iter)->getValue();
+ } catch(...) {
+ }
+ if(tagData.size() == 0) {
+ secdebug("piv", " %s: computeCrypt: missing response value tag: 0x%.2X",
+ description(), 0x82);
+ PCSC::Error::throwMe(SCARD_E_PROTO_MISMATCH);
+ }
+
+ if(tagData.size() != sizeInBits() / 8) { // Not enough data at all..
+ secure_zero(tagData);
+ secdebug("piv", " %s: computeCrypt: expected contained response length: %ld, got: %ld",
+ description(), sizeInBits() / 8, tagData.size());
+ PCSC::Error::throwMe(SCARD_E_PROTO_MISMATCH);
+ }
+
+ output.swap(tagData);
+ /* zero-out tagData */
+ secure_zero(tagData);
+}
+
+void PIVKeyRecord::getAcl(const char *tag, uint32 &count, AclEntryInfo *&acls)
+{
+ if (!mAclEntries) {
+ mAclEntries.allocator(Allocator::standard());
+ // Anyone can read the DB record for this key (which is a reference
+ // CSSM_KEY)
+ mAclEntries.add(CssmClient::AclFactory::AnySubject(
+ mAclEntries.allocator()),
+ AclAuthorizationSet(CSSM_ACL_AUTHORIZATION_DB_READ, 0));
+
+ CssmData prompt;
+ char tmptag[20];
+ const uint32 slot = 1; // hardwired for now, but...
+ snprintf(tmptag, sizeof(tmptag), "PIN%d", slot);
+
+ if(isUserConsent()) { // PIN1 must be entered every time
+ mAclEntries.add(
+ CssmClient::AclFactory::PromptPWSubject(mAclEntries.allocator(), prompt),
+ AclAuthorizationSet(CSSM_ACL_AUTHORIZATION_SIGN, CSSM_ACL_AUTHORIZATION_DECRYPT, 0),
+ tmptag);
+ } else {
+ // Using this key to sign or decrypt will require PIN1
+ mAclEntries.add(CssmClient::AclFactory::PinSubject(
+ mAclEntries.allocator(), 1),
+ AclAuthorizationSet(CSSM_ACL_AUTHORIZATION_SIGN, CSSM_ACL_AUTHORIZATION_DECRYPT, 0),
+ tmptag);
+ }
+ }
+ count = mAclEntries.size();
+ acls = mAclEntries.entries();
+}
+
+bool PIVKeyRecord::isUserConsent() const {
+ return keyRef == PIV_KEYREF_PIV_DIGITAL_SIGNATURE;
+}
Added: releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVRecord.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVRecord.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVRecord.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,122 @@
+/*
+ * Copyright (c) 2004-2007 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * PIVRecord.h
+ * TokendPIV
+ */
+
+#ifndef _PIVRECORD_H_
+#define _PIVRECORD_H_
+
+#include "Record.h"
+
+#include "byte_string.h"
+
+class PIVToken;
+
+class PIVRecord : public Tokend::Record
+{
+ NOCOPY(PIVRecord)
+public:
+ PIVRecord(const unsigned char *application, size_t applicationSize, const char *description) :
+ mApplication(application, application + applicationSize), mDescription(description) {}
+ virtual ~PIVRecord();
+
+ virtual const char *description() { return mDescription.c_str(); }
+
+protected:
+ const unsigned char *application() const { return &mApplication[0]; }
+
+protected:
+ const byte_string mApplication;
+ const std::string mDescription;
+};
+
+
+class PIVKeyRecord : public PIVRecord
+{
+ NOCOPY(PIVKeyRecord)
+public:
+ PIVKeyRecord(const unsigned char *application, size_t applicationSize, const char *description,
+ const Tokend::MetaRecord &metaRecord, unsigned char keyRef, size_t keySize);
+ virtual ~PIVKeyRecord();
+
+ size_t sizeInBits() const;
+ void computeCrypt(PIVToken &pivToken, bool sign, const AccessCredentials *cred,
+ const byte_string& data_type, byte_string &output);
+
+ virtual void getAcl(const char *tag, uint32 &count,
+ AclEntryInfo *&aclList);
+private:
+ AutoAclEntryInfoList mAclEntries;
+ const unsigned char keyRef;
+ bool isUserConsent() const;
+ size_t keySize;
+};
+
+
+class PIVDataRecord : public PIVRecord
+{
+ NOCOPY(PIVDataRecord)
+public:
+ PIVDataRecord(const unsigned char *application, size_t applicationSize, const char *description) :
+ PIVRecord(application, applicationSize, description), mIsCertificate(false), mAllowCaching(true) {}
+ virtual ~PIVDataRecord();
+
+ virtual Tokend::Attribute *getDataAttribute(Tokend::TokenContext *tokenContext);
+
+protected:
+
+ bool mIsCertificate;
+ bool mAllowCaching;
+ /* Added to permit caching on-demand as well as keep the string values around long enough to send
+ * to securityd */
+ auto_ptr<Tokend::Attribute> lastAttribute;
+};
+
+class PIVCertificateRecord : public PIVDataRecord
+{
+ NOCOPY(PIVCertificateRecord)
+public:
+ PIVCertificateRecord(const unsigned char *application, size_t applicationSize,
+ const char *description) :
+ PIVDataRecord(application, applicationSize, description) {mIsCertificate = true; mAllowCaching = true; }
+ virtual ~PIVCertificateRecord();
+};
+
+class PIVProtectedRecord : public PIVDataRecord
+{
+ NOCOPY(PIVProtectedRecord)
+public:
+ PIVProtectedRecord(const unsigned char *application, size_t applicationSize, const char *description) :
+ PIVDataRecord(application, applicationSize, description) {mIsCertificate = false; mAllowCaching = false; }
+ virtual ~PIVProtectedRecord();
+
+ virtual void getAcl(const char *tag, uint32 &count,
+ AclEntryInfo *&aclList);
+private:
+ AutoAclEntryInfoList mAclEntries;
+};
+
+#endif /* !_PIVRECORD_H_ */
Added: releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVSchema.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVSchema.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVSchema.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,105 @@
+/*
+ * Copyright (c) 2004-2007 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * PIVSchema.cpp
+ * TokendPIV
+ */
+
+/* ---------------------------------------------------------------------------
+ *
+ * MODIFY
+ * - Change key size if necessary
+ *
+ * ---------------------------------------------------------------------------
+*/
+
+#include "PIVSchema.h"
+
+#include "MetaAttribute.h"
+#include "MetaRecord.h"
+
+#include <Security/SecCertificate.h>
+#include <Security/SecKeychainItem.h>
+#include <Security/SecKey.h>
+
+using namespace Tokend;
+
+PIVSchema::PIVSchema() :
+ mKeyAlgorithmCoder(uint32(CSSM_ALGID_RSA))
+{
+}
+
+PIVSchema::~PIVSchema()
+{
+}
+
+Tokend::Relation *PIVSchema::createKeyRelation(CSSM_DB_RECORDTYPE keyType)
+{
+ Relation *rn = createStandardRelation(keyType);
+
+ // Set up coders for key records.
+ MetaRecord &mr = rn->metaRecord();
+ mr.keyHandleFactory(&mPIVKeyHandleFactory);
+
+ // Print name of a key might as well be the key name.
+ mr.attributeCoder(kSecKeyPrintName, &mDescriptionCoder);
+
+ // Other key valuess
+ mr.attributeCoder(kSecKeyKeyType, &mKeyAlgorithmCoder);
+ mr.attributeCoder(kSecKeyKeySizeInBits, &mKeySizeCoder);
+ mr.attributeCoder(kSecKeyEffectiveKeySize, &mKeySizeCoder);
+
+ // Key attributes
+ mr.attributeCoder(kSecKeyExtractable, &mFalseCoder);
+ mr.attributeCoder(kSecKeySensitive, &mTrueCoder);
+ mr.attributeCoder(kSecKeyModifiable, &mFalseCoder);
+ mr.attributeCoder(kSecKeyPrivate, &mTrueCoder);
+ mr.attributeCoder(kSecKeyNeverExtractable, &mTrueCoder);
+ mr.attributeCoder(kSecKeyAlwaysSensitive, &mTrueCoder);
+
+ // Key usage
+ mr.attributeCoder(kSecKeyEncrypt, &mFalseCoder);
+ mr.attributeCoder(kSecKeyWrap, &mFalseCoder);
+ mr.attributeCoder(kSecKeyVerify, &mFalseCoder);
+ mr.attributeCoder(kSecKeyDerive, &mFalseCoder);
+ mr.attributeCoder(kSecKeySignRecover, &mFalseCoder);
+ mr.attributeCoder(kSecKeyVerifyRecover, &mFalseCoder);
+
+ return rn;
+}
+
+void PIVSchema::create()
+{
+ Schema::create();
+
+ createStandardRelation(CSSM_DL_DB_RECORD_X509_CERTIFICATE);
+ createKeyRelation(CSSM_DL_DB_RECORD_PRIVATE_KEY);
+
+ Relation *rn_gen = createStandardRelation(CSSM_DL_DB_RECORD_GENERIC);
+
+ // Create the generic table
+ MetaRecord &mr_gen = rn_gen->metaRecord();
+ mr_gen.attributeCoderForData(&mPIVDataAttributeCoder);
+}
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVSchema.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVSchema.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVSchema.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,65 @@
+/*
+ * Copyright (c) 2004-2007 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * PIVSchema.h
+ * TokendPIV
+ */
+
+#ifndef _PIVSCHEMA_H_
+#define _PIVSCHEMA_H_
+
+#include "Schema.h"
+#include "PIVAttributeCoder.h"
+#include "PIVKeyHandle.h"
+
+namespace Tokend
+{
+ class Relation;
+ class MetaRecord;
+ class AttributeCoder;
+}
+
+class PIVSchema : public Tokend::Schema
+{
+ NOCOPY(PIVSchema)
+public:
+ PIVSchema();
+ virtual ~PIVSchema();
+
+ virtual void create();
+
+protected:
+ Tokend::Relation *createKeyRelation(CSSM_DB_RECORDTYPE keyType);
+
+private:
+ // Coders we need.
+ PIVDataAttributeCoder mPIVDataAttributeCoder;
+
+ Tokend::ConstAttributeCoder mKeyAlgorithmCoder;
+ PIVKeySizeAttributeCoder mKeySizeCoder;
+
+ PIVKeyHandleFactory mPIVKeyHandleFactory;
+};
+
+#endif /* !_PIVSCHEMA_H_ */
Added: releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVToken.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVToken.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVToken.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,1016 @@
+/*
+ * Copyright (c) 2004-2007 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * PIVToken.cpp
+ * TokendPIV
+ */
+
+#include "PIVToken.h"
+#include "PIVDefines.h"
+#include "PIVCCC.h"
+
+#include "Adornment.h"
+#include "AttributeCoder.h"
+#include "PIVError.h"
+#include "PIVRecord.h"
+#include "PIVSchema.h"
+#include <security_cdsa_client/aclclient.h>
+#include <map>
+#include <vector>
+#include <zlib.h>
+#include <CoreFoundation/CFString.h>
+/* FOR KEYSIZE RETREIVAL */
+#include <Security/Security.h>
+
+#include <algorithm> /* min */
+
+#include "TLV.h"
+
+using CssmClient::AclFactory;
+
+/*
+ APDU: 00 A4 04 00 06 A0 00 00 00 01 01
+ APDU: 6A 82 ==> applet not found (NISTIR6887 5.3.3.2/ISO 7816-4)
+*/
+
+#pragma mark ---------- PIV defines ----------
+
+
+// Result codes [Ref NISTIR6887 5.1.1.1 Get Response APDU]
+
+#define PIV_RESULT_SUCCESS_SW1 0x90 //[ref SCARD_SUCCESS]
+#define PIV_RESULT_SUCCESS_SW2 (unsigned char )0x00
+#define PIV_RESULT_CONTINUATION_SW1 (unsigned char )0x61
+
+/*
+ 00 A4 04 00 07 A0 00 00 01 51 00 00 [A0000001510000]
+ 00 A4 04 00 06 A0 00 00 00 01 01
+
+ 00 A4 04 00 0B A0 00 00 03 08 00 00 10 00 01 00
+ Select applet/object (00 A4 )
+ select by AID (04)
+ P2 (00)
+ Lc (length of data) (0B)
+ Applet id A0 00 00 03 08 00 00 10 00 01 00 (A000000308000010000100)
+ A0 00 00 03 08 00 00 10 00 01 00
+ 1. Send SELECT card command with,
+
+ 2. Send SELECT card command without the version number,
+ 0 10 00
+ ...
+ AID == A0 00 00 03 08 00 00 10 00 01 00
+ ...
+ AID == A0 00 00 03 08 00 00
+*/
+
+static const unsigned char kSelectPIVApplet[] = { SELECT_PIV_APPLET_LONG }; // or SELECT_PIV_APPLET_SHORT
+
+static const unsigned char kUniversalAID[] = { 0xA0, 0x00, 0x00, 0x01, 0x16, 0xDB, 0x00 };
+
+#pragma mark ---------- Data Description Strings -----------
+
+static const char *sDescripCardCapabilityContainer = "CCC";
+static const char *sDescripCardHolderUniqueIdentifier = "CHUID";
+static const char *sDescripCardHolderFingerprints = "FINGERPRINTS";
+static const char *sDescripPrintedInformation = "PRINTDATA";
+static const char *sDescripCardHolderFacialImage = "FACIALIMAGE";
+
+#pragma mark ---------- Object IDs ----------
+
+static const unsigned char oidCardCapabilityContainer[] = { PIV_OBJECT_ID_CARD_CAPABILITY_CONTAINER };
+static const unsigned char oidCardHolderUniqueIdentifier[] = { PIV_OBJECT_ID_CARDHOLDER_UNIQUEID };
+static const unsigned char oidCardHolderFingerprints[] = { PIV_OBJECT_ID_CARDHOLDER_FINGERPRINTS };
+static const unsigned char oidPrintedInformation[] = { PIV_OBJECT_ID_PRINTED_INFORMATION };
+static const unsigned char oidCardHolderFacialImage[] = { PIV_OBJECT_ID_CARDHOLDER_FACIAL_IMAGE };
+static const unsigned char oidX509CertificatePIVAuthentication[] = { PIV_OBJECT_ID_X509_CERTIFICATE_PIV_AUTHENTICATION };
+static const unsigned char oidX509CertificateDigitalSignature[] = { PIV_OBJECT_ID_X509_CERTIFICATE_DIGITAL_SIGNATURE };
+static const unsigned char oidX509CertificateKeyManagement[] = { PIV_OBJECT_ID_X509_CERTIFICATE_KEY_MANAGEMENT };
+static const unsigned char oidX509CertificateCardAuthentication[] = { PIV_OBJECT_ID_X509_CERTIFICATE_CARD_AUTHENTICATION };
+
+
+#pragma mark ---------- NO/MINOR MODIFICATION NEEDED ----------
+
+PIVToken::PIVToken() :
+ mCurrentApplet(NULL), mPinStatus(0)
+{
+ mTokenContext = this;
+ mSession.open();
+}
+
+PIVToken::~PIVToken()
+{
+ delete mSchema;
+}
+
+
+void PIVToken::didDisconnect()
+{
+ PCSC::Card::didDisconnect();
+ mCurrentApplet = NULL;
+ mPinStatus = 0;
+}
+
+void PIVToken::didEnd()
+{
+ PCSC::Card::didEnd();
+ mCurrentApplet = NULL;
+ mPinStatus = 0;
+}
+
+void PIVToken::unverifyPIN(int pinNum)
+{
+ if (pinNum != -1)
+ CssmError::throwMe(CSSM_ERRCODE_SAMPLE_VALUE_NOT_SUPPORTED);
+
+ end(SCARD_RESET_CARD);
+}
+
+void PIVToken::establish(const CSSM_GUID *guid, uint32 subserviceId,
+ SecTokendEstablishFlags flags, const char *cacheDirectory,
+ const char *workDirectory, char mdsDirectory[PATH_MAX],
+ char printName[PATH_MAX])
+{
+ Tokend::ISO7816Token::establish(guid, subserviceId, flags,
+ cacheDirectory, workDirectory, mdsDirectory, printName);
+
+#ifdef _USECERTIFICATECOMMONNAME
+ std::string commonName = authCertCommonName();
+ ::snprintf(printName, 40, "PIV-%s", commonName.c_str());
+#else
+ byte_string cccOid((const unsigned char *)oidCardCapabilityContainer, oidCardCapabilityContainer + sizeof(oidCardCapabilityContainer));
+ byte_string cccdata;
+ getDataCore(cccOid, "CCC", false, true, cccdata);
+ PIVCCC ccc(cccdata);
+ ::snprintf(printName, 40, "PIV-%s", ccc.hexidentifier().c_str());
+#endif /* _USECERTIFICATECOMMONNAME */
+ Tokend::ISO7816Token::name(printName);
+ secdebug("pivtoken", "name: %s", printName);
+
+ if(mSchema)
+ delete mSchema;
+ mSchema = new PIVSchema();
+ mSchema->create();
+
+ populate();
+}
+
+//
+// Database-level ACLs
+//
+void PIVToken::getOwner(AclOwnerPrototype &owner)
+{
+ // we don't really know (right now), so claim we're owned by PIN #0
+ if (!mAclOwner)
+ {
+ mAclOwner.allocator(Allocator::standard());
+ mAclOwner = AclFactory::PinSubject(Allocator::standard(), 0);
+ }
+ owner = mAclOwner;
+}
+
+
+void PIVToken::getAcl(const char *tag, uint32 &count, AclEntryInfo *&acls)
+{
+ //uint32_t cacresult = pinStatus();
+ Allocator &alloc = Allocator::standard();
+
+ if (unsigned pin = pinFromAclTag(tag, "?")) {
+ static AutoAclEntryInfoList acl;
+ acl.clear();
+ acl.allocator(alloc);
+ uint32_t status = this->pinStatus(pin);
+ if (status == SCARD_SUCCESS)
+ acl.addPinState(pin, CSSM_ACL_PREAUTH_TRACKING_AUTHORIZED);
+ else if (status >= PIV_AUTHENTICATION_FAILED_0 && status <= PIV_AUTHENTICATION_FAILED_3)
+ acl.addPinState(pin, 0, status - PIV_AUTHENTICATION_FAILED_0);
+ else
+ acl.addPinState(pin, CSSM_ACL_PREAUTH_TRACKING_UNKNOWN);
+ count = acl.size();
+ acls = acl.entries();
+ return;
+ }
+
+ // mAclEntries sets the handle of each AclEntryInfo to the
+ // offset in the array.
+
+ // get pin list, then for each pin
+ if (!mAclEntries) {
+ mAclEntries.allocator(alloc);
+ // Anyone can read the attributes and data of any record on this token
+ // (it's further limited by the object itself).
+ mAclEntries.add(CssmClient::AclFactory::AnySubject(
+ mAclEntries.allocator()),
+ AclAuthorizationSet(CSSM_ACL_AUTHORIZATION_DB_READ, 0));
+ // We support PIN1 with either a passed in password
+ // subject or a prompted password subject.
+ mAclEntries.addPin(AclFactory::PWSubject(alloc), 1);
+ mAclEntries.addPin(AclFactory::PromptPWSubject(alloc, CssmData()), 1);
+ }
+ count = mAclEntries.size();
+ acls = mAclEntries.entries();
+}
+
+
+#pragma mark ---------- MODIFICATION REQUIRED ----------
+
+/* ---------------------------------------------------------------------------
+ *
+ * The methods in this section should be usable with very minor or no
+ * modifications. For example, for a PKCS#11 based tokend, replace
+ * mCurrentApplet with mObjectID or the like.
+ *
+ * ---------------------------------------------------------------------------
+*/
+
+uint32 PIVToken::probe(SecTokendProbeFlags flags, char tokenUid[TOKEND_MAX_UID]) // MODIFY
+{
+ /*
+ In probe, try to figure out if this is your token. If it is, return
+ a good score (e.g. 100-200) and set the tokenUid to something
+ unique-ish. It can be completely token-specific information.
+ If not, disconnect from the token and return 0.
+ */
+ uint32 score = Tokend::ISO7816Token::probe(flags, tokenUid);
+
+ bool doDisconnect = false; /*!(flags & kSecTokendProbeKeepToken); */
+
+ try
+ {
+ if (!identify())
+ doDisconnect = true;
+ else
+ {
+#ifndef _USEFALLBACKTOKENUID
+ byte_string cccOid((const unsigned char *)oidCardCapabilityContainer, oidCardCapabilityContainer + sizeof(oidCardCapabilityContainer));
+ byte_string cccdata;
+ /*
+ Since probe is called before establish, securityd has not passed us
+ the cache directory yet, so we don't try to cache anything right now
+ */
+ const bool allowCaching = false;
+ getDataCore(cccOid, "CCC", false, allowCaching, cccdata);
+ PIVCCC ccc(cccdata);
+ snprintf(tokenUid, TOKEND_MAX_UID, "PIV-%s", ccc.hexidentifier().c_str());
+
+#else
+ // You should put something to uniquely identify the token into
+ // tokenUid if possible, since then caching of large items such
+ // as certificates will be possible. Here we just put in some
+ // random junk.
+ unsigned char buffer[80];
+ time_t now;
+ struct tm* timestruct = localtime(&now);
+ strftime(reinterpret_cast<char *>(buffer), 80, "%+", timestruct); // like "date" output in shell
+ snprintf(tokenUid, TOKEND_MAX_UID, "PIV-%s", buffer);
+#endif
+ score = 110;
+ secdebug("probe", "recognized %s", tokenUid);
+ }
+ }
+ catch (...)
+ {
+ doDisconnect = true;
+ score = 0;
+ }
+
+ if (doDisconnect)
+ disconnect();
+
+ return score;
+}
+
+size_t PIVToken::getKeySize(const byte_string &cert) const {
+ size_t keySize = 0;
+ SecCertificateRef certRef = 0;
+ SecKeyRef keyRef = 0;
+ /* Parse certificate for size */
+ CSSM_DATA certData;
+ certData.Data = (uint8_t*)&cert[0];
+ certData.Length = cert.size();
+ const CSSM_KEY *cssmKey = NULL;
+ OSStatus status = SecCertificateCreateFromData(&certData, CSSM_CERT_X_509v3, CSSM_CERT_ENCODING_BER, &certRef);
+ if(status != noErr) goto done;
+ status = SecCertificateCopyPublicKey(certRef, &keyRef);
+ if(status != noErr) goto done;
+ status = SecKeyGetCSSMKey(keyRef, &cssmKey);
+ if(status != noErr) goto done;
+ keySize = cssmKey->KeyHeader.LogicalKeySizeInBits;
+done:
+ if(keyRef)
+ CFRelease(keyRef);
+ if(certRef)
+ CFRelease(certRef);
+ return keySize;
+}
+
+void PIVToken::populate()
+{
+ /*
+ @@@ To do:
+ read and parse CCC record to find out if the card has all of the optional records
+ before adding them
+ */
+
+ secdebug("populate", "PIVToken::populate() begin");
+
+ // These lines will be the same for any token with certs, keys, and
+ // data records.
+ Tokend::Relation &certRelation =
+ mSchema->findRelation(CSSM_DL_DB_RECORD_X509_CERTIFICATE);
+ Tokend::Relation &privateKeyRelation =
+ mSchema->findRelation(CSSM_DL_DB_RECORD_PRIVATE_KEY);
+ Tokend::Relation &dataRelation =
+ mSchema->findRelation(CSSM_DL_DB_RECORD_GENERIC);
+
+ /*
+ Table 1. SP 800-73 Data Model Containers
+
+ RID 'A0 00 00 00 01 16' - ContainerID - Access Rule - Contact/Contactless - M/O
+ Card Capability Container 0xDB00 Read Always Contact Mandatory
+ CHUID Buffer 0x3000 Read Always Contact & Contactless Mandatory
+ PIV Authentication Certificate Buffer 0x0101 Read Always Contact Mandatory
+ Fingerprint Buffer 0x6010 PIN Contact Mandatory
+ Printed Information Buffer 0x3001 PIN Contact Optional
+ Facial Image Buffer 0x6030 PIN Contact Optional
+ Digital Signature Certificate Buffer 0x0100 Read Always Contact Optional
+ Key Management Certificate Buffer 0x0102 Read Always Contact Optional
+ Card Authentication Certificate Buffer 0x0500 Read Always Contact Optional
+ Security Object Buffer 0x9000 Read Always Contact Mandatory
+ */
+
+ // Since every object ID is 3 bytes long, this works
+ const size_t sz = sizeof(oidCardCapabilityContainer);
+
+ // Card Capability Container 2.16.840.1.101.3.7.1.219.0 '5FC107' [Mandatory]
+ if (getDataExists(oidCardCapabilityContainer, sz, sDescripCardCapabilityContainer))
+ dataRelation.insertRecord(new PIVDataRecord(oidCardCapabilityContainer, sz, sDescripCardCapabilityContainer));
+
+ // Card Holder Unique Identifier 2.16.840.1.101.3.7.2.48.0 '5FC102' [Mandatory] [CHUID]
+ if (getDataExists(oidCardHolderUniqueIdentifier, sz, sDescripCardHolderUniqueIdentifier))
+ dataRelation.insertRecord(new PIVDataRecord(oidCardHolderUniqueIdentifier, sz, sDescripCardHolderUniqueIdentifier));
+
+ // Card Holder Fingerprints 2.16.840.1.101.3.7.2.96.16 '5FC103' [Mandatory]
+ if (getDataExists(oidCardHolderFingerprints, sz, sDescripCardHolderFingerprints))
+ dataRelation.insertRecord(new PIVProtectedRecord(oidCardHolderFingerprints, sz, sDescripCardHolderFingerprints));
+
+ // Printed Information 2.16.840.1.101.3.7.2.48.1 '5FC109' [Optional]
+ if (getDataExists(oidPrintedInformation, sz, sDescripPrintedInformation))
+ dataRelation.insertRecord(new PIVProtectedRecord(oidPrintedInformation, sz, sDescripPrintedInformation));
+
+ // Card Holder Facial Image 2.16.840.1.101.3.7.2.96.48 '5FC108' O
+ if (getDataExists(oidCardHolderFacialImage, sz, sDescripCardHolderFacialImage))
+ dataRelation.insertRecord(new PIVProtectedRecord(oidCardHolderFacialImage, sz, sDescripCardHolderFacialImage));
+
+ // Now describe the keys and certificates
+
+ // Note that the "Card Management Key", keyref 0x9B is a symmetric key
+ // and so is not listed here
+
+ const unsigned char *certids[] =
+ {
+ oidX509CertificatePIVAuthentication, // 0x9A
+ oidX509CertificateDigitalSignature, // 0x9C
+ oidX509CertificateKeyManagement, // 0x9D
+ oidX509CertificateCardAuthentication // 0x9E
+ };
+
+ const char *certNames[] =
+ {
+ "PIV Authentication Certificate",
+ "Digital Signature Certificate",
+ "Key Management Certificate",
+ "Card Authentication Certificate"
+ };
+
+ const char *keyNames[] =
+ {
+ "PIV Authentication Private Key", // Keyref 9A
+ "Digital Signature Private Key", // Keyref 9C
+ "Key Management Private Key", // Keyref 9D
+ "Card Authentication Private Key" // Keyref 9E
+ };
+
+ const unsigned char keyRefs[] =
+ {
+ PIV_KEYREF_PIV_AUTHENTICATION,
+ PIV_KEYREF_PIV_DIGITAL_SIGNATURE,
+ PIV_KEYREF_PIV_KEY_MANAGEMENT,
+ PIV_KEYREF_PIV_CARD_AUTHENTICATION
+ };
+
+ for (unsigned int ix=0;ix<sizeof(certids)/sizeof(certids[0]);++ix)
+ {
+ byte_string certData;
+ try {
+ getDataCore(byte_string(certids[ix], certids[ix] + sz), certNames[ix], true, true, certData);
+ } catch(PIVError &e) {
+ continue;
+ }
+ int keySize = getKeySize(certData);
+ if(keySize == 0) continue;
+
+ RefPointer<Tokend::Record> cert(new PIVCertificateRecord(certids[ix], sz, certNames[ix]));
+ certRelation.insertRecord(cert);
+
+ RefPointer<Tokend::Record> key(new PIVKeyRecord(certids[ix], sz, keyNames[ix], privateKeyRelation.metaRecord(), keyRefs[ix], keySize));
+ privateKeyRelation.insertRecord(key);
+
+ // The Adornment class links a particular PIVCertificateRecord
+ // with its corresponding PIVKeyRecord record
+ key->setAdornment(mSchema->publicKeyHashCoder().certificateKey(),
+ new Tokend::LinkedRecordAdornment(cert));
+ }
+
+ secdebug("populate", "PIVToken::populate() end");
+}
+
+bool PIVToken::identify()
+{
+ // For the PIV identify function, just try to select the PIV applet.
+ // If it fails, this is not a PIV card.
+
+ try
+ {
+ selectDefault();
+ return true;
+ }
+ catch (const PCSC::Error &error)
+ {
+ if (error.error == SCARD_E_PROTO_MISMATCH)
+ return false;
+ throw;
+ }
+}
+
+void PIVToken::changePIN(int pinNum,
+ const unsigned char *oldPin, size_t oldPinLength,
+ const unsigned char *newPin, size_t newPinLength)
+{
+ /*
+ References:
+ - 7.2.2 CHANGE REFERENCE DATA Card Command [SP800731]
+ */
+ if (pinNum < PIV_VERIFY_KEY_NUMBER_DEFAULT || pinNum > PIV_VERIFY_KEY_NUMBER_MAX)
+ CssmError::throwMe(CSSM_ERRCODE_SAMPLE_VALUE_NOT_SUPPORTED);
+
+ if (oldPinLength < PIV_VERIFY_PIN_LENGTH_MIN || oldPinLength > PIV_VERIFY_PIN_LENGTH_MAX ||
+ newPinLength < PIV_VERIFY_PIN_LENGTH_MIN || newPinLength > PIV_VERIFY_PIN_LENGTH_MAX)
+ CssmError::throwMe(CSSM_ERRCODE_INVALID_SAMPLE_VALUE);
+
+ PCSC::Transaction _(*this);
+ // Change pin requires that we select the default applet first
+ selectDefault();
+
+ const unsigned char dataFieldLen = 0x10; // doc says must be 16 (= 2x8)
+ const unsigned char APDU_TEMPLATE[] = { PIV_CHANGE_REFERENCE_DATA_APDU_TEMPLATE };
+ byte_string apdu(APDU_TEMPLATE, APDU_TEMPLATE + sizeof(APDU_TEMPLATE));
+
+ apdu[PIV_VERIFY_APDU_INDEX_KEY] = static_cast<unsigned char>(pinNum & 0xFF);
+ apdu[PIV_VERIFY_APDU_INDEX_LEN] = dataFieldLen;
+
+ copy(oldPin, oldPin + oldPinLength, apdu.begin() + PIV_VERIFY_APDU_INDEX_DATA);
+ copy(newPin, newPin + newPinLength, apdu.begin() + PIV_CHANGE_REFERENCE_DATA_APDU_INDEX_DATA2);
+
+ byte_string result;
+
+ mPinStatus = exchangeAPDU(apdu, result);
+ /* Clear out pin by forcing zeroes in */
+ secure_zero(apdu);
+ PIVError::check(mPinStatus);
+}
+
+uint32_t PIVToken::pinStatus(int pinNum)
+{
+ /*
+ Ref 5.1.2.4 Verify APDU [NISTIR6887]
+
+ Processing State returned in the Response Message
+ SW1 SW2 Meaning
+ 63 00 Verification failed
+ 63 CX Verification failed, X indicates the number of further allowed retries
+ 69 83 Authentication method blocked [SCARD_AUTHENTICATION_BLOCKED]
+ 69 84 Referenced data deactivated [SCARD_REFERENCED_DATA_INVALIDATED]
+ 6A 86 Incorrect parameters P1-P2 [SCARD_INCORRECT_P1_P2]
+ 6A 88 Reference data not found [SCARD_REFERENCED_DATA_NOT_FOUND]
+ 90 00 Successful execution [SCARD_SUCCESS]
+ */
+ if (pinNum < PIV_VERIFY_KEY_NUMBER_DEFAULT || pinNum > PIV_VERIFY_KEY_NUMBER_MAX)
+ CssmError::throwMe(CSSM_ERRCODE_SAMPLE_VALUE_NOT_SUPPORTED);
+
+ if (mPinStatus && isInTransaction())
+ return mPinStatus;
+
+ PCSC::Transaction _(*this);
+ // Verify pin requires that we select the default applet first
+ selectDefault();
+
+ const unsigned char APDU_TEMPLATE[] = { PIV_VERIFY_APDU_STATUS };
+ byte_string apdu(APDU_TEMPLATE, APDU_TEMPLATE + sizeof(APDU_TEMPLATE));
+
+ apdu[PIV_VERIFY_APDU_INDEX_KEY] = 0x80;//static_cast<unsigned char>(pinNum & 0xFF);
+
+ byte_string result;
+
+ mPinStatus = exchangeAPDU(apdu, result);
+ if (((mPinStatus & 0xFF00) != SCARD_AUTHENTICATION_FAILED) &&
+ (mPinStatus != SCARD_AUTHENTICATION_BLOCKED))
+ PIVError::check(mPinStatus);
+
+ if ((mPinStatus & 0xFF00) == SCARD_AUTHENTICATION_FAILED)
+ secdebug("pivtoken", "pinStatus: %d authentication attempts remaining", (mPinStatus & 0x000F));
+ else
+ if (mPinStatus == SCARD_AUTHENTICATION_BLOCKED)
+ secdebug("pivtoken", "pinStatus: CARD IS BLOCKED");
+
+ return mPinStatus;
+}
+
+// 00 20 00 80 08 31 32 33 34 35 36 FF FF
+//APDU: 00 20 00 01 08 31 32 33 34 35 36 FF FF
+//APDU: 6A 88
+
+void PIVToken::verifyPIN(int pinNum,
+ const unsigned char *pin, size_t pinLength)
+{
+ // 5.1.2.4 Verify APDU [NISTIR6887]
+
+ if (pinNum < PIV_VERIFY_KEY_NUMBER_DEFAULT || pinNum > PIV_VERIFY_KEY_NUMBER_MAX)
+ CssmError::throwMe(CSSM_ERRCODE_SAMPLE_VALUE_NOT_SUPPORTED);
+
+ if (pinLength < PIV_VERIFY_PIN_LENGTH_MIN || pinLength > PIV_VERIFY_PIN_LENGTH_MAX)
+ CssmError::throwMe(CSSM_ERRCODE_INVALID_SAMPLE_VALUE);
+
+ PCSC::Transaction _(*this);
+ // Verify pin requires that we select the default applet first
+ selectDefault();
+
+ const unsigned char dataFieldLen = 8; // doc says must be 8
+
+ const unsigned char APDU_TEMPLATE[] = { PIV_VERIFY_APDU_TEMPLATE };
+ byte_string apdu(APDU_TEMPLATE, APDU_TEMPLATE + sizeof(APDU_TEMPLATE));
+
+ apdu[PIV_VERIFY_APDU_INDEX_KEY] = 0x80;//static_cast<unsigned char>(pinNum & 0xFF);
+ apdu[PIV_VERIFY_APDU_INDEX_LEN] = dataFieldLen;
+
+ copy(pin, pin + pinLength, apdu.begin() + PIV_VERIFY_APDU_INDEX_DATA);
+
+ byte_string result;
+
+ mPinStatus = exchangeAPDU(apdu, result);
+ /* Clear out pin */
+ secure_zero(apdu);
+ PIVError::check(mPinStatus);
+ // Start a new transaction which we never get rid of until someone calls
+ // unverifyPIN()
+ begin();
+}
+
+
+#pragma mark ---------------- TOKEN Specific/Utility --------------
+
+
+/* ---------------------------------------------------------------------------
+ *
+ * The methods in this section are useful utility functions for Java
+ * cards, but may be useful for other tokens as well with appropriate
+ * changes.
+ *
+ * ---------------------------------------------------------------------------
+*/
+
+void PIVToken::select(const unsigned char *applet, size_t appletLength)
+{
+ /*
+ References:
+ - 2.3.3.3.1 SELECT APDU [SP800731]
+ - 5.1.1.4 Select File APDU [NISTIR6887]
+
+ Data Field returned in the Response Message
+ If P2 is set to 0x00, data is returned as per ISO 7816-4 [ISO4].
+ If P2 is set to 0x0C, no data is returned.
+
+ Processing State returned in the Response Message
+
+ SW1 SW2 Meaning
+ 62 83 Selected file deactivated
+ 62 84 FCI not formatted according to ISO 7816-4 Section 5.1.5
+ 6A 81 Function not supported
+ 6A 82 File not found
+ 6A 86 Incorrect parameters P1-P2
+ 6A 87 Lc inconsistent with P1-P2
+ 90 00 Successful execution
+ */
+
+ secdebug("pivtoken", "select BEGIN");
+ // If we are already connected and our current applet is already selected we are done.
+ if (isInTransaction() && mCurrentApplet == applet)
+ return;
+
+ byte_string apdu(applet, applet + appletLength);
+ byte_string result;
+ bool failed = false;
+
+ uint16_t rx;
+ try
+ {
+ rx = exchangeAPDU(apdu, result);
+ }
+ catch (const PCSC::Error &error)
+ {
+ secdebug("pivtoken", "select transmit error: %ld (0x%04lX)]", error.error, error.error);
+ if (error.error == SCARD_E_PROTO_MISMATCH)
+ return;
+ failed = true;
+ }
+ catch (...)
+ {
+ secdebug("pivtoken", "select transmit unknown failure");
+ failed = true;
+ }
+ //PCSC::Error Transaction failed. (-2146435050) osStatus -2147416063
+ // We could return a more specific error based on the codes above
+
+ if (failed || (rx != SCARD_SUCCESS))
+ {
+ secdebug("pivtoken", "select END [FAILURE %02X %02X]",
+ result[result.size() - 2], result[result.size() - 1]);
+ PCSC::Error::throwMe(SCARD_E_PROTO_MISMATCH);
+ }
+
+ if (isInTransaction())
+ mCurrentApplet = applet;
+
+ secdebug("pivtoken", "select END [SUCCESS]");
+}
+
+void PIVToken::selectDefault()
+{
+ select(kSelectPIVApplet, sizeof(kSelectPIVApplet));
+}
+
+uint16_t PIVToken::simpleExchangeAPDU(const byte_string &apdu, byte_string &result) {
+ transmit(apdu, result);
+ if (result.size() < 2)
+ PCSC::Error::throwMe(SCARD_E_PROTO_MISMATCH);
+ uint16_t ret = (result[result.size() - 2] << 8) + result[result.size() - 1];
+ // Trim off status bytes
+ result.resize(result.size() - 2);
+ return ret;
+}
+
+uint16_t PIVToken::exchangeAPDU(const byte_string &apdu, byte_string &result)
+{
+ static const uint8_t GET_RESULT_TEMPLATE [] = { 0x00, 0xC0, 0x00, 0x00, 0xFF };
+ byte_string getResult(GET_RESULT_TEMPLATE, GET_RESULT_TEMPLATE + sizeof(GET_RESULT_TEMPLATE));
+ const int SIZE_INDEX = 4;
+
+ uint16_t ret = simpleExchangeAPDU(apdu, result);
+ /* Keep pulling more data */
+ while ((ret >> 8) == PIV_RESULT_CONTINUATION_SW1)
+ {
+ size_t expectedLength = ret & 0xFF;
+ if(expectedLength == 0) /* 256-byte case .. */
+ expectedLength = 256;
+ getResult[SIZE_INDEX] = expectedLength & 0xFF;
+ ret = simpleExchangeAPDU(getResult, result);
+ }
+ return ret;
+}
+
+uint16_t PIVToken::exchangeChainedAPDU(unsigned char cla, unsigned char ins,
+ unsigned char p1, unsigned char p2,
+ const byte_string &data,
+ byte_string &result)
+{
+ const size_t BASE_CHUNK_LENGTH = 242; /* 242 == reasonably safe data chunk amount well under 256 */
+ byte_string apdu;
+ uint16_t ret;
+ apdu.reserve(5 + BASE_CHUNK_LENGTH);
+ apdu.resize(5);
+ apdu[0] = cla;
+ apdu[1] = ins;
+ apdu[2] = p1;
+ apdu[3] = p2;
+
+ apdu[0] |= 0x10;
+ byte_string::iterator apduDataBegin = apdu.begin() + 5;
+ size_t chunkLength;
+ byte_string::const_iterator iter;
+ /* Chain data and skip last chunk since its in the receiving end */
+ for(iter = data.begin(); (iter + BASE_CHUNK_LENGTH) < data.end(); iter += BASE_CHUNK_LENGTH) {
+ chunkLength = std::min(BASE_CHUNK_LENGTH, (size_t)(data.end() - iter));
+ apdu.resize(5 + chunkLength);
+ apdu[4] = chunkLength & 0xFF;
+ copy(iter, iter + chunkLength, apduDataBegin);
+ /* Don't send Le */
+ ret = simpleExchangeAPDU(apdu, result);
+ /* No real data should come back until chaining is complete */
+ PIVError::check(ret);
+ }
+ apdu[0] &= ~0x10;
+ apdu[4] = (data.end() - iter) & 0xFF;
+ apdu.resize(5 + (data.end() - iter));
+ copy(iter, data.end(), apduDataBegin);
+ /* LE BYTE? */
+ return exchangeAPDU(apdu, result);
+}
+
+byte_string PIVToken::buildGetData(const byte_string &oid, int limit /* = -1 */) const {
+ // The APDU only has space for a 3 byte OID
+ if (oid.size() != 3)
+ PCSC::Error::throwMe(SCARD_E_PROTO_MISMATCH);
+
+ const unsigned char dataFieldLen = 0x05;
+ static const unsigned char INITIAL_APDU_TEMPLATE[] = { PIV_GETDATA_APDU_TEMPLATE };
+ /* TODO: Build from ground-up */
+ byte_string initialApdu(INITIAL_APDU_TEMPLATE, INITIAL_APDU_TEMPLATE + sizeof(INITIAL_APDU_TEMPLATE));
+
+ initialApdu[PIV_GETDATA_APDU_INDEX_LEN] = dataFieldLen;
+ initialApdu[PIV_GETDATA_APDU_INDEX_OIDLEN] = oid.size();
+ copy(oid.begin(), oid.end(), initialApdu.begin() + PIV_GETDATA_APDU_INDEX_OID);
+ initialApdu.resize(PIV_GETDATA_APDU_INDEX_OID + oid.size());
+ if(limit > 255)
+ PCSC::Error::throwMe(SCARD_E_PROTO_MISMATCH);
+ if(limit >= 0)
+ initialApdu.push_back(limit);
+ return initialApdu;
+}
+
+/*
+ This is where the actual data for a certificate or other data is retrieved from the token.
+
+ Here is a sample exchange
+
+ APDU: 00 CB 3F FF 05 5C 03 5F C1 05
+ APDU: 61 00
+
+ APDU: 00 C0 00 00 00
+ APDU: 53 82 04 84 70 82 ... 61 00
+
+ APDU: 00 C0 00 00 00
+ APDU: 68 82 8C 52 65 ... 61 88
+
+ APDU: 00 C0 00 00 88
+ APDU: 50 D0 B2 A2 EF ... 90 00
+*/
+void PIVToken::getDataCore(const byte_string &oid, const char *description, bool isCertificate,
+ bool allowCaching, byte_string &data)
+{
+ /* First check the cache */
+ CssmData cssmData;
+ if(allowCaching && cachedObject(0, description, cssmData)) {
+ data.assign(cssmData.Data, cssmData.Data + cssmData.Length);
+ free(cssmData.Data);
+ return;
+ }
+ // Talk to token here to get data
+ {
+ byte_string getDataApdu = buildGetData(oid);
+ PCSC::Transaction _(*this);
+ selectDefault();
+ /* Continuation handled by exchangeAPDU */
+ uint16_t rx = exchangeAPDU(getDataApdu, data);
+ secdebug("pivtokend", "exchangeAPDU result %02X", rx);
+ PIVError::check(rx);
+ if(data.size() > PIV_MAX_DATA_SIZE) {
+ PIVError::throwMe(SCARD_RETURNED_DATA_CORRUPTED);
+ }
+ }
+ dumpDataRecord(data, oid);
+
+ // Start to parse the BER-TLV encoded data. In the end, we only return the
+ // main data part of this but we need to step through the rest first
+ // The certficates are the only types we parse here
+
+ if (data.size()<=0)
+ return;
+ if (data[0] != PIV_GETDATA_RESPONSE_TAG)
+ PIVError::throwMe(SCARD_RETURNED_DATA_CORRUPTED);
+
+ if (isCertificate)
+ processCertificateRecord(data, oid, description);
+
+ if (!allowCaching)
+ return;
+ cssmData.Data = &data[0];
+ cssmData.Length = data.size();
+ cacheObject(0, description, cssmData);
+}
+
+void PIVToken::processCertificateRecord(byte_string &data, const byte_string &oid, const char *description)
+{
+ bool hasCertificateData = false;
+ bool isCompressed = false;
+
+ // 00000000 53 82 04 84 70 82 04 78 78 da 33 68 62 db 61 d0
+ TLV_ref tlv;
+ TLVList list;
+ try {
+ tlv = TLV::parse(data);
+ list = tlv->getInnerValues();
+ } catch(...) {
+ PIVError::throwMe(SCARD_RETURNED_DATA_CORRUPTED);
+ }
+
+ for(TLVList::const_iterator iter = list.begin(); iter != list.end(); ++iter) {
+ const byte_string &tagString = (*iter)->getTag();
+ const byte_string &value = (*iter)->getValue();
+ if(tagString.size() != 1)
+ PIVError::throwMe(SCARD_RETURNED_DATA_CORRUPTED);
+ uint8_t tag = tagString[0];
+ switch (tag)
+ {
+ case PIV_GETDATA_TAG_CERTIFICATE: // 0x70
+ data = value;
+ hasCertificateData = true;
+ break;
+ case PIV_GETDATA_TAG_CERTINFO: // 0x71
+ if(value.size() != 1)
+ PIVError::throwMe(SCARD_RETURNED_DATA_CORRUPTED);
+ secdebug("pivtokend", "CertInfo byte: %02X", value[0]);
+ isCompressed = value[0] & PIV_GETDATA_COMPRESSION_MASK;
+ break;
+ case PIV_GETDATA_TAG_MSCUID: // 0x72 -- should be of length 3...
+ break;
+ case PIV_GETDATA_TAG_ERRORDETECTION:
+ break;
+ case 0:
+ case 0xFF:
+ break;
+ default:
+ PIVError::throwMe(SCARD_RETURNED_DATA_CORRUPTED);
+ break;
+ }
+ }
+
+ /* No cert data ? */
+ if(!hasCertificateData)
+ PIVError::throwMe(SCARD_RETURNED_DATA_CORRUPTED);
+ if (isCompressed)
+ {
+ /* The certificate is compressed */
+ secdebug("pivtokend", "uncompressing compressed %s", description);
+ dumpDataRecord(data, oid, "-compressedcert");
+
+ byte_string uncompressedData;
+ uncompressedData.resize(PIV_MAX_DATA_SIZE);
+ int rv = Z_ERRNO;
+ int compTyp = compressionType(data);
+ rv = PIVToken::uncompressData(uncompressedData, data, compTyp);
+ if (rv != Z_OK)
+ {
+ secdebug("zlib", "uncompressing %s failed: %d [type=%d]", description, rv, compTyp);
+ CssmError::throwMe(CSSMERR_DL_DATABASE_CORRUPT);
+ }
+ data = uncompressedData;
+ }
+ else
+ {
+ }
+ dumpDataRecord(data, oid, "-rawcert");
+}
+
+int PIVToken::compressionType(const byte_string &data)
+{
+ // Some ad-hoc stuff to guess at compression type
+ if (data.size() > 2 && data[0] == 0x1F && data[1] == 0x8B)
+ return kCompressionGzip;
+ if (data.size() > 1 /*&& (data[0] & 0x10) == Z_DEFLATED*/)
+ return kCompressionZlib;
+ else
+ return kCompressionUnknown;
+}
+
+int PIVToken::uncompressData(byte_string &uncompressedData, const byte_string &compressedData, int compressionType)
+{
+ z_stream dstream; // decompression stream
+ int windowSize = 15;
+ switch(compressionType) {
+ case kCompressionGzip:
+ windowSize += 0x20;
+ break;
+ case kCompressionZlib:
+ break;
+ default:
+ CssmError::throwMe(CSSMERR_DL_DATABASE_CORRUPT);
+ }
+ dstream.zalloc = (alloc_func)0;
+ dstream.zfree = (free_func)0;
+ dstream.opaque = (voidpf)0;
+ /* Input not altered , so de-const-casting ok*/
+ dstream.next_in = (Bytef*)&compressedData[0];
+ dstream.avail_in = compressedData.size();
+ dstream.next_out = &uncompressedData[0];
+ dstream.avail_out = uncompressedData.size();
+ int err = inflateInit2(&dstream, windowSize);
+ if (err)
+ return err;
+
+ err = inflate(&dstream, Z_FINISH);
+ if (err != Z_STREAM_END)
+ {
+ inflateEnd(&dstream);
+ return err;
+ }
+ uncompressedData.resize(dstream.total_out);
+ err = inflateEnd(&dstream);
+ return err;
+}
+
+void PIVToken::dumpDataRecord(const byte_string &data, const byte_string &oid, const char *extraSuffix)
+{
+#if !defined(NDEBUG)
+ FILE *fp;
+ char fileName[128]={0,};
+ const char *kNamePrefix = "/tmp/pivobj-";
+ char suffix[32]={0,};
+ memcpy(fileName, kNamePrefix, strlen(kNamePrefix));
+ sprintf(suffix,"%02X%02X%02X", oid[0], oid[1], oid[2]);
+ strncat(fileName, suffix, 3);
+ if (extraSuffix)
+ strcat(fileName, extraSuffix);
+ if ((fp = fopen(fileName, "wb")) != NULL)
+ {
+ fwrite(&data[0], 1, data.size(), fp);
+ fclose(fp);
+ secdebug("pivtokend", "wrote data of length %ld to %s", data.size(), fileName);
+ }
+#endif
+}
+
+std::string PIVToken::authCertCommonName()
+{
+ // Since the PIV Authentication Certificate is mandatory, do the user
+ // a favor and find the common name to use as the name of the token
+
+ const char *cn = NULL;
+ SecCertificateRef certificateRef = NULL;
+ CFStringRef commonName = NULL;
+
+ byte_string data;
+ byte_string oidAuthCert(oidX509CertificatePIVAuthentication, oidX509CertificatePIVAuthentication + sizeof(oidX509CertificatePIVAuthentication));
+ getDataCore(oidAuthCert, "AUTHCERT", true, true, data);
+ CssmData certData(&data[0], data.size());
+ OSStatus status = SecCertificateCreateFromData(&certData, CSSM_CERT_X_509v3, CSSM_CERT_ENCODING_BER, &certificateRef);
+ if (!status)
+ {
+ CFStringRef commonName = NULL;
+ SecCertificateCopyCommonName(certificateRef, &commonName);
+ if (commonName)
+ cn = CFStringGetCStringPtr(commonName, kCFStringEncodingMacRoman);
+ }
+
+ if (certificateRef)
+ CFRelease(certificateRef);
+ if (commonName)
+ CFRelease(commonName);
+
+ return std::string(cn?cn:"--unknown--");
+}
+
+size_t PIVToken::transmit(const byte_string::const_iterator &apduBegin, const byte_string::const_iterator &apduEnd, byte_string &result) {
+ const size_t BUFFER_SIZE = 1024;
+ size_t resultLength = BUFFER_SIZE;
+ size_t index = result.size();
+ /* To prevent data leaking, secure byte_string resize takes place */
+ secure_resize(result, result.size() + BUFFER_SIZE);
+ ISO7816Token::transmit(&(*apduBegin), (size_t)(apduEnd - apduBegin), &result[0]+ index, resultLength);
+ /* Trims the data, no expansion occurs */
+ result.resize(index + resultLength);
+ return resultLength;
+}
+
+bool PIVToken::getDataExists(const unsigned char *oid, size_t oidlen, const char *description)
+{
+ /* Read the data object, limiting it at one byte received to help speed things along */
+ byte_string result;
+ byte_string getDataApdu = buildGetData(byte_string(oid, oid + oidlen), 1);
+ uint16_t rx = simpleExchangeAPDU(getDataApdu, result);
+ if(rx == 0x6A82) return false; /* Object certainly doesn't exist */
+ if(rx == 0x6982) return true; /* Assume security status not satisified == object exists */
+ if(rx & 0xFF00 == SCARD_BYTES_LEFT_IN_SW2) return true; /* More bytes left */
+ if((rx >> 8) == PIV_RESULT_CONTINUATION_SW1) return true; /* More data available */
+ return result.size() > 0; /* Data has been returned */
+}
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVToken.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVToken.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVToken.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,210 @@
+/*
+ * Copyright (c) 2004-2007 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * PIVToken.h
+ * TokendPIV
+ */
+
+#ifndef _PIVTOKEN_H_
+#define _PIVTOKEN_H_
+
+#define _USECERTIFICATECOMMONNAME 1
+
+#include <Token.h>
+#include "TokenContext.h"
+#include "PIVDefines.h"
+
+#include <security_utilities/pcsc++.h>
+
+#include "byte_string.h"
+
+#pragma mark ---------- PIV defines ----------
+
+#define CLA_STANDARD 0x00
+#define INS_SELECT_FILE 0xA4
+#define INS_VERIFY_APDU 0x20 // SP800731 Section 2.3.3.2.1
+#define INS_CHANGE_REFERENCE_DATA 0x24 // [SP800731 7.2.2]
+
+// Placeholders for fields in the APDU to be filled in programmatically
+#define TBD_ZERO 0x00
+#define TBD_FF 0xFF
+
+// These are from NISTIR6887 5.1.1.4 Select File APDU
+// They are the values for the P1 field
+#define SELECT_P1_EXPLICIT 0x00
+#define SELECT_P1_CHILDDF 0x01
+#define SELECT_P1_CHILDEF 0x02
+#define SELECT_P1_PARENTDF 0x03
+
+#define SELECT_APPLET PIV_CLA_STANDARD, PIV_INS_SELECT_FILE, 0x04, 0x00 // Select application by AID
+
+#define SELECT_PIV_APPLET_VERS 0x10, 0x00, 0x01, 0x00
+#define SELECT_PIV_APPLET_SHORT SELECT_APPLET, 0x07, 0xA0, 0x00, 0x00, 0x03, 0x08, 0x00, 0x00
+#define SELECT_PIV_APPLET_LONG SELECT_APPLET, 0x0B, 0xA0, 0x00, 0x00, 0x03, 0x08, 0x00, 0x00, SELECT_PIV_APPLET_VERS
+
+#pragma mark ---------- Object IDs on Token ----------
+
+/*
+ Object IDs for objects on token. All currently 3 hex bytes.
+ See 4.2 OIDs and Tags of PIV Card Application Data Objects [SP800731]
+
+ 4.1 PIV Card Application Data Objects [SP800731]
+ A PIV Card Application shall contain six mandatory data objects and five optional data object for
+ interoperable use. The six mandatory data objects for interoperable use are as follows:
+
+ 1. Card Capability Container
+ 2. Card Holder Unique Identifier
+ 3. X.509 Certificate for PIV Authentication
+ 4. Card Holder Fingerprint I
+ 5. Card Holder Fingerprint II2
+ 6. Security Object
+
+ The five optional data objects for interoperable use are as follows:
+
+ 1. Card Holder Facial Image
+ 2. Printed Information
+ 3. X.509 Certificate for PIV Digital Signature
+ 4. X.509 Certificate for PIV Key Management
+ 5. X.509 Certificate for Card Authentication
+*/
+
+// Card Capability Container 2.16.840.1.101.3.7.1.219.0 0x5FC107 M
+#define PIV_OBJECT_ID_CARD_CAPABILITY_CONTAINER 0x5F, 0xC1, 0x07
+
+// Card Holder Unique Identifier 2.16.840.1.101.3.7.2.48.0 0x5FC102 M [CHUID]
+#define PIV_OBJECT_ID_CARDHOLDER_UNIQUEID 0x5F, 0xC1, 0x02
+
+// Card Holder Fingerprints 2.16.840.1.101.3.7.2.96.16 0x5FC103 M
+#define PIV_OBJECT_ID_CARDHOLDER_FINGERPRINTS 0x5F, 0xC1, 0x03
+
+// Printed Information 2.16.840.1.101.3.7.2.48.1 0x5FC109 O
+#define PIV_OBJECT_ID_PRINTED_INFORMATION 0x5F, 0xC1, 0x09
+
+// Card Holder Facial Image 2.16.840.1.101.3.7.2.96.48 0x5FC108 O
+#define PIV_OBJECT_ID_CARDHOLDER_FACIAL_IMAGE 0x5F, 0xC1, 0x08
+
+// X.509 Certificate for PIV Authentication 2.16.840.1.101.3.7.2.1.1 0x5FC105 M
+#define PIV_OBJECT_ID_X509_CERTIFICATE_PIV_AUTHENTICATION 0x5F, 0xC1, 0x05
+
+// X.509 Certificate for Digital Signature 2.16.840.1.101.3.7.2.1.0 0x5FC10A O
+#define PIV_OBJECT_ID_X509_CERTIFICATE_DIGITAL_SIGNATURE 0x5F, 0xC1, 0x0A
+
+// X.509 Certificate for Key Management 2.16.840.1.101.3.7.2.1.2 0x5FC10B O
+#define PIV_OBJECT_ID_X509_CERTIFICATE_KEY_MANAGEMENT 0x5F, 0xC1, 0x0B
+
+// X.509 Certificate for Card Authentication 2.16.840.1.101.3.7.2.5.0 0x5FC101 O
+#define PIV_OBJECT_ID_X509_CERTIFICATE_CARD_AUTHENTICATION 0x5F, 0xC1, 0x01
+
+
+class PIVSchema;
+class PIVCCC;
+
+#pragma mark ---------- The Token Class ----------
+
+//
+// "The" token
+//
+class PIVToken : public Tokend::ISO7816Token
+{
+ NOCOPY(PIVToken)
+public:
+ PIVToken();
+ ~PIVToken();
+
+ virtual void didDisconnect();
+ virtual void didEnd();
+
+ virtual uint32 probe(SecTokendProbeFlags flags,
+ char tokenUid[TOKEND_MAX_UID]);
+ virtual void establish(const CSSM_GUID *guid, uint32 subserviceId,
+ SecTokendEstablishFlags flags, const char *cacheDirectory,
+ const char *workDirectory, char mdsDirectory[PATH_MAX],
+ char printName[PATH_MAX]);
+ virtual void getOwner(AclOwnerPrototype &owner);
+ virtual void getAcl(const char *tag, uint32 &count, AclEntryInfo *&acls);
+
+ virtual void changePIN(int pinNum,
+ const unsigned char *oldPin, size_t oldPinLength,
+ const unsigned char *newPin, size_t newPinLength);
+ virtual uint32_t pinStatus(int pinNum);
+ virtual void verifyPIN(int pinNum, const unsigned char *pin, size_t pinLength);
+ virtual void unverifyPIN(int pinNum);
+
+ bool identify();
+
+ // These methods are convenient for Java card, but would be replace by calls
+ // to the PKCS#11 library for a for a PKCS#11 based tokend
+
+ /* NOTE: Using pointers for applet selection rather than byte_strings to permit simple selection detection */
+ void select(const unsigned char *applet, size_t appletLength);
+ void selectDefault();
+ /* Exchanges APDU without performing data continuation */
+ uint16_t simpleExchangeAPDU(const byte_string &apdu, byte_string &result);
+ /* Exchanges APDU, performing data retreival continuation as needed */
+ uint16_t exchangeAPDU(const byte_string& apdu, byte_string &result);
+ uint16_t exchangeChainedAPDU(unsigned char cla, unsigned char ins,
+ unsigned char p1, unsigned char p2,
+ const byte_string &data,
+ byte_string &result);
+
+ /* Builds the GetData APDU string with a given limit, if limit == -1, no limit */
+ byte_string buildGetData(const byte_string &oid, int limit = -1) const;
+
+ void getDataCore(const byte_string &oid, const char *description, bool isCertificate,
+ bool allowCaching, byte_string &data);
+ bool getDataExists(const unsigned char *oid, size_t oidlen, const char *description);
+ std::string authCertCommonName();
+
+protected:
+ void populate();
+
+ size_t getKeySize(const byte_string &cert) const;
+ void processCertificateRecord(byte_string &data, const byte_string &oid, const char *description);
+ void dumpDataRecord(const byte_string &data, const byte_string &oid, const char *extraSuffix = NULL);
+ static int compressionType(const byte_string &data);
+ static int uncompressData(byte_string &uncompressedData, const byte_string &compressedData, int compressionType);
+
+ enum //arbitrary values
+ {
+ kCompressionNone = 0,
+ kCompressionZlib = 1,
+ kCompressionGzip = 2,
+ kCompressionUnknown = 9
+ };
+
+ size_t transmit(const byte_string &apdu, byte_string &result) {
+ return transmit(apdu.begin(), apdu.end(), result);
+ }
+ size_t transmit(const byte_string::const_iterator &apduBegin, const byte_string::const_iterator &apduEnd, byte_string &result);
+public:
+ const unsigned char *mCurrentApplet;
+ uint32_t mPinStatus;
+
+ // temporary ACL cache hack - to be removed
+ AutoAclOwnerPrototype mAclOwner;
+ AutoAclEntryInfoList mAclEntries;
+};
+
+
+#endif /* !_PIVTOKEN_H_ */
Added: releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVUtilities.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVUtilities.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/PIV/PIVUtilities.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,59 @@
+/*
+ * Copyright (c) 2008 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+#ifndef PIV_UTILITIES_H
+#define PIV_UTILITIES_H
+
+#include "byte_string.h"
+#include <algorithm>
+
+template<typename T>
+inline void secure_zero(T &l) {
+ std::fill(l.begin(), l.end(), typename T::value_type());
+}
+
+template<typename T>
+inline void secure_erase(T &data, const typename T::iterator &first, const typename T::iterator &last) {
+ /* Partly borrowing from alg used by normal 'erase' */
+ typename T::iterator newEnd(std::copy(last, data.end(), first));
+ // Filling w/ defaults to null values out
+ std::fill(newEnd, data.end(), typename T::value_type());
+ data.erase(newEnd, data.end());
+}
+
+template<typename T>
+inline void secure_resize(T &data, const size_t newSize) {
+ // Simple case where no re-allocation occurs
+ if(data.capacity() >= newSize) {
+ data.resize(newSize);
+ return;
+ }
+ // Re-allocation will occur, need to use temporary buffer...
+ T temporary(data);
+ secure_zero(data);
+ data.resize(newSize);
+ copy(temporary.begin(), temporary.end(), data.begin());
+ secure_zero(temporary);
+}
+
+#endif
Added: releases/Apple/OSX-10.6.7/Tokend-40596/PIV/Padding.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/PIV/Padding.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/PIV/Padding.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,160 @@
+/*
+ * Copyright (c) 2008 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+#include "Padding.h"
+
+#include <Security/cssmerr.h>
+#include "PIVUtilities.h"
+
+using namespace Security;
+
+/* PKCS#1 DigestInfo header for SHA1 */
+static const unsigned char sha1sigheader[] =
+{
+ 0x30, // SEQUENCE
+ 0x21, // LENGTH
+ 0x30, // SEQUENCE
+ 0x09, // LENGTH
+ 0x06, 0x05, 0x2B, 0x0E, 0x03, 0x02, 0x1a, // SHA1 OID (1 4 14 3 2 26)
+ 0x05, 0x00, // OPTIONAL ANY algorithm params (NULL)
+ 0x04, 0x14 // OCTECT STRING (20 bytes)
+};
+
+/* PKCS#1 DigestInfo header for MD5 */
+static const unsigned char md5sigheader[] =
+{
+ 0x30, // SEQUENCE
+ 0x20, // LENGTH
+ 0x30, // SEQUENCE
+ 0x0C, // LENGTH
+ // MD5 OID (1 2 840 113549 2 5)
+ 0x06, 0x08, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x02, 0x05,
+ 0x05, 0x00, // OPTIONAL ANY algorithm params (NULL)
+ 0x04, 0x10 // OCTECT STRING (16 bytes)
+};
+
+void Padding::apply(byte_string &data, size_t keySize, CSSM_PADDING padding, CSSM_ALGORITHMS hashAlg) throw(CssmError) {
+ // Calculate which hash-header to use
+ const unsigned char *header;
+ size_t headerLength;
+ switch(hashAlg) {
+ case CSSM_ALGID_SHA1:
+ if (data.size() != 20)
+ CssmError::throwMe(CSSMERR_CSP_BLOCK_SIZE_MISMATCH);
+ header = sha1sigheader;
+ headerLength = sizeof(sha1sigheader);
+ break;
+ case CSSM_ALGID_MD5:
+ if (data.size() != 16)
+ CssmError::throwMe(CSSMERR_CSP_BLOCK_SIZE_MISMATCH);
+ header = md5sigheader;
+ headerLength = sizeof(md5sigheader);
+ break;
+ case CSSM_ALGID_NONE:
+ // Special case used by SSL it's an RSA signature, without the ASN1 stuff
+ header = NULL;
+ headerLength = 0;
+ break;
+ default:
+ CssmError::throwMe(CSSMERR_CSP_INVALID_DIGEST_ALGORITHM);
+ }
+ // Reserve memory and insert the header before the data
+ data.reserve(keySize);
+ if(headerLength > 0) {
+ data.insert(data.begin(), header, header + headerLength);
+ }
+ int markerByteLocation;
+ // Calculate and apply padding
+ switch (padding) {
+ case CSSM_PADDING_NONE:
+ if(data.size() != keySize)
+ CssmError::throwMe(CSSMERR_CSP_BLOCK_SIZE_MISMATCH);
+ break;
+ case CSSM_PADDING_PKCS1:
+ // Pad using PKCS1 v1.5 signature padding ( 00 01 FF FF.. 00 | M)
+ if(data.size() + 11 > keySize)
+ CssmError::throwMe(CSSMERR_CSP_BLOCK_SIZE_MISMATCH);
+ markerByteLocation = keySize - data.size() - 1;
+ data.insert(data.begin(), keySize - data.size(), 0xFF);
+ data[0] = 0;
+ data[1] = 1;
+ data[markerByteLocation] = 0;
+ break;
+ default:
+ CssmError::throwMe(CSSMERR_CSP_INVALID_ATTR_PADDING);
+ }
+}
+
+void Padding::remove(byte_string &data, CSSM_PADDING padding) throw(CssmError) {
+ // Calculate and remove padding while validating
+ switch (padding) {
+ case CSSM_PADDING_NONE:
+ break;
+ case CSSM_PADDING_PKCS1:
+ unsigned i;
+ /* Handles PKCS1 v1.5
+ * signatures 00 01 FF FF.. 00 | M
+ * and encrypted data 00 02 NZ NZ.. 00 | M (NZ = non-zero random value)
+ */
+ if(data[0] != 0 || (data[1] != 1 && data[1] != 2))
+ CssmError::throwMe(CSSMERR_CSP_INVALID_DATA);
+ for(i = 2; i < data.size() && data[i] != 0x00; i++) {}
+ /* Assume empty data is invalid */
+ if(data.size() - i == 0)
+ CssmError::throwMe(CSSMERR_CSP_INVALID_DATA);
+ secure_erase(data, data.begin(), data.begin() + i + 1);
+ break;
+ default:
+ CssmError::throwMe(CSSMERR_CSP_INVALID_ATTR_PADDING);
+ }
+}
+
+bool Padding::canApply(CSSM_PADDING padding, CSSM_ALGORITHMS hashAlg) throw() {
+ switch(padding) {
+ case CSSM_PADDING_NONE:
+ case CSSM_PADDING_PKCS1:
+ break;
+ default:
+ return false;
+ }
+ switch(hashAlg) {
+ case CSSM_ALGID_NONE:
+ case CSSM_ALGID_SHA1:
+ case CSSM_ALGID_MD5:
+ break;
+ default:
+ return false;
+ }
+ return true;
+}
+
+bool Padding::canRemove(CSSM_PADDING padding) throw() {
+ switch(padding) {
+ case CSSM_PADDING_NONE:
+ case CSSM_PADDING_PKCS1:
+ break;
+ default:
+ return false;
+ }
+ return true;
+}
\ No newline at end of file
Added: releases/Apple/OSX-10.6.7/Tokend-40596/PIV/Padding.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/PIV/Padding.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/PIV/Padding.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,49 @@
+/*
+ * Copyright (c) 2008 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+#ifndef PADDING_H
+#define PADDING_H
+
+#include "byte_string.h"
+#include <Security/cssmtype.h>
+#include <security_cdsa_utilities/cssmerrors.h>
+
+/** Utility class to unify padding/hash-header handling
+ *
+ */
+class Padding {
+public:
+ /** Applies padding and hash-headers for signing */
+ static void apply(byte_string &data, size_t keySize, CSSM_PADDING padding = CSSM_PADDING_NONE, CSSM_ALGORITHMS hashAlg = CSSM_ALGID_NONE) throw(CssmError);
+ /** Removes padding for decryption
+ * Note: Securely eliminates data such that the 'leftover' bytes are not left to be read after data's destruction
+ */
+ static void remove(byte_string &data, CSSM_PADDING padding = CSSM_PADDING_NONE) throw(CssmError);
+
+ /** Returns boolean whether a specific padding/hash-header can be applied */
+ static bool canApply(CSSM_PADDING padding = CSSM_PADDING_NONE, CSSM_ALGORITHMS hashAlg = CSSM_ALGID_NONE) throw();
+ /** Returns boolean whether a specific padding can be removed */
+ static bool canRemove(CSSM_PADDING padding) throw();
+};
+
+#endif
\ No newline at end of file
Added: releases/Apple/OSX-10.6.7/Tokend-40596/PIV/SecureBufferAllocator.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/PIV/SecureBufferAllocator.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/PIV/SecureBufferAllocator.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,49 @@
+/*
+ * Copyright (c) 2004-2007 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+#ifndef SECUREBUFFERALLOCATOR_H
+#define SECUREBUFFERALLOCATOR_H
+
+#include "byte_string.h"
+#include <tr1/array>
+
+/* Utility class to store a fixed-size container of available buffers
+ * Used to keepalive byte_strings for buffer usage while keeping contents secure
+ * for re-use and on destruction.
+ */
+template<size_t MAX_SIZE>
+class SecureBufferAllocator {
+ NOCOPY(SecureBufferAllocator);
+public:
+ SecureBufferAllocator();
+ ~SecureBufferAllocator();
+
+ byte_string &getBuffer();
+private:
+ std::tr1::array<byte_string, MAX_SIZE> buffers;
+ size_t nextFree;
+};
+
+#include "SecureBufferAllocator.inc"
+
+#endif
\ No newline at end of file
Added: releases/Apple/OSX-10.6.7/Tokend-40596/PIV/SecureBufferAllocator.inc
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/PIV/SecureBufferAllocator.inc (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/PIV/SecureBufferAllocator.inc 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,50 @@
+/*
+ * Copyright (c) 2004-2007 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+#include "SecureBufferAllocator.h"
+#include "PIVUtilities.h"
+
+template<size_t MAX_SIZE>
+SecureBufferAllocator<MAX_SIZE>::SecureBufferAllocator()
+: nextFree(0) {
+}
+
+template<size_t MAX_SIZE>
+SecureBufferAllocator<MAX_SIZE>::~SecureBufferAllocator() {
+ /* Clear out all buffers */
+ for(size_t i = 0; i < buffers.size(); i++)
+ secure_zero(buffers[i]);
+}
+
+template<size_t MAX_SIZE>
+byte_string &SecureBufferAllocator<MAX_SIZE>::getBuffer() {
+ byte_string &nextBuffer = buffers[nextFree];
+ /* Calculate next available buffer */
+ nextFree++;
+ if(nextFree >= buffers.size())
+ nextFree = 0;
+ /* Clear out the buffer for use */
+ secure_zero(nextBuffer);
+ nextBuffer.clear();
+ return nextBuffer;
+}
Added: releases/Apple/OSX-10.6.7/Tokend-40596/PIV/TLV.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/PIV/TLV.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/PIV/TLV.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,185 @@
+/*
+ * Copyright (c) 2008 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+#include "TLV.h"
+
+#include <iomanip>
+#include <iostream>
+#include <limits>
+
+using namespace std;
+
+TLV::TLV() throw()
+:tag(), value(NULL), innerValues(NULL) {
+}
+
+TLV::TLV(unsigned char tag) throw()
+:tag(1, tag), value(NULL), innerValues(NULL) {
+}
+
+TLV::TLV(const byte_string& tag) throw()
+:tag(tag), value(NULL), innerValues(NULL) {
+}
+
+TLV::TLV(unsigned char tag, const byte_string& value) throw()
+:tag(1, tag), value(new byte_string(value)), innerValues(NULL) {
+}
+
+TLV::TLV(const byte_string& tag, const byte_string& value) throw()
+:tag(tag), value(new byte_string(value)), innerValues(NULL) {
+}
+
+TLV::TLV(uint8_t tag, const TLVList &tlv) throw()
+:tag(1, tag), value(NULL), innerValues(new TLVList(tlv)) {
+}
+
+TLV::TLV(const byte_string &tag, const TLVList &tlv) throw()
+:tag(tag), value(NULL), innerValues(new TLVList(tlv)) {
+}
+
+TLV_ref TLV::parse(const byte_string &in) throw(std::runtime_error) {
+ byte_string::const_iterator begin = in.begin();
+ return parse(begin, in.end());
+}
+
+byte_string TLV::encode() const throw() {
+ byte_string out;
+ encode(out);
+ return out;
+}
+
+void TLV::encode(byte_string &out) const throw() {
+ const byte_string &tag = getTag();
+ // Puts the tag
+ out += tag;
+ // Puts the length
+ encodeLength(valueLength(), out);
+
+#if 1
+ // Non-caching version since the TLV is expected to be
+ // thrown away after encoding
+ // If there is a value, put that
+ if(value.get()) {
+ out += *value;
+ return;
+ }
+ if(!innerValues.get())
+ return;
+ // Else if there are innerValues, encode those out
+ encodeSequence(*innerValues, out);
+#else
+ // Obtain the value in a cached manner
+ const byte_string &value = getValue();
+ out += value;
+#endif
+}
+
+const TLVList &TLV::getInnerValues() const throw(std::runtime_error) {
+ /* If there is a cached innervalues version, output it
+ * else parse any existing TLV data and use that */
+ if(innerValues.get()) return *innerValues;
+ if(!value.get()) {
+ innerValues.reset(new TLVList());
+ return *innerValues;
+ }
+ innerValues.reset(new TLVList());
+ byte_string::const_iterator begin = value->begin();
+ parseSequence(begin, (byte_string::const_iterator)value->end(), *innerValues);
+
+ return *innerValues;
+}
+
+const byte_string &TLV::getValue() const throw() {
+ /* If there is a cached value version, output it
+ * else encode any existing TLV data and use that */
+ if(value.get()) return *value;
+ if(!innerValues.get()) {
+ value.reset(new byte_string());
+ return *value;
+ }
+ value.reset(new byte_string());
+ encodeSequence(*innerValues, *value);
+ return *value;
+}
+
+size_t TLV::length() const throw() {
+ size_t innerLength = valueLength();
+ return tag.size() + encodedLength(innerLength) + innerLength;
+}
+
+void TLV::encodeLength(size_t value, byte_string &out) throw() {
+ /* Encode and output the length according to BER-TLV encoding rules */
+ static const size_t MAX_VALUE = std::numeric_limits<size_t>::max();
+ static const size_t highbyte = (MAX_VALUE ^ (MAX_VALUE >> 8));
+ static const size_t shiftbyte = (sizeof(size_t) - 1) * 8;
+ if (value < 0x80) {
+ out += (unsigned char)(value & 0x7F);
+ return;
+ }
+ size_t size = sizeof(value), i;
+ while(0 == (value & highbyte) && size > 0) {
+ value <<= 8;
+ size--;
+ }
+ out += (unsigned char)(0x80 | size);
+ for(i = 0; i < size; i++) {
+ out += (unsigned char)((value >> shiftbyte) & 0xFF);
+ value <<= 8;
+ }
+}
+
+size_t TLV::encodedLength(size_t value) throw() {
+ if(value < 0x80)
+ return 1;
+ /* Values larger than 0x7F must be encoded in the form (Length-Bytes) (Length) */
+ static const size_t MAX_VALUE = std::numeric_limits<size_t>::max();
+ /* EX: 0xFF000000 - for size_t == 32-bit */
+ static const size_t highbyte = (MAX_VALUE ^ (MAX_VALUE >> 8));
+ size_t size = sizeof(value);
+ /* Check for the highest byte that contains a value */
+ while(0 == (value & highbyte) && size > 0) {
+ value <<= 8;
+ size--;
+ }
+ /* + 1 for byte-size byte
+ * Size encoded as (0x80 + N) [N-bytes]
+ * Max size-bytes == 127
+ */
+ return size + 1;
+}
+
+void TLV::encodeSequence(const TLVList &tlv, byte_string &out) throw() {
+ for(TLVList::const_iterator iter = tlv.begin(); iter < tlv.end(); iter++)
+ (*iter)->encode(out);
+}
+
+size_t TLV::valueLength() const throw() {
+ /* Calculate the length of a value, either by its actual value length
+ * or calculated length based on contained TLV values */
+ if(value.get()) return value->size();
+ if(!innerValues.get()) return 0;
+ size_t retValue = 0;
+ for(TLVList::const_iterator iter = innerValues->begin(); iter < innerValues->end(); iter++)
+ retValue += (*iter)->length();
+ return retValue;
+}
Added: releases/Apple/OSX-10.6.7/Tokend-40596/PIV/TLV.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/PIV/TLV.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/PIV/TLV.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,143 @@
+/*
+ * Copyright (c) 2008 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+#ifndef TLV_H
+#define TLV_H
+
+#include <tr1/memory>
+
+#include <stdexcept>
+
+#include <sstream>
+#include <vector>
+
+#ifndef NOCOPY
+#define NOCOPY(Type) private: Type(const Type &); void operator = (const Type &);
+#endif
+
+#include "byte_string.h"
+
+class TLV;
+typedef std::tr1::shared_ptr<TLV> TLV_ref;
+typedef std::vector<TLV_ref> TLVList;
+
+/** Utility class to simplify TLV parsing and encoding
+ * Condition of proper behavior (assume sizeof(size_t) => ptr size):
+ * 32-bit: Total data < 4GB
+ * 64-bit: Total data < 4GB * 4GB
+ */
+class TLV {
+ NOCOPY(TLV);
+public:
+ TLV() throw();
+ TLV(uint8_t tag) throw();
+ TLV(const byte_string &tag) throw();
+ TLV(uint8_t tag, const byte_string &value) throw();
+ TLV(const byte_string &tag, const byte_string &value) throw();
+ TLV(const byte_string &tag, const TLVList &tlv) throw();
+ TLV(uint8_t tag, const TLVList &tlv) throw();
+
+ /* Parses a byte_string as a TLV value - ignores trailing bytes
+ * Throws an error if the encoding is invalid
+ */
+ static TLV_ref parse(const byte_string &data) throw(std::runtime_error);
+
+ /* Parses an entire sequence of bytes as a TLV value
+ * - ignores trailing bytes, iter points to byte after TLV
+ * Can accept forward iterators to bytes or pointers to bytes for the range
+ * Ex: byte_string::iterator, unsigned char *
+ * Throws an error if the encoding is invalid
+ */
+ template<typename ForwardIterator>
+ static TLV_ref parse(ForwardIterator &iter, const ForwardIterator &end) throw(std::runtime_error);
+
+ /* Obtains the tag of this TLV */
+ const byte_string &getTag() const throw() { return tag; }
+
+ /* Encodes this TLV into a new byte_string */
+ byte_string encode() const throw();
+ /* Encodes this TLV, appending the data to 'out' */
+ void encode(byte_string &out) const throw();
+ /* Decodes the value of this TLV as a sequence of TLVs */
+ const TLVList &getInnerValues() const throw(std::runtime_error);
+ /* Obtains the value of this TLV */
+ const byte_string &getValue() const throw();
+
+ /* Calculates the length of this TLV */
+ size_t length() const throw();
+
+private:
+ byte_string tag;
+ /* cached/assigned value as a string */
+ mutable std::auto_ptr<byte_string> value;
+ /* cached/assigned value as a TLV sequence */
+ mutable std::auto_ptr<TLVList> innerValues;
+
+ /* Parses an entire sequence of bytes as a sequence of TLV values, appending them to tlv
+ * Can accept forward iterators to bytes or pointers to bytes for the range
+ * Ex: byte_string::iterator, unsigned char *
+ * Throws an error if the encoding is invalid
+ */
+ template<typename ForwardIterator>
+ static void parseSequence(ForwardIterator &iter, const ForwardIterator &end, TLVList &tlv) throw(std::runtime_error);
+
+ /* Parses the ber-encoded length from a sequence of bytes
+ * Can accept forward iterators to bytes or pointers to bytes for the range
+ * Ex: byte_string::iterator, unsigned char *
+ * Throws an error if the encoding is invalid
+ */
+ template<typename ForwardIterator>
+ static size_t parseLength(ForwardIterator &iter, const ForwardIterator &end) throw(std::runtime_error);
+
+ /* ber-encodes an integer and writes it's output to 'out' */
+ static void encodeLength(size_t value, byte_string &out) throw();
+public:
+ /* Obtains the length of a ber-encoded integer that would contain the value */
+ static size_t encodedLength(size_t value) throw();
+private:
+ /* Encodes a sequence of TLVs, writing the to 'out' */
+ static void encodeSequence(const TLVList &tlv, byte_string &out) throw();
+
+ /* Calculates the total length of the value */
+ size_t valueLength() const throw();
+};
+
+class TagPredicate {
+public:
+ TagPredicate(uint8_t tag) throw()
+ :tag(1, tag) {
+ }
+ TagPredicate(const byte_string &tag) throw()
+ :tag(tag) {
+ }
+ bool operator() (const TLV_ref &tlv) throw() {
+ return this->tag == tlv->getTag();
+ }
+private:
+ byte_string tag;
+};
+
+/* TEMPLATE DEFINITIONS */
+#include "TLV.inc"
+
+#endif
Added: releases/Apple/OSX-10.6.7/Tokend-40596/PIV/TLV.inc
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/PIV/TLV.inc (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/PIV/TLV.inc 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,104 @@
+/*
+ * Copyright (c) 2008 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+template<typename ForwardIterator>
+void TLV::parseSequence(ForwardIterator &iter, const ForwardIterator &end, TLVList &tlv) throw(std::runtime_error) {
+ /* While there is still data inbetween the iterators */
+ while(iter < end) {
+ /* parse TLV structures and append them to the list */
+ TLV_ref ref = TLV::parse(iter, end);
+ tlv.push_back(ref);
+ }
+}
+
+template<typename ForwardIterator>
+TLV_ref TLV::parse(ForwardIterator &iter, const ForwardIterator &end) throw(std::runtime_error) {
+ byte_string tag;
+ uint8_t ch;
+ if(iter >= end) throw std::runtime_error("Invalid TLV-encoding");
+ /* Read the first byte as the tag */
+ ch = *iter++;
+ tag += ch;
+ if(iter >= end) throw std::runtime_error("Invalid TLV-encoding");
+ /* If the tag is flagged as a multibyte tag */
+ if((ch & 0x1F) == 0x1F) { /* Multibyte tag */
+ do {
+ ch = *iter++;
+ tag += ch;
+ if(iter >= end) throw std::runtime_error("Invalid TLV-encoding");
+ /* Read more until there are no more bytes w/o the high-bit set */
+ } while((ch & 0x80) != 0);
+ }
+ /* Parse the length of the contained value */
+ size_t length = parseLength(iter, end);
+ ForwardIterator begin = iter;
+ iter += length;
+ /* The iterator is permitted to be at the very and at this point */
+ if(iter > end) throw std::runtime_error("Invalid TLV-encoding");
+ /* Return a new TLV with the calculated tag and value */
+ return TLV_ref(new TLV(tag, byte_string(begin, iter)));
+}
+
+/*
+ BER-TLV
+ Reference: http://www.cardwerk.com/smartcards/smartcard_standard_ISO7816-4_annex-d.aspx
+
+ In short form, the length field consists of a single byte where the bit B8 shall be set to 0 and
+ the bits B7-B1 shall encode an integer equal to the number of bytes in the value field. Any length
+ from 0-127 can thus be encoded by 1 byte.
+
+ In long form, the length field consists of a leading byte where the bit B8 shall be set to 1 and
+ the B7-B1 shall not be all equal, thus encoding a positive integer equal to the number of subsequent
+ bytes in the length field. Those subsequent bytes shall encode an integer equal to the number of bytes
+ in the value field. Any length within the APDU limit (up to 65535) can thus be encoded by 3 bytes.
+
+ NOTE - ISO/IEC 7816 does not use the indefinite lengths specified by the basic encoding rules of
+ ASN.1 (see ISO/IEC 8825).
+
+ Sample data (from a certficate GET DATA):
+
+ 00000000 53 82 04 84 70 82 04 78 78 da 33 68 62 db 61 d0
+ 00000010 c4 ba 60 01 33 13 23 13 13 97 e2 dc 88 f7 0c 40
+ 00000020 20 da 63 c0 cb c6 a9 d5 e6 d1 f6 9d 97 91 91 95
+ ....
+ 00000460 1f 22 27 83 ef fe ed 5e 7a f3 e8 b6 dc 6b 3f dc
+ 00000470 4c be bc f5 bf f2 70 7e 6b d0 4c 00 80 0d 3f 1f
+ 00000480 71 01 80 72 03 49 44 41
+
+*/
+template<typename ForwardIterator>
+size_t TLV::parseLength(ForwardIterator &iter, const ForwardIterator &end) throw(std::runtime_error) {
+ // Parse a BER length field. Returns the value of the length
+ uint8_t ch = *iter++;
+ if (!(ch & 0x80)) // single byte
+ return static_cast<uint32_t>(ch);
+ size_t result = 0;
+ uint8_t byteLen = ch & 0x7F;
+ for(;byteLen > 0; byteLen--) {
+ if(iter == end)
+ throw std::runtime_error("Invalid BER-encoded length");
+ ch = *iter++;
+ result = (result << 8) | static_cast<uint8_t>(ch);
+ }
+ return result;
+}
Added: releases/Apple/OSX-10.6.7/Tokend-40596/PIV/byte_string.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/PIV/byte_string.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/PIV/byte_string.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,76 @@
+/*
+ * Copyright (c) 2008 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+#ifndef BYTE_STRING
+#define BYTE_STRING
+#include <vector>
+
+/** Utility definition and additional operators to make working with
+ * sequences of bytes more easy and less error/leak-prone
+ */
+typedef std::vector<uint8_t> byte_string;
+
+inline bool operator==(const byte_string &l, const byte_string::value_type &value) {
+ return l.size() == 1 && l.at(0) == value;
+}
+
+inline byte_string &operator+=(byte_string &l, const byte_string::value_type &value) {
+ l.push_back(value);
+ return l;
+}
+inline byte_string &operator+=(byte_string &l, const char &value) {
+ l.push_back(value);
+ return l;
+}
+
+inline byte_string &operator+=(byte_string &l, const byte_string::value_type *value) {
+ l.insert(l.end(), value, value + strlen((char*)value));
+ return l;
+}
+
+inline byte_string &operator+=(byte_string &l, const byte_string &r) {
+ l.insert(l.end(), r.begin(), r.end());
+ return l;
+}
+
+/* RHS must be null-terminated */
+inline bool operator==(const byte_string& l, const byte_string::value_type* r) {
+ byte_string::size_type lSize = l.size();
+ byte_string::size_type rSize = strlen((const char*)r);
+ if(lSize != rSize)
+ return false;
+ return equal(l.begin(), l.end(), r);
+}
+
+inline bool operator!=(const byte_string& l, const byte_string::value_type* r) {
+ return !(l == r);
+}
+
+inline unsigned char *malloc_copy(const byte_string &l) {
+ unsigned char *output = (unsigned char*)malloc(l.size());
+ if(!output)
+ return NULL;
+ memcpy(output, &l[0], l.size());
+ return output;
+}
+#endif
Added: releases/Apple/OSX-10.6.7/Tokend-40596/PIV/mds/piv_csp_capabilities.mdsinfo
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/PIV/mds/piv_csp_capabilities.mdsinfo (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/PIV/mds/piv_csp_capabilities.mdsinfo 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist SYSTEM "file://localhost/System/Library/DTDs/PropertyList.dtd">
+<plist version="0.9">
+<dict>
+ <key>Capabilities</key>
+ <string>file:piv_csp_capabilities_common.mds</string>
+ <key>MdsFileDescription</key>
+ <string>PIV Token CSPDL CSP Capabilities</string>
+ <key>MdsFileType</key>
+ <string>PluginSpecific</string>
+ <key>MdsRecordType</key>
+ <string>MDS_CDSADIR_CSP_CAPABILITY_RECORDTYPE</string>
+</dict>
+</plist>
Added: releases/Apple/OSX-10.6.7/Tokend-40596/PIV/mds/piv_csp_capabilities_common.mds
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/PIV/mds/piv_csp_capabilities_common.mds (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/PIV/mds/piv_csp_capabilities_common.mds 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,903 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<array>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_SHA1</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_OUTPUT_SIZE</string>
+ <key>AttributeValue</key>
+ <integer>20</integer>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_DIGEST</string>
+ <key>Description</key>
+ <string>SHA1 Digest</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_MD5</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_OUTPUT_SIZE</string>
+ <key>AttributeValue</key>
+ <integer>16</integer>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_DIGEST</string>
+ <key>Description</key>
+ <string>MD5 Digest</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_MD2</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_OUTPUT_SIZE</string>
+ <key>AttributeValue</key>
+ <integer>16</integer>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_DIGEST</string>
+ <key>Description</key>
+ <string>MD2 Digest</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_RSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>RSA Key Pair Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_DES</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_KEY_LENGTH</string>
+ <key>AttributeValue</key>
+ <integer>64</integer>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>DES Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_3DES_3KEY</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_KEY_LENGTH</string>
+ <key>AttributeValue</key>
+ <integer>192</integer>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>3DES Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_RC2</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>RC2 Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_RC4</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>RC4 Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_RC5</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>RC5 Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_CAST</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>New item</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>CAST Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_BLOWFISH</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>Blowfish Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_SHA1HMAC</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>SHA1HMAC Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_MD5HMAC</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>MD5HMAC Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_AES</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_KEY_LENGTH</string>
+ <key>AttributeValue</key>
+ <array>
+ <integer>128</integer>
+ <integer>192</integer>
+ <integer>256</integer>
+ </array>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>AES Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_ASC</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>ASC Key Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_FEE</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_KEY_LENGTH</string>
+ <key>AttributeValue</key>
+ <array>
+ <integer>31</integer>
+ <integer>127</integer>
+ <integer>128</integer>
+ <integer>161</integer>
+ <integer>192</integer>
+ </array>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>FEE Key Pair Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_DSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_KEYGEN</string>
+ <key>Description</key>
+ <string>DSA Key Pair Generation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_PKCS5_PBKDF2</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_DERIVEKEY</string>
+ <key>Description</key>
+ <string>PKCS5 Key Derivation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_PKCS5_PBKDF1_MD5</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_DERIVEKEY</string>
+ <key>Description</key>
+ <string>PKCS5 PBKDF1 MD5 Key Derivation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_PKCS5_PBKDF1_MD2</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_DERIVEKEY</string>
+ <key>Description</key>
+ <string>PKCS5 PBKDF1 MD2 Key Derivation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_PKCS5_PBKDF1_SHA1</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_DERIVEKEY</string>
+ <key>Description</key>
+ <string>PKCS5 PBKDF1 SHA1 Key Derivation</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_DES</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_MODE</string>
+ <key>AttributeValue</key>
+ <array>
+ <integer>2</integer>
+ <integer>3</integer>
+ <integer>5</integer>
+ <integer>6</integer>
+ </array>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SYMMETRIC</string>
+ <key>Description</key>
+ <string>DES Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_3DES_3KEY_EDE</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_MODE</string>
+ <key>AttributeValue</key>
+ <array>
+ <integer>2</integer>
+ <integer>3</integer>
+ <integer>5</integer>
+ <integer>6</integer>
+ </array>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SYMMETRIC</string>
+ <key>Description</key>
+ <string>3DES EDE Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_AES</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_MODE</string>
+ <key>AttributeValue</key>
+ <array>
+ <integer>2</integer>
+ <integer>3</integer>
+ <integer>5</integer>
+ <integer>6</integer>
+ </array>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SYMMETRIC</string>
+ <key>Description</key>
+ <string>AES Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_RC4</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_MODE</string>
+ <key>AttributeValue</key>
+ <array>
+ <integer>0</integer>
+ </array>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SYMMETRIC</string>
+ <key>Description</key>
+ <string>RC4 Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_RC5</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_MODE</string>
+ <key>AttributeValue</key>
+ <array>
+ <integer>2</integer>
+ <integer>3</integer>
+ <integer>5</integer>
+ <integer>6</integer>
+ </array>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SYMMETRIC</string>
+ <key>Description</key>
+ <string>RC5 Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_BLOWFISH</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_MODE</string>
+ <key>AttributeValue</key>
+ <array>
+ <integer>2</integer>
+ <integer>3</integer>
+ <integer>5</integer>
+ <integer>6</integer>
+ </array>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SYMMETRIC</string>
+ <key>Description</key>
+ <string>Blowfish Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_CAST</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_MODE</string>
+ <key>AttributeValue</key>
+ <array>
+ <integer>2</integer>
+ <integer>3</integer>
+ <integer>5</integer>
+ <integer>6</integer>
+ </array>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SYMMETRIC</string>
+ <key>Description</key>
+ <string>CAST Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_RSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_ASYMMETRIC</string>
+ <key>Description</key>
+ <string>RSA Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_FEEDEXP</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_ASYMMETRIC</string>
+ <key>Description</key>
+ <string>FEEDExp Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_FEED</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_ASYMMETRIC</string>
+ <key>Description</key>
+ <string>FEED Encryption</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_SHA1WithRSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>SHA1 With RSA Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_MD5WithRSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>MD5 With RSA Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_MD2WithRSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>MD2 With RSA Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_RSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>Raw RSA Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_SHA1WithDSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>SHA1 With DSA Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_DSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>Raw DSA Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_FEE_MD5</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>MD5 with FEE Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_FEE_SHA1</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>SHA1 with FEE Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_FEE</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>Raw FEE Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_SHA1WithECDSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>SHA1 with ECDSA Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_ECDSA</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_SIGNATURE</string>
+ <key>Description</key>
+ <string>Raw ECDSA Signature</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_SHA1HMAC</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_OUTPUT_SIZE</string>
+ <key>AttributeValue</key>
+ <integer>20</integer>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_MAC</string>
+ <key>Description</key>
+ <string>SHA1HMAC MAC</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_SHA1HMAC_LEGACY</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_OUTPUT_SIZE</string>
+ <key>AttributeValue</key>
+ <integer>20</integer>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_MAC</string>
+ <key>Description</key>
+ <string>SHA1HMAC MAC Legacy</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+ <dict>
+ <key>AlgType</key>
+ <string>CSSM_ALGID_APPLE_YARROW</string>
+ <key>Attributes</key>
+ <array>
+ <dict>
+ <key>AttributeType</key>
+ <string>CSSM_ATTRIBUTE_NONE</string>
+ <key>AttributeValue</key>
+ <array/>
+ </dict>
+ </array>
+ <key>ContextType</key>
+ <string>CSSM_ALGCLASS_RANDOMGEN</string>
+ <key>Description</key>
+ <string>Yarrow PRNG</string>
+ <key>UseeTag</key>
+ <string>CSSM_USEE_NONE</string>
+ </dict>
+</array>
+</plist>
Added: releases/Apple/OSX-10.6.7/Tokend-40596/PIV/mds/piv_csp_primary.mdsinfo
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/PIV/mds/piv_csp_primary.mdsinfo (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/PIV/mds/piv_csp_primary.mdsinfo 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,44 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist SYSTEM "file://localhost/System/Library/DTDs/PropertyList.dtd">
+<plist version="0.9">
+<dict>
+ <key>AclSubjectTypes</key>
+ <array>
+ <string>CSSM_ACL_SUBJECT_TYPE_PASSWORD</string>
+ <string>CSSM_ACL_SUBJECT_TYPE_PROMPTED_PASSWORD</string>
+ <string>CSSM_ACL_SUBJECT_TYPE_PROTECTED_PASSWORD</string>
+ </array>
+ <key>AuthTags</key>
+ <!-- @@@ complete this -->
+ <array>
+ <string>CSSM_ACL_AUTHORIZATION_ANY</string>
+ </array>
+ <key>CspCustomFlags</key>
+ <integer>0</integer>
+ <key>CspFlags</key>
+ <!-- @@@ dynamic -->
+ <string>CSSM_CSP_STORES_PRIVATE_KEYS | CSSM_CSP_STORES_PUBLIC_KEYS | CSSM_CSP_STORES_CERTIFICATES | CSSM_CSP_STORES_GENERIC</string>
+ <key>CspType</key>
+ <string>CSSM_CSP_HARDWARE</string>
+ <key>MdsFileDescription</key>
+ <string>Token CSPDL CSP Primary info</string>
+ <key>MdsFileType</key>
+ <string>PluginSpecific</string>
+ <key>MdsRecordType</key>
+ <string>MDS_CDSADIR_CSP_PRIMARY_RECORDTYPE</string>
+ <key>ModuleName</key>
+ <string>AppleSDCSPDL</string>
+ <key>ProductVersion</key>
+ <string>0.1</string>
+ <key>SampleTypes</key>
+ <array>
+ <string>CSSM_SAMPLE_TYPE_PASSWORD</string>
+ <string>CSSM_SAMPLE_TYPE_PROMPTED_PASSWORD</string>
+ <string>CSSM_SAMPLE_TYPE_PROTECTED_PASSWORD</string>
+ </array>
+ <key>UseeTags</key>
+ <array/>
+ <key>Vendor</key>
+ <string>Apple, Inc.</string>
+</dict>
+</plist>
Added: releases/Apple/OSX-10.6.7/Tokend-40596/PIV/mds/piv_dl_primary.mdsinfo
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/PIV/mds/piv_dl_primary.mdsinfo (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/PIV/mds/piv_dl_primary.mdsinfo 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,55 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist SYSTEM "file://localhost/System/Library/DTDs/PropertyList.dtd">
+<plist version="0.9">
+<dict>
+ <key>AclSubjectTypes</key>
+ <array>
+ <string>CSSM_ACL_SUBJECT_TYPE_PASSWORD</string>
+ <string>CSSM_ACL_SUBJECT_TYPE_PROMPTED_PASSWORD</string>
+ <string>CSSM_ACL_SUBJECT_TYPE_PROTECTED_PASSWORD</string>
+ </array>
+ <key>AuthTags</key>
+ <array>
+ <!-- @@@ complete this -->
+ <string>CSSM_ACL_AUTHORIZATION_ANY</string>
+ </array>
+ <key>ConjunctiveOps</key>
+ <array>
+ <string>CSSM_DB_NONE</string>
+ <string>CSSM_DB_AND</string>
+ <string>CSSM_DB_OR</string>
+ </array>
+ <key>DLType</key>
+ <string>CSSM_DL_FFS</string>
+ <key>MdsFileDescription</key>
+ <string>Token CSPDL DL Primary info</string>
+ <key>MdsFileType</key>
+ <string>PluginSpecific</string>
+ <key>MdsRecordType</key>
+ <string>MDS_CDSADIR_DL_PRIMARY_RECORDTYPE</string>
+ <key>ModuleName</key>
+ <string>AppleSDCSPDL</string>
+ <key>ProductVersion</key>
+ <string>0.1</string>
+ <key>QueryLimitsFlag</key>
+ <integer>0</integer>
+ <key>RelationalOps</key>
+ <array>
+ <string>CSSM_DB_EQUAL</string>
+ <string>CSSM_DB_LESS_THAN</string>
+ <string>CSSM_DB_GREATER_THAN</string>
+ <string>CSSM_DB_CONTAINS_FINAL_SUBSTRING</string>
+ <string>CSSM_DB_CONTAINS_INITIAL_SUBSTRING</string>
+ <string>CSSM_DB_CONTAINS</string>
+ <string></string>
+ </array>
+ <key>SampleTypes</key>
+ <array>
+ <string>CSSM_SAMPLE_TYPE_PASSWORD</string>
+ <string>CSSM_SAMPLE_TYPE_PROMPTED_PASSWORD</string>
+ <string>CSSM_SAMPLE_TYPE_PROTECTED_PASSWORD</string>
+ </array>
+ <key>Vendor</key>
+ <string>Apple, Inc.</string>
+</dict>
+</plist>
Added: releases/Apple/OSX-10.6.7/Tokend-40596/PIV/mds/piv_smartcard.mdsinfo
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/PIV/mds/piv_smartcard.mdsinfo (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/PIV/mds/piv_smartcard.mdsinfo 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist SYSTEM "file://localhost/System/Library/DTDs/PropertyList.dtd">
+<plist version="0.9">
+<dict>
+ <key>MdsFileDescription</key>
+ <string>SD/CSPDL Generic Smartcard Information</string>
+ <key>MdsRecordType</key>
+ <string>MDS_CDSADIR_CSP_SC_INFO_RECORDTYPE</string>
+ <key>MdsFileType</key>
+ <string>PluginSpecific</string>
+ <key>ScVendor</key>
+ <string>Generic</string>
+ <key>ScVersion</key>
+ <string>unknown</string>
+ <key>ScFirmwareVersion</key>
+ <string>PIVViewerPlugin</string>
+ <key>ScFlags</key> <!-- @@@ dynamic -->
+ <integer>0</integer>
+ <key>ScCustomFlags</key>
+ <integer>0</integer>
+</dict>
+</plist>
Added: releases/Apple/OSX-10.6.7/Tokend-40596/PIV/piv.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/PIV/piv.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/PIV/piv.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,61 @@
+/*
+ * Copyright (c) 2004-2007 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * piv.cpp - PIV.tokend main program
+ */
+
+#include "PIVToken.h"
+
+/*
+ The call to SecKeychainSetServerMode is used to avoid recursion when
+ doing keychain calls. The only place this is relevant is when we are
+ setting the print name for the token using the common name from the
+ certificate. Calling this will prevent any keychain-type calls from
+ working but will still allow use of SecCertificate calls, etc.
+ If the header is not available, you can safely undef _USECERTIFICATECOMMONNAME
+*/
+
+#ifdef _USECERTIFICATECOMMONNAME
+#include <Security/SecKeychainPriv.h>
+#endif /* _USECERTIFICATECOMMONNAME */
+
+int main(int argc, const char *argv[])
+{
+ /* @@@ REQUIRED FOR KEYSIZE RETRIEVAL I THINK */
+#if defined(_USECERTIFICATECOMMONNAME) || 1
+ SecKeychainSetServerMode();
+#endif /* _USECERTIFICATECOMMONNAME */
+ secdebug("PIV.tokend", "main starting with %d arguments", argc);
+ secdelay((char *)"/tmp/delay/PIV");
+
+ token = new PIVToken();
+ try {
+ int ret = SecTokendMain(argc, argv, token->callbacks(), token->support());
+ delete token;
+ return ret;
+ } catch(...) {
+ delete token;
+ return -1;
+ }
+}
Added: releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Adornment.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Adornment.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Adornment.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,97 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * Adornment.cpp
+ * TokendMuscle
+ */
+
+#include "Adornment.h"
+#include "MetaAttribute.h"
+#include "MetaRecord.h"
+#include "Record.h"
+
+namespace Tokend
+{
+
+
+//
+// LinkedRecordAdornment
+//
+//const Adornment::Key LinkedRecordAdornment::key = "LinkedRecordAdornment";
+
+LinkedRecordAdornment::LinkedRecordAdornment(RefPointer<Record> record) :
+ mRecord(record)
+{
+}
+
+LinkedRecordAdornment::~LinkedRecordAdornment()
+{
+}
+
+Record &LinkedRecordAdornment::record()
+{
+ return *mRecord;
+}
+
+
+//
+// SecCertificateAdornment
+//
+SecCertificateAdornment::SecCertificateAdornment(TokenContext *tokenContext,
+ const MetaAttribute &metaAttribute, Record &record)
+{
+ // Get the data for record (the actual certificate).
+ const MetaAttribute &dma =
+ metaAttribute.metaRecord().metaAttributeForData();
+ const Attribute &data = dma.attribute(tokenContext, record);
+
+ // Data should have exactly one value.
+ if (data.size() != 1)
+ CssmError::throwMe(CSSMERR_DL_MISSING_VALUE);
+
+ // Create a new adornment using the data from the certificate.
+ OSStatus status = SecCertificateCreateFromData(&data[0], CSSM_CERT_X_509v3,
+ CSSM_CERT_ENCODING_BER, &mCertificate);
+ if (status)
+ MacOSError::throwMe(status);
+}
+
+SecCertificateAdornment::~SecCertificateAdornment()
+{
+ CFRelease(mCertificate);
+}
+
+SecCertificateRef SecCertificateAdornment::certificate()
+{
+ return mCertificate;
+}
+
+SecKeychainItemRef SecCertificateAdornment::certificateItem()
+{
+ return SecKeychainItemRef(mCertificate);
+}
+
+
+} // end namespace Tokend
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Adornment.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Adornment.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Adornment.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,77 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * Adornment.h
+ * TokendMuscle
+ */
+
+#ifndef _TOKEND_ADORNMENT_H_
+#define _TOKEND_ADORNMENT_H_
+
+#include <security_utilities/adornments.h>
+#include <security_utilities/refcount.h>
+#include <Security/SecCertificate.h>
+
+namespace Tokend
+{
+
+class TokenContext;
+class MetaRecord;
+class MetaAttribute;
+class Record;
+
+//
+// Adornment that refers to another record
+//
+class LinkedRecordAdornment : public Adornment
+{
+ NOCOPY(LinkedRecordAdornment)
+public:
+ LinkedRecordAdornment(RefPointer<Record> record);
+ ~LinkedRecordAdornment();
+ Record &record();
+
+private:
+ RefPointer<Record> mRecord;
+};
+
+
+class SecCertificateAdornment : public Adornment
+{
+ NOCOPY(SecCertificateAdornment)
+public:
+ SecCertificateAdornment(TokenContext *tokenContext,
+ const MetaAttribute &metaAttribute, Record &record);
+ ~SecCertificateAdornment();
+ SecCertificateRef certificate();
+ SecKeychainItemRef certificateItem();
+
+private:
+ SecCertificateRef mCertificate;
+};
+
+} // end namespace Tokend
+
+#endif /* !_TOKEND_ADORNMENT_H_ */
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Attribute.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Attribute.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Attribute.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,151 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * Attribute.cpp
+ * TokendMuscle
+ */
+
+#include "Attribute.h"
+
+namespace Tokend
+{
+
+
+Attribute::Attribute()
+{
+ mCount = 0;
+ mValues = NULL;
+}
+
+Attribute::Attribute(const Attribute &attribute)
+{
+ set(attribute.mValues, attribute.mCount);
+}
+
+Attribute::Attribute(bool value)
+{
+ uint32 v = value ? 1 : 0;
+ set(&v, sizeof(v));
+}
+
+Attribute::Attribute(sint32 value)
+{
+ set(&value, sizeof(value));
+}
+
+Attribute::Attribute(uint32 value)
+{
+ set(&value, sizeof(value));
+}
+
+Attribute::Attribute(const char *value)
+{
+ set(value, strlen(value));
+}
+
+Attribute::Attribute(const std::string &value)
+{
+ set(value.c_str(), value.size());
+}
+
+Attribute::Attribute(const void *data, uint32 length)
+{
+ set(data, length);
+}
+
+Attribute::Attribute(const CSSM_DATA *datas, uint32 count)
+{
+ set(datas, count);
+}
+
+Attribute::~Attribute()
+{
+ if (mValues)
+ free(mValues);
+}
+
+Attribute &Attribute::operator = (const Attribute &attribute)
+{
+ if (mValues)
+ free(mValues);
+
+ set(attribute.mValues, attribute.mCount);
+ return *this;
+}
+
+void Attribute::set(const CSSM_DATA *datas, uint32 count)
+{
+ mCount = count;
+ uint32 size = count * sizeof(CSSM_DATA);
+ for (uint32 ix = 0; ix < count; ++ix)
+ size += datas[ix].Length;
+
+ uint8 *buffer = (uint8 *)malloc(size);
+ mValues = CSSM_DATA_PTR(buffer);
+ buffer += sizeof(CSSM_DATA) * count;
+ for (uint32 ix = 0; ix < count; ++ix)
+ {
+ uint32 length = datas[ix].Length;
+ mValues[ix].Data = buffer;
+ mValues[ix].Length = length;
+ memcpy(mValues[ix].Data, datas[ix].Data, length);
+ buffer += length;
+ }
+}
+
+void Attribute::set(const void *data, uint32 length)
+{
+ mCount = 1;
+ uint8 *buffer = (uint8 *)malloc(sizeof(CSSM_DATA) + length);
+ mValues = CSSM_DATA_PTR(buffer);
+ mValues[0].Data = buffer + sizeof(CSSM_DATA);
+ mValues[0].Length = length;
+ memcpy(mValues[0].Data, data, length);
+}
+
+void Attribute::getDateValue(CSSM_DATE &date) const
+{
+ if (mCount == 0 || mValues[0].Length == 0)
+ {
+ memset(&date, 0, sizeof(date));
+ }
+ else if (mCount == 1 && mValues[0].Length == sizeof(date))
+ {
+ memcpy(&date, mValues[0].Data, sizeof(date));
+ }
+ else
+ CssmError::throwMe(CSSMERR_DL_MISSING_VALUE);
+}
+
+uint32 Attribute::uint32Value() const
+{
+ if (mCount != 1 || mValues[0].Length != 4)
+ CssmError::throwMe(CSSMERR_DL_MISSING_VALUE);
+
+ return *reinterpret_cast<uint32 *>(mValues[0].Data);
+}
+
+
+} // end namespace Tokend
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Attribute.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Attribute.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Attribute.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,74 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * Attribute.h
+ * TokendMuscle
+ */
+
+#ifndef _TOKEND_ATTRIBUTE_H_
+#define _TOKEND_ATTRIBUTE_H_
+
+#include <Security/cssmtype.h>
+#include <security_cdsa_utilities/cssmdb.h>
+#include <string>
+
+namespace Tokend
+{
+
+class Attribute
+{
+public:
+ Attribute();
+ Attribute(const Attribute &attribute);
+ Attribute(bool value);
+ Attribute(sint32 value);
+ Attribute(uint32 value);
+ Attribute(const char *value);
+ Attribute(const std::string &value);
+ Attribute(const void *data, uint32 length);
+ Attribute(const CSSM_DATA *datas, uint32 count);
+ ~Attribute();
+
+ Attribute &operator = (const Attribute &attribute);
+
+ uint32 size() const { return mCount; }
+ const CSSM_DATA &operator [](uint32 ix) const { return mValues[ix]; }
+ const CSSM_DATA *values() const { return mValues; }
+
+ void getDateValue(CSSM_DATE &date) const;
+ uint32 uint32Value() const;
+ bool boolValue() const { return uint32Value() != 0; }
+
+private:
+ void set(const CSSM_DATA *datas, uint32 count);
+ void set(const void *data, uint32 length);
+
+ uint32 mCount;
+ CSSM_DATA_PTR mValues;
+};
+
+} // end namespace Tokend
+
+#endif /* !_TOKEND_ATTRIBUTE_H_ */
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/AttributeCoder.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/AttributeCoder.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/AttributeCoder.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,290 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * AttributeCoder.cpp
+ * TokendMuscle
+ */
+
+#include "AttributeCoder.h"
+
+#include "Attribute.h"
+#include "Adornment.h"
+#include "MetaAttribute.h"
+#include "MetaRecord.h"
+#include "Record.h"
+
+#include <security_cdsa_utilities/cssmerrors.h>
+#include <security_cdsa_utilities/cssmkey.h>
+#include <Security/cssmerr.h>
+
+#include <Security/SecKey.h>
+#include <Security/SecCertificate.h>
+#include <Security/SecKeychainItem.h>
+
+namespace Tokend
+{
+
+
+//
+// AttributeCoder
+//
+AttributeCoder::~AttributeCoder() {}
+
+
+//
+// CertificateAttributeCoder
+//
+CertificateAttributeCoder::~CertificateAttributeCoder() {}
+
+void CertificateAttributeCoder::decode(TokenContext *tokenContext,
+ const MetaAttribute &metaAttribute,
+ Record &record)
+{
+ // Get the SecCertificateAdornment off record using a pointer to ourself as
+ // the key
+ SecCertificateAdornment &sca =
+ record.adornment<SecCertificateAdornment>(this, tokenContext,
+ metaAttribute, record);
+
+ // Get the keychain item for the certificate from the record's adornment.
+ SecKeychainItemRef certificate = sca.certificateItem();
+ // Read the attribute with the requested attributeId from the item.
+ SecKeychainAttribute ska = { metaAttribute.attributeId() };
+ SecKeychainAttributeList skal = { 1, &ska };
+ OSStatus status = SecKeychainItemCopyContent(certificate, NULL, &skal,
+ NULL, NULL);
+ if (status)
+ MacOSError::throwMe(status);
+ // Add the retrieved attribute as an attribute to the record.
+ record.attributeAtIndex(metaAttribute.attributeIndex(),
+ new Attribute(ska.data, ska.length));
+ // Free the retrieved attribute.
+ status = SecKeychainItemFreeContent(&skal, NULL);
+ if (status)
+ MacOSError::throwMe(status);
+
+ // @@@ The code above only returns one email address. Fix this.
+}
+
+
+//
+// ConstAttributeCoder
+//
+ConstAttributeCoder::ConstAttributeCoder(uint32 value) : mValue(value) {}
+
+ConstAttributeCoder::ConstAttributeCoder(bool value) : mValue(value ? 1 : 0) {}
+
+ConstAttributeCoder::~ConstAttributeCoder() {}
+
+void ConstAttributeCoder::decode(TokenContext *tokenContext,
+ const MetaAttribute &metaAttribute, Record &record)
+{
+ record.attributeAtIndex(metaAttribute.attributeIndex(),
+ new Attribute(mValue));
+}
+
+
+//
+// GuidAttributeCoder
+//
+GuidAttributeCoder::GuidAttributeCoder(const CSSM_GUID &guid) : mGuid(guid) {}
+
+GuidAttributeCoder::~GuidAttributeCoder() {}
+
+void GuidAttributeCoder::decode(TokenContext *tokenContext,
+ const MetaAttribute &metaAttribute, Record &record)
+{
+ record.attributeAtIndex(metaAttribute.attributeIndex(),
+ new Attribute(&mGuid, sizeof(CSSM_GUID)));
+}
+
+
+//
+// NullAttributeCoder
+//
+NullAttributeCoder::~NullAttributeCoder() {}
+
+void NullAttributeCoder::decode(TokenContext *tokenContext,
+ const MetaAttribute &metaAttribute, Record &record)
+{
+ record.attributeAtIndex(metaAttribute.attributeIndex(), new Attribute());
+}
+
+
+//
+// ZeroAttributeCoder
+//
+ZeroAttributeCoder::~ZeroAttributeCoder() {}
+
+void ZeroAttributeCoder::decode(TokenContext *tokenContext,
+ const MetaAttribute &metaAttribute, Record &record)
+{
+ record.attributeAtIndex(metaAttribute.attributeIndex(),
+ new Attribute(reinterpret_cast<const void *>(NULL), 0));
+}
+
+
+//
+// KeyDataAttributeCoder
+//
+KeyDataAttributeCoder::~KeyDataAttributeCoder() {}
+
+void KeyDataAttributeCoder::decode(TokenContext *tokenContext,
+ const MetaAttribute &metaAttribute, Record &record)
+{
+ const MetaRecord &mr = metaAttribute.metaRecord();
+ CssmKey key;
+ key.header().cspGuid(Guid::overlay(gGuidAppleSdCSPDL));
+ key.blobType(CSSM_KEYBLOB_REFERENCE);
+ key.blobFormat(CSSM_KEYBLOB_REF_FORMAT_INTEGER);
+ key.algorithm(mr.metaAttribute(kSecKeyKeyType)
+ .attribute(tokenContext, record).uint32Value());
+ key.keyClass(mr.metaAttribute(kSecKeyKeyClass)
+ .attribute(tokenContext, record).uint32Value());
+ key.header().LogicalKeySizeInBits =
+ mr.metaAttribute(kSecKeyKeySizeInBits).attribute(tokenContext, record)
+ .uint32Value();
+
+ key.header().KeyAttr =
+ (mr.metaAttribute(kSecKeyPermanent).attribute(tokenContext, record)
+ .boolValue() ? CSSM_KEYATTR_PERMANENT : 0)
+ | (mr.metaAttribute(kSecKeyPrivate).attribute(tokenContext, record)
+ .boolValue() ? CSSM_KEYATTR_PRIVATE : 0)
+ | (mr.metaAttribute(kSecKeyModifiable).attribute(tokenContext, record)
+ .boolValue() ? CSSM_KEYATTR_MODIFIABLE : 0)
+ | (mr.metaAttribute(kSecKeySensitive).attribute(tokenContext, record)
+ .boolValue() ? CSSM_KEYATTR_SENSITIVE : 0)
+ | (mr.metaAttribute(kSecKeyAlwaysSensitive)
+ .attribute(tokenContext, record)
+ .boolValue() ? CSSM_KEYATTR_ALWAYS_SENSITIVE : 0)
+ | (mr.metaAttribute(kSecKeyExtractable).attribute(tokenContext, record)
+ .boolValue() ? CSSM_KEYATTR_EXTRACTABLE : 0)
+ | (mr.metaAttribute(kSecKeyNeverExtractable)
+ .attribute(tokenContext, record)
+ .boolValue() ? CSSM_KEYATTR_NEVER_EXTRACTABLE : 0);
+
+ CSSM_KEYUSE usage =
+ (mr.metaAttribute(kSecKeyEncrypt).attribute(tokenContext, record)
+ .boolValue() ? CSSM_KEYUSE_ENCRYPT : 0)
+ | (mr.metaAttribute(kSecKeyDecrypt).attribute(tokenContext, record)
+ .boolValue() ? CSSM_KEYUSE_DECRYPT : 0)
+ | (mr.metaAttribute(kSecKeySign).attribute(tokenContext, record)
+ .boolValue() ? CSSM_KEYUSE_SIGN : 0)
+ | (mr.metaAttribute(kSecKeyVerify).attribute(tokenContext, record)
+ .boolValue() ? CSSM_KEYUSE_VERIFY : 0)
+ | (mr.metaAttribute(kSecKeySignRecover).attribute(tokenContext, record)
+ .boolValue() ? CSSM_KEYUSE_SIGN_RECOVER : 0)
+ | (mr.metaAttribute(kSecKeyVerifyRecover)
+ .attribute(tokenContext, record)
+ .boolValue() ? CSSM_KEYUSE_VERIFY_RECOVER : 0)
+ | (mr.metaAttribute(kSecKeyWrap).attribute(tokenContext, record)
+ .boolValue() ? CSSM_KEYUSE_WRAP : 0)
+ | (mr.metaAttribute(kSecKeyUnwrap).attribute(tokenContext, record)
+ .boolValue() ? CSSM_KEYUSE_UNWRAP : 0)
+ | (mr.metaAttribute(kSecKeyDerive).attribute(tokenContext, record)
+ .boolValue() ? CSSM_KEYUSE_DERIVE : 0);
+ if (usage == (CSSM_KEYUSE_ENCRYPT | CSSM_KEYUSE_DECRYPT | CSSM_KEYUSE_SIGN
+ | CSSM_KEYUSE_VERIFY | CSSM_KEYUSE_SIGN_RECOVER
+ | CSSM_KEYUSE_VERIFY_RECOVER | CSSM_KEYUSE_WRAP | CSSM_KEYUSE_UNWRAP
+ | CSSM_KEYUSE_DERIVE))
+ usage = CSSM_KEYUSE_ANY;
+
+ key.header().KeyUsage = usage;
+
+ // Dates
+ mr.metaAttribute(kSecKeyStartDate).attribute(tokenContext, record)
+ .getDateValue(key.header().StartDate);
+ mr.metaAttribute(kSecKeyEndDate).attribute(tokenContext, record)
+ .getDateValue(key.header().EndDate);
+
+ record.attributeAtIndex(metaAttribute.attributeIndex(),
+ new Attribute(&key, sizeof(key)));
+}
+
+
+//
+// LinkedRecordAttributeCoder
+//
+LinkedRecordAttributeCoder::~LinkedRecordAttributeCoder() {}
+
+void LinkedRecordAttributeCoder::decode(Tokend::TokenContext *tokenContext,
+ const Tokend::MetaAttribute &metaAttribute,
+ Tokend::Record &record)
+{
+ const Tokend::MetaAttribute *lma = NULL;
+ LinkedRecordAdornment *lra = NULL;
+ if (mCertificateMetaAttribute)
+ {
+ lma = mCertificateMetaAttribute;
+ lra = record.getAdornment<LinkedRecordAdornment>(certificateKey());
+ }
+
+ if (!lra && mPublicKeyMetaAttribute)
+ {
+ lma = mPublicKeyMetaAttribute;
+ lra = record.getAdornment<LinkedRecordAdornment>(publicKeyKey());
+ }
+
+ if (!lma || !lra)
+ CssmError::throwMe(CSSMERR_DL_MISSING_VALUE);
+
+ // Get the linked record's attribute and set it on record.
+ const Attribute &attribute = lma->attribute(tokenContext, lra->record());
+ record.attributeAtIndex(metaAttribute.attributeIndex(),
+ new Attribute(attribute));
+}
+
+
+//
+// DecriptionAttributeCoder
+//
+DescriptionAttributeCoder::~DescriptionAttributeCoder()
+{
+}
+
+void DescriptionAttributeCoder::decode(TokenContext *tokenContext,
+ const MetaAttribute &metaAttribute, Record &record)
+{
+ record.attributeAtIndex(metaAttribute.attributeIndex(),
+ new Attribute(record.description()));
+}
+
+
+//
+// DataAttributeCoder
+//
+DataAttributeCoder::~DataAttributeCoder()
+{
+}
+
+void DataAttributeCoder::decode(TokenContext *tokenContext,
+ const MetaAttribute &metaAttribute, Record &record)
+{
+ record.attributeAtIndex(metaAttribute.attributeIndex(),
+ record.getDataAttribute(tokenContext));
+}
+
+
+} // end namespace Tokend
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/AttributeCoder.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/AttributeCoder.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/AttributeCoder.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,217 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * AttributeCoder.h
+ * TokendMuscle
+ */
+
+#ifndef _TOKEND_ATTRIBUTECODER_H_
+#define _TOKEND_ATTRIBUTECODER_H_
+
+#include <security_utilities/utilities.h>
+#include <Security/cssmtype.h>
+
+namespace Tokend
+{
+
+class MetaAttribute;
+class Record;
+class TokenContext;
+
+
+class AttributeCoder
+{
+ NOCOPY(AttributeCoder)
+public:
+ AttributeCoder() {}
+ virtual ~AttributeCoder() = 0;
+
+ virtual void decode(TokenContext *tokenContext,
+ const MetaAttribute &metaAttribute, Record &record) = 0;
+};
+
+
+//
+// A coder that derives certificate attributes for the certificate data
+//
+class CertificateAttributeCoder : public AttributeCoder
+{
+ NOCOPY(CertificateAttributeCoder)
+public:
+ CertificateAttributeCoder() {}
+ virtual ~CertificateAttributeCoder();
+
+ virtual void decode(TokenContext *tokenContext,
+ const MetaAttribute &metaAttribute, Record &record);
+private:
+};
+
+//
+// A coder with a constant value
+//
+class ConstAttributeCoder : public AttributeCoder
+{
+ NOCOPY(ConstAttributeCoder)
+public:
+ ConstAttributeCoder(uint32 value);
+ ConstAttributeCoder(bool value);
+ virtual ~ConstAttributeCoder();
+
+ virtual void decode(TokenContext *tokenContext,
+ const MetaAttribute &metaAttribute, Record &record);
+private:
+ uint32 mValue;
+};
+
+
+//
+// A coder whose value is a guid.
+//
+class GuidAttributeCoder : public AttributeCoder
+{
+ NOCOPY(GuidAttributeCoder)
+public:
+ GuidAttributeCoder(const CSSM_GUID &guid);
+ virtual ~GuidAttributeCoder();
+
+ virtual void decode(TokenContext *tokenContext,
+ const MetaAttribute &metaAttribute, Record &record);
+private:
+ const CSSM_GUID mGuid;
+};
+
+
+//
+// A coder whose value contains 0 values.
+//
+class NullAttributeCoder : public AttributeCoder
+{
+ NOCOPY(NullAttributeCoder)
+public:
+ NullAttributeCoder() {}
+ virtual ~NullAttributeCoder();
+
+ virtual void decode(TokenContext *tokenContext,
+ const MetaAttribute &metaAttribute, Record &record);
+};
+
+
+//
+// A coder whose value contains 1 zero length value.
+//
+class ZeroAttributeCoder : public AttributeCoder
+{
+ NOCOPY(ZeroAttributeCoder)
+public:
+ ZeroAttributeCoder() {}
+ virtual ~ZeroAttributeCoder();
+
+ virtual void decode(TokenContext *tokenContext,
+ const MetaAttribute &metaAttribute, Record &record);
+};
+
+
+//
+// A data coder for key relations
+//
+class KeyDataAttributeCoder : public AttributeCoder
+{
+ NOCOPY(KeyDataAttributeCoder)
+public:
+
+ KeyDataAttributeCoder() {}
+ virtual ~KeyDataAttributeCoder();
+
+ virtual void decode(TokenContext *tokenContext,
+ const MetaAttribute &metaAttribute, Record &record);
+};
+
+
+//
+// A coder for private key objects value is the public key hash of a
+// certificate. Generic get an attribute of a linked record coder.
+//
+class LinkedRecordAttributeCoder : public Tokend::AttributeCoder
+{
+ NOCOPY(LinkedRecordAttributeCoder)
+public:
+ LinkedRecordAttributeCoder() {}
+ virtual ~LinkedRecordAttributeCoder();
+
+ const void *certificateKey() const { return mCertificateMetaAttribute; }
+ const void *publicKeyKey() const { return mPublicKeyMetaAttribute; }
+
+ void setCertificateMetaAttribute(
+ const Tokend::MetaAttribute *linkedRecordMetaAttribute)
+ { mCertificateMetaAttribute = linkedRecordMetaAttribute; }
+ void setPublicKeyMetaAttribute(
+ const Tokend::MetaAttribute *linkedRecordMetaAttribute)
+ { mPublicKeyMetaAttribute = linkedRecordMetaAttribute; }
+
+ virtual void decode(Tokend::TokenContext *tokenContext,
+ const Tokend::MetaAttribute &metaAttribute,
+ Tokend::Record &record);
+
+private:
+ const Tokend::MetaAttribute *mCertificateMetaAttribute;
+ const Tokend::MetaAttribute *mPublicKeyMetaAttribute;
+};
+
+
+//
+// A coder that reads the description of an object
+//
+class DescriptionAttributeCoder : public AttributeCoder
+{
+ NOCOPY(DescriptionAttributeCoder)
+public:
+
+ DescriptionAttributeCoder() {}
+ virtual ~DescriptionAttributeCoder();
+
+ virtual void decode(TokenContext *tokenContext,
+ const MetaAttribute &metaAttribute, Record &record);
+};
+
+
+//
+// A coder that reads the data of an object
+//
+class DataAttributeCoder : public Tokend::AttributeCoder
+{
+ NOCOPY(DataAttributeCoder)
+public:
+
+ DataAttributeCoder() {}
+ virtual ~DataAttributeCoder();
+
+ virtual void decode(TokenContext *tokenContext,
+ const MetaAttribute &metaAttribute, Record &record);
+};
+
+
+} // end namespace Tokend
+
+#endif /* !_TOKEND_ATTRIBUTECODER_H_ */
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Cursor.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Cursor.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Cursor.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,189 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * Cursor.cpp
+ * TokendMuscle
+ */
+
+#include "Cursor.h"
+
+#include "MetaRecord.h"
+#include "Record.h"
+#include "RecordHandle.h"
+#include "Relation.h"
+#include "Token.h"
+#include "SelectionPredicate.h"
+
+namespace Tokend
+{
+
+#pragma mark ---------------- Cursor methods --------------
+
+//
+// Cursor implemetation
+//
+Cursor::Cursor()
+{
+}
+
+Cursor::~Cursor()
+{
+}
+
+//
+// LinearCursor implemetation
+//
+LinearCursor::LinearCursor(const CSSM_QUERY *inQuery,
+ const Relation &inRelation) :
+ mIterator(inRelation.begin()),
+ mEnd(inRelation.end()),
+ mMetaRecord(inRelation.metaRecord())
+{
+ mConjunctive = inQuery->Conjunctive;
+ mQueryFlags = inQuery->QueryFlags;
+ // @@@ Do something with inQuery->QueryLimits?
+ uint32 aPredicatesCount = inQuery->NumSelectionPredicates;
+ mPredicates.resize(aPredicatesCount);
+ try
+ {
+ for (uint32 anIndex = 0; anIndex < aPredicatesCount; anIndex++)
+ {
+ CSSM_SELECTION_PREDICATE &aPredicate =
+ inQuery->SelectionPredicate[anIndex];
+ mPredicates[anIndex] =
+ new SelectionPredicate(mMetaRecord, aPredicate);
+ }
+ }
+ catch (...)
+ {
+ for_each_delete(mPredicates.begin(), mPredicates.end());
+ throw;
+ }
+}
+
+LinearCursor::~LinearCursor()
+{
+ for_each_delete(mPredicates.begin(), mPredicates.end());
+}
+
+RecordHandle *LinearCursor::next(TokenContext *tokenContext)
+{
+ while (mIterator != mEnd)
+ {
+ RefPointer<Record> rec = *mIterator;
+ ++mIterator;
+
+ PredicateVector::const_iterator anIt = mPredicates.begin();
+ PredicateVector::const_iterator anEnd = mPredicates.end();
+ bool aMatch;
+ if (anIt == anEnd) // If there are no predicates we have a match.
+ aMatch = true;
+ else if (mConjunctive == CSSM_DB_OR)
+ {
+ // If mConjunctive is OR, the first predicate that returns
+ // true indicates a match. Dropthough means no match
+ aMatch = false;
+ for (; anIt != anEnd; anIt++)
+ {
+ if ((*anIt)->evaluate(tokenContext, *rec))
+ {
+ aMatch = true;
+ break;
+ }
+ }
+ }
+ else if (mConjunctive == CSSM_DB_AND || mConjunctive == CSSM_DB_NONE)
+ {
+ // If mConjunctive is AND (or NONE), the first predicate that
+ // returns false indicates a mismatch. Dropthough means a match.
+ aMatch = true;
+ for (; anIt != anEnd; anIt++)
+ {
+ if (!(*anIt)->evaluate(tokenContext, *rec))
+ {
+ aMatch = false;
+ break;
+ }
+ }
+ }
+ else
+ {
+ CssmError::throwMe(CSSMERR_DL_INVALID_QUERY);
+ }
+
+ if (aMatch)
+ return new RecordHandle(mMetaRecord, rec);
+ }
+
+ return NULL;
+}
+
+#pragma mark ---------------- MultiCursor methods --------------
+
+MultiCursor::MultiCursor(const CSSM_QUERY *inQuery, const Schema &inSchema) :
+ mRelationIterator(inSchema.begin()),
+ mRelationEnd(inSchema.end())
+{
+ if (inQuery)
+ mQuery.reset(new CssmAutoQuery(*inQuery));
+ else
+ {
+ mQuery.reset(new CssmAutoQuery());
+ mQuery->recordType(CSSM_DL_DB_RECORD_ANY);
+ }
+}
+
+MultiCursor::~MultiCursor()
+{
+}
+
+RecordHandle *MultiCursor::next(TokenContext *tokenContext)
+{
+ RecordHandle *result = NULL;
+ for (;;)
+ {
+ if (!mCursor.get())
+ {
+ if (mRelationIterator == mRelationEnd)
+ return NULL;
+
+ const Relation &aRelation = *(mRelationIterator->second);
+ ++mRelationIterator;
+ if (!aRelation.matchesId(mQuery->recordType()))
+ continue;
+
+ mCursor.reset(new LinearCursor(mQuery.get(), aRelation));
+ }
+
+ if ((result = mCursor->next(tokenContext)))
+ return result;
+
+ mCursor.reset(NULL);
+ }
+}
+
+
+} // end namespace Tokend
+
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Cursor.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Cursor.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Cursor.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,96 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * Cursor.h
+ * TokendMuscle
+ */
+
+#ifndef _TOKEND_CURSOR_H_
+#define _TOKEND_CURSOR_H_
+
+#include "Relation.h"
+#include "Schema.h"
+#include <security_cdsa_utilities/handleobject.h>
+#include <vector>
+
+namespace Tokend
+{
+
+class MetaRecord;
+class RecordHandle;
+class Relation;
+class SelectionPredicate;
+
+class Cursor : public HandleObject
+{
+ NOCOPY(Cursor)
+public:
+ Cursor();
+ virtual ~Cursor() = 0;
+ virtual RecordHandle *next(TokenContext *tokenContext) = 0;
+};
+
+class LinearCursor : public Cursor
+{
+ NOCOPY(LinearCursor)
+public:
+ LinearCursor(const CSSM_QUERY *inQuery, const Relation &inRelation);
+ virtual ~LinearCursor();
+ virtual RecordHandle *next(TokenContext *tokenContext);
+
+private:
+ Relation::const_iterator mIterator;
+ Relation::const_iterator mEnd;
+
+ const MetaRecord &mMetaRecord;
+
+ CSSM_DB_CONJUNCTIVE mConjunctive;
+
+ // If CSSM_QUERY_RETURN_DATA is set return the raw key bits
+ CSSM_QUERY_FLAGS mQueryFlags;
+ typedef vector<SelectionPredicate *> PredicateVector;
+
+ PredicateVector mPredicates;
+};
+
+class MultiCursor : public Cursor
+{
+ NOCOPY(MultiCursor)
+public:
+ MultiCursor(const CSSM_QUERY *inQuery, const Schema &inSchema);
+ virtual ~MultiCursor();
+ virtual RecordHandle *next(TokenContext *tokenContext);
+
+private:
+ Schema::ConstRelationMapIterator mRelationIterator;
+ Schema::ConstRelationMapIterator mRelationEnd;
+ auto_ptr<CssmAutoQuery> mQuery;
+ auto_ptr<Cursor> mCursor;
+};
+
+} // end namespace Tokend
+
+#endif /* !_TOKEND_CURSOR_H_ */
+
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/DbValue.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/DbValue.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/DbValue.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,458 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * DbValue.cpp
+ * TokendMuscle
+ */
+
+#include "DbValue.h"
+#include <ctype.h>
+
+// @@@ missing "pack" methods with WriteSection parameter
+
+namespace Tokend
+{
+
+//
+// DbValue
+//
+DbValue::DbValue()
+{
+}
+
+DbValue::~DbValue()
+{
+}
+
+UInt32Value::UInt32Value(const CSSM_DATA &data)
+{
+ switch (data.Length)
+ {
+ case 1: mValue = *reinterpret_cast<uint8 *>(data.Data); break;
+ case 2: mValue = *reinterpret_cast<uint16 *>(data.Data); break;
+ case 4: mValue = *reinterpret_cast<uint32 *>(data.Data); break;
+ default:
+ CssmError::throwMe(CSSMERR_DL_INVALID_VALUE);
+ }
+}
+
+UInt32Value::~UInt32Value()
+{
+}
+
+//
+// SInt32Value
+//
+
+SInt32Value::SInt32Value(const CSSM_DATA &data)
+{
+ switch (data.Length)
+ {
+ case 1: mValue = *reinterpret_cast<sint8 *>(data.Data); break;
+ case 2: mValue = *reinterpret_cast<sint16 *>(data.Data); break;
+ case 4: mValue = *reinterpret_cast<sint32 *>(data.Data); break;
+ default:
+ CssmError::throwMe(CSSMERR_DL_INVALID_VALUE);
+ }
+}
+
+SInt32Value::~SInt32Value()
+{
+}
+
+//
+// DoubleValue
+//
+
+DoubleValue::DoubleValue(const CSSM_DATA &data)
+{
+ switch (data.Length)
+ {
+ case 4: mValue = *reinterpret_cast<float *>(data.Data); break;
+ case 8: mValue = *reinterpret_cast<double *>(data.Data); break;
+ default:
+ CssmError::throwMe(CSSMERR_DL_INVALID_VALUE);
+ }
+}
+
+DoubleValue::~DoubleValue()
+{
+}
+
+//
+// BlobValue
+//
+
+BlobValue::BlobValue(const CSSM_DATA &data) : CssmData(CssmData::overlay(data))
+{
+}
+
+BlobValue::~BlobValue()
+{
+}
+
+BlobValue::Comparator::~Comparator()
+{
+}
+
+int
+BlobValue::Comparator::operator ()(const uint8 *ptr1, const uint8 *ptr2,
+ uint32 length)
+{
+ return memcmp(ptr1, ptr2, length);
+}
+
+bool
+BlobValue::evaluate(const BlobValue &other, CSSM_DB_OPERATOR op) const
+{
+ return evaluate(*this, other, op, Comparator());
+}
+
+bool
+BlobValue::evaluate(const CssmData &inData1, const CssmData &inData2,
+ CSSM_DB_OPERATOR op, Comparator compare)
+{
+ uint32 length1 = inData1.Length, length2 = inData2.Length;
+ const uint8 *data1 = inData1.Data;
+ const uint8 *data2 = inData2.Data;
+
+ switch (op) {
+
+ case CSSM_DB_CONTAINS_INITIAL_SUBSTRING:
+ if (length1 > length2)
+ return false;
+ length2 = length1;
+ goto DB_EQUAL;
+
+ case CSSM_DB_CONTAINS_FINAL_SUBSTRING:
+ if (length1 > length2)
+ return false;
+ data2 += (length2 - length1);
+ length2 = length1;
+ // dropthrough...
+
+ case CSSM_DB_EQUAL:
+ DB_EQUAL:
+ if (length1 != length2)
+ return false;
+ if (length1 == 0)
+ return true;
+ return compare(data1, data2, length1) == 0;
+
+ case CSSM_DB_NOT_EQUAL:
+ if (length1 != length2)
+ return true;
+ if (length1 == 0)
+ return false;
+ return compare(data1, data2, length1) != 0;
+
+ case CSSM_DB_LESS_THAN:
+ case CSSM_DB_GREATER_THAN:
+ {
+ uint32 length = min(length1, length2);
+ int result = (length == 0) ? 0 : compare(data1, data2, length);
+
+ if (result < 0 || (result == 0 && length1 < length2))
+ return op == CSSM_DB_LESS_THAN;
+ else if (result > 0 || (result == 0 && length1 > length2))
+ return op == CSSM_DB_GREATER_THAN;
+ break;
+ }
+
+ case CSSM_DB_CONTAINS:
+ if (length1 > length2)
+ return false;
+ if (length1 == 0)
+ return true;
+ // Both buffers are at least 1 byte long.
+ for (const uint8 *data = data2; data + length1 <= data2 + length2;
+ ++data)
+ if (compare(data1, data, length1) == 0)
+ return true;
+ break;
+
+ default:
+ CssmError::throwMe(CSSMERR_DL_UNSUPPORTED_QUERY);
+ }
+
+ return false;
+}
+
+//
+// TimeDateValue
+//
+
+TimeDateValue::TimeDateValue(const CSSM_DATA &data)
+: BlobValue(data)
+{
+ if (Length != kTimeDateSize || !isValidDate())
+ CssmError::throwMe(CSSMERR_DL_INVALID_VALUE);
+}
+
+TimeDateValue::~TimeDateValue()
+{
+}
+
+bool
+TimeDateValue::isValidDate() const
+{
+ if (Length != kTimeDateSize || Data[kTimeDateSize - 1] != 0 ||
+ Data[kTimeDateSize - 2] != 'Z')
+ return false;
+
+ for (uint32 i = 0; i < kTimeDateSize - 2; i++)
+ if (!isdigit(Data[i]))
+ return false;
+
+ uint32 month = rangeValue(4, 2);
+ if (month < 1 || month > 12)
+ return false;
+
+ uint32 day = rangeValue(6, 2);
+ if (day < 1 || day > 31)
+ return false;
+
+ uint32 hour = rangeValue(8, 2);
+ if (hour < 0 || hour > 23)
+ return false;
+
+ uint32 minute = rangeValue(10, 2);
+ if (minute < 0 || minute > 59)
+ return false;
+
+ uint32 second = rangeValue(12, 2);
+ if (second < 0 || second > 59)
+ return false;
+
+ return true;
+}
+
+uint32
+TimeDateValue::rangeValue(uint32 start, uint32 length) const
+{
+ uint32 value = 0;
+ for (uint32 i = 0; i < length; i++)
+ value = value * 10 + Data[start + i] - '0';
+ return value;
+}
+
+//
+// StringValue
+//
+
+StringValue::StringValue(const CSSM_DATA &data)
+: BlobValue(data)
+{
+}
+
+StringValue::~StringValue()
+{
+}
+
+int
+StringValue::Comparator::operator ()(const uint8 *ptr1, const uint8 *ptr2,
+ uint32 length)
+{
+ return strncmp(reinterpret_cast<const char *>(ptr1),
+ reinterpret_cast<const char *>(ptr2), length);
+}
+
+bool
+StringValue::evaluate(const StringValue &other, CSSM_DB_OPERATOR op) const
+{
+ return BlobValue::evaluate(*this, other, op, StringValue::Comparator());
+}
+
+//
+// BigNumValue
+//
+
+BigNumValue::BigNumValue(const CSSM_DATA &data)
+: BlobValue(data)
+{
+ // remove trailing zero bytes
+ while (Length > 1 && Data[Length - 1] == 0)
+ Length--;
+
+ // if the number is zero (positive or negative), make the length zero
+ if (Length == 1 && (Data[0] & ~kSignBit) == 0)
+ Length = 0;
+}
+
+BigNumValue::~BigNumValue()
+{
+}
+
+// Walk the contents of two equal-sized bignums, moving backward
+// from the high-order bytes, and return the comparison result
+// ala memcmp.
+
+int
+BigNumValue::compare(const uint8 *a, const uint8 *b, int length)
+{
+ for (int diff, i = length - 1; i >= 1; i--)
+ if ((diff = a[i] - b[i]))
+ return diff;
+
+ // for the last (i.e. first) byte, mask out the sign bit
+ return (a[0] & ~kSignBit) - (b[0] & ~kSignBit);
+}
+
+// Compare two bignums, assuming they are in canonical form (i.e.,
+// no bytes containing trailing zeros.
+
+bool
+BigNumValue::evaluate(const BigNumValue &other, CSSM_DB_OPERATOR op) const
+{
+ uint32 length1 = Length, length2 = other.Length;
+ uint8 sign1 = length1 ? (Data[0] & kSignBit) : 0;
+ uint8 sign2 = length2 ? (other.Data[0] & kSignBit) : 0;
+
+ switch (op)
+ {
+ case CSSM_DB_EQUAL:
+ case CSSM_DB_NOT_EQUAL:
+ return BlobValue::evaluate(other, op);
+
+ case CSSM_DB_LESS_THAN:
+ if (sign1 ^ sign2)
+ // different signs: return true iff left value is the negative one
+ return sign1;
+ else if (length1 != length2)
+ // in canonical form, shorter numbers have smaller absolute value
+ return sign1 ? (length1 > length2) : (length1 < length2);
+ else {
+ // same length, same sign...
+ int c = compare(Data, other.Data, length1);
+ return sign1 ? (c > 0) : (c < 0);
+ }
+ break;
+
+ case CSSM_DB_GREATER_THAN:
+ if (sign1 ^ sign2)
+ return sign2;
+ else if (length1 != length2)
+ return sign1 ? (length1 < length2) : (length1 > length2);
+ else {
+ int c = compare(Data, other.Data, length1);
+ return sign1 ? (c < 0) : (c > 0);
+ }
+ break;
+
+ case CSSM_DB_CONTAINS:
+ case CSSM_DB_CONTAINS_INITIAL_SUBSTRING:
+ case CSSM_DB_CONTAINS_FINAL_SUBSTRING:
+ default:
+ CssmError::throwMe(CSSMERR_DL_UNSUPPORTED_QUERY);
+ }
+}
+
+//
+// MultiUInt32Value
+//
+
+MultiUInt32Value::MultiUInt32Value(const CSSM_DATA &data)
+{
+ if (data.Length & (sizeof(uint32) - 1))
+ CssmError::throwMe(CSSMERR_DL_INVALID_VALUE);
+
+ mNumValues = data.Length / sizeof(uint32);
+ mValues = reinterpret_cast<uint32 *>(data.Data);
+ mOwnsValues = false;
+}
+
+MultiUInt32Value::~MultiUInt32Value()
+{
+ if (mOwnsValues)
+ delete [] mValues;
+}
+
+static inline int
+uint32cmp(const uint32 *a, const uint32 *b, uint32 length)
+{
+ return memcmp(a, b, length * sizeof(uint32));
+}
+
+bool
+MultiUInt32Value::evaluate(const MultiUInt32Value &other,
+ CSSM_DB_OPERATOR op) const
+{
+ uint32 length1 = mNumValues, length2 = other.mNumValues;
+ const uint32 *values1 = mValues;
+ const uint32 *values2 = other.mValues;
+
+ switch (op)
+ {
+ case CSSM_DB_EQUAL:
+ if (length1 == length2)
+ return uint32cmp(values1, values2, length1) == 0;
+ break;
+
+ case CSSM_DB_NOT_EQUAL:
+ if (length1 != length2 || uint32cmp(values1, values2, length1))
+ return true;
+ break;
+
+ case CSSM_DB_CONTAINS_INITIAL_SUBSTRING:
+ if (length1 <= length2)
+ return uint32cmp(values1, values2, length1) == 0;
+ break;
+
+ case CSSM_DB_CONTAINS_FINAL_SUBSTRING:
+ if (length1 <= length2)
+ return uint32cmp(values1, values2 + (length2 - length1), length1)
+ == 0;
+ break;
+
+ case CSSM_DB_CONTAINS:
+ if (length1 <= length2) {
+
+ if (length1 == 0)
+ return true;
+
+ for (const uint32 *values = values2;
+ values + length1 < values2 + length2; values++)
+ if (uint32cmp(values1, values, length1) == 0)
+ return true;
+ }
+ break;
+
+ case CSSM_DB_LESS_THAN:
+ // this is not required by the spec, but is required to sort indexes
+ // over multi uint32 keys...
+ if (length1 < length2)
+ return true;
+ else if (length1 == length2)
+ return uint32cmp(values1, values2, length1) < 0;
+ break;
+
+ default:
+ CssmError::throwMe(CSSMERR_DL_UNSUPPORTED_QUERY);
+ }
+
+ return false;
+}
+
+} // end namespace Tokend
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/DbValue.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/DbValue.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/DbValue.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,206 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * DbValue.h
+ * TokendMuscle
+ */
+
+#ifndef _TOKEND_DBVALUE_H_
+#define _TOKEND_DBVALUE_H_
+
+#include <security_cdsa_utilities/cssmdata.h>
+#include <security_cdsa_utilities/cssmdb.h>
+#include <Security/cssmerr.h>
+#include <map>
+#include <vector>
+
+namespace Tokend
+{
+
+//
+// DbValue -- A base class for all types of database values.
+//
+class DbValue
+{
+ NOCOPY(DbValue)
+public:
+ DbValue();
+ virtual ~DbValue() = 0;
+};
+
+// A collection of subclasses of DbValue that work for simple
+// data types, e.g. uint32, sint32, and double, that have
+// the usual C comparison and sizeof operations. Defining this
+// template saves typing below.
+
+template <class T>
+class BasicValue : public DbValue
+{
+ NOCOPY(BasicValue)
+public:
+ BasicValue() {}
+ BasicValue(T value) : mValue(value) {}
+
+ bool evaluate(const BasicValue<T> &other, CSSM_DB_OPERATOR op) const
+ {
+ switch (op)
+ {
+ case CSSM_DB_EQUAL: return mValue == other.mValue;
+ case CSSM_DB_NOT_EQUAL: return mValue != other.mValue;
+ case CSSM_DB_LESS_THAN: return mValue < other.mValue;
+ case CSSM_DB_GREATER_THAN: return mValue > other.mValue;
+ default: CssmError::throwMe(CSSMERR_DL_UNSUPPORTED_QUERY);
+ }
+ }
+
+ size_t size() const { return sizeof(T); }
+ const uint8 *bytes() const
+ { return reinterpret_cast<const uint8 *>(&mValue); }
+
+protected:
+ T mValue;
+};
+
+// Actual useful subclasses of DbValue as instances of BasicValue.
+// Note that all of these require a constructor of the form
+// (const ReadSection &, uint32 &offset) that advances the offset
+// to just after the value.
+
+class UInt32Value : public BasicValue<uint32>
+{
+ NOCOPY(UInt32Value)
+public:
+ UInt32Value(const CSSM_DATA &data);
+ virtual ~UInt32Value();
+};
+
+class SInt32Value : public BasicValue<sint32>
+{
+ NOCOPY(SInt32Value)
+public:
+ SInt32Value(const CSSM_DATA &data);
+ virtual ~SInt32Value();
+};
+
+class DoubleValue : public BasicValue<double>
+{
+ NOCOPY(DoubleValue)
+public:
+ DoubleValue(const CSSM_DATA &data);
+ virtual ~DoubleValue();
+};
+
+// Subclasses of Value for more complex types.
+
+class BlobValue : public DbValue, public CssmData
+{
+ NOCOPY(BlobValue)
+public:
+ BlobValue() {}
+ BlobValue(const CSSM_DATA &data);
+ virtual ~BlobValue();
+ bool evaluate(const BlobValue &other, CSSM_DB_OPERATOR op) const;
+
+ size_t size() const { return Length; }
+ const uint8 *bytes() const { return Data; }
+
+protected:
+ class Comparator {
+ public:
+ virtual ~Comparator();
+ virtual int operator ()(const uint8 *ptr1, const uint8 *ptr2,
+ uint32 length);
+ };
+
+ static bool evaluate(const CssmData &data1, const CssmData &data2,
+ CSSM_DB_OPERATOR op, Comparator compare);
+};
+
+class TimeDateValue : public BlobValue
+{
+ NOCOPY(TimeDateValue)
+public:
+ enum { kTimeDateSize = 16 };
+
+ TimeDateValue(const CSSM_DATA &data);
+ virtual ~TimeDateValue();
+
+ bool isValidDate() const;
+
+private:
+ uint32 rangeValue(uint32 start, uint32 length) const;
+};
+
+class StringValue : public BlobValue
+{
+ NOCOPY(StringValue)
+public:
+ StringValue(const CSSM_DATA &data);
+ virtual ~StringValue();
+ bool evaluate(const StringValue &other, CSSM_DB_OPERATOR op) const;
+
+private:
+ class Comparator : public BlobValue::Comparator {
+ public:
+ virtual int operator ()(const uint8 *ptr1, const uint8 *ptr2,
+ uint32 length);
+ };
+
+};
+
+class BigNumValue : public BlobValue
+{
+ NOCOPY(BigNumValue)
+public:
+ static const uint8 kSignBit = 0x80;
+
+ BigNumValue(const CSSM_DATA &data);
+ virtual ~BigNumValue();
+ bool evaluate(const BigNumValue &other, CSSM_DB_OPERATOR op) const;
+
+private:
+ static int compare(const uint8 *a, const uint8 *b, int length);
+};
+
+class MultiUInt32Value : public DbValue
+{
+ NOCOPY(MultiUInt32Value)
+public:
+ MultiUInt32Value(const CSSM_DATA &data);
+ virtual ~MultiUInt32Value();
+ bool evaluate(const MultiUInt32Value &other, CSSM_DB_OPERATOR op) const;
+
+ size_t size() const { return mNumValues * sizeof(uint32); }
+ const uint8 *bytes() const { return reinterpret_cast<uint8 *>(mValues); }
+
+private:
+ uint32 mNumValues;
+ uint32 *mValues;
+ bool mOwnsValues;
+};
+
+} // end namespace Tokend
+
+#endif /* !_TOKEND_DBVALUE_H_ */
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/KeyHandle.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/KeyHandle.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/KeyHandle.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,158 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * KeyHandle.cpp
+ * TokendMuscle
+ */
+
+#include "KeyHandle.h"
+
+namespace Tokend
+{
+
+//
+// KeyHandle
+//
+KeyHandle::KeyHandle(const MetaRecord &metaRecord,
+ const RefPointer<Record> &record) :
+ RecordHandle(metaRecord, record)
+{
+}
+
+KeyHandle::~KeyHandle()
+{
+}
+
+void KeyHandle::wrapUsingKey(const Context &context,
+ const AccessCredentials *cred, KeyHandle *wrappingKeyHandle,
+ const CssmKey *wrappingKey, const CssmData *descriptiveData,
+ CssmKey &wrappedKey)
+{
+ /* We are being asked to wrap this key using another key. */
+ secdebug("crypto", "wrapKey alg: %u", context.algorithm());
+ IFDUMPING("crypto", context.dump("wrapKey context"));
+ if (wrappingKeyHandle)
+ {
+ secdebug("tokend",
+ "wrapKey of a reference key using a reference key not supported");
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+ }
+
+ /* First export the key from the card. */
+ exportKey(context, cred, wrappedKey);
+
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+}
+
+void KeyHandle::wrapKey(const Context &context, const CssmKey &subjectKey,
+ const CssmData *descriptiveData, CssmKey &wrappedKey)
+{
+ /* We are being asked to wrap a raw subject key using a key on the card. */
+ secdebug("tokend", "wrapKey of a raw subject key not supported");
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+}
+
+void KeyHandle::unwrapKey(const Context &context,
+ const AccessCredentials *cred, const AclEntryPrototype *access,
+ const CssmKey &wrappedKey, CSSM_KEYUSE usage,
+ CSSM_KEYATTR_FLAGS attributes, CssmData *descriptiveData,
+ CSSM_HANDLE &hUnwrappedKey, CssmKey &unwrappedKey)
+{
+ secdebug("crypto", "unwrapKey alg: %u", context.algorithm());
+ IFDUMPING("crypto", context.dump("unwrapKey context"));
+#if 0
+ /* Make sure our key type matches the context type */
+ if (keyClass() == CSSM_KEYCLASS_SESSION_KEY)
+ {
+ if (context.type() != CSSM_ALGCLASS_SYMMETRIC))
+ CssmError::throwMe(CSSMERR_CSP_INVALID_CONTEXT);
+ }
+ else
+#endif
+ if (context.type() != CSSM_ALGCLASS_ASYMMETRIC)
+ CssmError::throwMe(CSSMERR_CSP_INVALID_CONTEXT);
+
+ /* validate wrappedKey */
+ if (wrappedKey.keyClass() != CSSM_KEYCLASS_SESSION_KEY)
+ CssmError::throwMe(CSSMERR_CSP_INVALID_KEY_CLASS);
+
+ if(wrappedKey.blobType() != CSSM_KEYBLOB_WRAPPED)
+ CssmError::throwMe(CSSMERR_CSP_KEY_BLOB_TYPE_INCORRECT);
+
+ /* validate requested storage and usage */
+ if (!(attributes & CSSM_KEYATTR_RETURN_DATA)
+ || (attributes & (CSSM_KEYATTR_RETURN_REF | CSSM_KEYATTR_RETURN_NONE
+ | CSSM_KEYATTR_PERMANENT | CSSM_KEYATTR_PRIVATE)) != 0)
+ CssmError::throwMe(CSSMERR_CSP_INVALID_KEYATTR_MASK);
+
+ /* prepare outgoing header */
+ CssmKey::Header &hdr = unwrappedKey.header();
+ hdr.clearPod();
+ hdr.HeaderVersion = CSSM_KEYHEADER_VERSION;
+ hdr.cspGuid(gGuidAppleSdCSPDL);
+ hdr.blobType(CSSM_KEYBLOB_RAW);
+ hdr.algorithm(wrappedKey.algorithm());
+ hdr.keyClass(wrappedKey.keyClass());
+ hdr.KeyUsage = usage;
+ hdr.KeyAttr = attributes & ~(CSSM_KEYATTR_RETURN_DATA
+ | CSSM_KEYATTR_RETURN_REF | CSSM_KEYATTR_RETURN_NONE);
+
+ // defaults (change as needed)
+ hdr.StartDate = wrappedKey.header().StartDate;
+ hdr.EndDate = wrappedKey.header().EndDate;
+ unwrappedKey.KeyData.Data = NULL; // ignore possible incoming KeyData
+ unwrappedKey.KeyData.Length = 0;
+
+ /* validate wrappedKey format */
+ if (wrappedKey.blobFormat() != CSSM_KEYBLOB_WRAPPED_FORMAT_PKCS7)
+ CssmError::throwMe(CSSMERR_CSP_INVALID_ATTR_WRAPPED_KEY_FORMAT);
+
+ /* There is no descriptiveData in a PKCS7 wrapped blob. */
+ if (descriptiveData)
+ {
+ descriptiveData->Data = NULL;
+ descriptiveData->Length = 0;
+ }
+
+ /* Decrypt the key blob. */
+ decrypt(context, wrappedKey.keyData(), unwrappedKey.keyData());
+
+ /* We are assuming a CSSM_KEYBLOB_WRAPPED_FORMAT_PKCS7 from here on. */
+ hdr.blobFormat(CSSM_KEYBLOB_RAW_FORMAT_OCTET_STRING);
+ hdr.LogicalKeySizeInBits = unwrappedKey.length() * 8;
+}
+
+
+
+//
+// KeyHandleFactory
+//
+KeyHandleFactory::~KeyHandleFactory()
+{
+}
+
+
+} // end namespace Tokend
+
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/KeyHandle.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/KeyHandle.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/KeyHandle.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,112 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * KeyHandle.h
+ * TokendMuscle
+ */
+
+#ifndef _TOKEND_KEYHANDLE_H_
+#define _TOKEND_KEYHANDLE_H_
+
+#include "RecordHandle.h"
+
+#include <security_cdsa_utilities/handleobject.h>
+#include <security_cdsa_utilities/context.h>
+#include <security_cdsa_utilities/cssmaclpod.h>
+
+namespace Tokend
+{
+
+class MetaRecord;
+class Record;
+class TokenContext;
+
+
+//
+// A (nearly pure virtual) KeyHandle object which implements the crypto
+// interface.
+//
+class KeyHandle : public RecordHandle
+{
+ NOCOPY(KeyHandle)
+public:
+ KeyHandle(const MetaRecord &metaRecord, const RefPointer<Record> &record);
+ ~KeyHandle();
+
+ virtual void getKeySize(CSSM_KEY_SIZE &keySize) = 0;
+ virtual uint32 getOutputSize(const Context &context, uint32 inputSize,
+ bool encrypting) = 0;
+ virtual void generateSignature(const Context &context,
+ CSSM_ALGORITHMS signOnly, const CssmData &input,
+ CssmData &signature) = 0;
+ virtual void verifySignature(const Context &context,
+ CSSM_ALGORITHMS signOnly, const CssmData &input,
+ const CssmData &signature) = 0;
+ virtual void generateMac(const Context &context, const CssmData &input,
+ CssmData &output) = 0;
+ virtual void verifyMac(const Context &context, const CssmData &input,
+ const CssmData &compare) = 0;
+ virtual void encrypt(const Context &context, const CssmData &clear,
+ CssmData &cipher) = 0;
+ virtual void decrypt(const Context &context, const CssmData &cipher,
+ CssmData &clear) = 0;
+
+ virtual void exportKey(const Context &context,
+ const AccessCredentials *cred, CssmKey &wrappedKey) = 0;
+
+ virtual void wrapUsingKey(const Context &context,
+ const AccessCredentials *cred, KeyHandle *wrappingKeyHandle,
+ const CssmKey *wrappingKey, const CssmData *descriptiveData,
+ CssmKey &wrappedKey);
+ virtual void wrapKey(const Context &context, const CssmKey &subjectKey,
+ const CssmData *descriptiveData, CssmKey &wrappedKey);
+ virtual void unwrapKey(const Context &context,
+ const AccessCredentials *cred, const AclEntryPrototype *access,
+ const CssmKey &wrappedKey, CSSM_KEYUSE usage,
+ CSSM_KEYATTR_FLAGS attributes, CssmData *descriptiveData,
+ CSSM_HANDLE &hUnwrappedKey, CssmKey &unwrappedKey);
+private:
+};
+
+
+//
+// A (pure virtual) factory that creates KeyHandle objects.
+//
+class KeyHandleFactory
+{
+ NOCOPY(KeyHandleFactory)
+public:
+ KeyHandleFactory() {}
+ virtual ~KeyHandleFactory() = 0;
+
+ virtual KeyHandle *keyHandle(TokenContext *tokenContext,
+ const MetaRecord &metaRecord, Record &record) const = 0;
+};
+
+
+} // end namespace Tokend
+
+#endif /* !_TOKEND_KEYHANDLE_H_ */
+
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/MetaAttribute.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/MetaAttribute.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/MetaAttribute.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,137 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * MetaAttribute.cpp
+ * TokendMuscle
+ */
+
+#include "MetaAttribute.h"
+#include "MetaRecord.h"
+#include "Record.h"
+#include "DbValue.h"
+#include "DbValue.h"
+
+namespace Tokend
+{
+
+MetaAttribute::~MetaAttribute()
+{
+}
+
+// Construct an instance of an appropriate subclass of MetaAttribute based on
+// the given format. Called in MetaRecord.cpp createAttribute.
+MetaAttribute *MetaAttribute::create(MetaRecord& metaRecord, Format format,
+ uint32 attributeIndex, uint32 attributeId)
+{
+ switch (format)
+ {
+ case kAF_STRING:
+ return new TypedMetaAttribute<StringValue>(metaRecord, format,
+ attributeIndex, attributeId);
+
+ case kAF_SINT32:
+ return new TypedMetaAttribute<SInt32Value>(metaRecord, format,
+ attributeIndex, attributeId);
+
+ case kAF_UINT32:
+ return new TypedMetaAttribute<UInt32Value>(metaRecord, format,
+ attributeIndex, attributeId);
+
+ case kAF_BIG_NUM:
+ return new TypedMetaAttribute<BigNumValue>(metaRecord, format,
+ attributeIndex, attributeId);
+
+ case kAF_REAL:
+ return new TypedMetaAttribute<DoubleValue>(metaRecord, format,
+ attributeIndex, attributeId);
+
+ case kAF_TIME_DATE:
+ return new TypedMetaAttribute<TimeDateValue>(metaRecord, format,
+ attributeIndex, attributeId);
+
+ case kAF_BLOB:
+ return new TypedMetaAttribute<BlobValue>(metaRecord, format,
+ attributeIndex, attributeId);
+
+ case kAF_MULTI_UINT32:
+ return new TypedMetaAttribute<MultiUInt32Value>(metaRecord, format,
+ attributeIndex, attributeId);
+
+ case kAF_COMPLEX:
+ default:
+ CssmError::throwMe(CSSMERR_DL_UNSUPPORTED_FIELD_FORMAT);
+ }
+}
+
+const Attribute &
+MetaAttribute::attribute(TokenContext *tokenContext, Record &record) const
+{
+ if (!record.hasAttributeAtIndex(mAttributeIndex))
+ {
+ if (!mCoder)
+ {
+ secdebug("coder",
+ "No coder for r: %p rid: 0x%08X aid: %u aix: %u",
+ &record, mMetaRecord.relationId(), mAttributeId,
+ mAttributeIndex);
+ CssmError::throwMe(CSSMERR_DL_MISSING_VALUE);
+ }
+
+ secdebug("coder",
+ "Asking coder %p for r: %p rid: 0x%08X aid: %u aix: %u",
+ mCoder, &record, mMetaRecord.relationId(), mAttributeId,
+ mAttributeIndex);
+ mCoder->decode(tokenContext, *this, record);
+
+ // The coder had better put something useful in the attribute we asked it to.
+ if (!record.hasAttributeAtIndex(mAttributeIndex))
+ {
+ secdebug("coder",
+ "Coder %p did not set r: %p rid: 0x%08X aid: %u aix: %u",
+ mCoder, &record, mMetaRecord.relationId(), mAttributeId,
+ mAttributeIndex);
+ CssmError::throwMe(CSSMERR_DL_MISSING_VALUE);
+ }
+ }
+
+ const Attribute &attribute = record.attributeAtIndex(mAttributeIndex);
+#ifndef NDEBUG
+ if (attribute.size() == 1)
+ secdebug("mscread",
+ "r: %p rid: 0x%08X aid: %u aix: %u has: 1 value of length: %lu",
+ &record, mMetaRecord.relationId(), mAttributeId, mAttributeIndex,
+ attribute[0].Length);
+ else
+ secdebug("mscread",
+ "r: %p rid: 0x%08X aid: %u aix: %u has: %u values",
+ &record, mMetaRecord.relationId(), mAttributeId, mAttributeIndex,
+ attribute.size());
+#endif
+
+ return attribute;
+}
+
+
+} // end namespace Tokend
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/MetaAttribute.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/MetaAttribute.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/MetaAttribute.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,130 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * MetaAttribute.h
+ * TokendMuscle
+ */
+
+#ifndef _TOKEND_METAATTRIBUTE_H_
+#define _TOKEND_METAATTRIBUTE_H_
+
+#include <Security/cssmtype.h>
+#include <security_utilities/utilities.h>
+#include "Attribute.h"
+
+namespace Tokend
+{
+
+class Attribute;
+class AttributeCoder;
+class DbValue;
+class MetaRecord;
+class Record;
+class TokenContext;
+
+// A base class for all meta attributes.
+
+class MetaAttribute
+{
+ NOCOPY(MetaAttribute)
+public:
+ typedef CSSM_DB_ATTRIBUTE_FORMAT Format;
+
+ virtual ~MetaAttribute();
+
+ // construct an appropriate subclass of MetaAttribute
+ static MetaAttribute *create(MetaRecord& metaRecord, Format format,
+ uint32 attributeIndex, uint32 attributeId);
+
+ void attributeCoder(AttributeCoder *coder) { mCoder = coder; }
+
+ Format attributeFormat() const { return mFormat; }
+ uint32 attributeIndex() const { return mAttributeIndex; }
+ uint32 attributeId() const { return mAttributeId; }
+
+ const Attribute &attribute(TokenContext *tokenContext,
+ Record &record) const;
+
+ const MetaRecord &metaRecord() const { return mMetaRecord; }
+
+ // interface required of all subclasses, implemented with templates below
+ virtual DbValue *createValue(const CSSM_DATA &data) const = 0;
+
+ virtual bool evaluate(TokenContext *tokenContext, const DbValue *value,
+ Record& record, CSSM_DB_OPERATOR op) const = 0;
+
+protected:
+ MetaAttribute(MetaRecord& metaRecord, Format format, uint32 attributeIndex,
+ uint32 attributeId)
+ : mCoder(NULL), mMetaRecord(metaRecord), mFormat(format),
+ mAttributeIndex(attributeIndex), mAttributeId(attributeId) {}
+
+ AttributeCoder *mCoder;
+ MetaRecord &mMetaRecord;
+ Format mFormat;
+ uint32 mAttributeIndex;
+ uint32 mAttributeId;
+};
+
+// Template used to describe particular subclasses of MetaAttribute
+
+template <class T>
+class TypedMetaAttribute : public MetaAttribute
+{
+public:
+ TypedMetaAttribute(MetaRecord& metaRecord, Format format,
+ uint32 attributeIndex, uint32 attributeId)
+ : MetaAttribute(metaRecord, format, attributeIndex, attributeId) {}
+
+ DbValue *createValue(const CSSM_DATA &data) const
+ {
+ return new T(data);
+ }
+
+ bool evaluate(TokenContext *tokenContext, const DbValue *value,
+ Record &record, CSSM_DB_OPERATOR op) const
+ {
+ const Attribute &attr = attribute(tokenContext, record);
+ uint32 numValues = attr.size();
+
+ /* If any of the values for this attribute match we have a match. */
+ for (uint32 ix = 0; ix < numValues; ++ix)
+ if (dynamic_cast<const T *>(value)->evaluate(static_cast<const T &>(attr[ix]), op))
+ return true;
+
+ return false;
+ }
+
+ bool evaluate(const DbValue *value1, const DbValue *value2,
+ CSSM_DB_OPERATOR op) const
+ {
+ return (dynamic_cast<const T *>(value1))->
+ evaluate(*dynamic_cast<const T *>(value2), op);
+ }
+};
+
+} // end namespace Tokend
+
+#endif /* !_TOKEND_METAATTRIBUTE_H_ */
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/MetaRecord.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/MetaRecord.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/MetaRecord.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,251 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * MetaRecord.cpp
+ * TokendMuscle
+ */
+
+#include "MetaRecord.h"
+
+#include "Attribute.h"
+#include "KeyHandle.h"
+#include "MetaAttribute.h"
+#include "Record.h"
+#include <security_utilities/trackingallocator.h>
+#include <security_cdsa_utilities/cssmbridge.h>
+
+namespace Tokend
+{
+
+#pragma mark ---------------- MetaRecord methods --------------
+
+// Used for normal relations.
+MetaRecord::MetaRecord(RelationId inRelationId) : mRelationId(inRelationId),
+ mKeyHandleFactory(NULL)
+{
+ // Passing in a bogus attributeId for the attribute at index 0 (which is
+ // the data). It's not possible to look up the attribute by attributeId,
+ // nor should any coder rely on it's value.
+ mAttributeVector.push_back(MetaAttribute::create(*this, kAF_BLOB, 0,
+ 'data'));
+}
+
+MetaRecord::~MetaRecord()
+{
+ for_each_delete(mAttributeVector.begin(), mAttributeVector.end());
+}
+
+MetaAttribute &MetaRecord::createAttribute(const std::string &inAttributeName,
+ CSSM_DB_ATTRIBUTE_FORMAT inAttributeFormat)
+{
+ uint32 anAttributeId = mAttributeVector.size() - 1;
+ return createAttribute(&inAttributeName, NULL, anAttributeId,
+ inAttributeFormat);
+}
+
+MetaAttribute &MetaRecord::createAttribute(const string *inAttributeName,
+ const CssmOid *inAttributeOID, uint32 inAttributeID,
+ CSSM_DB_ATTRIBUTE_FORMAT inAttributeFormat)
+{
+ // Index of new element is current size of vector
+ uint32 anAttributeIndex = mAttributeVector.size();
+ bool aInsertedAttributeName = false;
+ bool aInsertedAttributeOID = false;
+ bool aInsertedAttributeID = false;
+
+ if (inAttributeName)
+ {
+ if (!mNameStringMap.insert(NameStringMap::value_type(*inAttributeName,
+ anAttributeIndex)).second)
+ CssmError::throwMe(CSSMERR_DL_FIELD_SPECIFIED_MULTIPLE);
+ aInsertedAttributeName = true;
+ }
+ try
+ {
+ if (inAttributeOID)
+ {
+ if (!mNameOIDMap.insert(NameOIDMap::value_type(*inAttributeOID,
+ anAttributeIndex)).second)
+ CssmError::throwMe(CSSMERR_DL_FIELD_SPECIFIED_MULTIPLE);
+ aInsertedAttributeOID = true;
+ }
+
+ if (!mNameIntMap.insert(NameIntMap::value_type(inAttributeID,
+ anAttributeIndex)).second)
+ CssmError::throwMe(CSSMERR_DL_FIELD_SPECIFIED_MULTIPLE);
+ aInsertedAttributeID = true;
+
+ // Note: this no longer throws INVALID_FIELD_NAME since the attribute
+ // will always have an attribute ID by which it is known.
+ MetaAttribute *ma = MetaAttribute::create(*this, inAttributeFormat,
+ anAttributeIndex, inAttributeID);
+ mAttributeVector.push_back(ma);
+ return *ma;
+ }
+ catch (...)
+ {
+ if (aInsertedAttributeName)
+ mNameStringMap.erase(*inAttributeName);
+ if (aInsertedAttributeOID)
+ mNameOIDMap.erase(*inAttributeOID);
+ if (inAttributeID)
+ mNameIntMap.erase(inAttributeID);
+
+ throw;
+ }
+}
+
+// Return the index (0 though NumAttributes - 1) of the attribute
+// represented by inAttributeInfo
+
+uint32 MetaRecord::attributeIndex(
+ const CSSM_DB_ATTRIBUTE_INFO &inAttributeInfo) const
+{
+ uint32 anIndex;
+ switch (inAttributeInfo.AttributeNameFormat)
+ {
+ case CSSM_DB_ATTRIBUTE_NAME_AS_STRING:
+ {
+ string aName(inAttributeInfo.Label.AttributeName);
+ NameStringMap::const_iterator it = mNameStringMap.find(aName);
+ if (it == mNameStringMap.end())
+ CssmError::throwMe(CSSMERR_DL_INVALID_FIELD_NAME);
+
+ anIndex = it->second;
+ break;
+ }
+ case CSSM_DB_ATTRIBUTE_NAME_AS_OID:
+ {
+ const CssmOid &aName =
+ CssmOid::overlay(inAttributeInfo.Label.AttributeOID);
+ NameOIDMap::const_iterator it = mNameOIDMap.find(aName);
+ if (it == mNameOIDMap.end())
+ CssmError::throwMe(CSSMERR_DL_INVALID_FIELD_NAME);
+ anIndex = it->second;
+ break;
+ }
+ case CSSM_DB_ATTRIBUTE_NAME_AS_INTEGER:
+ {
+ uint32 aName = inAttributeInfo.Label.AttributeID;
+ NameIntMap::const_iterator it = mNameIntMap.find(aName);
+ if (it == mNameIntMap.end())
+ CssmError::throwMe(CSSMERR_DL_INVALID_FIELD_NAME);
+ anIndex = it->second;
+ break;
+ }
+ default:
+ CssmError::throwMe(CSSMERR_DL_INVALID_FIELD_NAME);
+ break;
+ }
+
+ return anIndex;
+}
+
+const MetaAttribute &MetaRecord::metaAttribute(
+ const CSSM_DB_ATTRIBUTE_INFO &inAttributeInfo) const
+{
+ return *mAttributeVector[attributeIndex(inAttributeInfo)];
+}
+
+const MetaAttribute &MetaRecord::metaAttribute(uint32 name) const
+{
+ NameIntMap::const_iterator it = mNameIntMap.find(name);
+ if (it == mNameIntMap.end())
+ CssmError::throwMe(CSSMERR_DL_INVALID_FIELD_NAME);
+
+ return *mAttributeVector[it->second];
+}
+
+const MetaAttribute &MetaRecord::metaAttribute(const std::string &name) const
+{
+ NameStringMap::const_iterator it = mNameStringMap.find(name);
+ if (it == mNameStringMap.end())
+ CssmError::throwMe(CSSMERR_DL_INVALID_FIELD_NAME);
+
+ return *mAttributeVector[it->second];
+}
+
+const MetaAttribute &MetaRecord::metaAttributeForData() const
+{
+ return *mAttributeVector[0];
+}
+
+void MetaRecord::attributeCoder(uint32 name, AttributeCoder *coder)
+{
+ const_cast<MetaAttribute &>(metaAttribute(name)).attributeCoder(coder);
+}
+
+void MetaRecord::attributeCoder(const std::string &name, AttributeCoder *coder)
+{
+ const_cast<MetaAttribute &>(metaAttribute(name)).attributeCoder(coder);
+}
+
+void MetaRecord::attributeCoderForData(AttributeCoder *coder)
+{
+ const_cast<MetaAttribute &>(metaAttributeForData()).attributeCoder(coder);
+}
+
+void
+MetaRecord::get(TokenContext *tokenContext, Record &record,
+ TOKEND_RETURN_DATA &data) const
+{
+ if (data.attributes)
+ {
+ // Fetch the requested attributes.
+ CSSM_DB_RECORD_ATTRIBUTE_DATA &drad = *data.attributes;
+ drad.DataRecordType = mRelationId;
+ drad.SemanticInformation = 0;
+ for (uint32 ix = 0; ix < drad.NumberOfAttributes; ++ix)
+ {
+ CSSM_DB_ATTRIBUTE_DATA &dad = drad.AttributeData[ix];
+ const MetaAttribute &ma = metaAttribute(dad.Info);
+ dad.Info.AttributeFormat = ma.attributeFormat();
+ const Attribute &attr = ma.attribute(tokenContext, record);
+ dad.NumberOfValues = attr.size();
+ dad.Value = const_cast<CSSM_DATA_PTR>(attr.values());
+ }
+ }
+
+ if (data.data)
+ {
+ // Fetch the data.
+ const MetaAttribute &ma = metaAttributeForData();
+ const Attribute &attr = ma.attribute(tokenContext, record);
+ if (attr.size() != 1)
+ CssmError::throwMe(CSSMERR_DL_MISSING_VALUE);
+
+ (*data.data) = attr.values()[0];
+ if (mKeyHandleFactory)
+ {
+ KeyHandle *keyHandle = mKeyHandleFactory->keyHandle(tokenContext,
+ *this, record);
+ data.keyhandle = keyHandle ? keyHandle->handle() : 0;
+ }
+ else
+ data.keyhandle = 0;
+ }
+}
+
+
+} // end namespace Tokend
Added: releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/MetaRecord.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/MetaRecord.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/MetaRecord.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,132 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * MetaRecord.h
+ * TokendMuscle
+ */
+
+#ifndef _TOKEND_METARECORD_H_
+#define _TOKEND_METARECORD_H_
+
+#include <security_cdsa_utilities/cssmdata.h>
+#include <map>
+#include <string>
+#include <vector>
+#include <SecurityTokend/SecTokend.h>
+
+namespace Tokend
+{
+
+// Shorter names for some long cssm constants
+enum
+{
+ kAF_STRING = CSSM_DB_ATTRIBUTE_FORMAT_STRING,
+ kAF_SINT32 = CSSM_DB_ATTRIBUTE_FORMAT_SINT32,
+ kAF_UINT32 = CSSM_DB_ATTRIBUTE_FORMAT_UINT32,
+ kAF_BIG_NUM = CSSM_DB_ATTRIBUTE_FORMAT_BIG_NUM,
+ kAF_REAL = CSSM_DB_ATTRIBUTE_FORMAT_REAL,
+ kAF_TIME_DATE = CSSM_DB_ATTRIBUTE_FORMAT_TIME_DATE,
+ kAF_BLOB = CSSM_DB_ATTRIBUTE_FORMAT_BLOB,
+ kAF_MULTI_UINT32 = CSSM_DB_ATTRIBUTE_FORMAT_MULTI_UINT32,
+ kAF_COMPLEX = CSSM_DB_ATTRIBUTE_FORMAT_COMPLEX
+};
+
+typedef CSSM_DB_RECORDTYPE RelationId;
+
+
+class AttributeCoder;
+class KeyHandleFactory;
+class MetaAttribute;
+class Record;
+class TokenContext;
+//
+// Meta (or Schema) representation of an a Record. Used for packing and
+// unpacking objects.
+//
+
+class MetaRecord
+{
+ NOCOPY(MetaRecord)
+public:
+ // Used for normal relations
+ // dataCoder is the coder which will be used for the "data" value
+ // (metaAttributeForData() returns a metaAttribute using this coder.
+ MetaRecord(RelationId inRelationId);
+
+ ~MetaRecord();
+
+ MetaAttribute &createAttribute(const std::string &inAttributeName,
+ CSSM_DB_ATTRIBUTE_FORMAT inAttributeFormat);
+ MetaAttribute &createAttribute(const std::string *inAttributeName,
+ const CssmOid *inAttributeOID,
+ uint32 inAttributeID,
+ CSSM_DB_ATTRIBUTE_FORMAT inAttributeFormat);
+
+ const MetaAttribute &metaAttribute(
+ const CSSM_DB_ATTRIBUTE_INFO &inAttributeInfo) const;
+ const MetaAttribute &metaAttribute(uint32 name) const;
+ const MetaAttribute &metaAttribute(
+ const std::string &name) const;
+ const MetaAttribute &metaAttributeForData() const;
+
+ void attributeCoder(uint32 name, AttributeCoder *coder);
+ void attributeCoder(const std::string &name, AttributeCoder *coder);
+ void attributeCoderForData(AttributeCoder *coder);
+
+ RelationId relationId() const { return mRelationId; }
+
+ // Return the index (0 though NumAttributes - 1) of the attribute
+ // represented by inAttributeInfo
+ uint32 attributeIndex(const CSSM_DB_ATTRIBUTE_INFO &inAttributeInfo) const;
+
+ void get(TokenContext *tokenContext, Record &record,
+ TOKEND_RETURN_DATA &data) const;
+
+ void keyHandleFactory(KeyHandleFactory *keyHandleFactory)
+ { mKeyHandleFactory = keyHandleFactory; }
+private:
+
+ //friend class MetaAttribute;
+
+ RelationId mRelationId;
+
+ typedef std::map<std::string, uint32> NameStringMap;
+ typedef std::map<CssmBuffer<CssmOidContainer>, uint32> NameOIDMap;
+ typedef std::map<uint32, uint32> NameIntMap;
+
+ NameStringMap mNameStringMap;
+ NameOIDMap mNameOIDMap;
+ NameIntMap mNameIntMap;
+
+ typedef std::vector<MetaAttribute *> AttributeVector;
+ typedef AttributeVector::iterator AttributeIterator;
+ typedef AttributeVector::const_iterator ConstAttributeIterator;
+ AttributeVector mAttributeVector;
+ KeyHandleFactory *mKeyHandleFactory;
+};
+
+} // end namespace Tokend
+
+#endif /* !_TOKEND_METARECORD_H_ */
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/PKCS11Object.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/PKCS11Object.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/PKCS11Object.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,208 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * PKCS11Object.cpp
+ * TokendMuscle
+ */
+
+#include "PKCS11Object.h"
+
+#include <security_utilities/debugging.h>
+#include <security_cdsa_utilities/cssmerrors.h>
+#include <Security/cssmerr.h>
+
+#if defined(DEBUGDUMP)
+#include "cryptoki.h"
+#include "pkcs11.h"
+#endif /* !defined(DEBUGDUMP) */
+
+namespace Tokend
+{
+
+PKCS11Object::PKCS11Object(const void *inData, size_t inSize)
+{
+ const PKCS11ObjectHeader *object =
+ reinterpret_cast<const PKCS11ObjectHeader *>(inData);
+ if (inSize < sizeof(PKCS11ObjectHeader) || !object
+ || inSize < (object->size() + sizeof(PKCS11ObjectHeader)))
+ CssmError::throwMe(CSSM_ERRCODE_INTERNAL_ERROR);
+
+ size_t objectSize = object->size();
+ const uint8_t *data = object->data();
+ for (size_t bytesRead = 0; bytesRead < objectSize;)
+ {
+ const PKCS11Attribute *attribute =
+ reinterpret_cast<const PKCS11Attribute *>(&data[bytesRead]);
+ IFDUMPING("pkcs11", debugDump(*attribute));
+ mAttributeMap.insert(pair<uint32_t,
+ const PKCS11Attribute *>(attribute->attributeId(), attribute));
+ bytesRead += sizeof(PKCS11Attribute) + attribute->size();
+ }
+}
+
+const PKCS11Object::PKCS11Attribute *
+PKCS11Object::attribute(uint32_t attributeId) const
+{
+ AttributeMap::const_iterator it = mAttributeMap.find(attributeId);
+ if (it == mAttributeMap.end())
+ {
+ secdebug("pkcs11", "pkcs11 attribute: %08X not found", attributeId);
+ return NULL;
+ }
+
+ secdebug("pkcs11-d", "accessing pkcs11 attribute: %08X size: %lu",
+ attributeId, it->second->size());
+ return it->second;
+}
+
+bool PKCS11Object::attributeValueAsBool(uint32_t attributeId) const
+{
+ const PKCS11Attribute *attr = attribute(attributeId);
+ if (!attr)
+ return false;
+
+ if (attr->size() != 1)
+ {
+ secdebug("pkcs11",
+ "attributeValueAsBool: pkcs11 attribute: %08X size: %lu",
+ attributeId, attr->size());
+ CssmError::throwMe(CSSMERR_DL_INCOMPATIBLE_FIELD_FORMAT);
+ }
+
+ return *attr->data() != 0;
+}
+
+uint32_t PKCS11Object::attributeValueAsUint32(uint32_t attributeId) const
+{
+ const PKCS11Attribute *attr = attribute(attributeId);
+ if (!attr)
+ CssmError::throwMe(CSSMERR_DL_MISSING_VALUE);
+
+ if (attr->size() != 4)
+ {
+ secdebug("pkcs11",
+ "attributeValueAsUint32: pkcs11 attribute: %08X size: %lu",
+ attributeId, attr->size());
+ CssmError::throwMe(CSSMERR_DL_INCOMPATIBLE_FIELD_FORMAT);
+ }
+
+ const uint8_t *data = attr->data();
+ return (data[0] << 24) + (data[1] << 16) + (data[2] << 8) + data[3];
+}
+
+void PKCS11Object::attributeValueAsData(uint32_t attributeId,
+ const uint8_t *&data, size_t &size) const
+{
+ const PKCS11Attribute *attr = attribute(attributeId);
+ if (!attr)
+ CssmError::throwMe(CSSMERR_DL_MISSING_VALUE);
+
+ size = attr->size();
+ data = attr->data();
+}
+
+#if defined(DEBUGDUMP)
+void PKCS11Object::debugDump(const PKCS11Attribute &attribute)
+{
+ Debug::dump("found pkcs11 attribute: %s size: %lu ",
+ attributeName(attribute.attributeId()), attribute.size());
+ Debug::dumpData(attribute.data(), attribute.size());
+ Debug::dump("\n");
+}
+
+const char *PKCS11Object::attributeName(uint32_t attributeId)
+{
+ static char buffer[20];
+
+ switch (attributeId)
+ {
+ case CKA_CLASS: return "CLASS";
+ case CKA_TOKEN: return "TOKEN";
+ case CKA_PRIVATE: return "PRIVATE";
+ case CKA_LABEL: return "LABEL";
+ case CKA_APPLICATION: return "APPLICATION";
+ case CKA_VALUE: return "VALUE";
+ case CKA_OBJECT_ID: return "OBJECT_ID";
+ case CKA_CERTIFICATE_TYPE: return "CERTIFICATE_TYPE";
+ case CKA_ISSUER: return "ISSUER";
+ case CKA_SERIAL_NUMBER: return "SERIAL_NUMBER";
+ case CKA_AC_ISSUER: return "AC_ISSUER";
+ case CKA_OWNER: return "OWNER";
+ case CKA_ATTR_TYPES: return "ATTR_TYPES";
+ case CKA_TRUSTED: return "TRUSTED";
+ case CKA_KEY_TYPE: return "KEY_TYPE";
+ case CKA_SUBJECT: return "SUBJECT";
+ case CKA_ID: return "ID";
+ case CKA_SENSITIVE: return "SENSITIVE";
+ case CKA_ENCRYPT: return "ENCRYPT";
+ case CKA_DECRYPT: return "DECRYPT";
+ case CKA_WRAP: return "WRAP";
+ case CKA_UNWRAP: return "UNWRAP";
+ case CKA_SIGN: return "SIGN";
+ case CKA_SIGN_RECOVER: return "SIGN_RECOVER";
+ case CKA_VERIFY: return "VERIFY";
+ case CKA_VERIFY_RECOVER: return "VERIFY_RECOVER";
+ case CKA_DERIVE: return "DERIVE";
+ case CKA_START_DATE: return "START_DATE";
+ case CKA_END_DATE: return "END_DATE";
+ case CKA_MODULUS: return "MODULUS";
+ case CKA_MODULUS_BITS: return "MODULUS_BITS";
+ case CKA_PUBLIC_EXPONENT: return "PUBLIC_EXPONENT";
+ case CKA_PRIVATE_EXPONENT: return "PRIVATE_EXPONENT";
+ case CKA_PRIME_1: return "PRIME_1";
+ case CKA_PRIME_2: return "PRIME_2";
+ case CKA_EXPONENT_1: return "EXPONENT_1";
+ case CKA_EXPONENT_2: return "EXPONENT_2";
+ case CKA_COEFFICIENT: return "COEFFICIENT";
+ case CKA_PRIME: return "PRIME";
+ case CKA_SUBPRIME: return "SUBPRIME";
+ case CKA_BASE: return "BASE";
+ case CKA_PRIME_BITS: return "PRIME_BITS";
+ case CKA_SUB_PRIME_BITS: return "SUB_PRIME_BITS";
+ case CKA_VALUE_BITS: return "VALUE_BITS";
+ case CKA_VALUE_LEN: return "VALUE_LEN";
+ case CKA_EXTRACTABLE: return "EXTRACTABLE";
+ case CKA_LOCAL: return "LOCAL";
+ case CKA_NEVER_EXTRACTABLE: return "NEVER_EXTRACTABLE";
+ case CKA_ALWAYS_SENSITIVE: return "ALWAYS_SENSITIVE";
+ case CKA_KEY_GEN_MECHANISM: return "KEY_GEN_MECHANISM";
+ case CKA_MODIFIABLE: return "MODIFIABLE";
+ case CKA_EC_PARAMS: return "EC_PARAMS";
+ case CKA_EC_POINT: return "EC_POINT";
+ case CKA_SECONDARY_AUTH: return "SECONDARY_AUTH";
+ case CKA_AUTH_PIN_FLAGS: return "AUTH_PIN_FLAGS";
+ case CKA_HW_FEATURE_TYPE: return "HW_FEATURE_TYPE";
+ case CKA_RESET_ON_INIT: return "RESET_ON_INIT";
+ case CKA_HAS_RESET: return "HAS_RESET";
+ case CKA_VENDOR_DEFINED: return "VENDOR_DEFINED";
+ default:
+ snprintf(buffer, sizeof(buffer), "unknown(%0x08X)", attributeId);
+ return buffer;
+ }
+}
+#endif /* !defined(DEBUGDUMP) */
+
+
+} // end namespace Tokend
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/PKCS11Object.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/PKCS11Object.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/PKCS11Object.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,91 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * PKCS11Object.h
+ * TokendMuscle
+ */
+
+#ifndef _TOKEND_PKCS11OBJECT_H_
+#define _TOKEND_PKCS11OBJECT_H_
+
+#include <stdint.h>
+#include <map>
+#include <security_utilities/debugging.h>
+
+namespace Tokend
+{
+
+// This object doesn't copy it's data. It's assumed that the data will live at
+// least as long as this object does.
+class PKCS11Object
+{
+public:
+ PKCS11Object(const void *inData, size_t inSize);
+
+ bool attributeValueAsBool(uint32_t attributeId) const;
+ uint32_t attributeValueAsUint32(uint32_t attributeId) const;
+ void PKCS11Object::attributeValueAsData(uint32_t attributeId,
+ const uint8_t *&data, size_t &size) const;
+
+private:
+ struct PKCS11ObjectHeader
+ {
+ uint8_t oh_type;
+ uint8_t oh_id[2];
+ uint8_t oh_next_id[2];
+ uint8_t oa_size[2];
+ uint8_t oh_data[0];
+
+ size_t size() const { return (oa_size[0] << 8) + oa_size[1]; }
+ const uint8_t *data() const { return oh_data; }
+ };
+
+ struct PKCS11Attribute
+ {
+ uint8_t oa_id[4]; // big endian attribute type
+ uint8_t oa_size[2]; // big endian attribute length
+ uint8_t oa_data[0];
+
+ uint32_t attributeId() const { return (oa_id[0] << 24)
+ + (oa_id[1] << 16) + (oa_id[2] << 8) + oa_id[3]; }
+ size_t size() const { return (oa_size[0] << 8) + oa_size[1]; }
+ const uint8_t *data() const { return oa_data; }
+ };
+
+ const PKCS11Attribute *attribute(uint32_t attributeId) const;
+
+#if defined(DEBUGDUMP)
+ void debugDump(const PKCS11Attribute &attribute);
+ static const char *attributeName(uint32_t attributeId);
+#endif /* !defined(DEBUGDUMP) */
+
+ typedef std::map<uint32_t, const PKCS11Attribute *> AttributeMap;
+ AttributeMap mAttributeMap;
+};
+
+
+} // end namespace Tokend
+
+#endif /* !_TOKEND_PKCS11OBJECT_H_ */
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Record.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Record.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Record.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,132 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * Record.cpp
+ * TokendMuscle
+ */
+
+#include "Record.h"
+
+#include <security_cdsa_client/aclclient.h>
+
+namespace Tokend
+{
+
+AutoAclOwnerPrototype Record::gNobodyAclOwner;
+AutoAclEntryInfoList Record::gAnyReadAclEntries;
+
+Record::Record()
+{
+}
+
+Record::~Record()
+{
+ for_each_delete(mAttributes.begin(), mAttributes.end());
+}
+
+bool
+Record::hasAttributeAtIndex(uint32 attributeIndex) const
+{
+ if (attributeIndex < mAttributes.size())
+ return mAttributes[attributeIndex] != NULL;
+
+ return false;
+}
+
+const Attribute &
+Record::attributeAtIndex(uint32 attributeIndex) const
+{
+ if (attributeIndex < mAttributes.size())
+ {
+ Attribute *attribute = mAttributes[attributeIndex];
+ if (attribute)
+ return *attribute;
+ }
+
+ CssmError::throwMe(CSSMERR_DL_INTERNAL_ERROR);
+}
+
+void Record::attributeAtIndex(uint32 attributeIndex, Attribute *attribute)
+{
+ auto_ptr<Attribute> _(attribute);
+ if (attributeIndex >= mAttributes.size())
+ mAttributes.resize(attributeIndex + 1);
+
+ if (mAttributes[attributeIndex] != NULL)
+ CssmError::throwMe(CSSMERR_DL_INTERNAL_ERROR);
+
+ mAttributes[attributeIndex] = _.release();
+}
+
+void Record::getOwner(AclOwnerPrototype &owner)
+{
+ // Normally nobody can change the acl of an object on a smartcard.
+ if (!gNobodyAclOwner)
+ {
+ Allocator &alloc = Allocator::standard();
+ gNobodyAclOwner.allocator(alloc);
+ gNobodyAclOwner = CssmClient::AclFactory::NobodySubject(alloc);
+ }
+ owner = gNobodyAclOwner;
+}
+
+void Record::getAcl(const char *tag, uint32 &count, AclEntryInfo *&acls)
+{
+ // Normally anyone can read an object on a smartcard (subclasses might
+ // override this).
+ if (!gAnyReadAclEntries) {
+ gAnyReadAclEntries.allocator(Allocator::standard());
+ gAnyReadAclEntries.add(CssmClient::AclFactory::AnySubject(
+ gAnyReadAclEntries.allocator()),
+ AclAuthorizationSet(CSSM_ACL_AUTHORIZATION_DB_READ, 0));
+ }
+ count = gAnyReadAclEntries.size();
+ acls = gAnyReadAclEntries.entries();
+}
+
+void Record::changeOwner(const AclOwnerPrototype &owner)
+{
+ // Default changeOwner on a record always fails.
+ CssmError::throwMe(CSSM_ERRCODE_OBJECT_MANIP_AUTH_DENIED);
+}
+
+void Record::changeAcl(const AccessCredentials &cred, const AclEdit &edit)
+{
+ // Default changeAcl on a record always fails.
+ CssmError::throwMe(CSSM_ERRCODE_OBJECT_MANIP_AUTH_DENIED);
+}
+
+const char *Record::description()
+{
+ CssmError::throwMe(CSSMERR_DL_MISSING_VALUE);
+}
+
+Attribute *Record::getDataAttribute(TokenContext *tokenContext)
+{
+ CssmError::throwMe(CSSMERR_DL_MISSING_VALUE);
+}
+
+
+} // end namespace Tokend
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Record.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Record.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Record.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,79 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * Record.h
+ * TokendMuscle
+ */
+
+#ifndef _TOKEND_RECORD_H_
+#define _TOKEND_RECORD_H_
+
+#include "AttributeCoder.h"
+#include "MetaRecord.h"
+#include "Attribute.h"
+#include <security_utilities/refcount.h>
+#include <security_utilities/adornments.h>
+#include <security_cdsa_utilities/cssmaclpod.h>
+#include <security_cdsa_utilities/cssmcred.h>
+#include <SecurityTokend/SecTokend.h>
+
+namespace Tokend
+{
+
+class Record : public RefCount, public Security::Adornable
+{
+ NOCOPY(Record)
+public:
+ Record();
+ virtual ~Record();
+
+ bool hasAttributeAtIndex(uint32 attributeIndex) const;
+ const Attribute &attributeAtIndex(uint32 attributeIndex) const;
+ void attributeAtIndex(uint32 attributeIndex, Attribute *attribute);
+
+ virtual void getOwner(AclOwnerPrototype &owner);
+ virtual void getAcl(const char *tag, uint32 &count,
+ AclEntryInfo *&aclList);
+ virtual void changeOwner(const AclOwnerPrototype &owner);
+ virtual void changeAcl(const AccessCredentials &cred, const AclEdit &edit);
+
+ virtual const char *description();
+ virtual Attribute *getDataAttribute(TokenContext *tokenContext);
+
+protected:
+ typedef std::vector<Attribute *> Attributes;
+ typedef Attributes::iterator AttributesIterator;
+ typedef Attributes::const_iterator ConstAttributesIterator;
+
+ Attributes mAttributes;
+
+ // temporary ACL cache hack - to be removed
+ static AutoAclOwnerPrototype gNobodyAclOwner;
+ static AutoAclEntryInfoList gAnyReadAclEntries;
+};
+
+} // end namespace Tokend
+
+#endif /* !_TOKEND_RECORD_H_ */
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/RecordHandle.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/RecordHandle.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/RecordHandle.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,76 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * RecordHandle.cpp
+ * TokendMuscle
+ */
+
+#include "RecordHandle.h"
+
+#include "MetaRecord.h"
+#include "Record.h"
+
+namespace Tokend
+{
+
+RecordHandle::RecordHandle(const MetaRecord &metaRecord,
+ const RefPointer<Record> &record) :
+ mMetaRecord(metaRecord), mRecord(record)
+{
+}
+
+RecordHandle::~RecordHandle()
+{
+}
+
+void RecordHandle::get(TokenContext *tokenContext, TOKEND_RETURN_DATA &data)
+{
+ mMetaRecord.get(tokenContext, *mRecord, data);
+ data.record = handle();
+}
+
+void RecordHandle::getOwner(AclOwnerPrototype &owner)
+{
+ mRecord->getOwner(owner);
+}
+
+void RecordHandle::getAcl(const char *tag, uint32 &count, AclEntryInfo *&acls)
+{
+ mRecord->getAcl(tag, count, acls);
+}
+
+void RecordHandle::changeOwner(const AclOwnerPrototype &owner)
+{
+ mRecord->changeOwner(owner);
+}
+
+void RecordHandle::changeAcl(const AccessCredentials &cred,
+ const AclEdit &edit)
+{
+ mRecord->changeAcl(cred, edit);
+}
+
+
+} // end namespace Tokend
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/RecordHandle.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/RecordHandle.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/RecordHandle.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,69 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * RecordHandle.h
+ * TokendMuscle
+ */
+
+#ifndef _TOKEND_RECORDHANDLE_H_
+#define _TOKEND_RECORDHANDLE_H_
+
+#include <security_cdsa_utilities/handleobject.h>
+#include <security_utilities/refcount.h>
+#include <security_cdsa_utilities/cssmaclpod.h>
+#include <security_cdsa_utilities/cssmcred.h>
+#include <SecurityTokend/SecTokend.h>
+
+namespace Tokend
+{
+
+class MetaRecord;
+class Record;
+class TokenContext;
+
+class RecordHandle: public HandleObject
+{
+ NOCOPY(RecordHandle)
+public:
+ RecordHandle(const MetaRecord &metaRecord,
+ const RefPointer<Record> &record);
+ virtual ~RecordHandle();
+ virtual void get(TokenContext *tokenContext, TOKEND_RETURN_DATA &data);
+
+ virtual void getOwner(AclOwnerPrototype &owner);
+ virtual void getAcl(const char *tag, uint32 &count,
+ AclEntryInfo *&aclList);
+ virtual void changeOwner(const AclOwnerPrototype &owner);
+ virtual void changeAcl(const AccessCredentials &cred, const AclEdit &edit);
+
+private:
+ const MetaRecord &mMetaRecord;
+ RefPointer<Record> mRecord;
+};
+
+} // end namespace Tokend
+
+#endif /* !_TOKEND_RECORDHANDLE_H_ */
+
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Relation.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Relation.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Relation.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,66 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * Relation.cpp
+ * TokendMuscle
+ */
+
+#include "Relation.h"
+
+namespace Tokend
+{
+
+// @@@ need to distinguish between records that exist at db open time, and
+// those that are being added and must be written back to the card
+
+#pragma mark ---------------- Relation methods --------------
+
+Relation::~Relation()
+{
+ delete mMetaRecord;
+}
+
+void Relation::insertRecord(const RefPointer<Record> &record)
+{
+ push_back(record);
+}
+
+bool Relation::matchesId(RelationId inRelationId) const
+{
+ RelationId anId = mMetaRecord->relationId();
+ if (inRelationId == CSSM_DL_DB_RECORD_ANY) // All non schema tables.
+ return !(CSSM_DB_RECORDTYPE_SCHEMA_START <= anId
+ && anId < CSSM_DB_RECORDTYPE_SCHEMA_END);
+
+ if (inRelationId == CSSM_DL_DB_RECORD_ALL_KEYS) // All key tables.
+ return (anId == CSSM_DL_DB_RECORD_PUBLIC_KEY
+ || anId == CSSM_DL_DB_RECORD_PRIVATE_KEY
+ || anId == CSSM_DL_DB_RECORD_SYMMETRIC_KEY);
+
+ return inRelationId == anId; // Only if exact match.
+}
+
+
+} // end namespace Tokend
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Relation.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Relation.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Relation.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,62 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * Relation.h
+ * TokendMuscle
+ */
+
+#ifndef _TOKEND_RELATION_H_
+#define _TOKEND_RELATION_H_
+
+#include "Record.h"
+#include <vector>
+
+namespace Tokend
+{
+
+class MetaRecord;
+class Record;
+
+class Relation : public std::vector< RefPointer<Record> >
+{
+ NOCOPY(Relation)
+public:
+ Relation(MetaRecord *metaRecord) : mMetaRecord(metaRecord) { }
+ ~Relation();
+
+ const MetaRecord &metaRecord() const { return *mMetaRecord; }
+ MetaRecord &metaRecord() { return *mMetaRecord; }
+
+ void insertRecord(const RefPointer<Record> &record);
+ bool matchesId(RelationId inRelationId) const;
+
+protected:
+ MetaRecord *mMetaRecord;
+};
+
+} // end namespace Tokend
+
+#endif /* !_TOKEND_RELATION_H_ */
+
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/SCardError.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/SCardError.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/SCardError.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,441 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * SCardError.cpp
+ * TokendMuscle
+ */
+
+#include "SCardError.h"
+
+#include <Security/cssmerr.h>
+
+namespace Tokend
+{
+
+/*
+Excerpt from ISO/IEC 7816 part 3:
+
+Status bytes (SW1=$6x or $9x, expect $60; SW2 any value)
+--------------------------------------------------------
+The end sequence SW1-SW2 gives the card status at the end of the command.
+
+The normal ending is indicated by SW1-SW2 = $90-$00.
+
+When the most significant half byte SW1 is $6, the meaning of SW1 is
+independant of the application. The following five values are defined:
+
+$6E The card does not support the instruction class.
+$6D The instruction code is not programmed or is invalid.
+$6B The reference is incorrect.
+$67 The length is incorrect.
+$6F No precise diagnostic is given.
+
+Other values are reserved for future use by ISO7816. When SW1 is neither $6E
+nor $6D, the card support the instruction. This part of ISO7816 does not
+interprets neither $9X SW1 bytes, nor SW2
+bytes; Their meaning relates to the application itself.
+
+Supplement (were seen sometimes):
+---------------------------------
+SW1 SW2 Meaning
+
+62 81 Returned data may be corrupted.
+62 82 The end of the file has been reached before the end of reading.
+62 84 Selected file is not valid.
+65 01 Memory failure. There have been problems in writing or reading
+the EEPROM. Other hardware problems may also bring this error.
+68 00 The request function is not supported by the card.
+6A 00 Bytes P1 and/or P2 are incorrect.
+6A 80 The parameters in the data field are incorrect.
+6A 82 File not found.
+6A 83 Record not found.
+6A 84 There is insufficient memory space in record or file.
+6A 87 The P3 value is not consistent with the P1 and P2 values.
+6A 88 Referenced data not found.
+6C XX Incorrect P3 length.
+
+
+Excerpt from ISO/IEC 7816 part 4:
+
+Due to specifications in part 3 of ISO/IEC 7816, this part does not define the
+following values of SW1-SW2 :
+
+'60XX'
+'67XX', '6BXX', '6DXX', '6EXX', '6FXX'; in each case if 'XX'!='00'
+'9XXX', if 'XXX'!='000'
+The following values of SW1-SW2 are defined whichever protocol is used (see
+examples in annex A).
+
+If a command is aborted with a response where SW1='6C', then SW2 indicates the
+value to be given to the short Le field (exact length of requested data) when
+re-issuing the same command before issuing any other command.
+If a command (which may be of case 2 or 4, see table 4 and figure 4) is
+processed with a response where SW1='61', then SW2 indicates the maximum value
+to be given to the short Le field (length of extra data still available) in
+a GET RESPONSE command issued before issuing any other command.
+NOTE - A functionality similar to that offered by '61XX' may be offered at
+application level by '9FXX'. However, applications may use '9FXX' for other
+purposes.
+
+Table 12 completed by tables 13 to 18 shows the general meanings of the values
+of SW1-SW2 defined in this part of ISO/IEC 7816. For each command, an
+appropriate clause provides more detailed meanings.
+
+Tables 13 to 18 specify values of SW2 when SW1 is valued to '62', '63', '65',
+'68', '69' and '6A'. The values of SW2 not defined in tables 13 to 18 are RFU,
+except the values from 'F0' to 'FF' which are not defined in this part of
+ISO/IEC 7816.
+
+
+Table 12 - Coding of SW1-SW2
+
+SW1-SW2 Meaning
+Normal processing
+'9000' No further qualification
+'61XX' SW2 indicates the number of response bytes still available
+(see text below)
+Warning processings
+'62XX' State of non-volatile memory unchanged (further qualification in SW2,
+see table 13)
+'63XX' State of non-volatile memory changed (further qualification in SW2,
+see table 14)
+Execution errors
+'64XX' State of non-volatile memory unchanged (SW2='00', other values are RFU)
+'65XX' State of non-volatile memory changed (further qualification in SW2,
+see table 15)
+'66XX' Reserved for security-related issues (not defined in this part of
+ISO/IEC 7816)
+Checking errors
+'6700' Wrong length
+'68XX' Functions in CLA not supported (further qualification in SW2, see
+table 16)
+'69XX' Command not allowed (further qualification in SW2, see table 17)
+'6AXX' Wrong parameter(s) P1-P2 (further qualification in SW2, see table 18)
+'6B00' Wrong parameter(s) P1-P2
+'6CXX' Wrong length Le: SW2 indicates the exact length (see text below)
+'6D00' Instruction code not supported or invalid
+'6E00' Class not supported
+'6F00' No precise diagnosis
+
+Table 13 - Coding of SW2 when SW1='62'
+
+SW2 Meaning
+'00' No information given
+'81' Part of returned data may be corrupted
+'82' End of file/record reached before reading Le bytes
+'83' Selected file invalidated
+'84' FCI not formatted according to 1.1.5
+
+Table 14 - Coding of SW2 when SW1='63'
+
+SW2 Meaning
+'00' No information given
+'81' File filled up by the last write
+'CX' Counter provided by 'X' (valued from 0 to 15) (exact meaning depending
+on the command)
+
+Table 15 - Coding of SW2 when SW1='65'
+
+SW2 Meaning
+'00' No information given
+'81' Memory failure
+
+Table 16 - Coding of SW2 when SW1='68'
+
+SW2 Meaning
+'00' No information given
+'81' Logical channel not supported
+'82' Secure messaging not supported
+
+Table 17 - Coding of SW2 when SW1='69'
+
+SW2 Meaning
+'00' No information given
+'81' Command incompatible with file structure
+'82' Security status not satisfied
+'83' Authentication method blocked
+'84' Referenced data invalidated
+'85' Conditions of use not satisfied
+'86' Command not allowed (no current EF)
+'87' Expected SM data objects missing
+'88' SM data objects incorrect
+
+Table 18 - Coding of SW2 when SW1='6A'
+
+SW2 Meaning
+'00' No information given
+'80' Incorrect parameters in the data field
+'81' Function not supported
+'82' File not found
+'83' Record not found
+'84' Not enough memory space in the file
+'85' Lc inconsistent with TLV structure
+'86' Incorrect parameters P1-P2
+'87' Lc inconsistent with P1-P2
+'88' Referenced data not found
+
+*/
+
+//
+// SCardError exceptions
+//
+SCardError::SCardError(uint16_t sw) : statusWord(sw)
+{
+#if MAX_OS_X_VERSION_MIN_REQUIRED <= MAX_OS_X_VERSION_10_5
+ IFDEBUG(debugDiagnose(this));
+#else
+ SECURITY_EXCEPTION_THROW_OTHER(this, sw, (char *)"SCard");
+#endif
+}
+
+const char *SCardError::what() const throw ()
+{ return "SCardError"; }
+
+OSStatus SCardError::osStatus() const
+{
+ switch (statusWord)
+ {
+ case SCARD_SUCCESS:
+ return 0;
+
+ case SCARD_FILE_FILLED:
+ case SCARD_MEMORY_FAILURE:
+ case SCARD_NO_MEMORY_LEFT:
+ return CSSM_ERRCODE_MEMORY_ERROR;
+
+ case SCARD_AUTHENTICATION_FAILED:
+ case SCARD_AUTHENTICATION_FAILED_0:
+ case SCARD_AUTHENTICATION_FAILED_1:
+ case SCARD_AUTHENTICATION_FAILED_2:
+ case SCARD_AUTHENTICATION_FAILED_3:
+ case SCARD_AUTHENTICATION_FAILED_4:
+ case SCARD_AUTHENTICATION_FAILED_5:
+ case SCARD_AUTHENTICATION_FAILED_6:
+ case SCARD_AUTHENTICATION_FAILED_7:
+ case SCARD_AUTHENTICATION_FAILED_8:
+ case SCARD_AUTHENTICATION_FAILED_9:
+ case SCARD_AUTHENTICATION_FAILED_10:
+ case SCARD_AUTHENTICATION_FAILED_11:
+ case SCARD_AUTHENTICATION_FAILED_12:
+ case SCARD_AUTHENTICATION_FAILED_13:
+ case SCARD_AUTHENTICATION_FAILED_14:
+ case SCARD_AUTHENTICATION_FAILED_15:
+ case SCARD_AUTHENTICATION_BLOCKED:
+ return CSSM_ERRCODE_OPERATION_AUTH_DENIED;
+
+ case SCARD_COMMAND_NOT_ALLOWED:
+ case SCARD_NOT_AUTHORIZED:
+ case SCARD_USE_CONDITIONS_NOT_MET:
+ return CSSM_ERRCODE_OBJECT_USE_AUTH_DENIED;
+
+ case SCARD_FUNCTION_NOT_SUPPORTED:
+ case SCARD_INSTRUCTION_CODE_INVALID:
+ return CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED;
+
+ case SCARD_FILE_NOT_FOUND:
+ case SCARD_RECORD_NOT_FOUND:
+ return CSSMERR_DL_RECORD_NOT_FOUND;
+
+ case SCARD_BYTES_LEFT_IN_SW2:
+ case SCARD_EXECUTION_WARNING:
+ case SCARD_RETURNED_DATA_CORRUPTED:
+ case SCARD_END_OF_FILE_REACHED:
+ case SCARD_FILE_INVALIDATED:
+ case SCARD_FCI_INVALID:
+ case SCARD_EXECUTION_ERROR:
+ case SCARD_CHANGED_ERROR:
+ case SCARD_LENGTH_INCORRECT:
+ case SCARD_CLA_UNSUPPORTED:
+ case SCARD_LOGICAL_CHANNEL_UNSUPPORTED:
+ case SCARD_SECURE_MESSAGING_UNSUPPORTED:
+ case SCARD_COMMAND_INCOMPATIBLE:
+ case SCARD_REFERENCED_DATA_INVALIDATED:
+ case SCARD_NO_CURRENT_EF:
+ case SCARD_SM_DATA_OBJECTS_MISSING:
+ case SCARD_SM_DATA_NOT_ALLOWED:
+ case SCARD_WRONG_PARAMETER:
+ case SCARD_DATA_INCORRECT:
+ case SCARD_LC_INCONSISTENT_TLV:
+ case SCARD_INCORRECT_P1_P2:
+ case SCARD_LC_INCONSISTENT_P1_P2:
+ case SCARD_REFERENCED_DATA_NOT_FOUND:
+ case SCARD_WRONG_PARAMETER_P1_P2:
+ case SCARD_LE_IN_SW2:
+ case SCARD_INSTRUCTION_CLASS_UNSUPPORTED:
+ case SCARD_UNSPECIFIED_ERROR:
+ default:
+ return CSSM_ERRCODE_INTERNAL_ERROR;
+ }
+}
+
+int SCardError::unixError() const
+{
+ switch (statusWord)
+ {
+ default:
+ // cannot map this to errno space
+ return -1;
+ }
+}
+
+void SCardError::throwMe(uint16_t sw)
+{ throw SCardError(sw); }
+
+#if !defined(NDEBUG)
+
+#if MAX_OS_X_VERSION_MIN_REQUIRED <= MAX_OS_X_VERSION_10_5
+
+void SCardError::debugDiagnose(const void *id) const
+{
+ secdebug("exception", "%p Error %s (%04hX)",
+ id, errorstr(statusWord), statusWord);
+}
+
+#endif // MAX_OS_X_VERSION_MIN_REQUIRED <= MAX_OS_X_VERSION_10_5
+
+const char *SCardError::errorstr(uint16_t sw)
+{
+ switch (sw)
+ {
+ case SCARD_SUCCESS:
+ return "Success";
+ case SCARD_BYTES_LEFT_IN_SW2:
+ return "SW2 indicates the number of response bytes still available";
+ case SCARD_EXECUTION_WARNING:
+ return "Execution warning, state of non-volatile memory unchanged";
+ case SCARD_RETURNED_DATA_CORRUPTED:
+ return "Part of returned data may be corrupted.";
+ case SCARD_END_OF_FILE_REACHED:
+ return "End of file/record reached before reading Le bytes.";
+ case SCARD_FILE_INVALIDATED:
+ return "Selected file invalidated.";
+ case SCARD_FCI_INVALID:
+ return "FCI not formatted according to 1.1.5.";
+ case SCARD_AUTHENTICATION_FAILED:
+ return "Authentication failed.";
+ case SCARD_FILE_FILLED:
+ return "File filled up by the last write.";
+ case SCARD_AUTHENTICATION_FAILED_0:
+ return "Authentication failed, 0 retries left.";
+ case SCARD_AUTHENTICATION_FAILED_1:
+ return "Authentication failed, 1 retry left.";
+ case SCARD_AUTHENTICATION_FAILED_2:
+ return "Authentication failed, 2 retries left.";
+ case SCARD_AUTHENTICATION_FAILED_3:
+ return "Authentication failed, 3 retries left.";
+ case SCARD_AUTHENTICATION_FAILED_4:
+ return "Authentication failed, 4 retries left.";
+ case SCARD_AUTHENTICATION_FAILED_5:
+ return "Authentication failed, 5 retries left.";
+ case SCARD_AUTHENTICATION_FAILED_6:
+ return "Authentication failed, 6 retries left.";
+ case SCARD_AUTHENTICATION_FAILED_7:
+ return "Authentication failed, 7 retries left.";
+ case SCARD_AUTHENTICATION_FAILED_8:
+ return "Authentication failed, 8 retries left.";
+ case SCARD_AUTHENTICATION_FAILED_9:
+ return "Authentication failed, 9 retries left.";
+ case SCARD_AUTHENTICATION_FAILED_10:
+ return "Authentication failed, 10 retries left.";
+ case SCARD_AUTHENTICATION_FAILED_11:
+ return "Authentication failed, 11 retries left.";
+ case SCARD_AUTHENTICATION_FAILED_12:
+ return "Authentication failed, 12 retries left.";
+ case SCARD_AUTHENTICATION_FAILED_13:
+ return "Authentication failed, 13 retries left.";
+ case SCARD_AUTHENTICATION_FAILED_14:
+ return "Authentication failed, 14 retries left.";
+ case SCARD_AUTHENTICATION_FAILED_15:
+ return "Authentication failed, 15 retries left.";
+ case SCARD_EXECUTION_ERROR:
+ return "Execution error, state of non-volatile memory unchanged.";
+ case SCARD_CHANGED_ERROR:
+ return "Execution error, state of non-volatile memory changed.";
+ case SCARD_MEMORY_FAILURE:
+ return "Memory failure.";
+ case SCARD_LENGTH_INCORRECT:
+ return "The length is incorrect.";
+ case SCARD_CLA_UNSUPPORTED:
+ return "Functions in CLA not supported.";
+ case SCARD_LOGICAL_CHANNEL_UNSUPPORTED:
+ return "Logical channel not supported.";
+ case SCARD_SECURE_MESSAGING_UNSUPPORTED:
+ return "Secure messaging not supported.";
+ case SCARD_COMMAND_NOT_ALLOWED:
+ return "Command not allowed.";
+ case SCARD_COMMAND_INCOMPATIBLE:
+ return "Command incompatible with file structure.";
+ case SCARD_NOT_AUTHORIZED:
+ return "Security status not satisfied.";
+ case SCARD_AUTHENTICATION_BLOCKED:
+ return "Authentication method blocked.";
+ case SCARD_REFERENCED_DATA_INVALIDATED:
+ return "Referenced data invalidated.";
+ case SCARD_USE_CONDITIONS_NOT_MET:
+ return "Conditions of use not satisfied.";
+ case SCARD_NO_CURRENT_EF:
+ return "Command not allowed (no current EF).";
+ case SCARD_SM_DATA_OBJECTS_MISSING:
+ return "Expected SM data objects missing.";
+ case SCARD_SM_DATA_NOT_ALLOWED:
+ return "SM data objects incorrect.";
+ case SCARD_WRONG_PARAMETER:
+ return "Wrong parameter.";
+ case SCARD_DATA_INCORRECT:
+ return "Incorrect parameters in the data field.";
+ case SCARD_FUNCTION_NOT_SUPPORTED:
+ return "Function not supported.";
+ case SCARD_FILE_NOT_FOUND:
+ return "File not found.";
+ case SCARD_RECORD_NOT_FOUND:
+ return "Record not found.";
+ case SCARD_NO_MEMORY_LEFT:
+ return "Not enough memory space in the file.";
+ case SCARD_LC_INCONSISTENT_TLV:
+ return "Lc inconsistent with TLV structure.";
+ case SCARD_INCORRECT_P1_P2:
+ return "Incorrect parameters P1-P2.";
+ case SCARD_LC_INCONSISTENT_P1_P2:
+ return "Lc inconsistent with P1-P2.";
+ case SCARD_REFERENCED_DATA_NOT_FOUND:
+ return "Referenced data not found.";
+ case SCARD_WRONG_PARAMETER_P1_P2:
+ return "Wrong parameter(s) P1-P2.";
+ case SCARD_LE_IN_SW2:
+ return "Wrong length Le: SW2 indicates the exact length";
+ case SCARD_INSTRUCTION_CODE_INVALID:
+ return "The instruction code is not programmed or is invalid.";
+ case SCARD_INSTRUCTION_CLASS_UNSUPPORTED:
+ return "The card does not support the instruction class.";
+ case SCARD_UNSPECIFIED_ERROR:
+ return "No precise diagnostic is given.";
+ default:
+ return "Unknown error";
+ }
+}
+
+#endif //NDEBUG
+
+} // end namespace Tokend
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/SCardError.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/SCardError.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/SCardError.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,273 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * SCardError.h
+ * TokendMuscle
+ */
+
+#ifndef _TOKEND_SCARDERROR_H_
+#define _TOKEND_SCARDERROR_H_
+
+#include <security_utilities/debugging.h>
+#include <security_utilities/errors.h>
+
+
+/* ISO/IEC 7816 part 3 and 4 error codes. */
+
+/** success */
+#define SCARD_SUCCESS 0x9000
+
+
+/* '61XX' SW2 indicates the number of response bytes still available. */
+#define SCARD_BYTES_LEFT_IN_SW2 0x6100
+
+
+/* '62XX' Warning processings - State of non-volatile memory unchanged. */
+
+/** Execution warning, state of non-volatile memory unchanged */
+#define SCARD_EXECUTION_WARNING 0x6200
+
+/** Part of returned data may be corrupted. */
+#define SCARD_RETURNED_DATA_CORRUPTED 0x6281
+
+/** End of file/record reached before reading Le bytes. */
+#define SCARD_END_OF_FILE_REACHED 0x6282
+
+/** Selected file invalidated. */
+#define SCARD_FILE_INVALIDATED 0x6283
+
+/** FCI not formatted according to 1.1.5. */
+#define SCARD_FCI_INVALID 0x6284
+
+
+/* '62XX' Warning processings - State of non-volatile memory changed. */
+
+/** Authentication failed. */
+#define SCARD_AUTHENTICATION_FAILED 0x6300
+
+/** File filled up by the last write. */
+#define SCARD_FILE_FILLED 0x6381
+
+/** Authentication failed, 0 retries left. */
+#define SCARD_AUTHENTICATION_FAILED_0 0x63C0
+
+/** Authentication failed, 1 retry left. */
+#define SCARD_AUTHENTICATION_FAILED_1 0x63C1
+
+/** Authentication failed, 2 retries left. */
+#define SCARD_AUTHENTICATION_FAILED_2 0x63C2
+
+/** Authentication failed, 3 retries left. */
+#define SCARD_AUTHENTICATION_FAILED_3 0x63C3
+
+/** Authentication failed, 4 retries left. */
+#define SCARD_AUTHENTICATION_FAILED_4 0x63C4
+
+/** Authentication failed, 5 retries left. */
+#define SCARD_AUTHENTICATION_FAILED_5 0x63C5
+
+/** Authentication failed, 6 retries left. */
+#define SCARD_AUTHENTICATION_FAILED_6 0x63C6
+
+/** Authentication failed, 7 retries left. */
+#define SCARD_AUTHENTICATION_FAILED_7 0x63C7
+
+/** Authentication failed, 8 retries left. */
+#define SCARD_AUTHENTICATION_FAILED_8 0x63C8
+
+/** Authentication failed, 9 retries left. */
+#define SCARD_AUTHENTICATION_FAILED_9 0x63C9
+
+/** Authentication failed, 10 retries left. */
+#define SCARD_AUTHENTICATION_FAILED_10 0x63CA
+
+/** Authentication failed, 11 retries left. */
+#define SCARD_AUTHENTICATION_FAILED_11 0x63CB
+
+/** Authentication failed, 12 retries left. */
+#define SCARD_AUTHENTICATION_FAILED_12 0x63CC
+
+/** Authentication failed, 13 retries left. */
+#define SCARD_AUTHENTICATION_FAILED_13 0x63CD
+
+/** Authentication failed, 14 retries left. */
+#define SCARD_AUTHENTICATION_FAILED_14 0x63CE
+
+/** Authentication failed, 15 retries left. */
+#define SCARD_AUTHENTICATION_FAILED_15 0x63CF
+
+
+/* '64XX' Execution errors - State of non-volatile memory unchanged. */
+
+/** Execution error, state of non-volatile memory unchanged. */
+#define SCARD_EXECUTION_ERROR 0x6400
+
+
+/* '65XX' Execution errors - State of non-volatile memory changed. */
+
+/** Execution error, state of non-volatile memory changed. */
+#define SCARD_CHANGED_ERROR 0x6500
+
+/** Memory failure. */
+#define SCARD_MEMORY_FAILURE 0x6581
+
+
+/* '66XX' Reserved for security-related issues. */
+
+/* '6700' Wrong length. */
+
+/** The length is incorrect. */
+#define SCARD_LENGTH_INCORRECT 0x6700
+
+
+/* '68XX' Functions in CLA not supported. */
+
+/** No information given. */
+#define SCARD_CLA_UNSUPPORTED 0x6800
+
+/** Logical channel not supported. */
+#define SCARD_LOGICAL_CHANNEL_UNSUPPORTED 0x6881
+
+/** Secure messaging not supported. */
+#define SCARD_SECURE_MESSAGING_UNSUPPORTED 0x6882
+
+
+/* '69XX' Command not allowed. */
+
+/** Command not allowed. */
+#define SCARD_COMMAND_NOT_ALLOWED 0x6900
+
+/** Command incompatible with file structure. */
+#define SCARD_COMMAND_INCOMPATIBLE 0x6981
+
+/** Security status not satisfied. */
+#define SCARD_NOT_AUTHORIZED 0x6982
+
+/** Authentication method blocked. */
+#define SCARD_AUTHENTICATION_BLOCKED 0x6983
+
+/** Referenced data invalidated. */
+#define SCARD_REFERENCED_DATA_INVALIDATED 0x6984
+
+/** Conditions of use not satisfied. */
+#define SCARD_USE_CONDITIONS_NOT_MET 0x6985
+
+/** Command not allowed (no current EF). */
+#define SCARD_NO_CURRENT_EF 0x6986
+
+/** Expected SM data objects missing. */
+#define SCARD_SM_DATA_OBJECTS_MISSING 0x6987
+
+/** SM data objects incorrect. */
+#define SCARD_SM_DATA_NOT_ALLOWED 0x6988
+
+
+/* '6AXX' Wrong parameter(s) P1-P2. */
+
+/** Wrong parameter. */
+#define SCARD_WRONG_PARAMETER 0x6A00
+
+/** Incorrect parameters in the data field. */
+#define SCARD_DATA_INCORRECT 0x6A80
+
+/** Function not supported. */
+#define SCARD_FUNCTION_NOT_SUPPORTED 0x6A81
+
+/** File not found. */
+#define SCARD_FILE_NOT_FOUND 0x6A82
+
+/** Record not found. */
+#define SCARD_RECORD_NOT_FOUND 0x6A83
+
+/** Not enough memory space in the file. */
+#define SCARD_NO_MEMORY_LEFT 0x6A84
+
+/** Lc inconsistent with TLV structure. */
+#define SCARD_LC_INCONSISTENT_TLV 0x6A85
+
+/** Incorrect parameters P1-P2. */
+#define SCARD_INCORRECT_P1_P2 0x6A86
+
+/** Lc inconsistent with P1-P2. */
+#define SCARD_LC_INCONSISTENT_P1_P2 0x6A87
+
+/** Referenced data not found. */
+#define SCARD_REFERENCED_DATA_NOT_FOUND 0x6A88
+
+
+/* '6B00' Wrong parameter(s) P1-P2. */
+
+/** Wrong parameter(s) P1-P2. */
+#define SCARD_WRONG_PARAMETER_P1_P2 0x6B00
+
+
+/* '6CXX' Wrong length Le: SW2 indicates the exact length */
+#define SCARD_LE_IN_SW2 0x6C00
+
+
+/* '6D00' Instruction code not supported or invalid. */
+
+/** The instruction code is not programmed or is invalid. */
+#define SCARD_INSTRUCTION_CODE_INVALID 0x6D00
+
+
+/* '6E00' Class not supported. */
+
+/** The card does not support the instruction class. */
+#define SCARD_INSTRUCTION_CLASS_UNSUPPORTED 0x6E00
+
+
+/* '6F00' No precise diagnosis. */
+
+/** No precise diagnostic is given. */
+#define SCARD_UNSPECIFIED_ERROR 0x6F00
+
+
+namespace Tokend
+{
+
+class SCardError : public Security::CommonError
+{
+protected:
+ SCardError(uint16_t sw);
+public:
+ const uint16_t statusWord;
+ virtual OSStatus osStatus() const;
+ virtual int unixError() const;
+ virtual const char *what () const throw ();
+
+ static void check(uint16_t sw) { if (sw != SCARD_SUCCESS) throwMe(sw); }
+ static void throwMe(uint16_t sw) __attribute__((noreturn));
+
+protected:
+#if MAX_OS_X_VERSION_MIN_REQUIRED <= MAX_OS_X_VERSION_10_5
+ IFDEBUG(void debugDiagnose(const void *id) const;)
+#endif
+ IFDEBUG(static const char *errorstr(uint16_t sw);)
+};
+
+} // end namespace Tokend
+
+#endif /* !_TOKEND_SCARDERROR_H_ */
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Schema.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Schema.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Schema.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,511 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * Schema.cpp
+ * TokendMuscle
+ */
+
+#include "Schema.h"
+
+#include "Attribute.h"
+#include "MetaRecord.h"
+#include "MetaAttribute.h"
+
+#include <Security/SecKey.h>
+#include <Security/SecCertificate.h>
+#include <Security/SecKeychainItem.h>
+#include <Security/cssmapple.h>
+
+//#define REGISTER_SCHEMA_RELATIONS 1
+
+namespace Tokend
+{
+
+#pragma mark ---------------- Schema --------------
+
+Schema::Schema() :
+ mTrueCoder(true),
+ mFalseCoder(false),
+ mCertEncodingBERCoder(CSSM_CERT_ENCODING(CSSM_CERT_ENCODING_BER)),
+ mSdCSPDLGuidCoder(gGuidAppleSdCSPDL),
+ mPublicKeyClassCoder(CSSM_KEYCLASS(CSSM_KEYCLASS_PUBLIC_KEY)),
+ mPrivateKeyClassCoder(CSSM_KEYCLASS(CSSM_KEYCLASS_PRIVATE_KEY)),
+ mSessionKeyClassCoder(CSSM_KEYCLASS(CSSM_KEYCLASS_SESSION_KEY))
+{
+}
+
+Schema::~Schema()
+{
+ try
+ {
+ for_each_map_delete(mRelationMap.begin(), mRelationMap.end());
+ }
+ catch(...) {}
+}
+
+void Schema::create()
+{
+ // Attribute names.
+ std::string
+ an_RelationID("RelationID"),
+ an_RelationName("RelationName"),
+ an_AttributeID("AttributeID"),
+ an_AttributeNameFormat("AttributeNameFormat"),
+ an_AttributeName("AttributeName"),
+ an_AttributeNameID("AttributeNameID"),
+ an_AttributeFormat("AttributeFormat"),
+ an_IndexID("IndexID"),
+ an_IndexType("IndexType"),
+ an_IndexedDataLocation("IndexedDataLocation");
+
+ // Record the attributeIndex of each created attribute for use by our
+ // register functions laster on.
+ // Create CSSM_DL_DB_SCHEMA_INFO relation.
+ MetaRecord *mrio = new MetaRecord(CSSM_DL_DB_SCHEMA_INFO);
+ io_rid = mrio->createAttribute(an_RelationID,
+ kAF_UINT32).attributeIndex();
+ io_rn = mrio->createAttribute(an_RelationName,
+ kAF_STRING).attributeIndex();
+ mInfo = createRelation(mrio);
+
+ // Create CSSM_DL_DB_SCHEMA_ATTRIBUTES relation
+ MetaRecord *mras = new MetaRecord(CSSM_DL_DB_SCHEMA_ATTRIBUTES);
+ as_rid = mras->createAttribute(an_RelationID,
+ kAF_UINT32).attributeIndex();
+ as_aid = mras->createAttribute(an_AttributeID,
+ kAF_UINT32).attributeIndex();
+ as_anf = mras->createAttribute(an_AttributeNameFormat,
+ kAF_UINT32).attributeIndex();
+ as_an = mras->createAttribute(an_AttributeName,
+ kAF_STRING).attributeIndex();
+ as_anid= mras->createAttribute(an_AttributeNameID,
+ kAF_BLOB ).attributeIndex();
+ as_af = mras->createAttribute(an_AttributeFormat,
+ kAF_UINT32).attributeIndex();
+ mAttributes = createRelation(mras);
+
+ // Create CSSM_DL_DB_SCHEMA_INDEXES relation
+ MetaRecord *mrix = new MetaRecord(CSSM_DL_DB_SCHEMA_INDEXES);
+ ix_rid = mrix->createAttribute(an_RelationID,
+ kAF_UINT32).attributeIndex();
+ ix_iid = mrix->createAttribute(an_IndexID,
+ kAF_UINT32).attributeIndex();
+ ix_aid = mrix->createAttribute(an_AttributeID,
+ kAF_UINT32).attributeIndex();
+ ix_it = mrix->createAttribute(an_IndexType,
+ kAF_UINT32).attributeIndex();
+ ix_idl = mrix->createAttribute(an_IndexedDataLocation,
+ kAF_UINT32).attributeIndex();
+ mIndices = createRelation(mrix);
+
+#ifdef ADD_SCHEMA_PARSING_MODULE
+ // @@@ Skipping CSSM_DL_DB_SCHEMA_PARSING_MODULE relation since no one uses
+ // it and it's definition in CDSA is broken anyway
+
+ // Attribute names.
+ std::string
+ an_ModuleID("ModuleID"),
+ an_AddinVersion("AddinVersion"),
+ an_SSID("SSID"),
+ an_SubserviceType("SubserviceType");
+
+ // Create CSSM_DL_DB_SCHEMA_PARSING_MODULE Relation
+ MetaRecord *mr_parsing = new MetaRecord(CSSM_DL_DB_SCHEMA_PARSING_MODULE);
+ mr_parsing->createAttribute(an_AttributeID, kAF_UINT32);
+ mr_parsing->createAttribute(an_ModuleID, kAF_BLOB );
+ mr_parsing->createAttribute(an_AddinVersion, kAF_STRING);
+ mr_parsing->createAttribute(an_SSID, kAF_UINT32);
+ mr_parsing->createAttribute(an_SubserviceType, kAF_UINT32);
+ createRelation(mr_parsing);
+#endif
+
+#ifdef REGISTER_SCHEMA_RELATIONS
+ registerRelation("CSSM_DL_DB_SCHEMA_INFO", CSSM_DL_DB_SCHEMA_INFO);
+ registerAttribute(CSSM_DL_DB_SCHEMA_INFO, &an_RelationID, 0,
+ kAF_UINT32, true);
+ registerAttribute(CSSM_DL_DB_SCHEMA_INFO, &an_RelationName, 1,
+ kAF_UINT32, false);
+ registerRelation("CSSM_DL_DB_SCHEMA_ATTRIBUTES",
+ CSSM_DL_DB_SCHEMA_ATTRIBUTES);
+ registerAttribute(CSSM_DL_DB_SCHEMA_ATTRIBUTES, &an_RelationID, 0,
+ kAF_UINT32, true);
+ registerAttribute(CSSM_DL_DB_SCHEMA_ATTRIBUTES, &an_AttributeID, 2,
+ kAF_UINT32, true);
+ registerAttribute(CSSM_DL_DB_SCHEMA_ATTRIBUTES, &an_AttributeNameFormat, 3,
+ kAF_UINT32, false);
+ registerAttribute(CSSM_DL_DB_SCHEMA_ATTRIBUTES, &an_AttributeName, 4,
+ kAF_STRING, false);
+ registerAttribute(CSSM_DL_DB_SCHEMA_ATTRIBUTES, &an_AttributeNameId, 5,
+ kAF_BLOB, false);
+ registerAttribute(CSSM_DL_DB_SCHEMA_ATTRIBUTES, &an_AttributeFormat, 6,
+ kAF_UINT32, false);
+ registerRelation("CSSM_DL_DB_SCHEMA_INDEXES", CSSM_DL_DB_SCHEMA_INDEXES);
+ registerAttribute(CSSM_DL_DB_SCHEMA_INDEXES, &an_RelationID, 0,
+ kAF_UINT32, true);
+ registerAttribute(CSSM_DL_DB_SCHEMA_INDEXES, &an_IndexID, 1,
+ kAF_UINT32, true);
+ registerAttribute(CSSM_DL_DB_SCHEMA_INDEXES, &an_AttributeID, 2,
+ kAF_UINT32, true);
+ registerAttribute(CSSM_DL_DB_SCHEMA_INDEXES, &an_IndexType, 3,
+ kAF_UINT32, false);
+ registerAttribute(CSSM_DL_DB_SCHEMA_INDEXES, &an_IndexedDataLocation, 4,
+ kAF_UINT32, false);
+#endif
+}
+
+// Create one of the standard relations conforming to what the SecKeychain
+// layer expects.
+Relation *Schema::createStandardRelation(RelationId relationId)
+{
+ // avoid include of <Security/SecKeychainItemPriv.h> for definition of kSecProtectedDataItemAttr
+ const uint32 localkSecProtectedDataItemAttr = 'prot'; /* Item's data is protected (encrypted) (Boolean) */
+ std::string relationName;
+ // Get the name based on the relation
+ switch (relationId)
+ {
+ case CSSM_DL_DB_RECORD_PRIVATE_KEY:
+ relationName = "CSSM_DL_DB_RECORD_PRIVATE_KEY"; break;
+ case CSSM_DL_DB_RECORD_PUBLIC_KEY:
+ relationName = "CSSM_DL_DB_RECORD_PUBLIC_KEY"; break;
+ case CSSM_DL_DB_RECORD_SYMMETRIC_KEY:
+ relationName = "CSSM_DL_DB_RECORD_SYMMETRIC_KEY"; break;
+ case CSSM_DL_DB_RECORD_X509_CERTIFICATE:
+ relationName = "CSSM_DL_DB_RECORD_X509_CERTIFICATE"; break;
+ case CSSM_DL_DB_RECORD_GENERIC:
+ relationName = "CSSM_DL_DB_RECORD_GENERIC"; break;
+ case CSSM_DL_DB_RECORD_GENERIC_PASSWORD:
+ relationName = "CSSM_DL_DB_RECORD_GENERIC_PASSWORD"; break;
+ default: CssmError::throwMe(CSSMERR_DL_INVALID_RECORDTYPE);
+ }
+
+ Relation *rt = createRelation(relationName, relationId);
+
+ std::string
+ an_CertType = "CertType",
+ an_CertEncoding = "CertEncoding",
+ an_PrintName = "PrintName",
+ an_Alias = "Alias",
+ an_Subject = "Subject",
+ an_Issuer = "Issuer",
+ an_SerialNumber = "SerialNumber",
+ an_SubjectKeyIdentifier = "SubjectKeyIdentifier",
+ an_PublicKeyHash = "PublicKeyHash",
+ an_KeyClass = "KeyClass",
+ an_Permanent = "Permanent",
+ an_Private = "Private",
+ an_Modifiable = "Modifiable",
+ an_Label = "Label",
+ an_ApplicationTag = "ApplicationTag",
+ an_KeyCreator = "KeyCreator",
+ an_KeyType = "KeyType",
+ an_KeySizeInBits = "KeySizeInBits",
+ an_EffectiveKeySize = "EffectiveKeySize",
+ an_StartDate = "StartDate",
+ an_EndDate = "EndDate",
+ an_Sensitive = "Sensitive",
+ an_AlwaysSensitive = "AlwaysSensitive",
+ an_Extractable = "Extractable",
+ an_NeverExtractable = "NeverExtractable",
+ an_Encrypt = "Encrypt",
+ an_Decrypt = "Decrypt",
+ an_Derive = "Derive",
+ an_Sign = "Sign",
+ an_Verify = "Verify",
+ an_SignRecover = "SignRecover",
+ an_VerifyRecover = "VerifyRecover",
+ an_Wrap = "Wrap",
+ an_Unwrap = "Unwrap",
+ an_CreationDate = "CreationDate",
+ an_ModDate = "ModDate",
+ an_Description = "Description",
+ an_Comment = "Comment",
+ an_Creator = "Creator",
+ an_Type = "Type",
+ an_ScriptCode = "ScriptCode",
+ an_Invisible = "Invisible",
+ an_Negative = "Negative",
+ an_CustomIcon = "CustomIcon",
+ an_Protected = "Protected",
+ an_Account = "Account",
+ an_Service = "Service",
+ an_Generic = "Generic"
+ ;
+
+ // @@@ HARDWIRED Based on what SecKeychain layer expects @@@
+ switch (relationId)
+ {
+ case CSSM_DL_DB_RECORD_GENERIC:
+ createAttribute(*rt, &an_PrintName, kSecLabelItemAttr, kAF_BLOB, false)
+ .attributeCoder(&mDescriptionCoder);
+ createAttribute(*rt, &an_Alias, kSecAlias, kAF_BLOB, false)
+ .attributeCoder(&mZeroCoder);
+ rt->metaRecord().attributeCoderForData(&mDataAttributeCoder);
+ break;
+ case CSSM_DL_DB_RECORD_X509_CERTIFICATE:
+ createAttribute(*rt, &an_CertType, kSecCertTypeItemAttr,
+ kAF_UINT32, true).attributeCoder(&mCertificateCoder);
+ createAttribute(*rt, &an_CertEncoding, kSecCertEncodingItemAttr,
+ kAF_UINT32, false).attributeCoder(&mCertEncodingBERCoder);
+ createAttribute(*rt, &an_PrintName, kSecLabelItemAttr,
+ kAF_BLOB, false).attributeCoder(&mCertificateCoder);
+ createAttribute(*rt, &an_Alias, kSecAlias,
+ kAF_BLOB, false).attributeCoder(&mCertificateCoder);
+ createAttribute(*rt, &an_Subject, kSecSubjectItemAttr,
+ kAF_BLOB, false).attributeCoder(&mCertificateCoder);
+ createAttribute(*rt, &an_Issuer, kSecIssuerItemAttr,
+ kAF_BLOB, true).attributeCoder(&mCertificateCoder);
+ createAttribute(*rt, &an_SerialNumber, kSecSerialNumberItemAttr,
+ kAF_BLOB, true).attributeCoder(&mCertificateCoder);
+ createAttribute(*rt, &an_SubjectKeyIdentifier,
+ kSecSubjectKeyIdentifierItemAttr,
+ kAF_BLOB, false).attributeCoder(&mCertificateCoder);
+ createAttribute(*rt, &an_PublicKeyHash, kSecPublicKeyHashItemAttr,
+ kAF_BLOB, false).attributeCoder(&mCertificateCoder);
+ rt->metaRecord().attributeCoderForData(&mDataAttributeCoder);
+ // Initialize mPublicKeyHashCoder so it knows which attribute of a
+ // certificate to use to get the public key hash of a key.
+ mPublicKeyHashCoder.setCertificateMetaAttribute(&(rt->metaRecord()
+ .metaAttribute(kSecPublicKeyHashItemAttr)));
+ break;
+ case CSSM_DL_DB_RECORD_PUBLIC_KEY:
+ case CSSM_DL_DB_RECORD_PRIVATE_KEY:
+ case CSSM_DL_DB_RECORD_SYMMETRIC_KEY:
+ rt->metaRecord().attributeCoderForData(&mKeyDataCoder);
+ createAttribute(*rt, &an_KeyClass, kSecKeyKeyClass,
+ kAF_UINT32, false).attributeCoder(
+ relationId == CSSM_DL_DB_RECORD_PUBLIC_KEY
+ ? &mPublicKeyClassCoder
+ : relationId == CSSM_DL_DB_RECORD_PRIVATE_KEY
+ ? &mPrivateKeyClassCoder
+ : &mSessionKeyClassCoder);
+ createAttribute(*rt, &an_PrintName, kSecKeyPrintName,
+ kAF_BLOB, false).attributeCoder(&mZeroCoder);
+ createAttribute(*rt, &an_Alias, kSecKeyAlias,
+ kAF_BLOB, false).attributeCoder(&mZeroCoder);
+ createAttribute(*rt, &an_Permanent, kSecKeyPermanent,
+ kAF_UINT32, false).attributeCoder(&mTrueCoder);
+ createAttribute(*rt, &an_Private, kSecKeyPrivate,
+ kAF_UINT32, false).attributeCoder(
+ relationId == CSSM_DL_DB_RECORD_PUBLIC_KEY
+ ? &mFalseCoder : &mTrueCoder);
+ createAttribute(*rt, &an_Modifiable, kSecKeyModifiable,
+ kAF_UINT32, false).attributeCoder(&mFalseCoder);
+ createAttribute(*rt, &an_Label, kSecKeyLabel,
+ kAF_BLOB, true).attributeCoder(
+ relationId == CSSM_DL_DB_RECORD_PRIVATE_KEY
+ ? &mPublicKeyHashCoder : NULL);
+ createAttribute(*rt, &an_ApplicationTag, kSecKeyApplicationTag,
+ kAF_BLOB, true).attributeCoder(&mZeroCoder);
+ createAttribute(*rt, &an_KeyCreator, kSecKeyKeyCreator,
+ kAF_BLOB, true).attributeCoder(&mSdCSPDLGuidCoder);
+ createAttribute(*rt, &an_KeyType, kSecKeyKeyType, kAF_UINT32, true);
+ createAttribute(*rt, &an_KeySizeInBits, kSecKeyKeySizeInBits,
+ kAF_UINT32, true);
+ createAttribute(*rt, &an_EffectiveKeySize, kSecKeyEffectiveKeySize,
+ kAF_UINT32, true);
+ createAttribute(*rt, &an_StartDate, kSecKeyStartDate,
+ kAF_TIME_DATE, true).attributeCoder(&mZeroCoder);
+ createAttribute(*rt, &an_EndDate, kSecKeyEndDate,
+ kAF_TIME_DATE, true).attributeCoder(&mZeroCoder);
+ createAttribute(*rt, &an_Sensitive, kSecKeySensitive,
+ kAF_UINT32, false).attributeCoder(
+ relationId == CSSM_DL_DB_RECORD_PUBLIC_KEY
+ ? &mFalseCoder : &mTrueCoder);
+ createAttribute(*rt, &an_AlwaysSensitive, kSecKeyAlwaysSensitive,
+ kAF_UINT32, false).attributeCoder(&mFalseCoder);
+ createAttribute(*rt, &an_Extractable, kSecKeyExtractable,
+ kAF_UINT32, false).attributeCoder(&mFalseCoder);
+ createAttribute(*rt, &an_NeverExtractable, kSecKeyNeverExtractable,
+ kAF_UINT32, false).attributeCoder(&mFalseCoder);
+ createAttribute(*rt, &an_Encrypt, kSecKeyEncrypt, kAF_UINT32, false);
+ createAttribute(*rt, &an_Decrypt, kSecKeyDecrypt, kAF_UINT32, false);
+ createAttribute(*rt, &an_Derive, kSecKeyDerive, kAF_UINT32, false);
+ createAttribute(*rt, &an_Sign, kSecKeySign, kAF_UINT32, false);
+ createAttribute(*rt, &an_Verify, kSecKeyVerify, kAF_UINT32, false);
+ createAttribute(*rt, &an_SignRecover, kSecKeySignRecover,
+ kAF_UINT32, false);
+ createAttribute(*rt, &an_VerifyRecover, kSecKeyVerifyRecover,
+ kAF_UINT32, false);
+ createAttribute(*rt, &an_Wrap, kSecKeyWrap, kAF_UINT32, false);
+ createAttribute(*rt, &an_Unwrap, kSecKeyUnwrap, kAF_UINT32, false);
+ // Initialize mPublicKeyHashCoder so it knows which attribute of a
+ // public key to use to get the public key hash of a key.
+ if (relationId == CSSM_DL_DB_RECORD_PUBLIC_KEY)
+ mPublicKeyHashCoder.setPublicKeyMetaAttribute(&(rt->metaRecord()
+ .metaAttribute(kSecKeyLabel)));
+ break;
+ case CSSM_DL_DB_RECORD_GENERIC_PASSWORD:
+ createAttribute(*rt, &an_CreationDate, kSecCreationDateItemAttr,
+ kAF_TIME_DATE, true).attributeCoder(&mZeroCoder);
+ createAttribute(*rt, &an_ModDate, kSecModDateItemAttr,
+ kAF_TIME_DATE, true).attributeCoder(&mZeroCoder);
+ createAttribute(*rt, &an_Description, kSecDescriptionItemAttr,
+ kAF_BLOB, false).attributeCoder(&mZeroCoder);
+ createAttribute(*rt, &an_Comment, kSecCommentItemAttr,
+ kAF_BLOB, false).attributeCoder(&mZeroCoder);
+ createAttribute(*rt, &an_Creator, kSecCreatorItemAttr, kAF_UINT32, 0);
+ createAttribute(*rt, &an_Type, kSecTypeItemAttr, kAF_UINT32, 0);
+ createAttribute(*rt, &an_ScriptCode, kSecScriptCodeItemAttr, kAF_UINT32, 0);
+
+ createAttribute(*rt, &an_PrintName, kSecLabelItemAttr, kAF_BLOB, false)
+ .attributeCoder(&mDescriptionCoder);
+ createAttribute(*rt, &an_Alias, kSecAlias, kAF_BLOB, false)
+ .attributeCoder(&mZeroCoder);
+
+ createAttribute(*rt, &an_Invisible, kSecInvisibleItemAttr, kAF_UINT32, 0);
+ createAttribute(*rt, &an_Negative, kSecNegativeItemAttr, kAF_UINT32, 0);
+ createAttribute(*rt, &an_CustomIcon, kSecCustomIconItemAttr,
+ kAF_BLOB, false).attributeCoder(&mZeroCoder);
+ createAttribute(*rt, &an_Protected, localkSecProtectedDataItemAttr,
+ kAF_BLOB, false).attributeCoder(&mZeroCoder);
+ createAttribute(*rt, &an_Account, kSecAccountItemAttr,
+ kAF_BLOB, false).attributeCoder(&mZeroCoder);
+ createAttribute(*rt, &an_Service, kSecServiceItemAttr,
+ kAF_BLOB, false).attributeCoder(&mZeroCoder);
+ createAttribute(*rt, &an_Generic, kSecGenericItemAttr,
+ kAF_BLOB, false).attributeCoder(&mZeroCoder);
+ rt->metaRecord().attributeCoderForData(&mDataAttributeCoder);
+
+ break;
+ }
+
+ return rt;
+}
+
+// Create a new relation using metaRecord. Does not register this in the
+// CSSM_DL_DB_SCHEMA_INFO relation. This is used for creating the schema
+// relations themselves only.
+Relation *Schema::createRelation(MetaRecord *metaRecord)
+{
+ auto_ptr<Relation> aRelation(new Relation(metaRecord));
+
+ if (!mRelationMap.insert(RelationMap::value_type(metaRecord->relationId(),
+ aRelation.get())).second)
+ {
+ // @@@ Should be CSSMERR_DL_DUPLICATE_RECORDTYPE. Since that
+ // doesn't exist we report that the meta-relation's unique index would
+ // no longer be valid
+ CssmError::throwMe(CSSMERR_DL_INVALID_UNIQUE_INDEX_DATA);
+ }
+
+ return aRelation.release();
+}
+
+// Create a new relation and register this in the CSSM_DL_DB_SCHEMA_INFO
+// relation.
+Relation *Schema::createRelation(const std::string &relationName,
+ RelationId relationId)
+{
+ MetaRecord *mr = new MetaRecord(relationId);
+ Relation *rt = createRelation(mr);
+ registerRelation(relationName, relationId);
+ return rt;
+}
+
+// Create a new attribute and register this with the schema. Do not use this
+// for creating schema relations.
+MetaAttribute &Schema::createAttribute(Relation &relation,
+ const std::string *name, uint32 attributeId,
+ CSSM_DB_ATTRIBUTE_FORMAT attributeFormat, bool isIndex)
+{
+ MetaRecord &mr = relation.metaRecord();
+ registerAttribute(mr.relationId(), name, attributeId, attributeFormat,
+ isIndex);
+ return mr.createAttribute(name, NULL, attributeId, attributeFormat);
+}
+
+// Insert a record containing a relationId and it's name into
+// CSSM_DL_DB_SCHEMA_INFO relation
+void Schema::registerRelation(const std::string &relationName,
+ RelationId relationId)
+{
+ RefPointer<Record> record = new Record();
+ record->attributeAtIndex(io_rid, new Attribute(relationId));
+ record->attributeAtIndex(io_rn, new Attribute(relationName));
+ mInfo->insertRecord(record);
+}
+
+// Insert a record containing a relationId, attributeId and other meta
+// information into the CSSM_DL_DB_SCHEMA_ATTRIBUTES relation. In addition, if
+// isIndex is true insert a record into the CSSM_DL_DB_SCHEMA_INDEXES relation.
+void Schema::registerAttribute(RelationId relationId, const std::string *name,
+ uint32 attributeId, CSSM_DB_ATTRIBUTE_FORMAT attributeFormat, bool isIndex)
+{
+ CSSM_DB_ATTRIBUTE_NAME_FORMAT nameFormat = name
+ ? CSSM_DB_ATTRIBUTE_NAME_AS_STRING : CSSM_DB_ATTRIBUTE_NAME_AS_INTEGER;
+
+ RefPointer<Record> rc_attribute = new Record();
+
+ rc_attribute->attributeAtIndex(as_rid, new Attribute(relationId));
+ rc_attribute->attributeAtIndex(as_aid, new Attribute(attributeId));
+ rc_attribute->attributeAtIndex(as_anf, new Attribute(nameFormat));
+ rc_attribute->attributeAtIndex(as_an, name
+ ? new Attribute(*name) : new Attribute()); // AttributeName
+ rc_attribute->attributeAtIndex(as_anid, new Attribute());// AttributeNameId
+ rc_attribute->attributeAtIndex(as_af, new Attribute(attributeFormat));
+ mAttributes->insertRecord(rc_attribute);
+
+ if (isIndex)
+ {
+ RefPointer<Record> rc_index = new Record();
+ rc_index->attributeAtIndex(ix_rid, // RelationId
+ new Attribute(relationId));
+ rc_index->attributeAtIndex(ix_iid, // IndexId
+ new Attribute(uint32(0)));
+ rc_index->attributeAtIndex(ix_aid, // AttributeId
+ new Attribute(attributeId));
+ rc_index->attributeAtIndex(ix_it, // IndexType
+ new Attribute(uint32(CSSM_DB_INDEX_UNIQUE)));
+ rc_index->attributeAtIndex(ix_idl, // IndexedDataLocation
+ new Attribute(uint32(CSSM_DB_INDEX_ON_UNKNOWN)));
+ mIndices->insertRecord(rc_index);
+ }
+}
+
+
+#pragma mark ---------------- Utility methods --------------
+
+const Relation &Schema::findRelation(RelationId inRelationId) const
+{
+ RelationMap::const_iterator it = mRelationMap.find(inRelationId);
+ if (it == mRelationMap.end())
+ CssmError::throwMe(CSSMERR_DL_INVALID_RECORDTYPE);
+ return *it->second;
+}
+
+Relation &Schema::findRelation(RelationId inRelationId)
+{
+ RelationMap::iterator it = mRelationMap.find(inRelationId);
+ if (it == mRelationMap.end())
+ CssmError::throwMe(CSSMERR_DL_INVALID_RECORDTYPE);
+ return *it->second;
+}
+
+MetaRecord &Schema::findMetaRecord(RelationId inRelationId)
+{
+ return findRelation(inRelationId).metaRecord();
+}
+
+} // end namespace Tokend
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Schema.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Schema.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Schema.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,130 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * Schema.h
+ * TokendMuscle
+ */
+
+#ifndef _TOKEND_SCHEMA_H_
+#define _TOKEND_SCHEMA_H_
+
+#include <security_cdsa_utilities/cssmdata.h>
+#include <security_cdsa_utilities/cssmdb.h>
+#include <map>
+
+#include "MetaRecord.h"
+#include "Relation.h"
+#include "AttributeCoder.h"
+
+namespace Tokend
+{
+
+class Relation;
+
+//
+// Schema
+//
+class Schema
+{
+ NOCOPY(Schema)
+public:
+ typedef std::map<RelationId, Relation *> RelationMap;
+ typedef RelationMap::const_iterator ConstRelationMapIterator;
+
+ Schema();
+ virtual ~Schema();
+
+ virtual void create();
+
+ const Relation &findRelation(RelationId inRelationId) const;
+ Relation &findRelation(RelationId inRelationId);
+ MetaRecord &findMetaRecord(RelationId inRelationId);
+
+ ConstRelationMapIterator begin() const { return mRelationMap.begin(); }
+ ConstRelationMapIterator end() const { return mRelationMap.end(); }
+
+ const LinkedRecordAttributeCoder &publicKeyHashCoder() const
+ { return mPublicKeyHashCoder; }
+protected:
+ Relation *createRelation(const std::string &relationName,
+ RelationId relationId);
+ Relation *createStandardRelation(RelationId relationId);
+
+ MetaAttribute &createAttribute(Relation &relation,
+ const std::string *name, uint32 attributeId,
+ CSSM_DB_ATTRIBUTE_FORMAT attributeFormat, bool isIndex);
+private:
+ Relation *createRelation(MetaRecord *inMetaRecord);
+
+ void registerRelation(const std::string &relationName,
+ RelationId relationId);
+ void registerAttribute(RelationId relationId, const std::string *name,
+ uint32 attributeId, CSSM_DB_ATTRIBUTE_FORMAT attributeFormat,
+ bool isIndex);
+
+private:
+ Relation *mInfo, *mAttributes, *mIndices;
+ RelationMap mRelationMap;
+
+ // AttributeIndices for attributes of CSSM_DL_DB_SCHEMA_INFO relation.
+ uint32 io_rid;
+ uint32 io_rn;
+
+ // AttributeIndices for attributes of CSSM_DL_DB_SCHEMA_ATTRIBUTES
+ // relation.
+ uint32 as_rid;
+ uint32 as_aid;
+ uint32 as_anf;
+ uint32 as_an;
+ uint32 as_anid;
+ uint32 as_af;
+
+ // AttributeIndices for attributes of CSSM_DL_DB_SCHEMA_INDEXES relation.
+ uint32 ix_rid;
+ uint32 ix_iid;
+ uint32 ix_aid;
+ uint32 ix_it;
+ uint32 ix_idl;
+protected:
+ // Coders for some standard attributes
+ ConstAttributeCoder mTrueCoder;
+ ConstAttributeCoder mFalseCoder;
+ ConstAttributeCoder mCertEncodingBERCoder;
+ GuidAttributeCoder mSdCSPDLGuidCoder;
+ CertificateAttributeCoder mCertificateCoder;
+ ZeroAttributeCoder mZeroCoder;
+ ConstAttributeCoder mPublicKeyClassCoder;
+ ConstAttributeCoder mPrivateKeyClassCoder;
+ ConstAttributeCoder mSessionKeyClassCoder;
+ KeyDataAttributeCoder mKeyDataCoder;
+ LinkedRecordAttributeCoder mPublicKeyHashCoder;
+ DataAttributeCoder mDataAttributeCoder;
+ DescriptionAttributeCoder mDescriptionCoder;
+};
+
+
+} // end namespace Tokend
+
+#endif /* !_TOKEND_SCHEMA_H_ */
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/SelectionPredicate.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/SelectionPredicate.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/SelectionPredicate.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,70 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * SelectionPredicate.cpp
+ * TokendMuscle
+ */
+
+#include "SelectionPredicate.h"
+#include "MetaAttribute.h"
+#include "MetaRecord.h"
+#include "DbValue.h"
+#include <Security/cssmerr.h>
+
+namespace Tokend
+{
+
+SelectionPredicate::SelectionPredicate(const MetaRecord &inMetaRecord,
+ const CSSM_SELECTION_PREDICATE &inPredicate)
+ : mMetaAttribute(inMetaRecord.metaAttribute(inPredicate.Attribute.Info)),
+ mDbOperator(inPredicate.DbOperator)
+{
+ // Make sure that the caller specified the attribute values in the correct
+ // format.
+ if (inPredicate.Attribute.Info.AttributeFormat
+ != mMetaAttribute.attributeFormat())
+ CssmError::throwMe(CSSMERR_DL_INCOMPATIBLE_FIELD_FORMAT);
+
+ // @@@ See ISSUES
+ if (inPredicate.Attribute.NumberOfValues != 1)
+ CssmError::throwMe(CSSMERR_DL_UNSUPPORTED_QUERY);
+
+ mData = inPredicate.Attribute.Value[0];
+ mValue = mMetaAttribute.createValue(mData);
+}
+
+SelectionPredicate::~SelectionPredicate()
+{
+ delete mValue;
+}
+
+bool SelectionPredicate::evaluate(TokenContext *tokenContext,
+ Record& record) const
+{
+ return mMetaAttribute.evaluate(tokenContext, mValue, record, mDbOperator);
+}
+
+
+} // end namespace Tokend
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/SelectionPredicate.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/SelectionPredicate.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/SelectionPredicate.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,63 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * SelectionPredicate.h
+ * TokendMuscle
+ */
+
+#ifndef _TOKEND_SELECTIONPREDICATE_H_
+#define _TOKEND_SELECTIONPREDICATE_H_
+
+#include <security_cdsa_utilities/cssmdata.h>
+
+namespace Tokend
+{
+
+class DbValue;
+class MetaAttribute;
+class MetaRecord;
+class Record;
+class TokenContext;
+
+class SelectionPredicate
+{
+ NOCOPY(SelectionPredicate)
+public:
+ SelectionPredicate(const MetaRecord &inMetaRecord,
+ const CSSM_SELECTION_PREDICATE &inPredicate);
+ ~SelectionPredicate();
+
+ bool evaluate(TokenContext *tokenContext, Record& record) const;
+
+private:
+ const MetaAttribute &mMetaAttribute;
+ CSSM_DB_OPERATOR mDbOperator;
+ CssmDataContainer mData;
+ DbValue *mValue;
+};
+
+} // end namespace Tokend
+
+#endif /* !_TOKEND_SELECTIONPREDICATE_H_ */
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Token.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Token.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Token.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,1129 @@
+/*
+ * Copyright (c) 2004,2007 Apple Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * Token.cpp
+ * TokendMuscle
+ */
+
+#include "Token.h"
+
+#include "Cursor.h"
+#include "KeyHandle.h"
+#include "RecordHandle.h"
+#include "Schema.h"
+#include <memory>
+#include <security_cdsa_utilities/cssmaclpod.h>
+#include <security_utilities/unix++.h>
+#include <security_utilities/logging.h>
+
+//
+// SPI wrapper macros
+//
+#define BEGIN try {
+#define END(SS) \
+ return CSSM_OK; \
+ } catch (const CommonError &err) { \
+ return CssmError::cssmError(err, CSSM_##SS##_BASE_ERROR); \
+ } catch (...) { \
+ return CSSM_ERRCODE_INTERNAL_ERROR; \
+ }
+
+//
+// Singleton
+//
+Tokend::Token *token;
+
+namespace Tokend
+{
+
+Token::Token() : mSchema(NULL), mTokenContext(NULL)
+{
+}
+
+Token::~Token()
+{
+}
+
+
+//
+// Initial: Your first chance to do anything with the tokend framework
+// initialized.
+//
+CSSM_RETURN Token::_initial()
+{
+ BEGIN
+ token->initial();
+ secdebug("tokend", "using reader %s",
+ token->startupReaderInfo()->szReader);
+ END(CSSM)
+}
+
+
+//
+// Probe:
+// (1) See if we support this token. Return zero if not.
+// Return a score if we do - the lower, the better. 1 beats everyone else.
+// (2) Generate a unique id string for the token. This doesn't have to be
+// human readable. If you REALLY can't make one up, leave tokenUid alone.
+// But do try.
+//
+CSSM_RETURN Token::_probe(SecTokendProbeFlags flags, uint32 *score,
+ char tokenUid[TOKEND_MAX_UID])
+{
+ BEGIN
+ *score = token->probe(flags, tokenUid);
+ secdebug("tokend", "flags=%d returning score=%d uid='%s'",
+ flags, *score, tokenUid);
+ END(CSSM)
+}
+
+
+//
+// Establish:
+// Okay, you're the one. The token is yours. Here's your GUID and subservice ID
+// (in case you care); it'll get automatically inserted into your MDS unless
+// you override it. If you can make up a nice, user-friendly print name for
+// your token, return it in printName. If you can't, leave it alone and
+// securityd will make something up for you.
+//
+CSSM_RETURN Token::_establish(const CSSM_GUID *guid, uint32 subserviceID,
+ SecTokendEstablishFlags flags, const char *cacheDirectory,
+ const char *workDirectory, char mdsDirectory[PATH_MAX],
+ char printName[PATH_MAX])
+{
+ BEGIN
+ secdebug("tokend", "establish(%s,%d,0x%X)",
+ Guid::required(guid).toString().c_str(), subserviceID, flags);
+
+ token->establish(guid, subserviceID, flags, cacheDirectory, workDirectory,
+ mdsDirectory, printName);
+ // if printName is left alone, securityd will make one up
+ // if mdsDirectory is left alone, all MDS resources in the Resource bundle
+ // will be loaded
+ END(CSSM)
+}
+
+
+//
+// Terminate() is called by security when it wants you to go away.
+// This function does not (currently) return anything, so the CSSM_RETURN is
+// effectively ignored. (It's still here for consistency's sake.)
+//
+CSSM_RETURN Token::_terminate(uint32 reason, uint32 options)
+{
+ BEGIN
+ secdebug("tokend", "terminate(%d,0x%d)", reason, options);
+ token->terminate(reason, options);
+ END(CSSM)
+}
+
+
+CSSM_RETURN Token::_findFirst(const CSSM_QUERY *query,
+ TOKEND_RETURN_DATA *data, CSSM_HANDLE *hSearch)
+{
+ BEGIN
+ secdebug("tokend", "findFirst()");
+ std::auto_ptr<Cursor> curs(token->createCursor(query));
+ TokenContext *tokenContext = token->tokenContext();
+ std::auto_ptr<RecordHandle> rh(curs->next(tokenContext));
+ if (!rh.get())
+ {
+ secdebug("tokend", "findFirst() returning: CSSMERR_DL_ENDOFDATA");
+#if 1
+ data->record = 0;
+ data->keyhandle = 0;
+ return 0;
+#else
+ return CSSMERR_DL_ENDOFDATA;
+#endif
+ }
+
+ rh->get(tokenContext, *data);
+ // Release the RecordHandle until the caller kills the handle we returned.
+ rh.release();
+
+ // We didn't throw so return a search handle and keep the Cursor around.
+ *hSearch = curs->handle();
+ curs.release();
+ secdebug("tokend", "end findFirst() returned: %ld", *hSearch);
+ END(DL)
+}
+
+CSSM_RETURN Token::_findNext(CSSM_HANDLE hSearch, TOKEND_RETURN_DATA *data)
+{
+ BEGIN
+ secdebug("tokend", "findNext(%ld)", hSearch);
+ Cursor& curs = Security::HandleObject::find<Cursor>(hSearch,
+ CSSMERR_DL_RECORD_NOT_FOUND);
+ TokenContext *tokenContext = token->tokenContext();
+ std::auto_ptr<RecordHandle> rh(curs.next(tokenContext));
+ if (!rh.get())
+ {
+ secdebug("tokend", "findNext(%ld) returning: CSSMERR_DL_ENDOFDATA",
+ hSearch);
+#if 1
+ data->record = 0;
+ data->keyhandle = 0;
+ return 0;
+#else
+ return CSSMERR_DL_ENDOFDATA;
+#endif
+ }
+
+ rh->get(tokenContext, *data);
+ rh.release();
+ END(DL)
+}
+
+CSSM_RETURN Token::_findRecordHandle(CSSM_HANDLE hRecord,
+ TOKEND_RETURN_DATA *data)
+{
+ BEGIN
+ secdebug("tokend", "findRecordHandle(%ld)", hRecord);
+ RecordHandle &rh = Security::HandleObject::find<RecordHandle>(hRecord,
+ CSSMERR_CSSM_INVALID_ADDIN_HANDLE);
+ rh.get(token->tokenContext(), *data);
+ END(DL)
+}
+
+CSSM_RETURN Token::_insertRecord(CSSM_DB_RECORDTYPE recordType,
+ const CSSM_DB_RECORD_ATTRIBUTE_DATA *attributes, const CSSM_DATA *data,
+ CSSM_HANDLE *hRecord)
+{
+ BEGIN
+ secdebug("tokend", "insertRecord");
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+ END(DL)
+}
+
+CSSM_RETURN Token::_modifyRecord(CSSM_DB_RECORDTYPE recordType,
+ CSSM_HANDLE *hRecord, const CSSM_DB_RECORD_ATTRIBUTE_DATA *attributes,
+ const CSSM_DATA *data, CSSM_DB_MODIFY_MODE modifyMode)
+{
+ BEGIN
+ secdebug("tokend", "modifyRecord");
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+ END(DL)
+}
+
+CSSM_RETURN Token::_deleteRecord(CSSM_HANDLE hRecord)
+{
+ BEGIN
+ secdebug("tokend", "deleteRecord");
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+ END(DL)
+}
+
+CSSM_RETURN Token::_releaseSearch(CSSM_HANDLE hSearch)
+{
+ BEGIN
+ secdebug("tokend", "releaseSearch(%ld)", hSearch);
+ Cursor &curs = Security::HandleObject::findAndKill<Cursor>(hSearch,
+ CSSMERR_CSSM_INVALID_ADDIN_HANDLE);
+ delete &curs;
+ END(DL)
+}
+
+CSSM_RETURN Token::_releaseRecord(CSSM_HANDLE hRecord)
+{
+ BEGIN
+ secdebug("tokend", "releaseRecord(%ld)", hRecord);
+ RecordHandle &rech = Security::HandleObject::findAndKill<RecordHandle>(hRecord,
+ CSSMERR_CSSM_INVALID_ADDIN_HANDLE);
+ delete &rech;
+ END(DL)
+}
+
+CSSM_RETURN Token::_freeRetrievedData(TOKEND_RETURN_DATA *data)
+{
+ BEGIN
+ secdebug("tokend", "freeRetrievedData");
+ // Since we return pointers to our cached interal data this is also a noop
+ END(DL)
+}
+
+CSSM_RETURN Token::_releaseKey(CSSM_HANDLE hKey)
+{
+ BEGIN
+ secdebug("tokend", "releaseKey(%ld)", hKey);
+ KeyHandle &keyh = Security::HandleObject::findAndKill<KeyHandle>(hKey,
+ CSSMERR_CSP_INVALID_KEY_REFERENCE);
+ delete &keyh;
+ END(CSP)
+}
+
+CSSM_RETURN Token::_getKeySize(CSSM_HANDLE hKey, CSSM_KEY_SIZE *size)
+{
+ BEGIN
+ KeyHandle &key = Security::HandleObject::find<KeyHandle>(hKey,
+ CSSMERR_CSP_INVALID_KEY_REFERENCE);
+ key.getKeySize(Required(size));
+ END(CSP)
+}
+
+CSSM_RETURN Token::_getOutputSize(const CSSM_CONTEXT *context,
+ CSSM_HANDLE hKey, uint32 inputSize, CSSM_BOOL encrypting,
+ uint32 *outputSize)
+{
+ BEGIN
+ KeyHandle &key = Security::HandleObject::find<KeyHandle>(hKey,
+ CSSMERR_CSP_INVALID_KEY_REFERENCE);
+ Required(outputSize) = key.getOutputSize(Context::required(context),
+ inputSize, encrypting);
+ END(CSP)
+}
+
+CSSM_RETURN Token::_generateSignature(const CSSM_CONTEXT *context,
+ CSSM_HANDLE hKey, CSSM_ALGORITHMS signOnly, const CSSM_DATA *input,
+ CSSM_DATA *signature)
+{
+ BEGIN
+ KeyHandle &key = Security::HandleObject::find<KeyHandle>(hKey,
+ CSSMERR_CSP_INVALID_KEY_REFERENCE);
+ key.generateSignature(Context::required(context), signOnly,
+ CssmData::required(input), CssmData::required(signature));
+ END(CSP)
+}
+
+
+CSSM_RETURN Token::_verifySignature(const CSSM_CONTEXT *context,
+ CSSM_HANDLE hKey, CSSM_ALGORITHMS signOnly, const CSSM_DATA *input,
+ const CSSM_DATA *signature)
+{
+ BEGIN
+ KeyHandle &key = Security::HandleObject::find<KeyHandle>(hKey,
+ CSSMERR_CSP_INVALID_KEY_REFERENCE);
+ key.verifySignature(Context::required(context), signOnly,
+ CssmData::required(input), CssmData::required(signature));
+ END(CSP)
+}
+
+
+CSSM_RETURN Token::_generateMac(const CSSM_CONTEXT *context, CSSM_HANDLE hKey,
+ const CSSM_DATA *input, CSSM_DATA *output)
+{
+ BEGIN
+ KeyHandle &key = Security::HandleObject::find<KeyHandle>(hKey,
+ CSSMERR_CSP_INVALID_KEY_REFERENCE);
+ key.generateMac(Context::required(context), CssmData::required(input),
+ CssmData::required(output));
+ END(CSP)
+}
+
+
+CSSM_RETURN Token::_verifyMac(const CSSM_CONTEXT *context, CSSM_HANDLE hKey,
+ const CSSM_DATA *input, const CSSM_DATA *compare)
+{
+ BEGIN
+ KeyHandle &key = Security::HandleObject::find<KeyHandle>(hKey,
+ CSSMERR_CSP_INVALID_KEY_REFERENCE);
+ key.verifyMac(Context::required(context), CssmData::required(input),
+ CssmData::required(compare));
+ END(CSP)
+}
+
+
+CSSM_RETURN Token::_encrypt(const CSSM_CONTEXT *context, CSSM_HANDLE hKey,
+ const CSSM_DATA *clear, CSSM_DATA *cipher)
+{
+ BEGIN
+ KeyHandle &key = Security::HandleObject::find<KeyHandle>(hKey,
+ CSSMERR_CSP_INVALID_KEY_REFERENCE);
+ key.encrypt(Context::required(context), CssmData::required(clear),
+ CssmData::required(cipher));
+ END(CSP)
+}
+
+
+CSSM_RETURN Token::_decrypt(const CSSM_CONTEXT *context, CSSM_HANDLE hKey,
+ const CSSM_DATA *cipher, CSSM_DATA *clear)
+{
+ BEGIN
+ KeyHandle &key = Security::HandleObject::find<KeyHandle>(hKey,
+ CSSMERR_CSP_INVALID_KEY_REFERENCE);
+ key.decrypt(Context::required(context), CssmData::required(cipher),
+ CssmData::required(clear));
+ END(CSP)
+}
+
+CSSM_RETURN Token::_generateKey(const CSSM_CONTEXT *context,
+ const CSSM_ACCESS_CREDENTIALS *creds,
+ const CSSM_ACL_ENTRY_PROTOTYPE *owner, CSSM_KEYUSE usage,
+ CSSM_KEYATTR_FLAGS attrs, CSSM_HANDLE *hKey, CSSM_KEY *header)
+{
+ BEGIN
+ secdebug("tokend", "generateKey");
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+ END(CSP)
+}
+
+CSSM_RETURN Token::_generateKeyPair(const CSSM_CONTEXT *context,
+ const CSSM_ACCESS_CREDENTIALS *creds,
+ const CSSM_ACL_ENTRY_PROTOTYPE *owner,
+ CSSM_KEYUSE pubUsage, CSSM_KEYATTR_FLAGS pubAttrs,
+ CSSM_KEYUSE privUsage, CSSM_KEYATTR_FLAGS privAttrs,
+ CSSM_HANDLE *hPubKey, CSSM_KEY *pubHeader,
+ CSSM_HANDLE *hPrivKey, CSSM_KEY *privHeader)
+{
+ BEGIN
+ secdebug("tokend", "generateKeyPair");
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+ END(CSP)
+}
+
+CSSM_RETURN Token::_wrapKey(const CSSM_CONTEXT *context,
+ CSSM_HANDLE hWrappingKey, const CSSM_KEY *wrappingKey,
+ const CSSM_ACCESS_CREDENTIALS *cred,
+ CSSM_HANDLE hSubjectKey, const CSSM_KEY *subjectKey,
+ const CSSM_DATA *descriptiveData, CSSM_KEY *wrappedKey)
+{
+ BEGIN
+ KeyHandle *subjectKeyHandle = hSubjectKey
+ ? &Security::HandleObject::find<KeyHandle>(hSubjectKey,
+ CSSMERR_CSP_INVALID_KEY_REFERENCE) : NULL;
+ KeyHandle *wrappingKeyHandle = hWrappingKey
+ ? &Security::HandleObject::find<KeyHandle>(hWrappingKey,
+ CSSMERR_CSP_INVALID_KEY_REFERENCE) : NULL;
+
+ if (subjectKeyHandle)
+ {
+ subjectKeyHandle->wrapUsingKey(Context::required(context),
+ AccessCredentials::optional(cred),
+ wrappingKeyHandle, CssmKey::optional(wrappingKey),
+ CssmData::optional(descriptiveData),
+ CssmKey::required(wrappedKey));
+ }
+ else if (wrappingKeyHandle)
+ {
+ wrappingKeyHandle->wrapKey(Context::required(context),
+ CssmKey::required(subjectKey),
+ CssmData::optional(descriptiveData),
+ CssmKey::required(wrappedKey));
+ }
+ else
+ {
+ secdebug("tokend",
+ "wrapKey without a reference subject or wrapping key not supported"
+ );
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+ }
+ END(CSP)
+}
+
+CSSM_RETURN Token::_unwrapKey(const CSSM_CONTEXT *context,
+ CSSM_HANDLE hWrappingKey, const CSSM_KEY *wrappingKey,
+ const CSSM_ACCESS_CREDENTIALS *cred,
+ const CSSM_ACL_ENTRY_PROTOTYPE *access,
+ CSSM_HANDLE hPublicKey, const CSSM_KEY *publicKey,
+ const CSSM_KEY *wrappedKey, CSSM_KEYUSE usage,
+ CSSM_KEYATTR_FLAGS attributes, CSSM_DATA *descriptiveData,
+ CSSM_HANDLE *hUnwrappedKey, CSSM_KEY *unwrappedKey)
+{
+ BEGIN
+ if (hWrappingKey)
+ {
+ KeyHandle &unwrappingKey =
+ Security::HandleObject::find<KeyHandle>(hWrappingKey,
+ CSSMERR_CSP_INVALID_KEY_REFERENCE);
+ if (hPublicKey)
+ {
+ secdebug("tokend", "unwrapKey with a public key not supported");
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+ }
+
+ unwrappingKey.unwrapKey(Context::required(context),
+ AccessCredentials::optional(cred),
+ AclEntryPrototype::optional(access), CssmKey::required(wrappedKey),
+ usage, attributes, CssmData::optional(descriptiveData),
+ *hUnwrappedKey, CssmKey::required(unwrappedKey));
+ }
+ else
+ {
+ secdebug("tokend",
+ "unwrapKey without a wrapping key not supported (import)");
+ /* There is no key doing the unwrap so this is basically an import. */
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+ }
+ END(CSP)
+}
+
+CSSM_RETURN Token::_deriveKey(const CSSM_CONTEXT *context,
+ CSSM_HANDLE hSourceKey, const CSSM_KEY *sourceKey,
+ const CSSM_ACCESS_CREDENTIALS *cred,
+ const CSSM_ACL_ENTRY_PROTOTYPE *access, CSSM_DATA *parameters,
+ CSSM_KEYUSE usage, CSSM_KEYATTR_FLAGS attributes,
+ CSSM_HANDLE *hKey, CSSM_KEY *key)
+{
+ BEGIN
+ secdebug("tokend", "deriveKey");
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+ END(CSP)
+}
+
+CSSM_RETURN Token::_getObjectOwner(CSSM_HANDLE hRecord,
+ CSSM_ACL_OWNER_PROTOTYPE *owner)
+{
+ BEGIN
+ secdebug("tokend", "getObjectOwner");
+ RecordHandle &rh = Security::HandleObject::find<RecordHandle>(hRecord,
+ CSSMERR_CSSM_INVALID_ADDIN_HANDLE);
+ rh.getOwner(AclOwnerPrototype::required(owner));
+ END(DL)
+}
+
+CSSM_RETURN Token::_getObjectAcl(CSSM_HANDLE hRecord,
+ const char *tag, uint32 *count, CSSM_ACL_ENTRY_INFO **entries)
+{
+ BEGIN
+ secdebug("tokend", "getObjectAcl");
+ RecordHandle &rh = Security::HandleObject::find<RecordHandle>(hRecord,
+ CSSMERR_CSSM_INVALID_ADDIN_HANDLE);
+ rh.getAcl(tag, Required(count), AclEntryInfo::overlayVar(*entries));
+ END(DL)
+}
+
+CSSM_RETURN Token::_getDatabaseOwner(CSSM_ACL_OWNER_PROTOTYPE *owner)
+{
+ BEGIN
+ token->getOwner(AclOwnerPrototype::required(owner));
+ END(DL)
+}
+
+CSSM_RETURN Token::_getDatabaseAcl(const char *tag, uint32 *count,
+ CSSM_ACL_ENTRY_INFO **entries)
+{
+ BEGIN
+ token->getAcl(tag, *count, AclEntryInfo::overlayVar(*entries));
+ END(DL)
+}
+
+CSSM_RETURN Token::_getKeyOwner(CSSM_HANDLE hKey,
+ CSSM_ACL_OWNER_PROTOTYPE *owner)
+{
+ BEGIN
+ KeyHandle &key = Security::HandleObject::find<KeyHandle>(hKey,
+ CSSMERR_CSP_INVALID_KEY_REFERENCE);
+ key.getOwner(AclOwnerPrototype::required(owner));
+ END(CSP)
+}
+
+CSSM_RETURN Token::_getKeyAcl(CSSM_HANDLE hKey,
+ const char *tag, uint32 *count, CSSM_ACL_ENTRY_INFO **entries)
+{
+ BEGIN
+ KeyHandle &key = Security::HandleObject::find<KeyHandle>(hKey,
+ CSSMERR_CSP_INVALID_KEY_REFERENCE);
+ key.getAcl(tag, Required(count), AclEntryInfo::overlayVar(*entries));
+ END(CSP)
+}
+
+CSSM_RETURN Token::_freeOwnerData(CSSM_ACL_OWNER_PROTOTYPE *owner)
+{
+ BEGIN
+ // @@@ Do something here based on how we return data above.
+ END(CSP)
+}
+
+CSSM_RETURN Token::_freeAclData(uint32 count, CSSM_ACL_ENTRY_INFO *entries)
+{
+ BEGIN
+#if 0
+ AutoAclEntryInfoList aclList(&Allocator::standard());
+ // Invoke braindead overloaded operators since there are no setters on
+ // AutoAclEntryInfoList
+ *static_cast<uint32 *>(aclList) = count;
+ *static_cast<CSSM_ACL_ENTRY_INFO_PTR *>(aclList) = entries;
+#endif
+ END(CSP)
+}
+
+CSSM_RETURN Token::_authenticateDatabase(CSSM_DB_ACCESS_TYPE mode,
+ const CSSM_ACCESS_CREDENTIALS *cred)
+{
+ BEGIN
+ secdebug("tokend", "authenticateDatabase");
+ token->authenticate(mode, AccessCredentials::overlay(cred));
+ END(DL)
+}
+
+CSSM_RETURN Token::_changeDatabaseOwner(const CSSM_ACL_OWNER_PROTOTYPE *owner)
+{
+ BEGIN
+ secdebug("tokend", "changeDatabaseOwner");
+ token->changeOwner(AclOwnerPrototype::required(owner));
+ END(DL)
+}
+
+CSSM_RETURN Token::_changeDatabaseAcl(const CSSM_ACCESS_CREDENTIALS *cred,
+ const CSSM_ACL_EDIT *edit)
+{
+ BEGIN
+ secdebug("tokend", "changeDatabaseAcl");
+ token->changeAcl(AccessCredentials::required(cred),
+ AclEdit::required(edit));
+ END(DL)
+}
+
+CSSM_RETURN Token::_changeObjectOwner(CSSM_HANDLE hRecord,
+ const CSSM_ACL_OWNER_PROTOTYPE *owner)
+{
+ BEGIN
+ secdebug("tokend", "changeObjectOwner");
+ RecordHandle &rh = Security::HandleObject::find<RecordHandle>(hRecord,
+ CSSMERR_CSSM_INVALID_ADDIN_HANDLE);
+ rh.changeOwner(AclOwnerPrototype::required(owner));
+ END(DL)
+}
+
+CSSM_RETURN Token::_changeObjectAcl(CSSM_HANDLE hRecord,
+ const CSSM_ACCESS_CREDENTIALS *cred, const CSSM_ACL_EDIT *edit)
+{
+ BEGIN
+ secdebug("tokend", "changeObjectAcl");
+ RecordHandle &rh = Security::HandleObject::find<RecordHandle>(hRecord,
+ CSSMERR_CSSM_INVALID_ADDIN_HANDLE);
+ rh.changeAcl(AccessCredentials::required(cred), AclEdit::required(edit));
+ END(DL)
+}
+
+CSSM_RETURN Token::_changeKeyOwner(CSSM_HANDLE hKey,
+ const CSSM_ACL_OWNER_PROTOTYPE *owner)
+{
+ BEGIN
+ secdebug("tokend", "changeKeyOwner");
+ KeyHandle &key = Security::HandleObject::find<KeyHandle>(hKey,
+ CSSMERR_CSP_INVALID_KEY_REFERENCE);
+ key.changeOwner(AclOwnerPrototype::required(owner));
+ END(CSP)
+}
+
+CSSM_RETURN Token::_changeKeyAcl(CSSM_HANDLE hKey,
+ const CSSM_ACCESS_CREDENTIALS *cred, const CSSM_ACL_EDIT *edit)
+{
+ BEGIN
+ secdebug("tokend", "changeKeyAcl");
+ KeyHandle &key = Security::HandleObject::find<KeyHandle>(hKey,
+ CSSMERR_CSP_INVALID_KEY_REFERENCE);
+ key.changeAcl(AccessCredentials::required(cred), AclEdit::required(edit));
+ END(CSP)
+}
+
+CSSM_RETURN Token::_generateRandom(const CSSM_CONTEXT *context,
+ CSSM_DATA *result)
+{
+ BEGIN
+ secdebug("tokend", "generateRandom");
+ token->generateRandom(Context::required(context),
+ CssmData::required(result));
+ END(CSP)
+}
+
+CSSM_RETURN Token::_getStatistics(CSSM_CSP_OPERATIONAL_STATISTICS *result)
+{
+ BEGIN
+ secdebug("tokend", "getStatistics");
+ token->getStatistics(Required(result));
+ END(CSP)
+}
+
+CSSM_RETURN Token::_getTime(CSSM_ALGORITHMS algorithm, CSSM_DATA *result)
+{
+ BEGIN
+ secdebug("tokend", "getTime");
+ token->getTime(algorithm, CssmData::required(result));
+ END(CSP)
+}
+
+CSSM_RETURN Token::_getCounter(CSSM_DATA *result)
+{
+ BEGIN
+ secdebug("tokend", "getCounter");
+ token->getCounter(CssmData::required(result));
+ END(CSP)
+}
+
+CSSM_RETURN Token::_selfVerify()
+{
+ BEGIN
+ secdebug("tokend", "selfVerify");
+ token->selfVerify();
+ END(CSP)
+}
+
+CSSM_RETURN Token::_cspPassThrough(uint32 id, const CSSM_CONTEXT *context,
+ CSSM_HANDLE hKey, const CSSM_KEY *key, const CSSM_DATA *input,
+ CSSM_DATA *output)
+{
+ BEGIN
+ secdebug("tokend", "cspPassThrough");
+ CssmError::throwMe(CSSM_ERRCODE_INVALID_PASSTHROUGH_ID);
+ END(CSP)
+}
+
+CSSM_RETURN Token::_dlPassThrough(uint32 id, const CSSM_DATA *input,
+ CSSM_DATA *output)
+{
+ BEGIN
+ secdebug("tokend", "dlPassThrough");
+ CssmError::throwMe(CSSM_ERRCODE_INVALID_PASSTHROUGH_ID);
+ END(DL)
+}
+
+CSSM_RETURN Token::_isLocked(uint32 *locked)
+{
+ BEGIN
+ secdebug("tokend", "_isLocked");
+ Required(locked) = token->isLocked();
+ secdebug("tokend", "_isLocked: %d", *locked);
+ END(DL)
+}
+
+//
+// Callback vector into SecTokendMain
+//
+const SecTokendCallbacks Token::mCallbacks = {
+ kSecTokendCallbackVersion,
+ kSecTokendCallbacksDefault,
+ _initial, _probe, _establish, _terminate,
+ _findFirst, _findNext, _findRecordHandle,
+ _insertRecord, _modifyRecord, _deleteRecord,
+ _releaseSearch, _releaseRecord,
+ _freeRetrievedData,
+ _releaseKey, _getKeySize, _getOutputSize,
+ _generateSignature, _verifySignature,
+ _generateMac, _verifyMac,
+ _encrypt, _decrypt,
+ _generateKey, _generateKeyPair,
+ _wrapKey, _unwrapKey, _deriveKey,
+ _getDatabaseOwner, _getDatabaseAcl,
+ _getObjectOwner, _getObjectAcl,
+ _getKeyOwner, _getKeyAcl,
+ _freeOwnerData, _freeAclData,
+ _authenticateDatabase,
+ _changeDatabaseOwner, _changeDatabaseAcl,
+ _changeObjectOwner, _changeObjectAcl,
+ _changeKeyOwner, _changeKeyAcl,
+ _generateRandom, _getStatistics,
+ _getTime, _getCounter,
+ _selfVerify,
+ _cspPassThrough, _dlPassThrough,
+ _isLocked
+};
+
+const SecTokendCallbacks *Token::callbacks()
+{
+ return &mCallbacks;
+}
+
+SecTokendSupport *Token::support()
+{
+ return this;
+}
+
+void Token::initial()
+{
+}
+
+void Token::terminate(uint32 reason, uint32 options)
+{
+}
+
+void Token::establish(const CSSM_GUID *guid, uint32 subserviceId,
+ SecTokendEstablishFlags flags, const char *cacheDirectory,
+ const char *workDirectory, char mdsDirectory[PATH_MAX],
+ char printName[PATH_MAX])
+{
+ secdebug("establish", "cacheDirectory %s", cacheDirectory);
+ mGuid = *guid;
+ mSubserviceId = subserviceId;
+ mCacheDirectory = cacheDirectory;
+}
+
+
+bool Token::cachedObject(CSSM_DB_RECORDTYPE relationId,
+ const std::string &name, CssmData &object) const
+{
+ try
+ {
+ UnixPlusPlus::AutoFileDesc fd(cachedObjectPath(relationId, name));
+ object.Length = fd.fileSize();
+ object.Data = reinterpret_cast<uint8 *>(malloc(object.Length));
+ object.Length = fd.readAll(object.Data, object.Length);
+ }
+ catch (const UnixError &error)
+ {
+ return false;
+ }
+
+ return true;
+}
+
+void Token::cacheObject(CSSM_DB_RECORDTYPE relationId, const std::string &name,
+ const CssmData &object) const
+{
+ std::string path(cachedObjectPath(relationId, name));
+ try
+ {
+ UnixPlusPlus::AutoFileDesc fd(path, O_WRONLY|O_CREAT|O_TRUNC);
+ fd.writeAll(object.Data, object.Length);
+ }
+ catch (const UnixError &e)
+ {
+ Syslog::error("error writing cache file: %s: %s\n", path.c_str(),
+ strerror(e.unixError()));
+ ::unlink(path.c_str());
+ }
+}
+
+std::string Token::cachedObjectPath(CSSM_DB_RECORDTYPE relationId,
+ const std::string &name) const
+{
+ char buffer[9];
+ sprintf(buffer, "%X", relationId);
+
+ return mCacheDirectory + "/" + buffer + "-" + name;
+}
+
+Cursor *Token::createCursor(const CSSM_QUERY *inQuery)
+{
+ if (!inQuery || inQuery->RecordType == CSSM_DL_DB_RECORD_ANY
+ || inQuery->RecordType == CSSM_DL_DB_RECORD_ALL_KEYS)
+ {
+ return new MultiCursor(inQuery, *mSchema);
+ }
+
+ const Relation &relation = mSchema->findRelation(inQuery->RecordType);
+ return new LinearCursor(inQuery, relation);
+}
+
+//
+// Authenticate to the token
+//
+void Token::authenticate(CSSM_DB_ACCESS_TYPE mode,
+ const AccessCredentials *cred)
+{
+ int pinNum = pinFromAclTag(cred->EntryTag);
+ if (!pinNum || !cred)
+ pinNum = -1; // No PIN in tag.
+
+ if (mode == CSSM_DB_ACCESS_RESET)
+ {
+ // A mode of CSSM_DB_ACCESS_RESET is a request to deauthenticate
+ // the card completely.
+ secdebug("authenticate", "unverifying PIN%d", pinNum);
+ return unverifyPIN(pinNum);
+ }
+ else if (cred && pinNum > 0)
+ { // tag="PINk"; unlock a PIN
+ if (cred->size() != 1) // just one, please
+ CssmError::throwMe(CSSM_ERRCODE_INVALID_SAMPLE_VALUE);
+ const TypedList &sample = (*cred)[0];
+ switch (sample.type())
+ {
+ case CSSM_SAMPLE_TYPE_PASSWORD:
+ case CSSM_SAMPLE_TYPE_PROMPTED_PASSWORD:
+ case CSSM_SAMPLE_TYPE_PROTECTED_PASSWORD:
+ {
+ if (sample.length() != 2) // not recognized, may have non-existing data
+ return;
+ CssmData &pin = sample[1].data();
+ return verifyPIN(pinNum, pin.Data, pin.Length);
+ }
+ default:
+ break;
+ }
+
+ CssmError::throwMe(CSSM_ERRCODE_SAMPLE_VALUE_NOT_SUPPORTED);
+ }
+ else
+ secdebug("authenticate", "ignoring non-PIN authentication request");
+}
+
+void Token::changeOwner(const AclOwnerPrototype &owner)
+{
+ // Default changeOwner on a token always fails.
+ CssmError::throwMe(CSSM_ERRCODE_OBJECT_MANIP_AUTH_DENIED);
+}
+
+void Token::changeAcl(const AccessCredentials &cred, const AclEdit &edit)
+{
+ // We don't allow adding or deleting of acls currently
+ switch (edit.mode())
+ {
+ case CSSM_ACL_EDIT_MODE_DELETE:
+ CssmError::throwMe(CSSM_ERRCODE_ACL_DELETE_FAILED);
+ case CSSM_ACL_EDIT_MODE_REPLACE:
+ break;
+ case CSSM_ACL_EDIT_MODE_ADD:
+ CssmError::throwMe(CSSM_ERRCODE_ACL_ADD_FAILED);
+ default:
+ CssmError::throwMe(CSSM_ERRCODE_INVALID_ACL_EDIT_MODE);
+ }
+
+#if 0
+ // edit.handle() is the offset in mAclEntries of the acl we are replacing
+ uint32 ix = edit.handle();
+ if (ix >= mAclEntries.size())
+ CssmError::throwMe(CSSM_ERRCODE_ACL_REPLACE_FAILED);
+
+ // Now we have the actual AclEntryPrototype being changed
+ const AclEntryPrototype &oldProto = mAclEntries.at(ix).proto();
+#endif
+
+ // Now get the new AclEntryPrototype for this entry.
+ const AclEntryInput *newEntry = edit.newEntry();
+ if (!newEntry)
+ CssmError::throwMe(CSSM_ERRCODE_INVALID_INPUT_POINTER);
+ const AclEntryPrototype &newProto = newEntry->proto();
+
+ unsigned int pinNum = pinFromAclTag(newProto.EntryTag);
+ if (!pinNum)
+ CssmError::throwMe(CSSM_ERRCODE_OBJECT_ACL_NOT_SUPPORTED);
+
+ const TypedList &subject = newProto.subject();
+ switch (subject.type())
+ {
+ case CSSM_ACL_SUBJECT_TYPE_PASSWORD:
+ case CSSM_ACL_SUBJECT_TYPE_PROMPTED_PASSWORD:
+ case CSSM_ACL_SUBJECT_TYPE_PROTECTED_PASSWORD:
+ break;
+ default:
+ CssmError::throwMe(CSSM_ERRCODE_ACL_SUBJECT_TYPE_NOT_SUPPORTED);
+ }
+ const CssmData &newPin = subject[1].data();
+
+ if (cred.size() != 1)
+ CssmError::throwMe(CSSM_ERRCODE_SAMPLE_VALUE_NOT_SUPPORTED);
+
+ const TypedList &value = cred[0].value();
+ switch (value.type())
+ {
+ case CSSM_SAMPLE_TYPE_PASSWORD:
+ case CSSM_SAMPLE_TYPE_PROMPTED_PASSWORD:
+ case CSSM_SAMPLE_TYPE_PROTECTED_PASSWORD:
+ break;
+ default:
+ CssmError::throwMe(CSSM_ERRCODE_SAMPLE_VALUE_NOT_SUPPORTED);
+ }
+ const CssmData &oldPin = value[1].data();
+
+ secdebug("tokend", "CHANGE PIN%d from \"%.*s\" to \"%.*s\"",
+ pinNum, static_cast<int>(oldPin.Length), oldPin.Data,
+ static_cast<int>(newPin.Length), newPin.Data);
+
+ changePIN(pinNum, oldPin.Data, oldPin.Length, newPin.Data, newPin.Length);
+}
+
+void Token::generateRandom(const Context &context, CssmData &result)
+{
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+}
+
+void Token::getStatistics(CSSM_CSP_OPERATIONAL_STATISTICS &result)
+{
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+}
+
+void Token::getTime(CSSM_ALGORITHMS algorithm, CssmData &result)
+{
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+}
+
+void Token::getCounter(CssmData &result)
+{
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+}
+
+void Token::selfVerify()
+{
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+}
+
+void Token::changePIN(int pinNum,
+ const unsigned char *oldPin, size_t oldPinLength,
+ const unsigned char *newPin, size_t newPinLength)
+{
+ // Default changePIN on a token always fails.
+ CssmError::throwMe(CSSM_ERRCODE_SAMPLE_VALUE_NOT_SUPPORTED);
+}
+
+uint32_t Token::pinStatus(int pinNum)
+{
+ CssmError::throwMe(CSSM_ERRCODE_FUNCTION_NOT_IMPLEMENTED);
+}
+
+void Token::verifyPIN(int pinNum,
+ const unsigned char *pin, size_t pinLength)
+{
+ CssmError::throwMe(CSSM_ERRCODE_SAMPLE_VALUE_NOT_SUPPORTED);
+}
+
+void Token::unverifyPIN(int pinNum)
+{
+}
+
+bool Token::isLocked()
+{
+ // Check pin1 by default. Subclasses may override.
+ return pinStatus(1) != 0x9000;
+}
+
+
+//
+// ISO7816Token
+//
+ISO7816Token::ISO7816Token()
+{
+ mPrintName[0]=0;
+}
+
+ISO7816Token::~ISO7816Token()
+{
+}
+
+uint32 ISO7816Token::probe(SecTokendProbeFlags flags,
+ char tokenUid[TOKEND_MAX_UID])
+{
+ const SCARD_READERSTATE &readerState = *(*startupReaderInfo)();
+ connect(mSession, readerState.szReader);
+ return 0;
+}
+
+void ISO7816Token::establish(const CSSM_GUID *guid, uint32 subserviceId,
+ SecTokendEstablishFlags flags, const char *cacheDirectory,
+ const char *workDirectory, char mdsDirectory[PATH_MAX],
+ char printName[PATH_MAX])
+{
+ secdebug("establish", "cacheDirectory %s, workDirectory: %s, name: %s",
+ cacheDirectory, workDirectory, mPrintName);
+ if (mPrintName[0])
+ ::strlcpy(printName, mPrintName, PATH_MAX);
+ Token::establish(guid, subserviceId, flags, cacheDirectory,
+ workDirectory, mdsDirectory, printName);
+
+ if (!isConnected())
+ {
+ const SCARD_READERSTATE &readerState = *(*startupReaderInfo)();
+ connect(mSession, readerState.szReader);
+ }
+}
+
+uint16_t ISO7816Token::transmitAPDU(uint8_t cla, uint8_t ins, uint8_t p1,
+ uint8_t p2, size_t dataSize, const uint8_t *data,
+ size_t outputLength, std::vector<uint8_t> *output)
+{
+ std::vector<uint8_t> apdu;
+ uint32_t lc = data ? dataSize : 0;
+
+ // Worst case we need this much
+ apdu.reserve(10 + lc);
+
+ apdu.push_back(cla);
+ apdu.push_back(ins);
+ apdu.push_back(p1);
+ apdu.push_back(p2);
+
+ if (lc > 0)
+ {
+ if (lc < 0x100)
+ {
+ // Normal length Lc
+ apdu.push_back(lc);
+ }
+ else if (lc < 0x10000)
+ {
+ // Extended length Lc
+ apdu.push_back(0);
+ apdu.push_back(lc >> 8);
+ apdu.push_back(lc);
+ }
+ else
+ {
+ // Lc too big.
+ PCSC::Error::throwMe(SCARD_E_PROTO_MISMATCH);
+ }
+ apdu.insert(apdu.end(), data, data + dataSize);
+ }
+
+ if (output && outputLength > 0)
+ {
+ if (outputLength < 0x100)
+ {
+ // Normal length Le
+ apdu.push_back(outputLength);
+ }
+ else if (outputLength < 0x10000)
+ {
+ // Extended length Le
+ apdu.push_back(0);
+ apdu.push_back(outputLength >> 8);
+ apdu.push_back(outputLength);
+ }
+ else
+ {
+ // Le too big
+ PCSC::Error::throwMe(SCARD_E_PROTO_MISMATCH);
+ }
+
+ // Append the response to what's already in output.
+ size_t oldSize = output->size();
+ // Make enough room for the data we are requesting plus the sw
+ output->resize(oldSize + outputLength + 2);
+ uint8_t *response = &output->at(oldSize);
+ size_t responseLength = outputLength + 2;
+ transmit(&apdu[0], apdu.size(), response, responseLength);
+ if (responseLength < 2)
+ {
+ output->resize(oldSize + responseLength);
+ PCSC::Error::throwMe(SCARD_E_PROTO_MISMATCH);
+ }
+
+ uint16_t sw = (response[responseLength - 2] << 8)
+ + response[responseLength - 1];
+ // Remove the sw from the output.
+ output->resize(oldSize + responseLength - 2);
+
+ return sw;
+ }
+ else
+ {
+ uint8_t response[2];
+ size_t responseLength = sizeof(response);
+ transmit(&apdu[0], apdu.size(), response, responseLength);
+ if (responseLength < 2)
+ PCSC::Error::throwMe(SCARD_E_PROTO_MISMATCH);
+
+ return (response[responseLength - 2] << 8)
+ + response[responseLength - 1];
+ }
+}
+
+void ISO7816Token::name(const char *printName)
+{
+ // Set the printName
+ ::strlcpy(mPrintName,printName,min(1+strlen(printName),size_t(PATH_MAX)));
+}
+
+} // end namespace Tokend
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Token.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Token.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/Token.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,285 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * Token.h
+ * TokendMuscle
+ */
+
+#ifndef _TOKEND_TOKEN_H_
+#define _TOKEND_TOKEN_H_
+
+#include <SecurityTokend/SecTokend.h>
+#include <security_utilities/osxcode.h>
+#include <security_cdsa_utilities/context.h>
+#include <security_cdsa_utilities/cssmpods.h>
+#include <security_cdsa_utilities/cssmbridge.h>
+#include <security_cdsa_utilities/cssmdb.h>
+#include <security_cdsa_utilities/cssmaclpod.h>
+#include <security_cdsa_utilities/cssmcred.h>
+#include <security_utilities/debugging.h>
+#include <security_utilities/pcsc++.h>
+#include <string>
+
+#include "TokenContext.h"
+
+namespace Tokend
+{
+
+class Cursor;
+class Schema;
+class TokenContext;
+
+//
+// "The" token
+//
+class Token : public SecTokendSupport
+{
+ NOCOPY(Token)
+public:
+ Token();
+ virtual ~Token();
+
+ bool cachedObject(CSSM_DB_RECORDTYPE relationId, const std::string &name,
+ CssmData &data) const;
+ void cacheObject(CSSM_DB_RECORDTYPE relationId, const std::string &name,
+ const CssmData &object) const;
+
+ virtual const SecTokendCallbacks *callbacks();
+ virtual SecTokendSupport *support();
+
+ virtual void initial();
+ virtual uint32 probe(SecTokendProbeFlags flags,
+ char tokenUid[TOKEND_MAX_UID]) = 0;
+ virtual void establish(const CSSM_GUID *guid, uint32 subserviceId,
+ SecTokendEstablishFlags flags, const char *cacheDirectory,
+ const char *workDirectory, char mdsDirectory[PATH_MAX],
+ char printName[PATH_MAX]);
+ virtual void terminate(uint32 reason, uint32 options);
+
+ virtual void authenticate(CSSM_DB_ACCESS_TYPE mode,
+ const AccessCredentials *cred);
+ virtual void getOwner(AclOwnerPrototype &owner) = 0;
+ virtual void getAcl(const char *tag, uint32 &count,
+ AclEntryInfo *&acls) = 0;
+
+ virtual Cursor *createCursor(const CSSM_QUERY *inQuery);
+
+ virtual void changeOwner(const AclOwnerPrototype &owner);
+ virtual void changeAcl(const AccessCredentials &cred, const AclEdit &edit);
+
+ virtual void generateRandom(const Context &context, CssmData &result);
+ virtual void getStatistics(CSSM_CSP_OPERATIONAL_STATISTICS &result);
+ virtual void getTime(CSSM_ALGORITHMS algorithm, CssmData &result);
+ virtual void getCounter(CssmData &result);
+ virtual void selfVerify();
+
+ virtual void changePIN(int pinNum,
+ const unsigned char *oldPin, size_t oldPinLength,
+ const unsigned char *newPin, size_t newPinLength);
+ virtual uint32_t pinStatus(int pinNum);
+ virtual void verifyPIN(int pinNum,
+ const unsigned char *pin, size_t pinLength);
+ virtual void unverifyPIN(int pinNum);
+
+ virtual bool isLocked();
+
+ TokenContext *tokenContext() { return mTokenContext; }
+
+protected:
+ std::string cachedObjectPath(CSSM_DB_RECORDTYPE relationId,
+ const std::string &name) const;
+
+ static CSSM_RETURN _initial();
+ static CSSM_RETURN _probe(SecTokendProbeFlags flags, uint32 *score,
+ char tokenUid[TOKEND_MAX_UID]);
+ static CSSM_RETURN _establish(const CSSM_GUID *guid, uint32 subserviceId,
+ SecTokendEstablishFlags flags, const char *cacheDirectory,
+ const char *workDirectory, char mdsDirectory[PATH_MAX],
+ char printName[PATH_MAX]);
+ static CSSM_RETURN _terminate(uint32 reason, uint32 options);
+
+ static CSSM_RETURN _findFirst(const CSSM_QUERY *query,
+ TOKEND_RETURN_DATA *data, CSSM_HANDLE *hSearch);
+ static CSSM_RETURN _findNext(CSSM_HANDLE hSearch,
+ TOKEND_RETURN_DATA *data);
+ static CSSM_RETURN _findRecordHandle(CSSM_HANDLE hRecord,
+ TOKEND_RETURN_DATA *data);
+ static CSSM_RETURN _insertRecord(CSSM_DB_RECORDTYPE recordType,
+ const CSSM_DB_RECORD_ATTRIBUTE_DATA *attributes, const CSSM_DATA *data,
+ CSSM_HANDLE *hRecord);
+ static CSSM_RETURN _modifyRecord(CSSM_DB_RECORDTYPE recordType,
+ CSSM_HANDLE *hRecord, const CSSM_DB_RECORD_ATTRIBUTE_DATA *attributes,
+ const CSSM_DATA *data, CSSM_DB_MODIFY_MODE modifyMode);
+ static CSSM_RETURN _deleteRecord(CSSM_HANDLE hRecord);
+ static CSSM_RETURN _releaseSearch(CSSM_HANDLE hSearch);
+ static CSSM_RETURN _releaseRecord(CSSM_HANDLE hRecord);
+
+ static CSSM_RETURN _freeRetrievedData(TOKEND_RETURN_DATA *data);
+
+ static CSSM_RETURN _releaseKey(CSSM_HANDLE hKey);
+ static CSSM_RETURN _getKeySize(CSSM_HANDLE hKey, CSSM_KEY_SIZE *size);
+ static CSSM_RETURN _getOutputSize(const CSSM_CONTEXT *context,
+ CSSM_HANDLE hKey, uint32 inputSize, CSSM_BOOL encrypting,
+ uint32 *outputSize);
+
+ static CSSM_RETURN _generateSignature(const CSSM_CONTEXT *context,
+ CSSM_HANDLE hKey, CSSM_ALGORITHMS signOnly, const CSSM_DATA *input,
+ CSSM_DATA *signature);
+ static CSSM_RETURN _verifySignature(const CSSM_CONTEXT *context,
+ CSSM_HANDLE hKey, CSSM_ALGORITHMS signOnly, const CSSM_DATA *input,
+ const CSSM_DATA *signature);
+ static CSSM_RETURN _generateMac(const CSSM_CONTEXT *context,
+ CSSM_HANDLE hKey, const CSSM_DATA *input, CSSM_DATA *mac);
+ static CSSM_RETURN _verifyMac(const CSSM_CONTEXT *context,
+ CSSM_HANDLE hKey, const CSSM_DATA *input, const CSSM_DATA *mac);
+ static CSSM_RETURN _encrypt(const CSSM_CONTEXT *context, CSSM_HANDLE hKey,
+ const CSSM_DATA *clear, CSSM_DATA *cipher);
+ static CSSM_RETURN _decrypt(const CSSM_CONTEXT *context, CSSM_HANDLE hKey,
+ const CSSM_DATA *cipher, CSSM_DATA *clear);
+ static CSSM_RETURN _generateKey(const CSSM_CONTEXT *context,
+ const CSSM_ACCESS_CREDENTIALS *creds,
+ const CSSM_ACL_ENTRY_PROTOTYPE *owner, CSSM_KEYUSE usage,
+ CSSM_KEYATTR_FLAGS attrs, CSSM_HANDLE *hKey, CSSM_KEY *header);
+ static CSSM_RETURN _generateKeyPair(const CSSM_CONTEXT *context,
+ const CSSM_ACCESS_CREDENTIALS *creds,
+ const CSSM_ACL_ENTRY_PROTOTYPE *owner,
+ CSSM_KEYUSE pubUsage, CSSM_KEYATTR_FLAGS pubAttrs,
+ CSSM_KEYUSE privUsage, CSSM_KEYATTR_FLAGS privAttrs,
+ CSSM_HANDLE *hPubKey, CSSM_KEY *pubHeader,
+ CSSM_HANDLE *hPrivKey, CSSM_KEY *privHeader);
+ static CSSM_RETURN _wrapKey(const CSSM_CONTEXT *context,
+ CSSM_HANDLE hWrappingKey, const CSSM_KEY *wrappingKey,
+ const CSSM_ACCESS_CREDENTIALS *cred, CSSM_HANDLE hSubjectKey,
+ const CSSM_KEY *subjectKey, const CSSM_DATA *descriptiveData,
+ CSSM_KEY *wrappedKey);
+ static CSSM_RETURN _unwrapKey(const CSSM_CONTEXT *context,
+ CSSM_HANDLE hWrappingKey, const CSSM_KEY *wrappingKey,
+ const CSSM_ACCESS_CREDENTIALS *cred,
+ const CSSM_ACL_ENTRY_PROTOTYPE *access,
+ CSSM_HANDLE hPublicKey, const CSSM_KEY *publicKey,
+ const CSSM_KEY *wrappedKey, CSSM_KEYUSE usage,
+ CSSM_KEYATTR_FLAGS attributes, CSSM_DATA *descriptiveData,
+ CSSM_HANDLE *hUnwrappedKey, CSSM_KEY *unwrappedKey);
+ static CSSM_RETURN _deriveKey(const CSSM_CONTEXT *context,
+ CSSM_HANDLE hSourceKey, const CSSM_KEY *sourceKey,
+ const CSSM_ACCESS_CREDENTIALS *cred,
+ const CSSM_ACL_ENTRY_PROTOTYPE *access, CSSM_DATA *parameters,
+ CSSM_KEYUSE usage, CSSM_KEYATTR_FLAGS attributes,
+ CSSM_HANDLE *hKey, CSSM_KEY *hKey);
+
+ static CSSM_RETURN _getObjectOwner(CSSM_HANDLE hKey,
+ CSSM_ACL_OWNER_PROTOTYPE *owner);
+ static CSSM_RETURN _getObjectAcl(CSSM_HANDLE hKey,
+ const char *tag, uint32 *count, CSSM_ACL_ENTRY_INFO **entries);
+ static CSSM_RETURN _getDatabaseOwner(CSSM_ACL_OWNER_PROTOTYPE *owner);
+ static CSSM_RETURN _getDatabaseAcl(const char *tag, uint32 *count,
+ CSSM_ACL_ENTRY_INFO **entries);
+ static CSSM_RETURN _getKeyOwner(CSSM_HANDLE hKey,
+ CSSM_ACL_OWNER_PROTOTYPE *owner);
+ static CSSM_RETURN _getKeyAcl(CSSM_HANDLE hKey, const char *tag,
+ uint32 *count, CSSM_ACL_ENTRY_INFO **entries);
+
+ static CSSM_RETURN _freeOwnerData(CSSM_ACL_OWNER_PROTOTYPE *owner);
+ static CSSM_RETURN _freeAclData(uint32 count,
+ CSSM_ACL_ENTRY_INFO *entries);
+
+ static CSSM_RETURN _authenticateDatabase(CSSM_DB_ACCESS_TYPE mode,
+ const CSSM_ACCESS_CREDENTIALS *cred);
+
+ static CSSM_RETURN _changeDatabaseOwner(const CSSM_ACL_OWNER_PROTOTYPE *
+ owner);
+ static CSSM_RETURN _changeDatabaseAcl(const CSSM_ACCESS_CREDENTIALS *cred,
+ const CSSM_ACL_EDIT *edit);
+ static CSSM_RETURN _changeObjectOwner(CSSM_HANDLE hRecord,
+ const CSSM_ACL_OWNER_PROTOTYPE *owner);
+ static CSSM_RETURN _changeObjectAcl(CSSM_HANDLE hRecord,
+ const CSSM_ACCESS_CREDENTIALS *cred, const CSSM_ACL_EDIT *edit);
+ static CSSM_RETURN _changeKeyOwner(CSSM_HANDLE key,
+ const CSSM_ACL_OWNER_PROTOTYPE *owner);
+ static CSSM_RETURN _changeKeyAcl(CSSM_HANDLE key,
+ const CSSM_ACCESS_CREDENTIALS *cred, const CSSM_ACL_EDIT *edit);
+
+ static CSSM_RETURN _generateRandom(const CSSM_CONTEXT *context,
+ CSSM_DATA *result);
+ static CSSM_RETURN _getStatistics(CSSM_CSP_OPERATIONAL_STATISTICS *result);
+ static CSSM_RETURN _getTime(CSSM_ALGORITHMS algorithm, CSSM_DATA *result);
+ static CSSM_RETURN _getCounter(CSSM_DATA *result);
+ static CSSM_RETURN _selfVerify();
+
+ static CSSM_RETURN _cspPassThrough(uint32 id, const CSSM_CONTEXT *context,
+ CSSM_HANDLE hKey, const CSSM_KEY *key, const CSSM_DATA *input,
+ CSSM_DATA *output);
+ static CSSM_RETURN _dlPassThrough(uint32 id, const CSSM_DATA *input,
+ CSSM_DATA *output);
+
+ static CSSM_RETURN _isLocked(uint32 *locked);
+
+private:
+ static const SecTokendCallbacks mCallbacks;
+
+protected:
+ Schema *mSchema;
+ TokenContext *mTokenContext;
+
+ Guid mGuid;
+ uint32 mSubserviceId;
+ std::string mCacheDirectory;
+};
+
+
+class ISO7816Token : public Token, public TokenContext, public PCSC::Card
+{
+ NOCOPY(ISO7816Token)
+public:
+ ISO7816Token();
+ virtual ~ISO7816Token();
+
+ virtual uint32 probe(SecTokendProbeFlags flags,
+ char tokenUid[TOKEND_MAX_UID]);
+ virtual void establish(const CSSM_GUID *guid, uint32 subserviceId,
+ SecTokendEstablishFlags flags, const char *cacheDirectory,
+ const char *workDirectory, char mdsDirectory[PATH_MAX],
+ char printName[PATH_MAX]);
+
+ uint16_t transmitAPDU(uint8_t cla, uint8_t ins, uint8_t p1, uint8_t p2,
+ size_t dataSize = 0, const uint8_t *data = NULL,
+ size_t outputLength = 0, std::vector<uint8_t> *output = NULL);
+
+protected:
+ PCSC::Session mSession;
+ char mPrintName[PATH_MAX];
+
+ virtual void name(const char *printName);
+};
+
+
+} // end namespace Tokend
+
+//
+// Singleton
+//
+extern Tokend::Token *token;
+
+#endif /* !_TOKEND_TOKEN_H_ */
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/TokenContext.cpp
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/TokenContext.cpp (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/TokenContext.cpp 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,40 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * TokenContext.cpp
+ * TokendMuscle
+ */
+
+#include "TokenContext.h"
+
+namespace Tokend
+{
+
+TokenContext::~TokenContext()
+{
+}
+
+} // end namespace Tokend
+
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/TokenContext.h
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/TokenContext.h (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/Tokend/TokenContext.h 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,49 @@
+/*
+ * Copyright (c) 2004 Apple Computer, Inc. All Rights Reserved.
+ *
+ * @APPLE_LICENSE_HEADER_START@
+ *
+ * This file contains Original Code and/or Modifications of Original Code
+ * as defined in and that are subject to the Apple Public Source License
+ * Version 2.0 (the 'License'). You may not use this file except in
+ * compliance with the License. Please obtain a copy of the License at
+ * http://www.opensource.apple.com/apsl/ and read it before using this
+ * file.
+ *
+ * The Original Code and all software distributed under the License are
+ * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
+ * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
+ * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
+ * Please see the License for the specific language governing rights and
+ * limitations under the License.
+ *
+ * @APPLE_LICENSE_HEADER_END@
+ */
+
+/*
+ * TokenContext.h
+ * TokendMuscle
+ */
+
+#ifndef _TOKEND_TOKENCONTEXT_H_
+#define _TOKEND_TOKENCONTEXT_H_
+
+#include <security_utilities/utilities.h>
+
+namespace Tokend
+{
+
+class TokenContext
+{
+ NOCOPY(TokenContext)
+public:
+ TokenContext() {}
+ virtual ~TokenContext() = 0;
+};
+
+} // end namespace Tokend
+
+#endif /* !_TOKEND_TOKENCONTEXT_H_ */
+
+
Added: releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/project.pbxproj
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/project.pbxproj (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/project.pbxproj 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,2030 @@
+// !$*UTF8*$!
+{
+ archiveVersion = 1;
+ classes = {
+ };
+ objectVersion = 42;
+ objects = {
+
+/* Begin PBXAggregateTarget section */
+ 52B2601F0BC5A864007E00F1 /* world */ = {
+ isa = PBXAggregateTarget;
+ buildConfigurationList = 52B260280BC5A864007E00F1 /* Build configuration list for PBXAggregateTarget "world" */;
+ buildPhases = (
+ );
+ dependencies = (
+ 529252170BC6BEED00816597 /* PBXTargetDependency */,
+ 52B260D90BC5A864007E00F1 /* PBXTargetDependency */,
+ 52B260DB0BC5A864007E00F1 /* PBXTargetDependency */,
+ 5203894212B8031D007C4317 /* PBXTargetDependency */,
+ 52B260DD0BC5A864007E00F1 /* PBXTargetDependency */,
+ );
+ name = world;
+ productName = world;
+ };
+/* End PBXAggregateTarget section */
+
+/* Begin PBXBuildFile section */
+ 5203890012B802BF007C4317 /* CACAttributeCoder.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C7BA7490703990100E5719F /* CACAttributeCoder.cpp */; };
+ 5203890112B802BF007C4317 /* CACError.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C273A200708CE2C00CCB0FA /* CACError.cpp */; };
+ 5203890212B802BF007C4317 /* CACKeyHandle.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C7BA74B0703990100E5719F /* CACKeyHandle.cpp */; };
+ 5203890312B802BF007C4317 /* CACRecord.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4CBF5C390704CDBF00EEADC2 /* CACRecord.cpp */; };
+ 5203890412B802BF007C4317 /* CACSchema.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C7BA74D0703990100E5719F /* CACSchema.cpp */; };
+ 5203890512B802BF007C4317 /* CACToken.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C7BA74F0703990100E5719F /* CACToken.cpp */; };
+ 5203890712B802BF007C4317 /* libz.dylib in Frameworks */ = {isa = PBXBuildFile; fileRef = 4CBF5CBE0704E76200EEADC2 /* libz.dylib */; };
+ 5203890812B802BF007C4317 /* CoreFoundation.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 4CA8C4D606D6D19400F1BCC8 /* CoreFoundation.framework */; };
+ 5203893012B80315007C4317 /* cacng.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 5203891312B80315007C4317 /* cacng.cpp */; };
+ 5203893112B80315007C4317 /* CACNGApplet.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 5203891412B80315007C4317 /* CACNGApplet.cpp */; };
+ 5203893212B80315007C4317 /* CACNGAttributeCoder.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 5203891612B80315007C4317 /* CACNGAttributeCoder.cpp */; };
+ 5203893312B80315007C4317 /* CACNGError.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 5203891812B80315007C4317 /* CACNGError.cpp */; };
+ 5203893412B80315007C4317 /* CACNGKeyHandle.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 5203891A12B80315007C4317 /* CACNGKeyHandle.cpp */; };
+ 5203893512B80315007C4317 /* CACNGRecord.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 5203891C12B80315007C4317 /* CACNGRecord.cpp */; };
+ 5203893612B80315007C4317 /* CACNGSchema.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 5203891E12B80315007C4317 /* CACNGSchema.cpp */; };
+ 5203893712B80315007C4317 /* CACNGToken.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 5203892012B80315007C4317 /* CACNGToken.cpp */; };
+ 5203893812B80315007C4317 /* CompressionTool.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 5203892212B80315007C4317 /* CompressionTool.cpp */; };
+ 5203893A12B80315007C4317 /* cacng_csp_capabilities.mdsinfo in Resources */ = {isa = PBXBuildFile; fileRef = 5203892612B80315007C4317 /* cacng_csp_capabilities.mdsinfo */; };
+ 5203893B12B80315007C4317 /* cacng_csp_capabilities_common.mds in Resources */ = {isa = PBXBuildFile; fileRef = 5203892712B80315007C4317 /* cacng_csp_capabilities_common.mds */; };
+ 5203893C12B80315007C4317 /* cacng_csp_primary.mdsinfo in Resources */ = {isa = PBXBuildFile; fileRef = 5203892812B80315007C4317 /* cacng_csp_primary.mdsinfo */; };
+ 5203893D12B80315007C4317 /* cacng_dl_primary.mdsinfo in Resources */ = {isa = PBXBuildFile; fileRef = 5203892912B80315007C4317 /* cacng_dl_primary.mdsinfo */; };
+ 5203893E12B80315007C4317 /* cacng_smartcard.mdsinfo in Resources */ = {isa = PBXBuildFile; fileRef = 5203892A12B80315007C4317 /* cacng_smartcard.mdsinfo */; };
+ 5203893F12B80315007C4317 /* Padding.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 5203892B12B80315007C4317 /* Padding.cpp */; };
+ 5203894012B80315007C4317 /* TLV.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 5203892D12B80315007C4317 /* TLV.cpp */; };
+ 52A683110EEF1FB200F71D5B /* BELPICAttributeCoder.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 52A6830F0EEF1FB200F71D5B /* BELPICAttributeCoder.cpp */; };
+ 52B260320BC5A864007E00F1 /* Adornment.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C1B9B6406DBF99F00014414 /* Adornment.cpp */; };
+ 52B260330BC5A864007E00F1 /* Attribute.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C134A9606DBF81800FA17D9 /* Attribute.cpp */; };
+ 52B260340BC5A864007E00F1 /* AttributeCoder.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C134A8A06DBF81800FA17D9 /* AttributeCoder.cpp */; };
+ 52B260350BC5A864007E00F1 /* Cursor.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C134A9806DBF81800FA17D9 /* Cursor.cpp */; };
+ 52B260360BC5A864007E00F1 /* DbValue.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C134A9A06DBF81800FA17D9 /* DbValue.cpp */; };
+ 52B260370BC5A864007E00F1 /* KeyHandle.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C3C166E06F61D6F00FC8AAC /* KeyHandle.cpp */; };
+ 52B260380BC5A864007E00F1 /* MetaAttribute.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C134A9C06DBF81800FA17D9 /* MetaAttribute.cpp */; };
+ 52B260390BC5A864007E00F1 /* MetaRecord.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C134A9E06DBF81800FA17D9 /* MetaRecord.cpp */; };
+ 52B2603A0BC5A864007E00F1 /* Record.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C134AA006DBF81800FA17D9 /* Record.cpp */; };
+ 52B2603B0BC5A864007E00F1 /* RecordHandle.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C55BAFC06DEABE500E4200A /* RecordHandle.cpp */; };
+ 52B2603C0BC5A864007E00F1 /* Relation.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C134A8E06DBF81800FA17D9 /* Relation.cpp */; };
+ 52B2603D0BC5A864007E00F1 /* SCardError.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4CC3947A0731A4DD00761DEE /* SCardError.cpp */; };
+ 52B2603E0BC5A864007E00F1 /* Schema.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C134AA206DBF81800FA17D9 /* Schema.cpp */; };
+ 52B2603F0BC5A864007E00F1 /* SelectionPredicate.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C134AA406DBF81800FA17D9 /* SelectionPredicate.cpp */; };
+ 52B260400BC5A864007E00F1 /* Token.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C134A9006DBF81800FA17D9 /* Token.cpp */; };
+ 52B260410BC5A864007E00F1 /* TokenContext.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C134A9206DBF81800FA17D9 /* TokenContext.cpp */; };
+ 52B2604D0BC5A864007E00F1 /* Adornment.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C1B9B6306DBF99F00014414 /* Adornment.h */; settings = {ATTRIBUTES = (Public, ); }; };
+ 52B2604E0BC5A864007E00F1 /* Attribute.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C134A9706DBF81800FA17D9 /* Attribute.h */; settings = {ATTRIBUTES = (Public, ); }; };
+ 52B2604F0BC5A864007E00F1 /* AttributeCoder.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C134A8B06DBF81800FA17D9 /* AttributeCoder.h */; settings = {ATTRIBUTES = (Public, ); }; };
+ 52B260500BC5A864007E00F1 /* Cursor.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C134A9906DBF81800FA17D9 /* Cursor.h */; settings = {ATTRIBUTES = (Public, ); }; };
+ 52B260510BC5A864007E00F1 /* DbValue.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C134A9B06DBF81800FA17D9 /* DbValue.h */; settings = {ATTRIBUTES = (Public, ); }; };
+ 52B260520BC5A864007E00F1 /* KeyHandle.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C3C166D06F61D6F00FC8AAC /* KeyHandle.h */; settings = {ATTRIBUTES = (Public, ); }; };
+ 52B260530BC5A864007E00F1 /* MetaAttribute.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C134A9D06DBF81800FA17D9 /* MetaAttribute.h */; settings = {ATTRIBUTES = (Public, ); }; };
+ 52B260540BC5A864007E00F1 /* MetaRecord.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C134A9F06DBF81800FA17D9 /* MetaRecord.h */; settings = {ATTRIBUTES = (Public, ); }; };
+ 52B260550BC5A864007E00F1 /* Record.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C134AA106DBF81800FA17D9 /* Record.h */; settings = {ATTRIBUTES = (Public, ); }; };
+ 52B260560BC5A864007E00F1 /* RecordHandle.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C55BAFB06DEABE500E4200A /* RecordHandle.h */; settings = {ATTRIBUTES = (Public, ); }; };
+ 52B260570BC5A864007E00F1 /* Relation.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C134A8F06DBF81800FA17D9 /* Relation.h */; settings = {ATTRIBUTES = (Public, ); }; };
+ 52B260580BC5A864007E00F1 /* SCardError.h in Headers */ = {isa = PBXBuildFile; fileRef = 4CC394790731A4DD00761DEE /* SCardError.h */; settings = {ATTRIBUTES = (Public, ); }; };
+ 52B260590BC5A864007E00F1 /* Schema.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C134AA306DBF81800FA17D9 /* Schema.h */; settings = {ATTRIBUTES = (Public, ); }; };
+ 52B2605A0BC5A864007E00F1 /* SelectionPredicate.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C134AA506DBF81800FA17D9 /* SelectionPredicate.h */; settings = {ATTRIBUTES = (Public, ); }; };
+ 52B2605B0BC5A864007E00F1 /* Token.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C134A9106DBF81800FA17D9 /* Token.h */; settings = {ATTRIBUTES = (Public, ); }; };
+ 52B2605C0BC5A864007E00F1 /* TokenContext.h in Headers */ = {isa = PBXBuildFile; fileRef = 4C134A9306DBF81800FA17D9 /* TokenContext.h */; settings = {ATTRIBUTES = (Public, ); }; };
+ 52B260680BC5A864007E00F1 /* belpic_csp_capabilities.mdsinfo in Resources */ = {isa = PBXBuildFile; fileRef = 4C5C1CE8073065EA00AECB7F /* belpic_csp_capabilities.mdsinfo */; };
+ 52B260690BC5A864007E00F1 /* belpic_csp_capabilities_common.mds in Resources */ = {isa = PBXBuildFile; fileRef = 4C5C1CE9073065EA00AECB7F /* belpic_csp_capabilities_common.mds */; };
+ 52B2606A0BC5A864007E00F1 /* belpic_csp_primary.mdsinfo in Resources */ = {isa = PBXBuildFile; fileRef = 4C5C1CEA073065EA00AECB7F /* belpic_csp_primary.mdsinfo */; };
+ 52B2606B0BC5A864007E00F1 /* belpic_dl_primary.mdsinfo in Resources */ = {isa = PBXBuildFile; fileRef = 4C5C1CEB073065EA00AECB7F /* belpic_dl_primary.mdsinfo */; };
+ 52B2606C0BC5A864007E00F1 /* belpic_smartcard.mdsinfo in Resources */ = {isa = PBXBuildFile; fileRef = 4C5C1CEC073065EA00AECB7F /* belpic_smartcard.mdsinfo */; };
+ 52B2606E0BC5A864007E00F1 /* belpic.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C86D3A0070B4122006A0C7F /* belpic.cpp */; };
+ 52B2606F0BC5A864007E00F1 /* BELPICError.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C86D3A3070B4122006A0C7F /* BELPICError.cpp */; };
+ 52B260700BC5A864007E00F1 /* BELPICKeyHandle.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C86D3A5070B4122006A0C7F /* BELPICKeyHandle.cpp */; };
+ 52B260710BC5A864007E00F1 /* BELPICRecord.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C86D3A7070B4122006A0C7F /* BELPICRecord.cpp */; };
+ 52B260720BC5A864007E00F1 /* BELPICSchema.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C86D3A9070B4122006A0C7F /* BELPICSchema.cpp */; };
+ 52B260730BC5A864007E00F1 /* BELPICToken.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C86D3AB070B4122006A0C7F /* BELPICToken.cpp */; };
+ 52B260750BC5A864007E00F1 /* CoreFoundation.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 4CA8C4D606D6D19400F1BCC8 /* CoreFoundation.framework */; };
+ 52B260810BC5A864007E00F1 /* cac_csp_capabilities.mdsinfo in Resources */ = {isa = PBXBuildFile; fileRef = 4C5C1D000730661500AECB7F /* cac_csp_capabilities.mdsinfo */; };
+ 52B260820BC5A864007E00F1 /* cac_csp_capabilities_common.mds in Resources */ = {isa = PBXBuildFile; fileRef = 4C5C1D010730661500AECB7F /* cac_csp_capabilities_common.mds */; };
+ 52B260830BC5A864007E00F1 /* cac_csp_primary.mdsinfo in Resources */ = {isa = PBXBuildFile; fileRef = 4C5C1D020730661500AECB7F /* cac_csp_primary.mdsinfo */; };
+ 52B260840BC5A864007E00F1 /* cac_dl_primary.mdsinfo in Resources */ = {isa = PBXBuildFile; fileRef = 4C5C1D030730661500AECB7F /* cac_dl_primary.mdsinfo */; };
+ 52B260850BC5A864007E00F1 /* cac_smartcard.mdsinfo in Resources */ = {isa = PBXBuildFile; fileRef = 4C5C1D040730661500AECB7F /* cac_smartcard.mdsinfo */; };
+ 52B260870BC5A864007E00F1 /* cac.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C7BA7510703990100E5719F /* cac.cpp */; };
+ 52B260880BC5A864007E00F1 /* CACAttributeCoder.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C7BA7490703990100E5719F /* CACAttributeCoder.cpp */; };
+ 52B260890BC5A864007E00F1 /* CACError.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C273A200708CE2C00CCB0FA /* CACError.cpp */; };
+ 52B2608A0BC5A864007E00F1 /* CACKeyHandle.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C7BA74B0703990100E5719F /* CACKeyHandle.cpp */; };
+ 52B2608B0BC5A864007E00F1 /* CACRecord.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4CBF5C390704CDBF00EEADC2 /* CACRecord.cpp */; };
+ 52B2608C0BC5A864007E00F1 /* CACSchema.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C7BA74D0703990100E5719F /* CACSchema.cpp */; };
+ 52B2608D0BC5A864007E00F1 /* CACToken.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C7BA74F0703990100E5719F /* CACToken.cpp */; };
+ 52B2608F0BC5A864007E00F1 /* libz.dylib in Frameworks */ = {isa = PBXBuildFile; fileRef = 4CBF5CBE0704E76200EEADC2 /* libz.dylib */; };
+ 52B260900BC5A864007E00F1 /* CoreFoundation.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 4CA8C4D606D6D19400F1BCC8 /* CoreFoundation.framework */; };
+ 52B2609C0BC5A864007E00F1 /* musclecard_csp_capabilities.mdsinfo in Resources */ = {isa = PBXBuildFile; fileRef = 4C5C1D300730664E00AECB7F /* musclecard_csp_capabilities.mdsinfo */; };
+ 52B2609D0BC5A864007E00F1 /* musclecard_csp_capabilities_common.mds in Resources */ = {isa = PBXBuildFile; fileRef = 4C5C1D310730664E00AECB7F /* musclecard_csp_capabilities_common.mds */; };
+ 52B2609E0BC5A864007E00F1 /* musclecard_csp_primary.mdsinfo in Resources */ = {isa = PBXBuildFile; fileRef = 4C5C1D320730664E00AECB7F /* musclecard_csp_primary.mdsinfo */; };
+ 52B2609F0BC5A864007E00F1 /* musclecard_dl_primary.mdsinfo in Resources */ = {isa = PBXBuildFile; fileRef = 4C5C1D330730664E00AECB7F /* musclecard_dl_primary.mdsinfo */; };
+ 52B260A00BC5A864007E00F1 /* musclecard_smartcard.mdsinfo in Resources */ = {isa = PBXBuildFile; fileRef = 4C5C1D340730664E00AECB7F /* musclecard_smartcard.mdsinfo */; };
+ 52B260A20BC5A864007E00F1 /* KeyRecord.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4CE2E6A406DC06AB00E21469 /* KeyRecord.cpp */; };
+ 52B260A30BC5A864007E00F1 /* musclecard.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C3FACAD06DBF84400D18D5F /* musclecard.cpp */; };
+ 52B260A40BC5A864007E00F1 /* MuscleCardAttributeCoder.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C1B9B5C06DBF96E00014414 /* MuscleCardAttributeCoder.cpp */; };
+ 52B260A50BC5A864007E00F1 /* MuscleCardKeyHandle.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C253C0E06F66A6100B5CED6 /* MuscleCardKeyHandle.cpp */; };
+ 52B260A60BC5A864007E00F1 /* MuscleCardSchema.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C1B9B8906DBFEE200014414 /* MuscleCardSchema.cpp */; };
+ 52B260A70BC5A864007E00F1 /* MuscleCardToken.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C3FACAE06DBF84400D18D5F /* MuscleCardToken.cpp */; };
+ 52B260A80BC5A864007E00F1 /* TokenRecord.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C63F7A506DC052A00CB6F22 /* TokenRecord.cpp */; };
+ 52B260A90BC5A864007E00F1 /* MscACL.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C134AAB06DBF81800FA17D9 /* MscACL.cpp */; };
+ 52B260AA0BC5A864007E00F1 /* MscError.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C134AA906DBF81800FA17D9 /* MscError.cpp */; };
+ 52B260AB0BC5A864007E00F1 /* MscKey.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C134AAF06DBF81800FA17D9 /* MscKey.cpp */; };
+ 52B260AC0BC5A864007E00F1 /* MscObject.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C134AB106DBF81800FA17D9 /* MscObject.cpp */; };
+ 52B260AD0BC5A864007E00F1 /* MscPIN.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C134AB306DBF81800FA17D9 /* MscPIN.cpp */; };
+ 52B260AE0BC5A864007E00F1 /* MscToken.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C134AB506DBF81800FA17D9 /* MscToken.cpp */; };
+ 52B260AF0BC5A864007E00F1 /* MscTokenConnection.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C134AB706DBF81800FA17D9 /* MscTokenConnection.cpp */; };
+ 52B260B00BC5A864007E00F1 /* MscWrappers.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 4C134AB906DBF81800FA17D9 /* MscWrappers.cpp */; };
+ 52B260B20BC5A864007E00F1 /* CoreFoundation.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 4CA8C4D606D6D19400F1BCC8 /* CoreFoundation.framework */; };
+ 52B260BE0BC5A864007E00F1 /* piv_csp_capabilities.mdsinfo in Resources */ = {isa = PBXBuildFile; fileRef = 528067810B78E98600D02C3A /* piv_csp_capabilities.mdsinfo */; };
+ 52B260BF0BC5A864007E00F1 /* piv_csp_capabilities_common.mds in Resources */ = {isa = PBXBuildFile; fileRef = 528067820B78E98600D02C3A /* piv_csp_capabilities_common.mds */; };
+ 52B260C00BC5A864007E00F1 /* piv_csp_primary.mdsinfo in Resources */ = {isa = PBXBuildFile; fileRef = 528067830B78E98600D02C3A /* piv_csp_primary.mdsinfo */; };
+ 52B260C10BC5A864007E00F1 /* piv_dl_primary.mdsinfo in Resources */ = {isa = PBXBuildFile; fileRef = 528067840B78E98600D02C3A /* piv_dl_primary.mdsinfo */; };
+ 52B260C20BC5A864007E00F1 /* piv_smartcard.mdsinfo in Resources */ = {isa = PBXBuildFile; fileRef = 528067850B78E98600D02C3A /* piv_smartcard.mdsinfo */; };
+ 52B260C40BC5A864007E00F1 /* piv.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 528067860B78E98600D02C3A /* piv.cpp */; };
+ 52B260C50BC5A864007E00F1 /* PIVAttributeCoder.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 528067870B78E98600D02C3A /* PIVAttributeCoder.cpp */; };
+ 52B260C60BC5A864007E00F1 /* PIVError.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 528067890B78E98600D02C3A /* PIVError.cpp */; };
+ 52B260C70BC5A864007E00F1 /* PIVKeyHandle.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 5280678B0B78E98600D02C3A /* PIVKeyHandle.cpp */; };
+ 52B260C80BC5A864007E00F1 /* PIVRecord.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 5280678D0B78E98600D02C3A /* PIVRecord.cpp */; };
+ 52B260C90BC5A864007E00F1 /* PIVSchema.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 5280678F0B78E98600D02C3A /* PIVSchema.cpp */; };
+ 52B260CA0BC5A864007E00F1 /* PIVToken.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 528067910B78E98600D02C3A /* PIVToken.cpp */; };
+ 52B260CB0BC5A864007E00F1 /* PIVCCC.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 529D9A7B0B867FA900DBFA4B /* PIVCCC.cpp */; };
+ 52B260CD0BC5A864007E00F1 /* libz.dylib in Frameworks */ = {isa = PBXBuildFile; fileRef = 4CBF5CBE0704E76200EEADC2 /* libz.dylib */; };
+ 52B260CE0BC5A864007E00F1 /* CoreFoundation.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 4CA8C4D606D6D19400F1BCC8 /* CoreFoundation.framework */; };
+ 52CAA8CB0EBF7E40004C1A9E /* Padding.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 52CAA8C70EBF7E40004C1A9E /* Padding.cpp */; };
+ 52CAA8CC0EBF7E40004C1A9E /* TLV.cpp in Sources */ = {isa = PBXBuildFile; fileRef = 52CAA8C90EBF7E40004C1A9E /* TLV.cpp */; };
+ C29914660C441EBB009571C2 /* PCSC.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 52CA8342067E8175005A1EBA /* PCSC.framework */; };
+ C29914670C441EBB009571C2 /* Security.framework in Frameworks */ = {isa = PBXBuildFile; fileRef = 52CA8343067E8175005A1EBA /* Security.framework */; };
+/* End PBXBuildFile section */
+
+/* Begin PBXContainerItemProxy section */
+ 520388F712B802BF007C4317 /* PBXContainerItemProxy */ = {
+ isa = PBXContainerItemProxy;
+ containerPortal = 08FB7793FE84155DC02AAC07 /* Project object */;
+ proxyType = 1;
+ remoteGlobalIDString = 52B2602D0BC5A864007E00F1;
+ remoteInfo = "libtokend (Upgraded)";
+ };
+ 5203894112B8031D007C4317 /* PBXContainerItemProxy */ = {
+ isa = PBXContainerItemProxy;
+ containerPortal = 08FB7793FE84155DC02AAC07 /* Project object */;
+ proxyType = 1;
+ remoteGlobalIDString = 520388F512B802BF007C4317;
+ remoteInfo = CACNG;
+ };
+ 529252160BC6BEED00816597 /* PBXContainerItemProxy */ = {
+ isa = PBXContainerItemProxy;
+ containerPortal = 08FB7793FE84155DC02AAC07 /* Project object */;
+ proxyType = 1;
+ remoteGlobalIDString = 52B2602D0BC5A864007E00F1;
+ remoteInfo = libtokend;
+ };
+ 52B260D80BC5A864007E00F1 /* PBXContainerItemProxy */ = {
+ isa = PBXContainerItemProxy;
+ containerPortal = 08FB7793FE84155DC02AAC07 /* Project object */;
+ proxyType = 1;
+ remoteGlobalIDString = 52B260640BC5A864007E00F1;
+ remoteInfo = "BELPIC (Copied)";
+ };
+ 52B260DA0BC5A864007E00F1 /* PBXContainerItemProxy */ = {
+ isa = PBXContainerItemProxy;
+ containerPortal = 08FB7793FE84155DC02AAC07 /* Project object */;
+ proxyType = 1;
+ remoteGlobalIDString = 52B2607D0BC5A864007E00F1;
+ remoteInfo = "CAC (Copied)";
+ };
+ 52B260DC0BC5A864007E00F1 /* PBXContainerItemProxy */ = {
+ isa = PBXContainerItemProxy;
+ containerPortal = 08FB7793FE84155DC02AAC07 /* Project object */;
+ proxyType = 1;
+ remoteGlobalIDString = 52B260BA0BC5A864007E00F1;
+ remoteInfo = "PIV (Copied)";
+ };
+ 52B260DE0BC5A864007E00F1 /* PBXContainerItemProxy */ = {
+ isa = PBXContainerItemProxy;
+ containerPortal = 08FB7793FE84155DC02AAC07 /* Project object */;
+ proxyType = 1;
+ remoteGlobalIDString = 52B2604B0BC5A864007E00F1;
+ remoteInfo = "tokend (Upgraded)";
+ };
+ 52B260E00BC5A864007E00F1 /* PBXContainerItemProxy */ = {
+ isa = PBXContainerItemProxy;
+ containerPortal = 08FB7793FE84155DC02AAC07 /* Project object */;
+ proxyType = 1;
+ remoteGlobalIDString = 52B2602D0BC5A864007E00F1;
+ remoteInfo = "libtokend (Upgraded)";
+ };
+ 52B260E20BC5A864007E00F1 /* PBXContainerItemProxy */ = {
+ isa = PBXContainerItemProxy;
+ containerPortal = 08FB7793FE84155DC02AAC07 /* Project object */;
+ proxyType = 1;
+ remoteGlobalIDString = 52B2602D0BC5A864007E00F1;
+ remoteInfo = "libtokend (Upgraded)";
+ };
+ 52B260E40BC5A864007E00F1 /* PBXContainerItemProxy */ = {
+ isa = PBXContainerItemProxy;
+ containerPortal = 08FB7793FE84155DC02AAC07 /* Project object */;
+ proxyType = 1;
+ remoteGlobalIDString = 52B2602D0BC5A864007E00F1;
+ remoteInfo = "libtokend (Upgraded)";
+ };
+ 52B260E60BC5A864007E00F1 /* PBXContainerItemProxy */ = {
+ isa = PBXContainerItemProxy;
+ containerPortal = 08FB7793FE84155DC02AAC07 /* Project object */;
+ proxyType = 1;
+ remoteGlobalIDString = 52B2602D0BC5A864007E00F1;
+ remoteInfo = "libtokend (Upgraded)";
+ };
+/* End PBXContainerItemProxy section */
+
+/* Begin PBXFileReference section */
+ 4C134A8A06DBF81800FA17D9 /* AttributeCoder.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = AttributeCoder.cpp; sourceTree = "<group>"; };
+ 4C134A8B06DBF81800FA17D9 /* AttributeCoder.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = AttributeCoder.h; sourceTree = "<group>"; };
+ 4C134A8E06DBF81800FA17D9 /* Relation.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = Relation.cpp; sourceTree = "<group>"; };
+ 4C134A8F06DBF81800FA17D9 /* Relation.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = Relation.h; sourceTree = "<group>"; };
+ 4C134A9006DBF81800FA17D9 /* Token.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = Token.cpp; sourceTree = "<group>"; };
+ 4C134A9106DBF81800FA17D9 /* Token.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = Token.h; sourceTree = "<group>"; };
+ 4C134A9206DBF81800FA17D9 /* TokenContext.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = TokenContext.cpp; sourceTree = "<group>"; };
+ 4C134A9306DBF81800FA17D9 /* TokenContext.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = TokenContext.h; sourceTree = "<group>"; };
+ 4C134A9606DBF81800FA17D9 /* Attribute.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = Attribute.cpp; sourceTree = "<group>"; };
+ 4C134A9706DBF81800FA17D9 /* Attribute.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = Attribute.h; sourceTree = "<group>"; };
+ 4C134A9806DBF81800FA17D9 /* Cursor.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = Cursor.cpp; sourceTree = "<group>"; };
+ 4C134A9906DBF81800FA17D9 /* Cursor.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = Cursor.h; sourceTree = "<group>"; };
+ 4C134A9A06DBF81800FA17D9 /* DbValue.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = DbValue.cpp; sourceTree = "<group>"; };
+ 4C134A9B06DBF81800FA17D9 /* DbValue.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = DbValue.h; sourceTree = "<group>"; };
+ 4C134A9C06DBF81800FA17D9 /* MetaAttribute.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = MetaAttribute.cpp; sourceTree = "<group>"; };
+ 4C134A9D06DBF81800FA17D9 /* MetaAttribute.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = MetaAttribute.h; sourceTree = "<group>"; };
+ 4C134A9E06DBF81800FA17D9 /* MetaRecord.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = MetaRecord.cpp; sourceTree = "<group>"; };
+ 4C134A9F06DBF81800FA17D9 /* MetaRecord.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = MetaRecord.h; sourceTree = "<group>"; };
+ 4C134AA006DBF81800FA17D9 /* Record.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = Record.cpp; sourceTree = "<group>"; };
+ 4C134AA106DBF81800FA17D9 /* Record.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = Record.h; sourceTree = "<group>"; };
+ 4C134AA206DBF81800FA17D9 /* Schema.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = Schema.cpp; sourceTree = "<group>"; };
+ 4C134AA306DBF81800FA17D9 /* Schema.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = Schema.h; sourceTree = "<group>"; };
+ 4C134AA406DBF81800FA17D9 /* SelectionPredicate.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = SelectionPredicate.cpp; sourceTree = "<group>"; };
+ 4C134AA506DBF81800FA17D9 /* SelectionPredicate.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = SelectionPredicate.h; sourceTree = "<group>"; };
+ 4C134AA906DBF81800FA17D9 /* MscError.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = MscError.cpp; sourceTree = "<group>"; };
+ 4C134AAA06DBF81800FA17D9 /* MscError.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = MscError.h; sourceTree = "<group>"; };
+ 4C134AAB06DBF81800FA17D9 /* MscACL.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = MscACL.cpp; sourceTree = "<group>"; };
+ 4C134AAC06DBF81800FA17D9 /* MscACL.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = MscACL.h; sourceTree = "<group>"; };
+ 4C134AAF06DBF81800FA17D9 /* MscKey.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = MscKey.cpp; sourceTree = "<group>"; };
+ 4C134AB006DBF81800FA17D9 /* MscKey.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = MscKey.h; sourceTree = "<group>"; };
+ 4C134AB106DBF81800FA17D9 /* MscObject.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = MscObject.cpp; sourceTree = "<group>"; };
+ 4C134AB206DBF81800FA17D9 /* MscObject.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = MscObject.h; sourceTree = "<group>"; };
+ 4C134AB306DBF81800FA17D9 /* MscPIN.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = MscPIN.cpp; sourceTree = "<group>"; };
+ 4C134AB406DBF81800FA17D9 /* MscPIN.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = MscPIN.h; sourceTree = "<group>"; };
+ 4C134AB506DBF81800FA17D9 /* MscToken.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = MscToken.cpp; sourceTree = "<group>"; };
+ 4C134AB606DBF81800FA17D9 /* MscToken.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = MscToken.h; sourceTree = "<group>"; };
+ 4C134AB706DBF81800FA17D9 /* MscTokenConnection.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = MscTokenConnection.cpp; sourceTree = "<group>"; };
+ 4C134AB806DBF81800FA17D9 /* MscTokenConnection.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = MscTokenConnection.h; sourceTree = "<group>"; };
+ 4C134AB906DBF81800FA17D9 /* MscWrappers.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = MscWrappers.cpp; sourceTree = "<group>"; };
+ 4C134ABA06DBF81800FA17D9 /* MscWrappers.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = MscWrappers.h; sourceTree = "<group>"; };
+ 4C1B9B5B06DBF96E00014414 /* MuscleCardAttributeCoder.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = MuscleCardAttributeCoder.h; sourceTree = "<group>"; };
+ 4C1B9B5C06DBF96E00014414 /* MuscleCardAttributeCoder.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = MuscleCardAttributeCoder.cpp; sourceTree = "<group>"; };
+ 4C1B9B6306DBF99F00014414 /* Adornment.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = Adornment.h; sourceTree = "<group>"; };
+ 4C1B9B6406DBF99F00014414 /* Adornment.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = Adornment.cpp; sourceTree = "<group>"; };
+ 4C1B9B8806DBFEE200014414 /* MuscleCardSchema.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = MuscleCardSchema.h; sourceTree = "<group>"; };
+ 4C1B9B8906DBFEE200014414 /* MuscleCardSchema.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = MuscleCardSchema.cpp; sourceTree = "<group>"; };
+ 4C253C0D06F66A6100B5CED6 /* MuscleCardKeyHandle.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = MuscleCardKeyHandle.h; sourceTree = "<group>"; };
+ 4C253C0E06F66A6100B5CED6 /* MuscleCardKeyHandle.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = MuscleCardKeyHandle.cpp; sourceTree = "<group>"; };
+ 4C273A1F0708CE2C00CCB0FA /* CACError.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = CACError.h; sourceTree = "<group>"; };
+ 4C273A200708CE2C00CCB0FA /* CACError.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = CACError.cpp; sourceTree = "<group>"; };
+ 4C3C166D06F61D6F00FC8AAC /* KeyHandle.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = KeyHandle.h; sourceTree = "<group>"; };
+ 4C3C166E06F61D6F00FC8AAC /* KeyHandle.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = KeyHandle.cpp; sourceTree = "<group>"; };
+ 4C3FACAC06DBF84400D18D5F /* Info.plist */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = "<group>"; };
+ 4C3FACAD06DBF84400D18D5F /* musclecard.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = musclecard.cpp; sourceTree = "<group>"; };
+ 4C3FACAE06DBF84400D18D5F /* MuscleCardToken.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = MuscleCardToken.cpp; sourceTree = "<group>"; };
+ 4C3FACAF06DBF84400D18D5F /* MuscleCardToken.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = MuscleCardToken.h; sourceTree = "<group>"; };
+ 4C55BAFB06DEABE500E4200A /* RecordHandle.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = RecordHandle.h; sourceTree = "<group>"; };
+ 4C55BAFC06DEABE500E4200A /* RecordHandle.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = RecordHandle.cpp; sourceTree = "<group>"; };
+ 4C5C1CE8073065EA00AECB7F /* belpic_csp_capabilities.mdsinfo */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text.xml; name = belpic_csp_capabilities.mdsinfo; path = BELPIC/mds/belpic_csp_capabilities.mdsinfo; sourceTree = SOURCE_ROOT; };
+ 4C5C1CE9073065EA00AECB7F /* belpic_csp_capabilities_common.mds */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text.xml; name = belpic_csp_capabilities_common.mds; path = BELPIC/mds/belpic_csp_capabilities_common.mds; sourceTree = SOURCE_ROOT; };
+ 4C5C1CEA073065EA00AECB7F /* belpic_csp_primary.mdsinfo */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text.xml; name = belpic_csp_primary.mdsinfo; path = BELPIC/mds/belpic_csp_primary.mdsinfo; sourceTree = SOURCE_ROOT; };
+ 4C5C1CEB073065EA00AECB7F /* belpic_dl_primary.mdsinfo */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text.xml; name = belpic_dl_primary.mdsinfo; path = BELPIC/mds/belpic_dl_primary.mdsinfo; sourceTree = SOURCE_ROOT; };
+ 4C5C1CEC073065EA00AECB7F /* belpic_smartcard.mdsinfo */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text.xml; name = belpic_smartcard.mdsinfo; path = BELPIC/mds/belpic_smartcard.mdsinfo; sourceTree = SOURCE_ROOT; };
+ 4C5C1D000730661500AECB7F /* cac_csp_capabilities.mdsinfo */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text.xml; name = cac_csp_capabilities.mdsinfo; path = CAC/mds/cac_csp_capabilities.mdsinfo; sourceTree = SOURCE_ROOT; };
+ 4C5C1D010730661500AECB7F /* cac_csp_capabilities_common.mds */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text.xml; name = cac_csp_capabilities_common.mds; path = CAC/mds/cac_csp_capabilities_common.mds; sourceTree = SOURCE_ROOT; };
+ 4C5C1D020730661500AECB7F /* cac_csp_primary.mdsinfo */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text.xml; name = cac_csp_primary.mdsinfo; path = CAC/mds/cac_csp_primary.mdsinfo; sourceTree = SOURCE_ROOT; };
+ 4C5C1D030730661500AECB7F /* cac_dl_primary.mdsinfo */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text.xml; name = cac_dl_primary.mdsinfo; path = CAC/mds/cac_dl_primary.mdsinfo; sourceTree = SOURCE_ROOT; };
+ 4C5C1D040730661500AECB7F /* cac_smartcard.mdsinfo */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text.xml; name = cac_smartcard.mdsinfo; path = CAC/mds/cac_smartcard.mdsinfo; sourceTree = SOURCE_ROOT; };
+ 4C5C1D300730664E00AECB7F /* musclecard_csp_capabilities.mdsinfo */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text.xml; name = musclecard_csp_capabilities.mdsinfo; path = MuscleCard/mds/musclecard_csp_capabilities.mdsinfo; sourceTree = SOURCE_ROOT; };
+ 4C5C1D310730664E00AECB7F /* musclecard_csp_capabilities_common.mds */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text.xml; name = musclecard_csp_capabilities_common.mds; path = MuscleCard/mds/musclecard_csp_capabilities_common.mds; sourceTree = SOURCE_ROOT; };
+ 4C5C1D320730664E00AECB7F /* musclecard_csp_primary.mdsinfo */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text.xml; name = musclecard_csp_primary.mdsinfo; path = MuscleCard/mds/musclecard_csp_primary.mdsinfo; sourceTree = SOURCE_ROOT; };
+ 4C5C1D330730664E00AECB7F /* musclecard_dl_primary.mdsinfo */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text.xml; name = musclecard_dl_primary.mdsinfo; path = MuscleCard/mds/musclecard_dl_primary.mdsinfo; sourceTree = SOURCE_ROOT; };
+ 4C5C1D340730664E00AECB7F /* musclecard_smartcard.mdsinfo */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text.xml; name = musclecard_smartcard.mdsinfo; path = MuscleCard/mds/musclecard_smartcard.mdsinfo; sourceTree = SOURCE_ROOT; };
+ 4C63F7A506DC052A00CB6F22 /* TokenRecord.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = TokenRecord.cpp; sourceTree = "<group>"; };
+ 4C63F7A606DC052A00CB6F22 /* TokenRecord.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = TokenRecord.h; sourceTree = "<group>"; };
+ 4C7BA7490703990100E5719F /* CACAttributeCoder.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = CACAttributeCoder.cpp; sourceTree = "<group>"; };
+ 4C7BA74A0703990100E5719F /* CACAttributeCoder.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = CACAttributeCoder.h; sourceTree = "<group>"; };
+ 4C7BA74B0703990100E5719F /* CACKeyHandle.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = CACKeyHandle.cpp; sourceTree = "<group>"; };
+ 4C7BA74C0703990100E5719F /* CACKeyHandle.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = CACKeyHandle.h; sourceTree = "<group>"; };
+ 4C7BA74D0703990100E5719F /* CACSchema.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = CACSchema.cpp; sourceTree = "<group>"; };
+ 4C7BA74E0703990100E5719F /* CACSchema.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = CACSchema.h; sourceTree = "<group>"; };
+ 4C7BA74F0703990100E5719F /* CACToken.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = CACToken.cpp; sourceTree = "<group>"; };
+ 4C7BA7500703990100E5719F /* CACToken.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = CACToken.h; sourceTree = "<group>"; };
+ 4C7BA7510703990100E5719F /* cac.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = cac.cpp; sourceTree = "<group>"; };
+ 4C7BA7520703990100E5719F /* Info.plist */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = "<group>"; };
+ 4C86D3A0070B4122006A0C7F /* belpic.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = belpic.cpp; sourceTree = "<group>"; };
+ 4C86D3A3070B4122006A0C7F /* BELPICError.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = BELPICError.cpp; sourceTree = "<group>"; };
+ 4C86D3A4070B4122006A0C7F /* BELPICError.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = BELPICError.h; sourceTree = "<group>"; };
+ 4C86D3A5070B4122006A0C7F /* BELPICKeyHandle.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = BELPICKeyHandle.cpp; sourceTree = "<group>"; };
+ 4C86D3A6070B4122006A0C7F /* BELPICKeyHandle.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = BELPICKeyHandle.h; sourceTree = "<group>"; };
+ 4C86D3A7070B4122006A0C7F /* BELPICRecord.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = BELPICRecord.cpp; sourceTree = "<group>"; };
+ 4C86D3A8070B4122006A0C7F /* BELPICRecord.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = BELPICRecord.h; sourceTree = "<group>"; };
+ 4C86D3A9070B4122006A0C7F /* BELPICSchema.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = BELPICSchema.cpp; sourceTree = "<group>"; };
+ 4C86D3AA070B4122006A0C7F /* BELPICSchema.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = BELPICSchema.h; sourceTree = "<group>"; };
+ 4C86D3AB070B4122006A0C7F /* BELPICToken.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = BELPICToken.cpp; sourceTree = "<group>"; };
+ 4C86D3AC070B4122006A0C7F /* BELPICToken.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = BELPICToken.h; sourceTree = "<group>"; };
+ 4C86D3AD070B4122006A0C7F /* Info.plist */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = "<group>"; };
+ 4CA858F10654413F0083DED3 /* SecurityTokend.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; path = SecurityTokend.framework; sourceTree = BUILT_PRODUCTS_DIR; };
+ 4CA8C4D606D6D19400F1BCC8 /* CoreFoundation.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = CoreFoundation.framework; path = /System/Library/Frameworks/CoreFoundation.framework; sourceTree = "<absolute>"; };
+ 4CBF5C380704CDBF00EEADC2 /* CACRecord.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = CACRecord.h; sourceTree = "<group>"; };
+ 4CBF5C390704CDBF00EEADC2 /* CACRecord.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = CACRecord.cpp; sourceTree = "<group>"; };
+ 4CBF5CBE0704E76200EEADC2 /* libz.dylib */ = {isa = PBXFileReference; lastKnownFileType = "compiled.mach-o.dylib"; name = libz.dylib; path = /usr/lib/libz.1.dylib; sourceTree = "<absolute>"; };
+ 4CC394790731A4DD00761DEE /* SCardError.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = SCardError.h; sourceTree = "<group>"; };
+ 4CC3947A0731A4DD00761DEE /* SCardError.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = SCardError.cpp; sourceTree = "<group>"; };
+ 4CE2E6A406DC06AB00E21469 /* KeyRecord.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; path = KeyRecord.cpp; sourceTree = "<group>"; };
+ 4CE2E6A506DC06AB00E21469 /* KeyRecord.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; path = KeyRecord.h; sourceTree = "<group>"; };
+ 5203890C12B802BF007C4317 /* CACNG.tokend */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = CACNG.tokend; sourceTree = BUILT_PRODUCTS_DIR; };
+ 5203891212B80315007C4317 /* byte_string.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = byte_string.h; sourceTree = "<group>"; };
+ 5203891312B80315007C4317 /* cacng.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = cacng.cpp; sourceTree = "<group>"; };
+ 5203891412B80315007C4317 /* CACNGApplet.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = CACNGApplet.cpp; sourceTree = "<group>"; };
+ 5203891512B80315007C4317 /* CACNGApplet.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = CACNGApplet.h; sourceTree = "<group>"; };
+ 5203891612B80315007C4317 /* CACNGAttributeCoder.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = CACNGAttributeCoder.cpp; sourceTree = "<group>"; };
+ 5203891712B80315007C4317 /* CACNGAttributeCoder.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = CACNGAttributeCoder.h; sourceTree = "<group>"; };
+ 5203891812B80315007C4317 /* CACNGError.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = CACNGError.cpp; sourceTree = "<group>"; };
+ 5203891912B80315007C4317 /* CACNGError.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = CACNGError.h; sourceTree = "<group>"; };
+ 5203891A12B80315007C4317 /* CACNGKeyHandle.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = CACNGKeyHandle.cpp; sourceTree = "<group>"; };
+ 5203891B12B80315007C4317 /* CACNGKeyHandle.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = CACNGKeyHandle.h; sourceTree = "<group>"; };
+ 5203891C12B80315007C4317 /* CACNGRecord.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = CACNGRecord.cpp; sourceTree = "<group>"; };
+ 5203891D12B80315007C4317 /* CACNGRecord.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = CACNGRecord.h; sourceTree = "<group>"; };
+ 5203891E12B80315007C4317 /* CACNGSchema.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = CACNGSchema.cpp; sourceTree = "<group>"; };
+ 5203891F12B80315007C4317 /* CACNGSchema.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = CACNGSchema.h; sourceTree = "<group>"; };
+ 5203892012B80315007C4317 /* CACNGToken.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = CACNGToken.cpp; sourceTree = "<group>"; };
+ 5203892112B80315007C4317 /* CACNGToken.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = CACNGToken.h; sourceTree = "<group>"; };
+ 5203892212B80315007C4317 /* CompressionTool.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = CompressionTool.cpp; sourceTree = "<group>"; };
+ 5203892312B80315007C4317 /* CompressionTool.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = CompressionTool.h; sourceTree = "<group>"; };
+ 5203892412B80315007C4317 /* Info.plist */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.plist.xml; path = Info.plist; sourceTree = "<group>"; };
+ 5203892612B80315007C4317 /* cacng_csp_capabilities.mdsinfo */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.xml; path = cacng_csp_capabilities.mdsinfo; sourceTree = "<group>"; };
+ 5203892712B80315007C4317 /* cacng_csp_capabilities_common.mds */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.xml; path = cacng_csp_capabilities_common.mds; sourceTree = "<group>"; };
+ 5203892812B80315007C4317 /* cacng_csp_primary.mdsinfo */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.xml; path = cacng_csp_primary.mdsinfo; sourceTree = "<group>"; };
+ 5203892912B80315007C4317 /* cacng_dl_primary.mdsinfo */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.xml; path = cacng_dl_primary.mdsinfo; sourceTree = "<group>"; };
+ 5203892A12B80315007C4317 /* cacng_smartcard.mdsinfo */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = text.xml; path = cacng_smartcard.mdsinfo; sourceTree = "<group>"; };
+ 5203892B12B80315007C4317 /* Padding.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = Padding.cpp; sourceTree = "<group>"; };
+ 5203892C12B80315007C4317 /* Padding.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = Padding.h; sourceTree = "<group>"; };
+ 5203892D12B80315007C4317 /* TLV.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = TLV.cpp; sourceTree = "<group>"; };
+ 5203892E12B80315007C4317 /* TLV.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = TLV.h; sourceTree = "<group>"; };
+ 5203892F12B80315007C4317 /* TLVTemplates.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = TLVTemplates.h; sourceTree = "<group>"; };
+ 523C07E70B7B940D00067DEA /* PIVDefines.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; name = PIVDefines.h; path = PIV/PIVDefines.h; sourceTree = "<group>"; };
+ 523F79EC06D5AC27004256A0 /* security_cdsa_client.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; path = security_cdsa_client.framework; sourceTree = BUILT_PRODUCTS_DIR; };
+ 523F79ED06D5AC27004256A0 /* security_cdsa_utilities.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; path = security_cdsa_utilities.framework; sourceTree = BUILT_PRODUCTS_DIR; };
+ 523F79EE06D5AC27004256A0 /* security_utilities.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; path = security_utilities.framework; sourceTree = BUILT_PRODUCTS_DIR; };
+ 5280677F0B78E98600D02C3A /* Info.plist */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text.plist.xml; name = Info.plist; path = PIV/Info.plist; sourceTree = "<group>"; };
+ 528067810B78E98600D02C3A /* piv_csp_capabilities.mdsinfo */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text.xml; path = piv_csp_capabilities.mdsinfo; sourceTree = "<group>"; };
+ 528067820B78E98600D02C3A /* piv_csp_capabilities_common.mds */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text.xml; path = piv_csp_capabilities_common.mds; sourceTree = "<group>"; };
+ 528067830B78E98600D02C3A /* piv_csp_primary.mdsinfo */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text.xml; path = piv_csp_primary.mdsinfo; sourceTree = "<group>"; };
+ 528067840B78E98600D02C3A /* piv_dl_primary.mdsinfo */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text.xml; path = piv_dl_primary.mdsinfo; sourceTree = "<group>"; };
+ 528067850B78E98600D02C3A /* piv_smartcard.mdsinfo */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = text.xml; path = piv_smartcard.mdsinfo; sourceTree = "<group>"; };
+ 528067860B78E98600D02C3A /* piv.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; name = piv.cpp; path = PIV/piv.cpp; sourceTree = "<group>"; };
+ 528067870B78E98600D02C3A /* PIVAttributeCoder.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; name = PIVAttributeCoder.cpp; path = PIV/PIVAttributeCoder.cpp; sourceTree = "<group>"; };
+ 528067880B78E98600D02C3A /* PIVAttributeCoder.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; name = PIVAttributeCoder.h; path = PIV/PIVAttributeCoder.h; sourceTree = "<group>"; };
+ 528067890B78E98600D02C3A /* PIVError.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; name = PIVError.cpp; path = PIV/PIVError.cpp; sourceTree = "<group>"; };
+ 5280678A0B78E98600D02C3A /* PIVError.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; name = PIVError.h; path = PIV/PIVError.h; sourceTree = "<group>"; };
+ 5280678B0B78E98600D02C3A /* PIVKeyHandle.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; name = PIVKeyHandle.cpp; path = PIV/PIVKeyHandle.cpp; sourceTree = "<group>"; };
+ 5280678C0B78E98600D02C3A /* PIVKeyHandle.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; name = PIVKeyHandle.h; path = PIV/PIVKeyHandle.h; sourceTree = "<group>"; };
+ 5280678D0B78E98600D02C3A /* PIVRecord.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; name = PIVRecord.cpp; path = PIV/PIVRecord.cpp; sourceTree = "<group>"; };
+ 5280678E0B78E98600D02C3A /* PIVRecord.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; name = PIVRecord.h; path = PIV/PIVRecord.h; sourceTree = "<group>"; };
+ 5280678F0B78E98600D02C3A /* PIVSchema.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; name = PIVSchema.cpp; path = PIV/PIVSchema.cpp; sourceTree = "<group>"; };
+ 528067900B78E98600D02C3A /* PIVSchema.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; name = PIVSchema.h; path = PIV/PIVSchema.h; sourceTree = "<group>"; };
+ 528067910B78E98600D02C3A /* PIVToken.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; name = PIVToken.cpp; path = PIV/PIVToken.cpp; sourceTree = "<group>"; };
+ 528067920B78E98600D02C3A /* PIVToken.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; name = PIVToken.h; path = PIV/PIVToken.h; sourceTree = "<group>"; };
+ 529D9A7B0B867FA900DBFA4B /* PIVCCC.cpp */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.cpp.cpp; name = PIVCCC.cpp; path = PIV/PIVCCC.cpp; sourceTree = "<group>"; };
+ 529D9A7C0B867FA900DBFA4B /* PIVCCC.h */ = {isa = PBXFileReference; fileEncoding = 30; lastKnownFileType = sourcecode.c.h; name = PIVCCC.h; path = PIV/PIVCCC.h; sourceTree = "<group>"; };
+ 52A6830F0EEF1FB200F71D5B /* BELPICAttributeCoder.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = BELPICAttributeCoder.cpp; sourceTree = "<group>"; };
+ 52A683100EEF1FB200F71D5B /* BELPICAttributeCoder.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = BELPICAttributeCoder.h; sourceTree = "<group>"; };
+ 52B2604A0BC5A864007E00F1 /* libtokend.a */ = {isa = PBXFileReference; explicitFileType = archive.ar; includeInIndex = 0; path = libtokend.a; sourceTree = BUILT_PRODUCTS_DIR; };
+ 52B260620BC5A864007E00F1 /* Info-tokend__Upgraded_.plist */ = {isa = PBXFileReference; lastKnownFileType = text.plist.xml; path = "Info-tokend__Upgraded_.plist"; sourceTree = "<group>"; };
+ 52B260630BC5A864007E00F1 /* tokend.framework */ = {isa = PBXFileReference; explicitFileType = wrapper.framework; includeInIndex = 0; path = tokend.framework; sourceTree = BUILT_PRODUCTS_DIR; };
+ 52B2607B0BC5A864007E00F1 /* BELPIC.tokend */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = BELPIC.tokend; sourceTree = BUILT_PRODUCTS_DIR; };
+ 52B260960BC5A864007E00F1 /* CAC.tokend */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = CAC.tokend; sourceTree = BUILT_PRODUCTS_DIR; };
+ 52B260B80BC5A864007E00F1 /* MuscleCard.tokend */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = MuscleCard.tokend; sourceTree = BUILT_PRODUCTS_DIR; };
+ 52B260D40BC5A864007E00F1 /* PIV.tokend */ = {isa = PBXFileReference; explicitFileType = wrapper.application; includeInIndex = 0; path = PIV.tokend; sourceTree = BUILT_PRODUCTS_DIR; };
+ 52CA8342067E8175005A1EBA /* PCSC.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; name = PCSC.framework; path = /System/Library/Frameworks/PCSC.framework; sourceTree = "<absolute>"; };
+ 52CA8343067E8175005A1EBA /* Security.framework */ = {isa = PBXFileReference; lastKnownFileType = wrapper.framework; path = Security.framework; sourceTree = BUILT_PRODUCTS_DIR; };
+ 52CAA8C60EBF7E40004C1A9E /* byte_string.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = byte_string.h; path = PIV/byte_string.h; sourceTree = "<group>"; };
+ 52CAA8C70EBF7E40004C1A9E /* Padding.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = Padding.cpp; path = PIV/Padding.cpp; sourceTree = "<group>"; };
+ 52CAA8C80EBF7E40004C1A9E /* Padding.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = Padding.h; path = PIV/Padding.h; sourceTree = "<group>"; };
+ 52CAA8C90EBF7E40004C1A9E /* TLV.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; name = TLV.cpp; path = PIV/TLV.cpp; sourceTree = "<group>"; };
+ 52CAA8CA0EBF7E40004C1A9E /* TLV.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; name = TLV.h; path = PIV/TLV.h; sourceTree = "<group>"; };
+ 52DE698106E93B870024EA03 /* PKCS11Object.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = PKCS11Object.h; sourceTree = "<group>"; };
+ 52DE698206E93B870024EA03 /* PKCS11Object.cpp */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.cpp.cpp; path = PKCS11Object.cpp; sourceTree = "<group>"; };
+/* End PBXFileReference section */
+
+/* Begin PBXFrameworksBuildPhase section */
+ 5203890612B802BF007C4317 /* Frameworks */ = {
+ isa = PBXFrameworksBuildPhase;
+ buildActionMask = 2147483647;
+ files = (
+ 5203890712B802BF007C4317 /* libz.dylib in Frameworks */,
+ 5203890812B802BF007C4317 /* CoreFoundation.framework in Frameworks */,
+ );
+ runOnlyForDeploymentPostprocessing = 0;
+ };
+ 52B260740BC5A864007E00F1 /* Frameworks */ = {
+ isa = PBXFrameworksBuildPhase;
+ buildActionMask = 2147483647;
+ files = (
+ 52B260750BC5A864007E00F1 /* CoreFoundation.framework in Frameworks */,
+ );
+ runOnlyForDeploymentPostprocessing = 0;
+ };
+ 52B2608E0BC5A864007E00F1 /* Frameworks */ = {
+ isa = PBXFrameworksBuildPhase;
+ buildActionMask = 2147483647;
+ files = (
+ 52B2608F0BC5A864007E00F1 /* libz.dylib in Frameworks */,
+ 52B260900BC5A864007E00F1 /* CoreFoundation.framework in Frameworks */,
+ );
+ runOnlyForDeploymentPostprocessing = 0;
+ };
+ 52B260B10BC5A864007E00F1 /* Frameworks */ = {
+ isa = PBXFrameworksBuildPhase;
+ buildActionMask = 2147483647;
+ files = (
+ 52B260B20BC5A864007E00F1 /* CoreFoundation.framework in Frameworks */,
+ );
+ runOnlyForDeploymentPostprocessing = 0;
+ };
+ 52B260CC0BC5A864007E00F1 /* Frameworks */ = {
+ isa = PBXFrameworksBuildPhase;
+ buildActionMask = 2147483647;
+ files = (
+ C29914660C441EBB009571C2 /* PCSC.framework in Frameworks */,
+ C29914670C441EBB009571C2 /* Security.framework in Frameworks */,
+ 52B260CD0BC5A864007E00F1 /* libz.dylib in Frameworks */,
+ 52B260CE0BC5A864007E00F1 /* CoreFoundation.framework in Frameworks */,
+ );
+ runOnlyForDeploymentPostprocessing = 0;
+ };
+/* End PBXFrameworksBuildPhase section */
+
+/* Begin PBXGroup section */
+ 08FB7794FE84155DC02AAC07 /* TokendMuscle */ = {
+ isa = PBXGroup;
+ children = (
+ 5203891112B80315007C4317 /* CACNG */,
+ 5280675F0B78E86F00D02C3A /* PIV */,
+ 4C86D39F070B4122006A0C7F /* BELPIC */,
+ 4C7BA7460703990100E5719F /* CAC */,
+ 4C3FACA806DBF84400D18D5F /* MuscleCard */,
+ 4C134A8706DBF81800FA17D9 /* Tokend */,
+ 4CA858F0065441220083DED3 /* External Frameworks */,
+ 4C415098073061D6004C9490 /* External Libraries */,
+ 1AB674ADFE9D54B511CA2CBB /* Products */,
+ 52B260620BC5A864007E00F1 /* Info-tokend__Upgraded_.plist */,
+ );
+ name = TokendMuscle;
+ sourceTree = "<group>";
+ };
+ 1AB674ADFE9D54B511CA2CBB /* Products */ = {
+ isa = PBXGroup;
+ children = (
+ 52B2604A0BC5A864007E00F1 /* libtokend.a */,
+ 52B260630BC5A864007E00F1 /* tokend.framework */,
+ 52B2607B0BC5A864007E00F1 /* BELPIC.tokend */,
+ 52B260960BC5A864007E00F1 /* CAC.tokend */,
+ 52B260B80BC5A864007E00F1 /* MuscleCard.tokend */,
+ 52B260D40BC5A864007E00F1 /* PIV.tokend */,
+ 5203890C12B802BF007C4317 /* CACNG.tokend */,
+ );
+ name = Products;
+ sourceTree = "<group>";
+ };
+ 4C134A8706DBF81800FA17D9 /* Tokend */ = {
+ isa = PBXGroup;
+ children = (
+ 4C1B9B6406DBF99F00014414 /* Adornment.cpp */,
+ 4C1B9B6306DBF99F00014414 /* Adornment.h */,
+ 4C134A9606DBF81800FA17D9 /* Attribute.cpp */,
+ 4C134A9706DBF81800FA17D9 /* Attribute.h */,
+ 4C134A8A06DBF81800FA17D9 /* AttributeCoder.cpp */,
+ 4C134A8B06DBF81800FA17D9 /* AttributeCoder.h */,
+ 4C134A9806DBF81800FA17D9 /* Cursor.cpp */,
+ 4C134A9906DBF81800FA17D9 /* Cursor.h */,
+ 4C134A9A06DBF81800FA17D9 /* DbValue.cpp */,
+ 4C134A9B06DBF81800FA17D9 /* DbValue.h */,
+ 4C3C166E06F61D6F00FC8AAC /* KeyHandle.cpp */,
+ 4C3C166D06F61D6F00FC8AAC /* KeyHandle.h */,
+ 4C134A9C06DBF81800FA17D9 /* MetaAttribute.cpp */,
+ 4C134A9D06DBF81800FA17D9 /* MetaAttribute.h */,
+ 4C134A9E06DBF81800FA17D9 /* MetaRecord.cpp */,
+ 4C134A9F06DBF81800FA17D9 /* MetaRecord.h */,
+ 52DE698206E93B870024EA03 /* PKCS11Object.cpp */,
+ 52DE698106E93B870024EA03 /* PKCS11Object.h */,
+ 4C134AA006DBF81800FA17D9 /* Record.cpp */,
+ 4C134AA106DBF81800FA17D9 /* Record.h */,
+ 4C55BAFC06DEABE500E4200A /* RecordHandle.cpp */,
+ 4C55BAFB06DEABE500E4200A /* RecordHandle.h */,
+ 4C134A8E06DBF81800FA17D9 /* Relation.cpp */,
+ 4C134A8F06DBF81800FA17D9 /* Relation.h */,
+ 4CC3947A0731A4DD00761DEE /* SCardError.cpp */,
+ 4CC394790731A4DD00761DEE /* SCardError.h */,
+ 4C134AA206DBF81800FA17D9 /* Schema.cpp */,
+ 4C134AA306DBF81800FA17D9 /* Schema.h */,
+ 4C134AA406DBF81800FA17D9 /* SelectionPredicate.cpp */,
+ 4C134AA506DBF81800FA17D9 /* SelectionPredicate.h */,
+ 4C134A9006DBF81800FA17D9 /* Token.cpp */,
+ 4C134A9106DBF81800FA17D9 /* Token.h */,
+ 4C134A9206DBF81800FA17D9 /* TokenContext.cpp */,
+ 4C134A9306DBF81800FA17D9 /* TokenContext.h */,
+ );
+ path = Tokend;
+ sourceTree = "<group>";
+ };
+ 4C134AA606DBF81800FA17D9 /* Msc */ = {
+ isa = PBXGroup;
+ children = (
+ 4C134AAB06DBF81800FA17D9 /* MscACL.cpp */,
+ 4C134AAC06DBF81800FA17D9 /* MscACL.h */,
+ 4C134AA906DBF81800FA17D9 /* MscError.cpp */,
+ 4C134AAA06DBF81800FA17D9 /* MscError.h */,
+ 4C134AAF06DBF81800FA17D9 /* MscKey.cpp */,
+ 4C134AB006DBF81800FA17D9 /* MscKey.h */,
+ 4C134AB106DBF81800FA17D9 /* MscObject.cpp */,
+ 4C134AB206DBF81800FA17D9 /* MscObject.h */,
+ 4C134AB306DBF81800FA17D9 /* MscPIN.cpp */,
+ 4C134AB406DBF81800FA17D9 /* MscPIN.h */,
+ 4C134AB506DBF81800FA17D9 /* MscToken.cpp */,
+ 4C134AB606DBF81800FA17D9 /* MscToken.h */,
+ 4C134AB706DBF81800FA17D9 /* MscTokenConnection.cpp */,
+ 4C134AB806DBF81800FA17D9 /* MscTokenConnection.h */,
+ 4C134AB906DBF81800FA17D9 /* MscWrappers.cpp */,
+ 4C134ABA06DBF81800FA17D9 /* MscWrappers.h */,
+ );
+ path = Msc;
+ sourceTree = "<group>";
+ };
+ 4C3FACA806DBF84400D18D5F /* MuscleCard */ = {
+ isa = PBXGroup;
+ children = (
+ 4C134AA606DBF81800FA17D9 /* Msc */,
+ 4C5C1D280730664E00AECB7F /* mds */,
+ 4C3FACAC06DBF84400D18D5F /* Info.plist */,
+ 4CE2E6A406DC06AB00E21469 /* KeyRecord.cpp */,
+ 4CE2E6A506DC06AB00E21469 /* KeyRecord.h */,
+ 4C3FACAD06DBF84400D18D5F /* musclecard.cpp */,
+ 4C1B9B5C06DBF96E00014414 /* MuscleCardAttributeCoder.cpp */,
+ 4C1B9B5B06DBF96E00014414 /* MuscleCardAttributeCoder.h */,
+ 4C253C0E06F66A6100B5CED6 /* MuscleCardKeyHandle.cpp */,
+ 4C253C0D06F66A6100B5CED6 /* MuscleCardKeyHandle.h */,
+ 4C1B9B8906DBFEE200014414 /* MuscleCardSchema.cpp */,
+ 4C1B9B8806DBFEE200014414 /* MuscleCardSchema.h */,
+ 4C3FACAE06DBF84400D18D5F /* MuscleCardToken.cpp */,
+ 4C3FACAF06DBF84400D18D5F /* MuscleCardToken.h */,
+ 4C63F7A506DC052A00CB6F22 /* TokenRecord.cpp */,
+ 4C63F7A606DC052A00CB6F22 /* TokenRecord.h */,
+ );
+ path = MuscleCard;
+ sourceTree = "<group>";
+ };
+ 4C415098073061D6004C9490 /* External Libraries */ = {
+ isa = PBXGroup;
+ children = (
+ 4CBF5CBE0704E76200EEADC2 /* libz.dylib */,
+ );
+ name = "External Libraries";
+ sourceTree = "<group>";
+ };
+ 4C5C1CE0073065EA00AECB7F /* mds */ = {
+ isa = PBXGroup;
+ children = (
+ 4C5C1CE8073065EA00AECB7F /* belpic_csp_capabilities.mdsinfo */,
+ 4C5C1CE9073065EA00AECB7F /* belpic_csp_capabilities_common.mds */,
+ 4C5C1CEA073065EA00AECB7F /* belpic_csp_primary.mdsinfo */,
+ 4C5C1CEB073065EA00AECB7F /* belpic_dl_primary.mdsinfo */,
+ 4C5C1CEC073065EA00AECB7F /* belpic_smartcard.mdsinfo */,
+ );
+ name = mds;
+ path = BELPIC/mds;
+ sourceTree = SOURCE_ROOT;
+ };
+ 4C5C1CF80730661500AECB7F /* mds */ = {
+ isa = PBXGroup;
+ children = (
+ 4C5C1D000730661500AECB7F /* cac_csp_capabilities.mdsinfo */,
+ 4C5C1D010730661500AECB7F /* cac_csp_capabilities_common.mds */,
+ 4C5C1D020730661500AECB7F /* cac_csp_primary.mdsinfo */,
+ 4C5C1D030730661500AECB7F /* cac_dl_primary.mdsinfo */,
+ 4C5C1D040730661500AECB7F /* cac_smartcard.mdsinfo */,
+ );
+ name = mds;
+ path = CAC/mds;
+ sourceTree = SOURCE_ROOT;
+ };
+ 4C5C1D280730664E00AECB7F /* mds */ = {
+ isa = PBXGroup;
+ children = (
+ 4C5C1D300730664E00AECB7F /* musclecard_csp_capabilities.mdsinfo */,
+ 4C5C1D310730664E00AECB7F /* musclecard_csp_capabilities_common.mds */,
+ 4C5C1D320730664E00AECB7F /* musclecard_csp_primary.mdsinfo */,
+ 4C5C1D330730664E00AECB7F /* musclecard_dl_primary.mdsinfo */,
+ 4C5C1D340730664E00AECB7F /* musclecard_smartcard.mdsinfo */,
+ );
+ name = mds;
+ path = MuscleCard/mds;
+ sourceTree = SOURCE_ROOT;
+ };
+ 4C7BA7460703990100E5719F /* CAC */ = {
+ isa = PBXGroup;
+ children = (
+ 4C5C1CF80730661500AECB7F /* mds */,
+ 4C7BA7490703990100E5719F /* CACAttributeCoder.cpp */,
+ 4C7BA74A0703990100E5719F /* CACAttributeCoder.h */,
+ 4C273A200708CE2C00CCB0FA /* CACError.cpp */,
+ 4C273A1F0708CE2C00CCB0FA /* CACError.h */,
+ 4C7BA74B0703990100E5719F /* CACKeyHandle.cpp */,
+ 4C7BA74C0703990100E5719F /* CACKeyHandle.h */,
+ 4CBF5C390704CDBF00EEADC2 /* CACRecord.cpp */,
+ 4CBF5C380704CDBF00EEADC2 /* CACRecord.h */,
+ 4C7BA74D0703990100E5719F /* CACSchema.cpp */,
+ 4C7BA74E0703990100E5719F /* CACSchema.h */,
+ 4C7BA74F0703990100E5719F /* CACToken.cpp */,
+ 4C7BA7500703990100E5719F /* CACToken.h */,
+ 4C7BA7510703990100E5719F /* cac.cpp */,
+ 4C7BA7520703990100E5719F /* Info.plist */,
+ );
+ path = CAC;
+ sourceTree = "<group>";
+ };
+ 4C86D39F070B4122006A0C7F /* BELPIC */ = {
+ isa = PBXGroup;
+ children = (
+ 52A6830F0EEF1FB200F71D5B /* BELPICAttributeCoder.cpp */,
+ 52A683100EEF1FB200F71D5B /* BELPICAttributeCoder.h */,
+ 4C5C1CE0073065EA00AECB7F /* mds */,
+ 4C86D3A0070B4122006A0C7F /* belpic.cpp */,
+ 4C86D3A3070B4122006A0C7F /* BELPICError.cpp */,
+ 4C86D3A4070B4122006A0C7F /* BELPICError.h */,
+ 4C86D3A5070B4122006A0C7F /* BELPICKeyHandle.cpp */,
+ 4C86D3A6070B4122006A0C7F /* BELPICKeyHandle.h */,
+ 4C86D3A7070B4122006A0C7F /* BELPICRecord.cpp */,
+ 4C86D3A8070B4122006A0C7F /* BELPICRecord.h */,
+ 4C86D3A9070B4122006A0C7F /* BELPICSchema.cpp */,
+ 4C86D3AA070B4122006A0C7F /* BELPICSchema.h */,
+ 4C86D3AB070B4122006A0C7F /* BELPICToken.cpp */,
+ 4C86D3AC070B4122006A0C7F /* BELPICToken.h */,
+ 4C86D3AD070B4122006A0C7F /* Info.plist */,
+ );
+ path = BELPIC;
+ sourceTree = "<group>";
+ };
+ 4CA858F0065441220083DED3 /* External Frameworks */ = {
+ isa = PBXGroup;
+ children = (
+ 4CA8C4D606D6D19400F1BCC8 /* CoreFoundation.framework */,
+ 523F79EC06D5AC27004256A0 /* security_cdsa_client.framework */,
+ 523F79ED06D5AC27004256A0 /* security_cdsa_utilities.framework */,
+ 523F79EE06D5AC27004256A0 /* security_utilities.framework */,
+ 52CA8342067E8175005A1EBA /* PCSC.framework */,
+ 52CA8343067E8175005A1EBA /* Security.framework */,
+ 4CA858F10654413F0083DED3 /* SecurityTokend.framework */,
+ );
+ name = "External Frameworks";
+ sourceTree = "<group>";
+ };
+ 5203891112B80315007C4317 /* CACNG */ = {
+ isa = PBXGroup;
+ children = (
+ 5203891212B80315007C4317 /* byte_string.h */,
+ 5203891312B80315007C4317 /* cacng.cpp */,
+ 5203891412B80315007C4317 /* CACNGApplet.cpp */,
+ 5203891512B80315007C4317 /* CACNGApplet.h */,
+ 5203891612B80315007C4317 /* CACNGAttributeCoder.cpp */,
+ 5203891712B80315007C4317 /* CACNGAttributeCoder.h */,
+ 5203891812B80315007C4317 /* CACNGError.cpp */,
+ 5203891912B80315007C4317 /* CACNGError.h */,
+ 5203891A12B80315007C4317 /* CACNGKeyHandle.cpp */,
+ 5203891B12B80315007C4317 /* CACNGKeyHandle.h */,
+ 5203891C12B80315007C4317 /* CACNGRecord.cpp */,
+ 5203891D12B80315007C4317 /* CACNGRecord.h */,
+ 5203891E12B80315007C4317 /* CACNGSchema.cpp */,
+ 5203891F12B80315007C4317 /* CACNGSchema.h */,
+ 5203892012B80315007C4317 /* CACNGToken.cpp */,
+ 5203892112B80315007C4317 /* CACNGToken.h */,
+ 5203892212B80315007C4317 /* CompressionTool.cpp */,
+ 5203892312B80315007C4317 /* CompressionTool.h */,
+ 5203892412B80315007C4317 /* Info.plist */,
+ 5203892512B80315007C4317 /* mds */,
+ 5203892B12B80315007C4317 /* Padding.cpp */,
+ 5203892C12B80315007C4317 /* Padding.h */,
+ 5203892D12B80315007C4317 /* TLV.cpp */,
+ 5203892E12B80315007C4317 /* TLV.h */,
+ 5203892F12B80315007C4317 /* TLVTemplates.h */,
+ );
+ path = CACNG;
+ sourceTree = "<group>";
+ };
+ 5203892512B80315007C4317 /* mds */ = {
+ isa = PBXGroup;
+ children = (
+ 5203892612B80315007C4317 /* cacng_csp_capabilities.mdsinfo */,
+ 5203892712B80315007C4317 /* cacng_csp_capabilities_common.mds */,
+ 5203892812B80315007C4317 /* cacng_csp_primary.mdsinfo */,
+ 5203892912B80315007C4317 /* cacng_dl_primary.mdsinfo */,
+ 5203892A12B80315007C4317 /* cacng_smartcard.mdsinfo */,
+ );
+ path = mds;
+ sourceTree = "<group>";
+ };
+ 5280675F0B78E86F00D02C3A /* PIV */ = {
+ isa = PBXGroup;
+ children = (
+ 52CAA8C60EBF7E40004C1A9E /* byte_string.h */,
+ 52CAA8C70EBF7E40004C1A9E /* Padding.cpp */,
+ 52CAA8C80EBF7E40004C1A9E /* Padding.h */,
+ 52CAA8C90EBF7E40004C1A9E /* TLV.cpp */,
+ 52CAA8CA0EBF7E40004C1A9E /* TLV.h */,
+ 528067800B78E98600D02C3A /* mds */,
+ 529D9A7B0B867FA900DBFA4B /* PIVCCC.cpp */,
+ 529D9A7C0B867FA900DBFA4B /* PIVCCC.h */,
+ 523C07E70B7B940D00067DEA /* PIVDefines.h */,
+ 5280677F0B78E98600D02C3A /* Info.plist */,
+ 528067860B78E98600D02C3A /* piv.cpp */,
+ 528067870B78E98600D02C3A /* PIVAttributeCoder.cpp */,
+ 528067880B78E98600D02C3A /* PIVAttributeCoder.h */,
+ 528067890B78E98600D02C3A /* PIVError.cpp */,
+ 5280678A0B78E98600D02C3A /* PIVError.h */,
+ 5280678B0B78E98600D02C3A /* PIVKeyHandle.cpp */,
+ 5280678C0B78E98600D02C3A /* PIVKeyHandle.h */,
+ 5280678D0B78E98600D02C3A /* PIVRecord.cpp */,
+ 5280678E0B78E98600D02C3A /* PIVRecord.h */,
+ 5280678F0B78E98600D02C3A /* PIVSchema.cpp */,
+ 528067900B78E98600D02C3A /* PIVSchema.h */,
+ 528067910B78E98600D02C3A /* PIVToken.cpp */,
+ 528067920B78E98600D02C3A /* PIVToken.h */,
+ );
+ name = PIV;
+ sourceTree = "<group>";
+ };
+ 528067800B78E98600D02C3A /* mds */ = {
+ isa = PBXGroup;
+ children = (
+ 528067810B78E98600D02C3A /* piv_csp_capabilities.mdsinfo */,
+ 528067820B78E98600D02C3A /* piv_csp_capabilities_common.mds */,
+ 528067830B78E98600D02C3A /* piv_csp_primary.mdsinfo */,
+ 528067840B78E98600D02C3A /* piv_dl_primary.mdsinfo */,
+ 528067850B78E98600D02C3A /* piv_smartcard.mdsinfo */,
+ );
+ name = mds;
+ path = PIV/mds;
+ sourceTree = "<group>";
+ };
+/* End PBXGroup section */
+
+/* Begin PBXHeadersBuildPhase section */
+ 52B2604C0BC5A864007E00F1 /* Headers */ = {
+ isa = PBXHeadersBuildPhase;
+ buildActionMask = 2147483647;
+ files = (
+ 52B2604D0BC5A864007E00F1 /* Adornment.h in Headers */,
+ 52B2604E0BC5A864007E00F1 /* Attribute.h in Headers */,
+ 52B2604F0BC5A864007E00F1 /* AttributeCoder.h in Headers */,
+ 52B260500BC5A864007E00F1 /* Cursor.h in Headers */,
+ 52B260510BC5A864007E00F1 /* DbValue.h in Headers */,
+ 52B260520BC5A864007E00F1 /* KeyHandle.h in Headers */,
+ 52B260530BC5A864007E00F1 /* MetaAttribute.h in Headers */,
+ 52B260540BC5A864007E00F1 /* MetaRecord.h in Headers */,
+ 52B260550BC5A864007E00F1 /* Record.h in Headers */,
+ 52B260560BC5A864007E00F1 /* RecordHandle.h in Headers */,
+ 52B260570BC5A864007E00F1 /* Relation.h in Headers */,
+ 52B260580BC5A864007E00F1 /* SCardError.h in Headers */,
+ 52B260590BC5A864007E00F1 /* Schema.h in Headers */,
+ 52B2605A0BC5A864007E00F1 /* SelectionPredicate.h in Headers */,
+ 52B2605B0BC5A864007E00F1 /* Token.h in Headers */,
+ 52B2605C0BC5A864007E00F1 /* TokenContext.h in Headers */,
+ );
+ runOnlyForDeploymentPostprocessing = 0;
+ };
+/* End PBXHeadersBuildPhase section */
+
+/* Begin PBXNativeTarget section */
+ 520388F512B802BF007C4317 /* CACNG */ = {
+ isa = PBXNativeTarget;
+ buildConfigurationList = 5203890912B802BF007C4317 /* Build configuration list for PBXNativeTarget "CACNG" */;
+ buildPhases = (
+ 520388F812B802BF007C4317 /* Resources */,
+ 520388FE12B802BF007C4317 /* Sources */,
+ 5203890612B802BF007C4317 /* Frameworks */,
+ );
+ buildRules = (
+ );
+ dependencies = (
+ 520388F612B802BF007C4317 /* PBXTargetDependency */,
+ );
+ name = CACNG;
+ productName = "Common Access Card";
+ productReference = 5203890C12B802BF007C4317 /* CACNG.tokend */;
+ productType = "com.apple.product-type.application";
+ };
+ 52B2602D0BC5A864007E00F1 /* libtokend */ = {
+ isa = PBXNativeTarget;
+ buildConfigurationList = 52B260450BC5A864007E00F1 /* Build configuration list for PBXNativeTarget "libtokend" */;
+ buildPhases = (
+ 52B260310BC5A864007E00F1 /* Sources */,
+ 52B260430BC5A864007E00F1 /* ShellScript */,
+ 52B260440BC5A864007E00F1 /* ShellScript */,
+ );
+ buildRules = (
+ );
+ dependencies = (
+ 52B260DF0BC5A864007E00F1 /* PBXTargetDependency */,
+ );
+ name = libtokend;
+ productName = libtokend;
+ productReference = 52B2604A0BC5A864007E00F1 /* libtokend.a */;
+ productType = "com.apple.product-type.library.static";
+ };
+ 52B2604B0BC5A864007E00F1 /* tokend */ = {
+ isa = PBXNativeTarget;
+ buildConfigurationList = 52B2605D0BC5A864007E00F1 /* Build configuration list for PBXNativeTarget "tokend" */;
+ buildPhases = (
+ 52B2604C0BC5A864007E00F1 /* Headers */,
+ );
+ buildRules = (
+ );
+ dependencies = (
+ );
+ name = tokend;
+ productName = tokend;
+ productReference = 52B260630BC5A864007E00F1 /* tokend.framework */;
+ productType = "com.apple.product-type.framework";
+ };
+ 52B260640BC5A864007E00F1 /* BELPIC */ = {
+ isa = PBXNativeTarget;
+ buildConfigurationList = 52B260760BC5A864007E00F1 /* Build configuration list for PBXNativeTarget "BELPIC" */;
+ buildPhases = (
+ 52B260670BC5A864007E00F1 /* Resources */,
+ 52B2606D0BC5A864007E00F1 /* Sources */,
+ 52B260740BC5A864007E00F1 /* Frameworks */,
+ );
+ buildRules = (
+ );
+ dependencies = (
+ 52B260E10BC5A864007E00F1 /* PBXTargetDependency */,
+ );
+ name = BELPIC;
+ productName = "Common Access Card";
+ productReference = 52B2607B0BC5A864007E00F1 /* BELPIC.tokend */;
+ productType = "com.apple.product-type.application";
+ };
+ 52B2607D0BC5A864007E00F1 /* CAC */ = {
+ isa = PBXNativeTarget;
+ buildConfigurationList = 52B260910BC5A864007E00F1 /* Build configuration list for PBXNativeTarget "CAC" */;
+ buildPhases = (
+ 52B260800BC5A864007E00F1 /* Resources */,
+ 52B260860BC5A864007E00F1 /* Sources */,
+ 52B2608E0BC5A864007E00F1 /* Frameworks */,
+ );
+ buildRules = (
+ );
+ dependencies = (
+ 52B260E30BC5A864007E00F1 /* PBXTargetDependency */,
+ );
+ name = CAC;
+ productName = "Common Access Card";
+ productReference = 52B260960BC5A864007E00F1 /* CAC.tokend */;
+ productType = "com.apple.product-type.application";
+ };
+ 52B260980BC5A864007E00F1 /* MuscleCard */ = {
+ isa = PBXNativeTarget;
+ buildConfigurationList = 52B260B30BC5A864007E00F1 /* Build configuration list for PBXNativeTarget "MuscleCard" */;
+ buildPhases = (
+ 52B2609B0BC5A864007E00F1 /* Resources */,
+ 52B260A10BC5A864007E00F1 /* Sources */,
+ 52B260B10BC5A864007E00F1 /* Frameworks */,
+ );
+ buildRules = (
+ );
+ dependencies = (
+ 52B260E50BC5A864007E00F1 /* PBXTargetDependency */,
+ );
+ name = MuscleCard;
+ productName = MuscleCard;
+ productReference = 52B260B80BC5A864007E00F1 /* MuscleCard.tokend */;
+ productType = "com.apple.product-type.application";
+ };
+ 52B260BA0BC5A864007E00F1 /* PIV */ = {
+ isa = PBXNativeTarget;
+ buildConfigurationList = 52B260CF0BC5A864007E00F1 /* Build configuration list for PBXNativeTarget "PIV" */;
+ buildPhases = (
+ 52B260BD0BC5A864007E00F1 /* Resources */,
+ 52B260C30BC5A864007E00F1 /* Sources */,
+ 52B260CC0BC5A864007E00F1 /* Frameworks */,
+ );
+ buildRules = (
+ );
+ dependencies = (
+ 52B260E70BC5A864007E00F1 /* PBXTargetDependency */,
+ );
+ name = PIV;
+ productName = "Common Access Card";
+ productReference = 52B260D40BC5A864007E00F1 /* PIV.tokend */;
+ productType = "com.apple.product-type.application";
+ };
+/* End PBXNativeTarget section */
+
+/* Begin PBXProject section */
+ 08FB7793FE84155DC02AAC07 /* Project object */ = {
+ isa = PBXProject;
+ buildConfigurationList = C27AD2220987FCDC001272E0 /* Build configuration list for PBXProject "Tokend" */;
+ compatibilityVersion = "Xcode 2.4";
+ hasScannedForEncodings = 1;
+ mainGroup = 08FB7794FE84155DC02AAC07 /* TokendMuscle */;
+ projectDirPath = "";
+ projectRoot = "";
+ targets = (
+ 52B2601F0BC5A864007E00F1 /* world */,
+ 52B2602D0BC5A864007E00F1 /* libtokend */,
+ 52B2604B0BC5A864007E00F1 /* tokend */,
+ 52B260640BC5A864007E00F1 /* BELPIC */,
+ 52B2607D0BC5A864007E00F1 /* CAC */,
+ 52B260980BC5A864007E00F1 /* MuscleCard */,
+ 52B260BA0BC5A864007E00F1 /* PIV */,
+ 520388F512B802BF007C4317 /* CACNG */,
+ );
+ };
+/* End PBXProject section */
+
+/* Begin PBXResourcesBuildPhase section */
+ 520388F812B802BF007C4317 /* Resources */ = {
+ isa = PBXResourcesBuildPhase;
+ buildActionMask = 2147483647;
+ files = (
+ 5203893A12B80315007C4317 /* cacng_csp_capabilities.mdsinfo in Resources */,
+ 5203893B12B80315007C4317 /* cacng_csp_capabilities_common.mds in Resources */,
+ 5203893C12B80315007C4317 /* cacng_csp_primary.mdsinfo in Resources */,
+ 5203893D12B80315007C4317 /* cacng_dl_primary.mdsinfo in Resources */,
+ 5203893E12B80315007C4317 /* cacng_smartcard.mdsinfo in Resources */,
+ );
+ runOnlyForDeploymentPostprocessing = 0;
+ };
+ 52B260670BC5A864007E00F1 /* Resources */ = {
+ isa = PBXResourcesBuildPhase;
+ buildActionMask = 2147483647;
+ files = (
+ 52B260680BC5A864007E00F1 /* belpic_csp_capabilities.mdsinfo in Resources */,
+ 52B260690BC5A864007E00F1 /* belpic_csp_capabilities_common.mds in Resources */,
+ 52B2606A0BC5A864007E00F1 /* belpic_csp_primary.mdsinfo in Resources */,
+ 52B2606B0BC5A864007E00F1 /* belpic_dl_primary.mdsinfo in Resources */,
+ 52B2606C0BC5A864007E00F1 /* belpic_smartcard.mdsinfo in Resources */,
+ );
+ runOnlyForDeploymentPostprocessing = 0;
+ };
+ 52B260800BC5A864007E00F1 /* Resources */ = {
+ isa = PBXResourcesBuildPhase;
+ buildActionMask = 2147483647;
+ files = (
+ 52B260810BC5A864007E00F1 /* cac_csp_capabilities.mdsinfo in Resources */,
+ 52B260820BC5A864007E00F1 /* cac_csp_capabilities_common.mds in Resources */,
+ 52B260830BC5A864007E00F1 /* cac_csp_primary.mdsinfo in Resources */,
+ 52B260840BC5A864007E00F1 /* cac_dl_primary.mdsinfo in Resources */,
+ 52B260850BC5A864007E00F1 /* cac_smartcard.mdsinfo in Resources */,
+ );
+ runOnlyForDeploymentPostprocessing = 0;
+ };
+ 52B2609B0BC5A864007E00F1 /* Resources */ = {
+ isa = PBXResourcesBuildPhase;
+ buildActionMask = 2147483647;
+ files = (
+ 52B2609C0BC5A864007E00F1 /* musclecard_csp_capabilities.mdsinfo in Resources */,
+ 52B2609D0BC5A864007E00F1 /* musclecard_csp_capabilities_common.mds in Resources */,
+ 52B2609E0BC5A864007E00F1 /* musclecard_csp_primary.mdsinfo in Resources */,
+ 52B2609F0BC5A864007E00F1 /* musclecard_dl_primary.mdsinfo in Resources */,
+ 52B260A00BC5A864007E00F1 /* musclecard_smartcard.mdsinfo in Resources */,
+ );
+ runOnlyForDeploymentPostprocessing = 0;
+ };
+ 52B260BD0BC5A864007E00F1 /* Resources */ = {
+ isa = PBXResourcesBuildPhase;
+ buildActionMask = 2147483647;
+ files = (
+ 52B260BE0BC5A864007E00F1 /* piv_csp_capabilities.mdsinfo in Resources */,
+ 52B260BF0BC5A864007E00F1 /* piv_csp_capabilities_common.mds in Resources */,
+ 52B260C00BC5A864007E00F1 /* piv_csp_primary.mdsinfo in Resources */,
+ 52B260C10BC5A864007E00F1 /* piv_dl_primary.mdsinfo in Resources */,
+ 52B260C20BC5A864007E00F1 /* piv_smartcard.mdsinfo in Resources */,
+ );
+ runOnlyForDeploymentPostprocessing = 0;
+ };
+/* End PBXResourcesBuildPhase section */
+
+/* Begin PBXShellScriptBuildPhase section */
+ 52B260430BC5A864007E00F1 /* ShellScript */ = {
+ isa = PBXShellScriptBuildPhase;
+ buildActionMask = 2147483647;
+ files = (
+ );
+ inputPaths = (
+ );
+ outputPaths = (
+ );
+ runOnlyForDeploymentPostprocessing = 0;
+ shellPath = /bin/sh;
+ shellScript = "for variant in ${BUILD_VARIANTS}\ndo\n\tpostfix=`echo _${variant} | sed 's/_normal//'`\n\tfrmwk=\"${BUILT_PRODUCTS_DIR}/${PRODUCT_NAME}.framework\"\n\tversa=\"${frmwk}/Versions/A\"\n\tcp \"${BUILT_PRODUCTS_DIR}/lib${PRODUCT_NAME}${postfix}.a\" \"${versa}/${PRODUCT_NAME}${postfix}\"\n\tln -fs \"${versa}/${PRODUCT_NAME}${postfix}\" ${frmwk}/${PRODUCT_NAME}${postfix}\n\tnmedit -p \"${versa}/${PRODUCT_NAME}${postfix}\"\n\tranlib \"${versa}/${PRODUCT_NAME}${postfix}\"\ndone";
+ showEnvVarsInLog = 0;
+ };
+ 52B260440BC5A864007E00F1 /* ShellScript */ = {
+ isa = PBXShellScriptBuildPhase;
+ buildActionMask = 8;
+ files = (
+ );
+ inputPaths = (
+ );
+ outputPaths = (
+ );
+ runOnlyForDeploymentPostprocessing = 1;
+ shellPath = /bin/sh;
+ shellScript = "for variant in ${BUILD_VARIANTS}\ndo\n\tpostfix=`echo _${variant} | sed 's/_normal//'`\n\tcp -p \"${SYMROOT}/${PRODUCT_NAME}${postfix}\" \"${DSTROOT}/usr/local/SecurityPieces/Frameworks/${PRODUCT_NAME}.framework/Versions/A\"\n\tranlib \"${DSTROOT}/usr/local/SecurityPieces/Frameworks/${PRODUCT_NAME}.framework/Versions/A/${PRODUCT_NAME}${postfix}\"\n\tln -fs \"Versions/Current/${PRODUCT_NAME}${postfix}\" \"${DSTROOT}/usr/local/SecurityPieces/Frameworks/${PRODUCT_NAME}.framework\"\ndone";
+ showEnvVarsInLog = 0;
+ };
+/* End PBXShellScriptBuildPhase section */
+
+/* Begin PBXSourcesBuildPhase section */
+ 520388FE12B802BF007C4317 /* Sources */ = {
+ isa = PBXSourcesBuildPhase;
+ buildActionMask = 2147483647;
+ files = (
+ 5203890012B802BF007C4317 /* CACAttributeCoder.cpp in Sources */,
+ 5203890112B802BF007C4317 /* CACError.cpp in Sources */,
+ 5203890212B802BF007C4317 /* CACKeyHandle.cpp in Sources */,
+ 5203890312B802BF007C4317 /* CACRecord.cpp in Sources */,
+ 5203890412B802BF007C4317 /* CACSchema.cpp in Sources */,
+ 5203890512B802BF007C4317 /* CACToken.cpp in Sources */,
+ 5203893012B80315007C4317 /* cacng.cpp in Sources */,
+ 5203893112B80315007C4317 /* CACNGApplet.cpp in Sources */,
+ 5203893212B80315007C4317 /* CACNGAttributeCoder.cpp in Sources */,
+ 5203893312B80315007C4317 /* CACNGError.cpp in Sources */,
+ 5203893412B80315007C4317 /* CACNGKeyHandle.cpp in Sources */,
+ 5203893512B80315007C4317 /* CACNGRecord.cpp in Sources */,
+ 5203893612B80315007C4317 /* CACNGSchema.cpp in Sources */,
+ 5203893712B80315007C4317 /* CACNGToken.cpp in Sources */,
+ 5203893812B80315007C4317 /* CompressionTool.cpp in Sources */,
+ 5203893F12B80315007C4317 /* Padding.cpp in Sources */,
+ 5203894012B80315007C4317 /* TLV.cpp in Sources */,
+ );
+ runOnlyForDeploymentPostprocessing = 0;
+ };
+ 52B260310BC5A864007E00F1 /* Sources */ = {
+ isa = PBXSourcesBuildPhase;
+ buildActionMask = 2147483647;
+ files = (
+ 52B260320BC5A864007E00F1 /* Adornment.cpp in Sources */,
+ 52B260330BC5A864007E00F1 /* Attribute.cpp in Sources */,
+ 52B260340BC5A864007E00F1 /* AttributeCoder.cpp in Sources */,
+ 52B260350BC5A864007E00F1 /* Cursor.cpp in Sources */,
+ 52B260360BC5A864007E00F1 /* DbValue.cpp in Sources */,
+ 52B260370BC5A864007E00F1 /* KeyHandle.cpp in Sources */,
+ 52B260380BC5A864007E00F1 /* MetaAttribute.cpp in Sources */,
+ 52B260390BC5A864007E00F1 /* MetaRecord.cpp in Sources */,
+ 52B2603A0BC5A864007E00F1 /* Record.cpp in Sources */,
+ 52B2603B0BC5A864007E00F1 /* RecordHandle.cpp in Sources */,
+ 52B2603C0BC5A864007E00F1 /* Relation.cpp in Sources */,
+ 52B2603D0BC5A864007E00F1 /* SCardError.cpp in Sources */,
+ 52B2603E0BC5A864007E00F1 /* Schema.cpp in Sources */,
+ 52B2603F0BC5A864007E00F1 /* SelectionPredicate.cpp in Sources */,
+ 52B260400BC5A864007E00F1 /* Token.cpp in Sources */,
+ 52B260410BC5A864007E00F1 /* TokenContext.cpp in Sources */,
+ );
+ runOnlyForDeploymentPostprocessing = 0;
+ };
+ 52B2606D0BC5A864007E00F1 /* Sources */ = {
+ isa = PBXSourcesBuildPhase;
+ buildActionMask = 2147483647;
+ files = (
+ 52B2606E0BC5A864007E00F1 /* belpic.cpp in Sources */,
+ 52B2606F0BC5A864007E00F1 /* BELPICError.cpp in Sources */,
+ 52B260700BC5A864007E00F1 /* BELPICKeyHandle.cpp in Sources */,
+ 52B260710BC5A864007E00F1 /* BELPICRecord.cpp in Sources */,
+ 52B260720BC5A864007E00F1 /* BELPICSchema.cpp in Sources */,
+ 52B260730BC5A864007E00F1 /* BELPICToken.cpp in Sources */,
+ 52A683110EEF1FB200F71D5B /* BELPICAttributeCoder.cpp in Sources */,
+ );
+ runOnlyForDeploymentPostprocessing = 0;
+ };
+ 52B260860BC5A864007E00F1 /* Sources */ = {
+ isa = PBXSourcesBuildPhase;
+ buildActionMask = 2147483647;
+ files = (
+ 52B260870BC5A864007E00F1 /* cac.cpp in Sources */,
+ 52B260880BC5A864007E00F1 /* CACAttributeCoder.cpp in Sources */,
+ 52B260890BC5A864007E00F1 /* CACError.cpp in Sources */,
+ 52B2608A0BC5A864007E00F1 /* CACKeyHandle.cpp in Sources */,
+ 52B2608B0BC5A864007E00F1 /* CACRecord.cpp in Sources */,
+ 52B2608C0BC5A864007E00F1 /* CACSchema.cpp in Sources */,
+ 52B2608D0BC5A864007E00F1 /* CACToken.cpp in Sources */,
+ );
+ runOnlyForDeploymentPostprocessing = 0;
+ };
+ 52B260A10BC5A864007E00F1 /* Sources */ = {
+ isa = PBXSourcesBuildPhase;
+ buildActionMask = 2147483647;
+ files = (
+ 52B260A20BC5A864007E00F1 /* KeyRecord.cpp in Sources */,
+ 52B260A30BC5A864007E00F1 /* musclecard.cpp in Sources */,
+ 52B260A40BC5A864007E00F1 /* MuscleCardAttributeCoder.cpp in Sources */,
+ 52B260A50BC5A864007E00F1 /* MuscleCardKeyHandle.cpp in Sources */,
+ 52B260A60BC5A864007E00F1 /* MuscleCardSchema.cpp in Sources */,
+ 52B260A70BC5A864007E00F1 /* MuscleCardToken.cpp in Sources */,
+ 52B260A80BC5A864007E00F1 /* TokenRecord.cpp in Sources */,
+ 52B260A90BC5A864007E00F1 /* MscACL.cpp in Sources */,
+ 52B260AA0BC5A864007E00F1 /* MscError.cpp in Sources */,
+ 52B260AB0BC5A864007E00F1 /* MscKey.cpp in Sources */,
+ 52B260AC0BC5A864007E00F1 /* MscObject.cpp in Sources */,
+ 52B260AD0BC5A864007E00F1 /* MscPIN.cpp in Sources */,
+ 52B260AE0BC5A864007E00F1 /* MscToken.cpp in Sources */,
+ 52B260AF0BC5A864007E00F1 /* MscTokenConnection.cpp in Sources */,
+ 52B260B00BC5A864007E00F1 /* MscWrappers.cpp in Sources */,
+ );
+ runOnlyForDeploymentPostprocessing = 0;
+ };
+ 52B260C30BC5A864007E00F1 /* Sources */ = {
+ isa = PBXSourcesBuildPhase;
+ buildActionMask = 2147483647;
+ files = (
+ 52B260C40BC5A864007E00F1 /* piv.cpp in Sources */,
+ 52B260C50BC5A864007E00F1 /* PIVAttributeCoder.cpp in Sources */,
+ 52B260C60BC5A864007E00F1 /* PIVError.cpp in Sources */,
+ 52B260C70BC5A864007E00F1 /* PIVKeyHandle.cpp in Sources */,
+ 52B260C80BC5A864007E00F1 /* PIVRecord.cpp in Sources */,
+ 52B260C90BC5A864007E00F1 /* PIVSchema.cpp in Sources */,
+ 52B260CA0BC5A864007E00F1 /* PIVToken.cpp in Sources */,
+ 52B260CB0BC5A864007E00F1 /* PIVCCC.cpp in Sources */,
+ 52CAA8CB0EBF7E40004C1A9E /* Padding.cpp in Sources */,
+ 52CAA8CC0EBF7E40004C1A9E /* TLV.cpp in Sources */,
+ );
+ runOnlyForDeploymentPostprocessing = 0;
+ };
+/* End PBXSourcesBuildPhase section */
+
+/* Begin PBXTargetDependency section */
+ 520388F612B802BF007C4317 /* PBXTargetDependency */ = {
+ isa = PBXTargetDependency;
+ target = 52B2602D0BC5A864007E00F1 /* libtokend */;
+ targetProxy = 520388F712B802BF007C4317 /* PBXContainerItemProxy */;
+ };
+ 5203894212B8031D007C4317 /* PBXTargetDependency */ = {
+ isa = PBXTargetDependency;
+ target = 520388F512B802BF007C4317 /* CACNG */;
+ targetProxy = 5203894112B8031D007C4317 /* PBXContainerItemProxy */;
+ };
+ 529252170BC6BEED00816597 /* PBXTargetDependency */ = {
+ isa = PBXTargetDependency;
+ target = 52B2602D0BC5A864007E00F1 /* libtokend */;
+ targetProxy = 529252160BC6BEED00816597 /* PBXContainerItemProxy */;
+ };
+ 52B260D90BC5A864007E00F1 /* PBXTargetDependency */ = {
+ isa = PBXTargetDependency;
+ target = 52B260640BC5A864007E00F1 /* BELPIC */;
+ targetProxy = 52B260D80BC5A864007E00F1 /* PBXContainerItemProxy */;
+ };
+ 52B260DB0BC5A864007E00F1 /* PBXTargetDependency */ = {
+ isa = PBXTargetDependency;
+ target = 52B2607D0BC5A864007E00F1 /* CAC */;
+ targetProxy = 52B260DA0BC5A864007E00F1 /* PBXContainerItemProxy */;
+ };
+ 52B260DD0BC5A864007E00F1 /* PBXTargetDependency */ = {
+ isa = PBXTargetDependency;
+ target = 52B260BA0BC5A864007E00F1 /* PIV */;
+ targetProxy = 52B260DC0BC5A864007E00F1 /* PBXContainerItemProxy */;
+ };
+ 52B260DF0BC5A864007E00F1 /* PBXTargetDependency */ = {
+ isa = PBXTargetDependency;
+ target = 52B2604B0BC5A864007E00F1 /* tokend */;
+ targetProxy = 52B260DE0BC5A864007E00F1 /* PBXContainerItemProxy */;
+ };
+ 52B260E10BC5A864007E00F1 /* PBXTargetDependency */ = {
+ isa = PBXTargetDependency;
+ target = 52B2602D0BC5A864007E00F1 /* libtokend */;
+ targetProxy = 52B260E00BC5A864007E00F1 /* PBXContainerItemProxy */;
+ };
+ 52B260E30BC5A864007E00F1 /* PBXTargetDependency */ = {
+ isa = PBXTargetDependency;
+ target = 52B2602D0BC5A864007E00F1 /* libtokend */;
+ targetProxy = 52B260E20BC5A864007E00F1 /* PBXContainerItemProxy */;
+ };
+ 52B260E50BC5A864007E00F1 /* PBXTargetDependency */ = {
+ isa = PBXTargetDependency;
+ target = 52B2602D0BC5A864007E00F1 /* libtokend */;
+ targetProxy = 52B260E40BC5A864007E00F1 /* PBXContainerItemProxy */;
+ };
+ 52B260E70BC5A864007E00F1 /* PBXTargetDependency */ = {
+ isa = PBXTargetDependency;
+ target = 52B2602D0BC5A864007E00F1 /* libtokend */;
+ targetProxy = 52B260E60BC5A864007E00F1 /* PBXContainerItemProxy */;
+ };
+/* End PBXTargetDependency section */
+
+/* Begin XCBuildConfiguration section */
+ 5203890A12B802BF007C4317 /* Development */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ BUILD_VARIANTS = debug;
+ COPY_PHASE_STRIP = NO;
+ CURRENT_PROJECT_VERSION = 40596;
+ FRAMEWORK_SEARCH_PATHS = (
+ /usr/local/SecurityPieces/Frameworks,
+ "$(SYSTEM_LIBRARY_DIR)/PrivateFrameworks",
+ );
+ GCC_DYNAMIC_NO_PIC = NO;
+ GCC_GENERATE_DEBUGGING_SYMBOLS = YES;
+ GCC_MODEL_TUNING = G5;
+ GCC_OPTIMIZATION_LEVEL = 0;
+ GCC_WARN_ABOUT_MISSING_PROTOTYPES = YES;
+ GCC_WARN_CHECK_SWITCH_STATEMENTS = YES;
+ GCC_WARN_HIDDEN_VIRTUAL_FUNCTIONS = YES;
+ GCC_WARN_INHIBIT_ALL_WARNINGS = NO;
+ GCC_WARN_INITIALIZER_NOT_FULLY_BRACKETED = YES;
+ GCC_WARN_MISSING_PARENTHESES = YES;
+ GCC_WARN_NON_VIRTUAL_DESTRUCTOR = YES;
+ GCC_WARN_PEDANTIC = NO;
+ GCC_WARN_SHADOW = NO;
+ GCC_WARN_SIGN_COMPARE = YES;
+ GCC_WARN_TYPECHECK_CALLS_TO_PRINTF = YES;
+ GCC_WARN_UNINITIALIZED_AUTOS = NO;
+ GCC_WARN_UNKNOWN_PRAGMAS = YES;
+ GCC_WARN_UNUSED_FUNCTION = YES;
+ GCC_WARN_UNUSED_LABEL = YES;
+ GCC_WARN_UNUSED_PARAMETER = YES;
+ GCC_WARN_UNUSED_VALUE = YES;
+ GCC_WARN_UNUSED_VARIABLE = YES;
+ INFOPLIST_FILE = CACNG/Info.plist;
+ INSTALL_PATH = "$(SYSTEM_LIBRARY_DIR)/Security/tokend";
+ OPT_CPPXFLAGS = "$(OPT_CXFLAGS) -fno-enforce-eh-specs -fno-implement-inlines";
+ OPT_CXFLAGS = "-DNDEBUG $(OPT_INLINEXFLAGS)";
+ OPT_INLINEXFLAGS = " -finline-functions";
+ OPT_LDXFLAGS = "-dead_strip";
+ OPT_LDXNOPIC = ",_nopic";
+ OTHER_ASFLAGS_debug = "$(OTHER_CFLAGS)";
+ OTHER_ASFLAGS_normal = "$(OTHER_CFLAGS) -DNDEBUG";
+ OTHER_ASFLAGS_profile = "-DNDEBUG $(OTHER_CFLAGS) -pg";
+ OTHER_CFLAGS_debug = "$(OTHER_CFLAGS) -O0 -fno-inline";
+ OTHER_CFLAGS_normal = "$(OPT_CXFLAGS) $(OTHER_CFLAGS)";
+ OTHER_CFLAGS_profile = "$(OPT_CXFLAGS) $(OTHER_CFLAGS) -pg";
+ OTHER_CPLUSPLUSFLAGS_debug = "$(OTHER_CPLUSPLUSFLAGS) -O0 -fno-inline";
+ OTHER_CPLUSPLUSFLAGS_normal = "$(OPT_CPPXFLAGS) $(OTHER_CPLUSPLUSFLAGS)";
+ OTHER_CPLUSPLUSFLAGS_profile = "$(OPT_CPPXFLAGS) $(OTHER_CPLUSPLUSFLAGS) -pg";
+ OTHER_LDFLAGS_debug = "$(OTHER_LDFLAGS) -framework tokend,_debug -framework PCSC,_debug -framework SecurityTokend,_debug -framework Security,_debug -framework security_cdsa_client,_debug -framework security_cdsa_utilities,_debug -framework security_utilities,_debug";
+ OTHER_LDFLAGS_normal = "$(OPT_LDXFLAGS) $(OTHER_LDFLAGS) -framework tokend -framework PCSC -framework SecurityTokend -framework Security -framework security_cdsa_client$(OPT_LDXNOPIC) -framework security_cdsa_utilities$(OPT_LDXNOPIC) -framework security_utilities$(OPT_LDXNOPIC)";
+ OTHER_LDFLAGS_profile = "$(OPT_LDXFLAGS) $(OTHER_LDFLAGS) -pg -framework tokend,_profile -framework PCSC,_profile -framework SecurityTokend,_profile -framework Security,_profile -framework security_cdsa_client,_profile -framework security_cdsa_utilities,_profile -framework security_utilities,_profile";
+ PRODUCT_NAME = CACNG;
+ VERSIONING_SYSTEM = "apple-generic";
+ WARNING_CFLAGS = (
+ "-Wmost",
+ "-Wno-four-char-constants",
+ "-Wno-unknown-pragmas",
+ );
+ WRAPPER_EXTENSION = tokend;
+ ZERO_LINK = NO;
+ };
+ name = Development;
+ };
+ 5203890B12B802BF007C4317 /* Deployment */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ BUILD_VARIANTS = (
+ normal,
+ debug,
+ );
+ CURRENT_PROJECT_VERSION = 40596;
+ FRAMEWORK_SEARCH_PATHS = (
+ /usr/local/SecurityPieces/Frameworks,
+ "$(SYSTEM_LIBRARY_DIR)/PrivateFrameworks",
+ );
+ GCC_DYNAMIC_NO_PIC = YES;
+ GCC_MODEL_TUNING = G5;
+ INFOPLIST_FILE = CACNG/Info.plist;
+ INSTALL_PATH = "$(SYSTEM_LIBRARY_DIR)/Security/tokend";
+ OPT_CPPXFLAGS = "$(OPT_CXFLAGS) -fno-enforce-eh-specs -fno-implement-inlines";
+ OPT_CXFLAGS = "-DNDEBUG $(OPT_INLINEXFLAGS)";
+ OPT_INLINEXFLAGS = " -finline-functions";
+ OPT_LDXFLAGS = "-dead_strip";
+ OPT_LDXNOPIC = ",_nopic";
+ OTHER_ASFLAGS_debug = "$(OTHER_CFLAGS)";
+ OTHER_ASFLAGS_normal = "$(OTHER_CFLAGS) -DNDEBUG";
+ OTHER_ASFLAGS_profile = "-DNDEBUG $(OTHER_CFLAGS) -pg";
+ OTHER_CFLAGS_debug = "$(OTHER_CFLAGS) -O0 -fno-inline";
+ OTHER_CFLAGS_normal = "$(OPT_CXFLAGS) $(OTHER_CFLAGS)";
+ OTHER_CFLAGS_profile = "$(OPT_CXFLAGS) $(OTHER_CFLAGS) -pg";
+ OTHER_CPLUSPLUSFLAGS_debug = "$(OTHER_CPLUSPLUSFLAGS) -O0 -fno-inline";
+ OTHER_CPLUSPLUSFLAGS_normal = "$(OPT_CPPXFLAGS) $(OTHER_CPLUSPLUSFLAGS)";
+ OTHER_CPLUSPLUSFLAGS_profile = "$(OPT_CPPXFLAGS) $(OTHER_CPLUSPLUSFLAGS) -pg";
+ OTHER_LDFLAGS_debug = "$(OTHER_LDFLAGS) -framework tokend,_debug -framework PCSC,_debug -framework SecurityTokend,_debug -framework Security,_debug -framework security_cdsa_client,_debug -framework security_cdsa_utilities,_debug -framework security_utilities,_debug";
+ OTHER_LDFLAGS_normal = "$(OPT_LDXFLAGS) $(OTHER_LDFLAGS) -framework tokend -framework PCSC -framework SecurityTokend -framework Security -framework security_cdsa_client$(OPT_LDXNOPIC) -framework security_cdsa_utilities$(OPT_LDXNOPIC) -framework security_utilities$(OPT_LDXNOPIC)";
+ OTHER_LDFLAGS_profile = "$(OPT_LDXFLAGS) $(OTHER_LDFLAGS) -pg -framework tokend,_profile -framework PCSC,_profile -framework SecurityTokend,_profile -framework Security,_profile -framework security_cdsa_client,_profile -framework security_cdsa_utilities,_profile -framework security_utilities,_profile";
+ PRODUCT_NAME = CACNG;
+ VERSIONING_SYSTEM = "apple-generic";
+ WARNING_CFLAGS = (
+ "-Wmost",
+ "-Wno-four-char-constants",
+ "-Wno-unknown-pragmas",
+ );
+ WRAPPER_EXTENSION = tokend;
+ ZERO_LINK = NO;
+ };
+ name = Deployment;
+ };
+ 52B260290BC5A864007E00F1 /* Development */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ BUILD_VARIANTS = debug;
+ COPY_PHASE_STRIP = NO;
+ GCC_DYNAMIC_NO_PIC = NO;
+ GCC_GENERATE_DEBUGGING_SYMBOLS = YES;
+ GCC_OPTIMIZATION_LEVEL = 0;
+ GCC_WARN_ABOUT_MISSING_PROTOTYPES = YES;
+ GCC_WARN_CHECK_SWITCH_STATEMENTS = YES;
+ GCC_WARN_HIDDEN_VIRTUAL_FUNCTIONS = YES;
+ GCC_WARN_INHIBIT_ALL_WARNINGS = NO;
+ GCC_WARN_INITIALIZER_NOT_FULLY_BRACKETED = YES;
+ GCC_WARN_MISSING_PARENTHESES = YES;
+ GCC_WARN_NON_VIRTUAL_DESTRUCTOR = YES;
+ GCC_WARN_PEDANTIC = NO;
+ GCC_WARN_SHADOW = NO;
+ GCC_WARN_SIGN_COMPARE = YES;
+ GCC_WARN_TYPECHECK_CALLS_TO_PRINTF = YES;
+ GCC_WARN_UNINITIALIZED_AUTOS = NO;
+ GCC_WARN_UNKNOWN_PRAGMAS = YES;
+ GCC_WARN_UNUSED_FUNCTION = YES;
+ GCC_WARN_UNUSED_LABEL = YES;
+ GCC_WARN_UNUSED_PARAMETER = YES;
+ GCC_WARN_UNUSED_VALUE = YES;
+ GCC_WARN_UNUSED_VARIABLE = YES;
+ PRODUCT_NAME = world;
+ SECTORDER_FLAGS = "";
+ ZERO_LINK = NO;
+ };
+ name = Development;
+ };
+ 52B2602A0BC5A864007E00F1 /* Deployment */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ PRODUCT_NAME = world;
+ SECTORDER_FLAGS = "";
+ ZERO_LINK = NO;
+ };
+ name = Deployment;
+ };
+ 52B260460BC5A864007E00F1 /* Development */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ BUILD_VARIANTS = debug;
+ CURRENT_PROJECT_VERSION = 40596;
+ FRAMEWORK_SEARCH_PATHS = (
+ /usr/local/SecurityPieces/Frameworks,
+ "$(SYSTEM_LIBRARY_DIR)/PrivateFrameworks",
+ );
+ GCC_DYNAMIC_NO_PIC = NO;
+ GCC_GENERATE_DEBUGGING_SYMBOLS = YES;
+ GCC_PREPROCESSOR_DEFINITIONS = LIMITED_SIGNING;
+ LIBRARY_STYLE = STATIC;
+ OPT_CFLAGS = "-DNDEBUG -Os $(OPT_INLINEFLAGS)";
+ OPT_CPPFLAGS = "$(OPT_CFLAGS)";
+ OPT_INLINEFLAGS = "-finline-functions";
+ OPT_LDFLAGS = "-dead_strip";
+ OTHER_ASFLAGS_debug = "$(OTHER_CFLAGS)";
+ OTHER_ASFLAGS_normal = "-DNDEBUG $(OTHER_CFLAGS)";
+ OTHER_ASFLAGS_profile = "-DNDEBUG $(OTHER_CFLAGS) -pg";
+ OTHER_CFLAGS = "";
+ OTHER_CFLAGS_debug = "$(OTHER_CFLAGS) -O0 -fno-inline";
+ OTHER_CFLAGS_nopic = "-mdynamic-no-pic $(OPT_CFLAGS) $(OTHER_CFLAGS)";
+ OTHER_CFLAGS_normal = "$(OPT_CFLAGS) $(OTHER_CFLAGS)";
+ OTHER_CFLAGS_profile = "$(OPT_CFLAGS) $(OTHER_CFLAGS) -pg";
+ OTHER_CPLUSPLUSFLAGS_debug = "$(OTHER_CFLAGS) -O0 -fno-inline";
+ OTHER_CPLUSPLUSFLAGS_nopic = "-mdynamic-no-pic $(OPT_CPPFLAGS) $(OTHER_CFLAGS)";
+ OTHER_CPLUSPLUSFLAGS_normal = "$(OPT_CPPFLAGS) $(OTHER_CFLAGS)";
+ OTHER_CPLUSPLUSFLAGS_profile = "$(OPT_CPPFLAGS) $(OTHER_CFLAGS) -pg";
+ OTHER_LDFLAGS_debug = "$(OTHER_LDFLAGS)";
+ OTHER_LDFLAGS_nopic = "$(OPT_LDFLAGS) $(OTHER_LDFLAGS)";
+ OTHER_LDFLAGS_normal = "$(OPT_LDFLAGS) $(OTHER_LDFLAGS)";
+ OTHER_LDFLAGS_profile = "$(OPT_LDFLAGS) $(OTHER_LDFLAGS) -pg";
+ PRODUCT_NAME = tokend;
+ VERSIONING_SYSTEM = "apple-generic";
+ WARNING_CFLAGS = (
+ "-Wmost",
+ "-Wno-four-char-constants",
+ "-Wno-unknown-pragmas",
+ );
+ ZERO_LINK = YES;
+ };
+ name = Development;
+ };
+ 52B260470BC5A864007E00F1 /* Deployment */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ BUILD_VARIANTS = (
+ normal,
+ debug,
+ nopic,
+ );
+ COPY_PHASE_STRIP = YES;
+ CURRENT_PROJECT_VERSION = 40596;
+ FRAMEWORK_SEARCH_PATHS = (
+ "$(inherited)",
+ /usr/local/SecurityPieces/Frameworks,
+ "$(SYSTEM_LIBRARY_DIR)/PrivateFrameworks",
+ );
+ GCC_DEBUGGING_SYMBOLS = default;
+ GCC_PREPROCESSOR_DEFINITIONS = LIMITED_SIGNING;
+ LIBRARY_STYLE = STATIC;
+ OPT_CFLAGS = "-DNDEBUG -Os $(OPT_INLINEFLAGS)";
+ OPT_CPPFLAGS = "$(OPT_CFLAGS)";
+ OPT_INLINEFLAGS = "-finline-functions";
+ OPT_LDFLAGS = "-dead_strip";
+ OTHER_ASFLAGS_debug = "$(OTHER_CFLAGS)";
+ OTHER_ASFLAGS_normal = "-DNDEBUG $(OTHER_CFLAGS)";
+ OTHER_ASFLAGS_profile = "-DNDEBUG $(OTHER_CFLAGS) -pg";
+ OTHER_CFLAGS = "";
+ OTHER_CFLAGS_debug = "$(OTHER_CFLAGS) -O0 -fno-inline";
+ OTHER_CFLAGS_nopic = "-mdynamic-no-pic $(OPT_CFLAGS) $(OTHER_CFLAGS)";
+ OTHER_CFLAGS_normal = "$(OPT_CFLAGS) $(OTHER_CFLAGS)";
+ OTHER_CFLAGS_profile = "\U0001$(OPT_CFLAGS) $(OTHER_CFLAGS) -pg";
+ OTHER_CPLUSPLUSFLAGS_debug = "$(OTHER_CFLAGS) -O0 -fno-inline";
+ OTHER_CPLUSPLUSFLAGS_nopic = "-mdynamic-no-pic $(OPT_CPPFLAGS) $(OTHER_CFLAGS)";
+ OTHER_CPLUSPLUSFLAGS_normal = "$(OPT_CPPFLAGS) $(OTHER_CFLAGS)";
+ OTHER_CPLUSPLUSFLAGS_profile = "$(OPT_CPPFLAGS) $(OTHER_CFLAGS) -pg";
+ OTHER_LDFLAGS_debug = "$(OTHER_LDFLAGS)";
+ OTHER_LDFLAGS_nopic = "-dead_strip $(OPT_LDFLAGS) $(OTHER_LDFLAGS)";
+ OTHER_LDFLAGS_normal = "$(OPT_LDFLAGS) $(OTHER_LDFLAGS)";
+ OTHER_LDFLAGS_profile = "$(OPT_LDFLAGS) $(OTHER_LDFLAGS) -pg";
+ PRODUCT_NAME = tokend;
+ VERSIONING_SYSTEM = "apple-generic";
+ WARNING_CFLAGS = (
+ "-Wmost",
+ "-Wno-four-char-constants",
+ "-Wno-unknown-pragmas",
+ );
+ ZERO_LINK = NO;
+ };
+ name = Deployment;
+ };
+ 52B2605E0BC5A864007E00F1 /* Development */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ FRAMEWORK_SEARCH_PATHS = (
+ "$(inherited)",
+ /usr/local/SecurityPieces/Frameworks,
+ "$(SYSTEM_LIBRARY_DIR)/PrivateFrameworks",
+ );
+ FRAMEWORK_VERSION = A;
+ GCC_SYMBOLS_PRIVATE_EXTERN = NO;
+ INFOPLIST_FILE = "Info-tokend__Upgraded_.plist";
+ INSTALL_PATH = /usr/local/SecurityPieces/Frameworks;
+ PRODUCT_NAME = tokend;
+ WRAPPER_EXTENSION = framework;
+ ZERO_LINK = YES;
+ };
+ name = Development;
+ };
+ 52B2605F0BC5A864007E00F1 /* Deployment */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ FRAMEWORK_VERSION = A;
+ GCC_DEBUGGING_SYMBOLS = default;
+ GCC_SYMBOLS_PRIVATE_EXTERN = NO;
+ INFOPLIST_FILE = "Info-tokend__Upgraded_.plist";
+ INSTALL_PATH = /usr/local/SecurityPieces/Frameworks;
+ PRODUCT_NAME = tokend;
+ WRAPPER_EXTENSION = framework;
+ ZERO_LINK = NO;
+ };
+ name = Deployment;
+ };
+ 52B260770BC5A864007E00F1 /* Development */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ ALWAYS_SEARCH_USER_PATHS = YES;
+ BUILD_VARIANTS = debug;
+ COPY_PHASE_STRIP = NO;
+ CURRENT_PROJECT_VERSION = 40596;
+ FRAMEWORK_SEARCH_PATHS = (
+ /usr/local/SecurityPieces/Frameworks,
+ "$(SYSTEM_LIBRARY_DIR)/PrivateFrameworks",
+ );
+ GCC_DYNAMIC_NO_PIC = NO;
+ GCC_GENERATE_DEBUGGING_SYMBOLS = YES;
+ GCC_MODEL_TUNING = G5;
+ GCC_OPTIMIZATION_LEVEL = 0;
+ GCC_WARN_ABOUT_MISSING_PROTOTYPES = YES;
+ GCC_WARN_CHECK_SWITCH_STATEMENTS = YES;
+ GCC_WARN_HIDDEN_VIRTUAL_FUNCTIONS = YES;
+ GCC_WARN_INHIBIT_ALL_WARNINGS = NO;
+ GCC_WARN_INITIALIZER_NOT_FULLY_BRACKETED = YES;
+ GCC_WARN_MISSING_PARENTHESES = YES;
+ GCC_WARN_NON_VIRTUAL_DESTRUCTOR = YES;
+ GCC_WARN_PEDANTIC = NO;
+ GCC_WARN_SHADOW = NO;
+ GCC_WARN_SIGN_COMPARE = YES;
+ GCC_WARN_TYPECHECK_CALLS_TO_PRINTF = YES;
+ GCC_WARN_UNINITIALIZED_AUTOS = NO;
+ GCC_WARN_UNKNOWN_PRAGMAS = YES;
+ GCC_WARN_UNUSED_FUNCTION = YES;
+ GCC_WARN_UNUSED_LABEL = YES;
+ GCC_WARN_UNUSED_PARAMETER = YES;
+ GCC_WARN_UNUSED_VALUE = YES;
+ GCC_WARN_UNUSED_VARIABLE = YES;
+ INFOPLIST_FILE = BELPIC/Info.plist;
+ INSTALL_PATH = "$(SYSTEM_LIBRARY_DIR)/Security/tokend";
+ OPT_CPPXFLAGS = "$(OPT_CXFLAGS) -fno-enforce-eh-specs -fno-implement-inlines";
+ OPT_CXFLAGS = "-DNDEBUG $(OPT_INLINEXFLAGS)";
+ OPT_INLINEXFLAGS = " -finline-functions";
+ OPT_LDXFLAGS = "-dead_strip";
+ OPT_LDXNOPIC = ",_nopic";
+ OTHER_ASFLAGS_debug = "$(OTHER_CFLAGS)";
+ OTHER_ASFLAGS_normal = "$(OTHER_CFLAGS) -DNDEBUG";
+ OTHER_ASFLAGS_profile = "-DNDEBUG $(OTHER_CFLAGS) -pg";
+ OTHER_CFLAGS_debug = "$(OTHER_CFLAGS) -O0 -fno-inline";
+ OTHER_CFLAGS_normal = "$(OPT_CXFLAGS) $(OTHER_CFLAGS)";
+ OTHER_CFLAGS_profile = "$(OPT_CXFLAGS) $(OTHER_CFLAGS) -pg";
+ OTHER_CPLUSPLUSFLAGS_debug = "$(OTHER_CPLUSPLUSFLAGS) -O0 -fno-inline";
+ OTHER_CPLUSPLUSFLAGS_normal = "$(OPT_CPPXFLAGS) $(OTHER_CPLUSPLUSFLAGS)";
+ OTHER_CPLUSPLUSFLAGS_profile = "$(OPT_CPPXFLAGS) $(OTHER_CPLUSPLUSFLAGS) -pg";
+ OTHER_LDFLAGS_debug = "$(OTHER_LDFLAGS) -framework tokend,_debug -framework PCSC,_debug -framework SecurityTokend,_debug -framework Security,_debug -framework security_cdsa_client,_debug -framework security_cdsa_utilities,_debug -framework security_utilities,_debug";
+ OTHER_LDFLAGS_normal = "$(OPT_LDXFLAGS) $(OTHER_LDFLAGS) -framework tokend -framework PCSC -framework SecurityTokend -framework Security -framework security_cdsa_client$(OPT_LDXNOPIC) -framework security_cdsa_utilities$(OPT_LDXNOPIC) -framework security_utilities$(OPT_LDXNOPIC)";
+ OTHER_LDFLAGS_profile = "$(OPT_LDXFLAGS) $(OTHER_LDFLAGS) -pg -framework tokend,_profile -framework PCSC,_profile -framework SecurityTokend,_profile -framework Security,_profile -framework security_cdsa_client,_profile -framework security_cdsa_utilities,_profile -framework security_utilities,_profile";
+ PRODUCT_NAME = BELPIC;
+ VERSIONING_SYSTEM = "apple-generic";
+ WARNING_CFLAGS = (
+ "-Wmost",
+ "-Wno-four-char-constants",
+ "-Wno-unknown-pragmas",
+ );
+ WRAPPER_EXTENSION = tokend;
+ ZERO_LINK = NO;
+ };
+ name = Development;
+ };
+ 52B260780BC5A864007E00F1 /* Deployment */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ BUILD_VARIANTS = (
+ normal,
+ debug,
+ );
+ CURRENT_PROJECT_VERSION = 40596;
+ FRAMEWORK_SEARCH_PATHS = (
+ /usr/local/SecurityPieces/Frameworks,
+ "$(SYSTEM_LIBRARY_DIR)/PrivateFrameworks",
+ );
+ GCC_DYNAMIC_NO_PIC = YES;
+ GCC_MODEL_TUNING = G5;
+ INFOPLIST_FILE = BELPIC/Info.plist;
+ INSTALL_PATH = "$(SYSTEM_LIBRARY_DIR)/Security/tokend";
+ OPT_CPPXFLAGS = "$(OPT_CXFLAGS) -fno-enforce-eh-specs -fno-implement-inlines";
+ OPT_CXFLAGS = "-DNDEBUG $(OPT_INLINEXFLAGS)";
+ OPT_INLINEXFLAGS = " -finline-functions";
+ OPT_LDXFLAGS = "-dead_strip";
+ OPT_LDXNOPIC = ",_nopic";
+ OTHER_ASFLAGS_debug = "$(OTHER_CFLAGS)";
+ OTHER_ASFLAGS_normal = "$(OTHER_CFLAGS) -DNDEBUG";
+ OTHER_ASFLAGS_profile = "-DNDEBUG $(OTHER_CFLAGS) -pg";
+ OTHER_CFLAGS_debug = "$(OTHER_CFLAGS) -O0 -fno-inline";
+ OTHER_CFLAGS_normal = "$(OPT_CXFLAGS) $(OTHER_CFLAGS)";
+ OTHER_CFLAGS_profile = "$(OPT_CXFLAGS) $(OTHER_CFLAGS) -pg";
+ OTHER_CPLUSPLUSFLAGS_debug = "$(OTHER_CPLUSPLUSFLAGS) -O0 -fno-inline";
+ OTHER_CPLUSPLUSFLAGS_normal = "$(OPT_CPPXFLAGS) $(OTHER_CPLUSPLUSFLAGS)";
+ OTHER_CPLUSPLUSFLAGS_profile = "$(OPT_CPPXFLAGS) $(OTHER_CPLUSPLUSFLAGS) -pg";
+ OTHER_LDFLAGS_debug = "$(OTHER_LDFLAGS) -framework tokend,_debug -framework PCSC,_debug -framework SecurityTokend,_debug -framework Security,_debug -framework security_cdsa_client,_debug -framework security_cdsa_utilities,_debug -framework security_utilities,_debug";
+ OTHER_LDFLAGS_normal = "$(OPT_LDXFLAGS) $(OTHER_LDFLAGS) -framework tokend -framework PCSC -framework SecurityTokend -framework Security -framework security_cdsa_client$(OPT_LDXNOPIC) -framework security_cdsa_utilities$(OPT_LDXNOPIC) -framework security_utilities$(OPT_LDXNOPIC)";
+ OTHER_LDFLAGS_profile = "$(OPT_LDXFLAGS) $(OTHER_LDFLAGS) -pg -framework tokend,_profile -framework PCSC,_profile -framework SecurityTokend,_profile -framework Security,_profile -framework security_cdsa_client,_profile -framework security_cdsa_utilities,_profile -framework security_utilities,_profile";
+ PRODUCT_NAME = BELPIC;
+ VERSIONING_SYSTEM = "apple-generic";
+ WARNING_CFLAGS = (
+ "-Wmost",
+ "-Wno-four-char-constants",
+ "-Wno-unknown-pragmas",
+ );
+ WRAPPER_EXTENSION = tokend;
+ ZERO_LINK = NO;
+ };
+ name = Deployment;
+ };
+ 52B260920BC5A864007E00F1 /* Development */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ BUILD_VARIANTS = debug;
+ COPY_PHASE_STRIP = NO;
+ CURRENT_PROJECT_VERSION = 40596;
+ FRAMEWORK_SEARCH_PATHS = (
+ /usr/local/SecurityPieces/Frameworks,
+ "$(SYSTEM_LIBRARY_DIR)/PrivateFrameworks",
+ );
+ GCC_DYNAMIC_NO_PIC = NO;
+ GCC_GENERATE_DEBUGGING_SYMBOLS = YES;
+ GCC_MODEL_TUNING = G5;
+ GCC_OPTIMIZATION_LEVEL = 0;
+ GCC_WARN_ABOUT_MISSING_PROTOTYPES = YES;
+ GCC_WARN_CHECK_SWITCH_STATEMENTS = YES;
+ GCC_WARN_HIDDEN_VIRTUAL_FUNCTIONS = YES;
+ GCC_WARN_INHIBIT_ALL_WARNINGS = NO;
+ GCC_WARN_INITIALIZER_NOT_FULLY_BRACKETED = YES;
+ GCC_WARN_MISSING_PARENTHESES = YES;
+ GCC_WARN_NON_VIRTUAL_DESTRUCTOR = YES;
+ GCC_WARN_PEDANTIC = NO;
+ GCC_WARN_SHADOW = NO;
+ GCC_WARN_SIGN_COMPARE = YES;
+ GCC_WARN_TYPECHECK_CALLS_TO_PRINTF = YES;
+ GCC_WARN_UNINITIALIZED_AUTOS = NO;
+ GCC_WARN_UNKNOWN_PRAGMAS = YES;
+ GCC_WARN_UNUSED_FUNCTION = YES;
+ GCC_WARN_UNUSED_LABEL = YES;
+ GCC_WARN_UNUSED_PARAMETER = YES;
+ GCC_WARN_UNUSED_VALUE = YES;
+ GCC_WARN_UNUSED_VARIABLE = YES;
+ INFOPLIST_FILE = CAC/Info.plist;
+ INSTALL_PATH = "$(SYSTEM_LIBRARY_DIR)/Security/tokend";
+ OPT_CPPXFLAGS = "$(OPT_CXFLAGS) -fno-enforce-eh-specs -fno-implement-inlines";
+ OPT_CXFLAGS = "-DNDEBUG $(OPT_INLINEXFLAGS)";
+ OPT_INLINEXFLAGS = " -finline-functions";
+ OPT_LDXFLAGS = "-dead_strip";
+ OPT_LDXNOPIC = ",_nopic";
+ OTHER_ASFLAGS_debug = "$(OTHER_CFLAGS)";
+ OTHER_ASFLAGS_normal = "$(OTHER_CFLAGS) -DNDEBUG";
+ OTHER_ASFLAGS_profile = "-DNDEBUG $(OTHER_CFLAGS) -pg";
+ OTHER_CFLAGS_debug = "$(OTHER_CFLAGS) -O0 -fno-inline";
+ OTHER_CFLAGS_normal = "$(OPT_CXFLAGS) $(OTHER_CFLAGS)";
+ OTHER_CFLAGS_profile = "$(OPT_CXFLAGS) $(OTHER_CFLAGS) -pg";
+ OTHER_CPLUSPLUSFLAGS_debug = "$(OTHER_CPLUSPLUSFLAGS) -O0 -fno-inline";
+ OTHER_CPLUSPLUSFLAGS_normal = "$(OPT_CPPXFLAGS) $(OTHER_CPLUSPLUSFLAGS)";
+ OTHER_CPLUSPLUSFLAGS_profile = "$(OPT_CPPXFLAGS) $(OTHER_CPLUSPLUSFLAGS) -pg";
+ OTHER_LDFLAGS_debug = "$(OTHER_LDFLAGS) -framework tokend,_debug -framework PCSC,_debug -framework SecurityTokend,_debug -framework Security,_debug -framework security_cdsa_client,_debug -framework security_cdsa_utilities,_debug -framework security_utilities,_debug";
+ OTHER_LDFLAGS_normal = "$(OPT_LDXFLAGS) $(OTHER_LDFLAGS) -framework tokend -framework PCSC -framework SecurityTokend -framework Security -framework security_cdsa_client$(OPT_LDXNOPIC) -framework security_cdsa_utilities$(OPT_LDXNOPIC) -framework security_utilities$(OPT_LDXNOPIC)";
+ OTHER_LDFLAGS_profile = "$(OPT_LDXFLAGS) $(OTHER_LDFLAGS) -pg -framework tokend,_profile -framework PCSC,_profile -framework SecurityTokend,_profile -framework Security,_profile -framework security_cdsa_client,_profile -framework security_cdsa_utilities,_profile -framework security_utilities,_profile";
+ PRODUCT_NAME = CAC;
+ VERSIONING_SYSTEM = "apple-generic";
+ WARNING_CFLAGS = (
+ "-Wmost",
+ "-Wno-four-char-constants",
+ "-Wno-unknown-pragmas",
+ );
+ WRAPPER_EXTENSION = tokend;
+ ZERO_LINK = NO;
+ };
+ name = Development;
+ };
+ 52B260930BC5A864007E00F1 /* Deployment */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ BUILD_VARIANTS = (
+ normal,
+ debug,
+ );
+ CURRENT_PROJECT_VERSION = 40596;
+ FRAMEWORK_SEARCH_PATHS = (
+ /usr/local/SecurityPieces/Frameworks,
+ "$(SYSTEM_LIBRARY_DIR)/PrivateFrameworks",
+ );
+ GCC_DYNAMIC_NO_PIC = YES;
+ GCC_MODEL_TUNING = G5;
+ INFOPLIST_FILE = CAC/Info.plist;
+ INSTALL_PATH = "$(SYSTEM_LIBRARY_DIR)/Security/tokend";
+ OPT_CPPXFLAGS = "$(OPT_CXFLAGS) -fno-enforce-eh-specs -fno-implement-inlines";
+ OPT_CXFLAGS = "-DNDEBUG $(OPT_INLINEXFLAGS)";
+ OPT_INLINEXFLAGS = " -finline-functions";
+ OPT_LDXFLAGS = "-dead_strip";
+ OPT_LDXNOPIC = ",_nopic";
+ OTHER_ASFLAGS_debug = "$(OTHER_CFLAGS)";
+ OTHER_ASFLAGS_normal = "$(OTHER_CFLAGS) -DNDEBUG";
+ OTHER_ASFLAGS_profile = "-DNDEBUG $(OTHER_CFLAGS) -pg";
+ OTHER_CFLAGS_debug = "$(OTHER_CFLAGS) -O0 -fno-inline";
+ OTHER_CFLAGS_normal = "$(OPT_CXFLAGS) $(OTHER_CFLAGS)";
+ OTHER_CFLAGS_profile = "$(OPT_CXFLAGS) $(OTHER_CFLAGS) -pg";
+ OTHER_CPLUSPLUSFLAGS_debug = "$(OTHER_CPLUSPLUSFLAGS) -O0 -fno-inline";
+ OTHER_CPLUSPLUSFLAGS_normal = "$(OPT_CPPXFLAGS) $(OTHER_CPLUSPLUSFLAGS)";
+ OTHER_CPLUSPLUSFLAGS_profile = "$(OPT_CPPXFLAGS) $(OTHER_CPLUSPLUSFLAGS) -pg";
+ OTHER_LDFLAGS_debug = "$(OTHER_LDFLAGS) -framework tokend,_debug -framework PCSC,_debug -framework SecurityTokend,_debug -framework Security,_debug -framework security_cdsa_client,_debug -framework security_cdsa_utilities,_debug -framework security_utilities,_debug";
+ OTHER_LDFLAGS_normal = "$(OPT_LDXFLAGS) $(OTHER_LDFLAGS) -framework tokend -framework PCSC -framework SecurityTokend -framework Security -framework security_cdsa_client$(OPT_LDXNOPIC) -framework security_cdsa_utilities$(OPT_LDXNOPIC) -framework security_utilities$(OPT_LDXNOPIC)";
+ OTHER_LDFLAGS_profile = "$(OPT_LDXFLAGS) $(OTHER_LDFLAGS) -pg -framework tokend,_profile -framework PCSC,_profile -framework SecurityTokend,_profile -framework Security,_profile -framework security_cdsa_client,_profile -framework security_cdsa_utilities,_profile -framework security_utilities,_profile";
+ PRODUCT_NAME = CAC;
+ VERSIONING_SYSTEM = "apple-generic";
+ WARNING_CFLAGS = (
+ "-Wmost",
+ "-Wno-four-char-constants",
+ "-Wno-unknown-pragmas",
+ );
+ WRAPPER_EXTENSION = tokend;
+ ZERO_LINK = NO;
+ };
+ name = Deployment;
+ };
+ 52B260B40BC5A864007E00F1 /* Development */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ BUILD_VARIANTS = debug;
+ COPY_PHASE_STRIP = NO;
+ CURRENT_PROJECT_VERSION = 40596;
+ FRAMEWORK_SEARCH_PATHS = (
+ /usr/local/SecurityPieces/Frameworks,
+ "$(SYSTEM_LIBRARY_DIR)/PrivateFrameworks",
+ );
+ GCC_DYNAMIC_NO_PIC = NO;
+ GCC_GENERATE_DEBUGGING_SYMBOLS = YES;
+ GCC_MODEL_TUNING = G5;
+ GCC_OPTIMIZATION_LEVEL = 0;
+ GCC_WARN_ABOUT_MISSING_PROTOTYPES = YES;
+ GCC_WARN_CHECK_SWITCH_STATEMENTS = YES;
+ GCC_WARN_HIDDEN_VIRTUAL_FUNCTIONS = YES;
+ GCC_WARN_INHIBIT_ALL_WARNINGS = NO;
+ GCC_WARN_INITIALIZER_NOT_FULLY_BRACKETED = YES;
+ GCC_WARN_MISSING_PARENTHESES = YES;
+ GCC_WARN_NON_VIRTUAL_DESTRUCTOR = YES;
+ GCC_WARN_PEDANTIC = NO;
+ GCC_WARN_SHADOW = NO;
+ GCC_WARN_SIGN_COMPARE = YES;
+ GCC_WARN_TYPECHECK_CALLS_TO_PRINTF = YES;
+ GCC_WARN_UNINITIALIZED_AUTOS = NO;
+ GCC_WARN_UNKNOWN_PRAGMAS = YES;
+ GCC_WARN_UNUSED_FUNCTION = YES;
+ GCC_WARN_UNUSED_LABEL = YES;
+ GCC_WARN_UNUSED_PARAMETER = YES;
+ GCC_WARN_UNUSED_VALUE = YES;
+ GCC_WARN_UNUSED_VARIABLE = YES;
+ INFOPLIST_FILE = MuscleCard/Info.plist;
+ INSTALL_PATH = "$(SYSTEM_LIBRARY_DIR)/Security/tokend";
+ OPT_CPPXFLAGS = "$(OPT_CXFLAGS) -fno-enforce-eh-specs -fno-implement-inlines";
+ OPT_CXFLAGS = "-DNDEBUG $(OPT_INLINEXFLAGS)";
+ OPT_INLINEXFLAGS = " -finline-functions";
+ OPT_LDXFLAGS = "-dead_strip";
+ OPT_LDXNOPIC = ",_nopic";
+ OTHER_ASFLAGS_debug = "$(OTHER_CFLAGS)";
+ OTHER_ASFLAGS_normal = "$(OTHER_CFLAGS) -DNDEBUG";
+ OTHER_ASFLAGS_profile = "-DNDEBUG $(OTHER_CFLAGS) -pg";
+ OTHER_CFLAGS_debug = "$(OTHER_CFLAGS) -O0 -fno-inline";
+ OTHER_CFLAGS_normal = "$(OPT_CXFLAGS) $(OTHER_CFLAGS)";
+ OTHER_CFLAGS_profile = "$(OPT_CXFLAGS) $(OTHER_CFLAGS) -pg";
+ OTHER_CPLUSPLUSFLAGS_debug = "$(OTHER_CPLUSPLUSFLAGS) -O0 -fno-inline";
+ OTHER_CPLUSPLUSFLAGS_normal = "$(OPT_CPPXFLAGS) $(OTHER_CPLUSPLUSFLAGS)";
+ OTHER_CPLUSPLUSFLAGS_profile = "$(OPT_CPPXFLAGS) $(OTHER_CPLUSPLUSFLAGS) -pg";
+ OTHER_LDFLAGS_debug = "$(OTHER_LDFLAGS) -framework tokend,_debug -framework PCSC,_debug -framework SecurityTokend,_debug -framework Security,_debug -framework security_cdsa_client,_debug -framework security_cdsa_utilities,_debug -framework security_utilities,_debug";
+ OTHER_LDFLAGS_normal = "$(OPT_LDXFLAGS) $(OTHER_LDFLAGS) -framework tokend -framework PCSC -framework SecurityTokend -framework Security -framework security_cdsa_client$(OPT_LDXNOPIC) -framework security_cdsa_utilities$(OPT_LDXNOPIC) -framework security_utilities$(OPT_LDXNOPIC)";
+ OTHER_LDFLAGS_profile = "$(OPT_LDXFLAGS) $(OTHER_LDFLAGS) -pg -framework tokend,_profile -framework PCSC,_profile -framework SecurityTokend,_profile -framework Security,_profile -framework security_cdsa_client,_profile -framework security_cdsa_utilities,_profile -framework security_utilities,_profile";
+ PRODUCT_NAME = MuscleCard;
+ VERSIONING_SYSTEM = "apple-generic";
+ WARNING_CFLAGS = (
+ "-Wmost",
+ "-Wno-four-char-constants",
+ "-Wno-unknown-pragmas",
+ );
+ WRAPPER_EXTENSION = tokend;
+ ZERO_LINK = NO;
+ };
+ name = Development;
+ };
+ 52B260B50BC5A864007E00F1 /* Deployment */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ BUILD_VARIANTS = (
+ normal,
+ debug,
+ );
+ CURRENT_PROJECT_VERSION = 40596;
+ FRAMEWORK_SEARCH_PATHS = (
+ /usr/local/SecurityPieces/Frameworks,
+ "$(SYSTEM_LIBRARY_DIR)/PrivateFrameworks",
+ );
+ GCC_DYNAMIC_NO_PIC = YES;
+ GCC_MODEL_TUNING = G5;
+ INFOPLIST_FILE = MuscleCard/Info.plist;
+ INSTALL_PATH = "$(SYSTEM_LIBRARY_DIR)/Security/tokend";
+ OPT_CPPXFLAGS = "$(OPT_CXFLAGS) -fno-enforce-eh-specs -fno-implement-inlines";
+ OPT_CXFLAGS = "-DNDEBUG $(OPT_INLINEXFLAGS)";
+ OPT_INLINEXFLAGS = " -finline-functions";
+ OPT_LDXFLAGS = "-dead_strip";
+ OPT_LDXNOPIC = ",_nopic";
+ OTHER_ASFLAGS_debug = "$(OTHER_CFLAGS)";
+ OTHER_ASFLAGS_normal = "$(OTHER_CFLAGS) -DNDEBUG";
+ OTHER_ASFLAGS_profile = "-DNDEBUG $(OTHER_CFLAGS) -pg";
+ OTHER_CFLAGS_debug = "$(OTHER_CFLAGS) -O0 -fno-inline";
+ OTHER_CFLAGS_normal = "$(OPT_CXFLAGS) $(OTHER_CFLAGS)";
+ OTHER_CFLAGS_profile = "$(OPT_CXFLAGS) $(OTHER_CFLAGS) -pg";
+ OTHER_CPLUSPLUSFLAGS_debug = "$(OTHER_CPLUSPLUSFLAGS) -O0 -fno-inline";
+ OTHER_CPLUSPLUSFLAGS_normal = "$(OPT_CPPXFLAGS) $(OTHER_CPLUSPLUSFLAGS)";
+ OTHER_CPLUSPLUSFLAGS_profile = "$(OPT_CPPXFLAGS) $(OTHER_CPLUSPLUSFLAGS) -pg";
+ OTHER_LDFLAGS_debug = "$(OTHER_LDFLAGS) -framework tokend,_debug -framework PCSC,_debug -framework SecurityTokend,_debug -framework Security,_debug -framework security_cdsa_client,_debug -framework security_cdsa_utilities,_debug -framework security_utilities,_debug";
+ OTHER_LDFLAGS_normal = "$(OPT_LDXFLAGS) $(OTHER_LDFLAGS) -framework tokend -framework PCSC -framework SecurityTokend -framework Security -framework security_cdsa_client$(OPT_LDXNOPIC) -framework security_cdsa_utilities$(OPT_LDXNOPIC) -framework security_utilities$(OPT_LDXNOPIC)";
+ OTHER_LDFLAGS_profile = "$(OPT_LDXFLAGS) $(OTHER_LDFLAGS) -pg -framework tokend,_profile -framework PCSC,_profile -framework SecurityTokend,_profile -framework Security,_profile -framework security_cdsa_client,_profile -framework security_cdsa_utilities,_profile -framework security_utilities,_profile";
+ PRODUCT_NAME = MuscleCard;
+ VERSIONING_SYSTEM = "apple-generic";
+ WARNING_CFLAGS = (
+ "-Wmost",
+ "-Wno-four-char-constants",
+ "-Wno-unknown-pragmas",
+ );
+ WRAPPER_EXTENSION = tokend;
+ ZERO_LINK = NO;
+ };
+ name = Deployment;
+ };
+ 52B260D00BC5A864007E00F1 /* Development */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ BUILD_VARIANTS = debug;
+ COPY_PHASE_STRIP = NO;
+ CURRENT_PROJECT_VERSION = 40596;
+ FRAMEWORK_SEARCH_PATHS = (
+ /usr/local/SecurityPieces/Frameworks,
+ "$(SYSTEM_LIBRARY_DIR)/PrivateFrameworks",
+ );
+ GCC_DYNAMIC_NO_PIC = NO;
+ GCC_GENERATE_DEBUGGING_SYMBOLS = YES;
+ GCC_MODEL_TUNING = G5;
+ GCC_OPTIMIZATION_LEVEL = 0;
+ GCC_WARN_ABOUT_MISSING_PROTOTYPES = YES;
+ GCC_WARN_CHECK_SWITCH_STATEMENTS = YES;
+ GCC_WARN_HIDDEN_VIRTUAL_FUNCTIONS = YES;
+ GCC_WARN_INHIBIT_ALL_WARNINGS = NO;
+ GCC_WARN_INITIALIZER_NOT_FULLY_BRACKETED = YES;
+ GCC_WARN_MISSING_PARENTHESES = YES;
+ GCC_WARN_NON_VIRTUAL_DESTRUCTOR = YES;
+ GCC_WARN_PEDANTIC = NO;
+ GCC_WARN_SHADOW = NO;
+ GCC_WARN_SIGN_COMPARE = YES;
+ GCC_WARN_TYPECHECK_CALLS_TO_PRINTF = YES;
+ GCC_WARN_UNINITIALIZED_AUTOS = NO;
+ GCC_WARN_UNKNOWN_PRAGMAS = YES;
+ GCC_WARN_UNUSED_FUNCTION = YES;
+ GCC_WARN_UNUSED_LABEL = YES;
+ GCC_WARN_UNUSED_PARAMETER = YES;
+ GCC_WARN_UNUSED_VALUE = YES;
+ GCC_WARN_UNUSED_VARIABLE = YES;
+ INFOPLIST_FILE = PIV/Info.plist;
+ INSTALL_PATH = "$(SYSTEM_LIBRARY_DIR)/Security/tokend";
+ OPT_CPPXFLAGS = "$(OPT_CXFLAGS) -fno-enforce-eh-specs -fno-implement-inlines";
+ OPT_CXFLAGS = "-DNDEBUG $(OPT_INLINEXFLAGS)";
+ OPT_INLINEXFLAGS = " -finline-functions";
+ OPT_LDXFLAGS = "-dead_strip";
+ OPT_LDXNOPIC = ",_nopic";
+ OTHER_ASFLAGS_debug = "$(OTHER_CFLAGS)";
+ OTHER_ASFLAGS_normal = "$(OTHER_CFLAGS) -DNDEBUG";
+ OTHER_ASFLAGS_profile = "-DNDEBUG $(OTHER_CFLAGS) -pg";
+ OTHER_CFLAGS_debug = "$(OTHER_CFLAGS) -O0 -fno-inline";
+ OTHER_CFLAGS_normal = "$(OPT_CXFLAGS) $(OTHER_CFLAGS)";
+ OTHER_CFLAGS_profile = "$(OPT_CXFLAGS) $(OTHER_CFLAGS) -pg";
+ OTHER_CPLUSPLUSFLAGS_debug = "$(OTHER_CPLUSPLUSFLAGS) -O0 -fno-inline";
+ OTHER_CPLUSPLUSFLAGS_normal = "$(OPT_CPPXFLAGS) $(OTHER_CPLUSPLUSFLAGS)";
+ OTHER_CPLUSPLUSFLAGS_profile = "$(OPT_CPPXFLAGS) $(OTHER_CPLUSPLUSFLAGS) -pg";
+ OTHER_LDFLAGS_debug = "$(OTHER_LDFLAGS) -framework tokend,_debug -framework PCSC,_debug -framework SecurityTokend,_debug -framework Security,_debug -framework security_cdsa_client,_debug -framework security_cdsa_utilities,_debug -framework security_utilities,_debug";
+ OTHER_LDFLAGS_normal = "$(OPT_LDXFLAGS) $(OTHER_LDFLAGS) -framework tokend -framework PCSC -framework SecurityTokend -framework Security -framework security_cdsa_client$(OPT_LDXNOPIC) -framework security_cdsa_utilities$(OPT_LDXNOPIC) -framework security_utilities$(OPT_LDXNOPIC)";
+ OTHER_LDFLAGS_profile = "$(OPT_LDXFLAGS) $(OTHER_LDFLAGS) -pg -framework tokend,_profile -framework PCSC,_profile -framework SecurityTokend,_profile -framework Security,_profile -framework security_cdsa_client,_profile -framework security_cdsa_utilities,_profile -framework security_utilities,_profile";
+ PRODUCT_NAME = PIV;
+ VERSIONING_SYSTEM = "apple-generic";
+ WARNING_CFLAGS = (
+ "-Wmost",
+ "-Wno-four-char-constants",
+ "-Wno-unknown-pragmas",
+ );
+ WRAPPER_EXTENSION = tokend;
+ ZERO_LINK = NO;
+ };
+ name = Development;
+ };
+ 52B260D10BC5A864007E00F1 /* Deployment */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ BUILD_VARIANTS = (
+ normal,
+ debug,
+ );
+ CURRENT_PROJECT_VERSION = 40596;
+ FRAMEWORK_SEARCH_PATHS = (
+ /usr/local/SecurityPieces/Frameworks,
+ "$(SYSTEM_LIBRARY_DIR)/PrivateFrameworks",
+ );
+ GCC_DYNAMIC_NO_PIC = YES;
+ GCC_MODEL_TUNING = G5;
+ INFOPLIST_FILE = PIV/Info.plist;
+ INSTALL_PATH = "$(SYSTEM_LIBRARY_DIR)/Security/tokend";
+ OPT_CPPXFLAGS = "$(OPT_CXFLAGS) -fno-enforce-eh-specs -fno-implement-inlines";
+ OPT_CXFLAGS = "-DNDEBUG $(OPT_INLINEXFLAGS)";
+ OPT_INLINEXFLAGS = " -finline-functions";
+ OPT_LDXFLAGS = "-dead_strip";
+ OPT_LDXNOPIC = ",_nopic";
+ OTHER_ASFLAGS_debug = "$(OTHER_CFLAGS)";
+ OTHER_ASFLAGS_normal = "$(OTHER_CFLAGS) -DNDEBUG";
+ OTHER_ASFLAGS_profile = "-DNDEBUG $(OTHER_CFLAGS) -pg";
+ OTHER_CFLAGS_debug = "$(OTHER_CFLAGS) -O0 -fno-inline";
+ OTHER_CFLAGS_normal = "$(OPT_CXFLAGS) $(OTHER_CFLAGS)";
+ OTHER_CFLAGS_profile = "$(OPT_CXFLAGS) $(OTHER_CFLAGS) -pg";
+ OTHER_CPLUSPLUSFLAGS_debug = "$(OTHER_CPLUSPLUSFLAGS) -O0 -fno-inline";
+ OTHER_CPLUSPLUSFLAGS_normal = "$(OPT_CPPXFLAGS) $(OTHER_CPLUSPLUSFLAGS)";
+ OTHER_CPLUSPLUSFLAGS_profile = "$(OPT_CPPXFLAGS) $(OTHER_CPLUSPLUSFLAGS) -pg";
+ OTHER_LDFLAGS_debug = "$(OTHER_LDFLAGS) -framework tokend,_debug -framework PCSC,_debug -framework SecurityTokend,_debug -framework Security,_debug -framework security_cdsa_client,_debug -framework security_cdsa_utilities,_debug -framework security_utilities,_debug";
+ OTHER_LDFLAGS_normal = "$(OPT_LDXFLAGS) $(OTHER_LDFLAGS) -framework tokend -framework PCSC -framework SecurityTokend -framework Security -framework security_cdsa_client$(OPT_LDXNOPIC) -framework security_cdsa_utilities$(OPT_LDXNOPIC) -framework security_utilities$(OPT_LDXNOPIC)";
+ OTHER_LDFLAGS_profile = "$(OPT_LDXFLAGS) $(OTHER_LDFLAGS) -pg -framework tokend,_profile -framework PCSC,_profile -framework SecurityTokend,_profile -framework Security,_profile -framework security_cdsa_client,_profile -framework security_cdsa_utilities,_profile -framework security_utilities,_profile";
+ PRODUCT_NAME = PIV;
+ VERSIONING_SYSTEM = "apple-generic";
+ WARNING_CFLAGS = (
+ "-Wmost",
+ "-Wno-four-char-constants",
+ "-Wno-unknown-pragmas",
+ );
+ WRAPPER_EXTENSION = tokend;
+ ZERO_LINK = NO;
+ };
+ name = Deployment;
+ };
+ C27AD2230987FCDC001272E0 /* Development */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ CONFIGURATION_BUILD_DIR = "$(BUILD_DIR)";
+ CONFIGURATION_TEMP_DIR = "$(PROJECT_TEMP_DIR)";
+ };
+ name = Development;
+ };
+ C27AD2240987FCDC001272E0 /* Deployment */ = {
+ isa = XCBuildConfiguration;
+ buildSettings = {
+ CONFIGURATION_BUILD_DIR = "$(BUILD_DIR)";
+ CONFIGURATION_TEMP_DIR = "$(PROJECT_TEMP_DIR)";
+ };
+ name = Deployment;
+ };
+/* End XCBuildConfiguration section */
+
+/* Begin XCConfigurationList section */
+ 5203890912B802BF007C4317 /* Build configuration list for PBXNativeTarget "CACNG" */ = {
+ isa = XCConfigurationList;
+ buildConfigurations = (
+ 5203890A12B802BF007C4317 /* Development */,
+ 5203890B12B802BF007C4317 /* Deployment */,
+ );
+ defaultConfigurationIsVisible = 0;
+ defaultConfigurationName = Deployment;
+ };
+ 52B260280BC5A864007E00F1 /* Build configuration list for PBXAggregateTarget "world" */ = {
+ isa = XCConfigurationList;
+ buildConfigurations = (
+ 52B260290BC5A864007E00F1 /* Development */,
+ 52B2602A0BC5A864007E00F1 /* Deployment */,
+ );
+ defaultConfigurationIsVisible = 0;
+ defaultConfigurationName = Deployment;
+ };
+ 52B260450BC5A864007E00F1 /* Build configuration list for PBXNativeTarget "libtokend" */ = {
+ isa = XCConfigurationList;
+ buildConfigurations = (
+ 52B260460BC5A864007E00F1 /* Development */,
+ 52B260470BC5A864007E00F1 /* Deployment */,
+ );
+ defaultConfigurationIsVisible = 0;
+ defaultConfigurationName = Deployment;
+ };
+ 52B2605D0BC5A864007E00F1 /* Build configuration list for PBXNativeTarget "tokend" */ = {
+ isa = XCConfigurationList;
+ buildConfigurations = (
+ 52B2605E0BC5A864007E00F1 /* Development */,
+ 52B2605F0BC5A864007E00F1 /* Deployment */,
+ );
+ defaultConfigurationIsVisible = 0;
+ defaultConfigurationName = Deployment;
+ };
+ 52B260760BC5A864007E00F1 /* Build configuration list for PBXNativeTarget "BELPIC" */ = {
+ isa = XCConfigurationList;
+ buildConfigurations = (
+ 52B260770BC5A864007E00F1 /* Development */,
+ 52B260780BC5A864007E00F1 /* Deployment */,
+ );
+ defaultConfigurationIsVisible = 0;
+ defaultConfigurationName = Deployment;
+ };
+ 52B260910BC5A864007E00F1 /* Build configuration list for PBXNativeTarget "CAC" */ = {
+ isa = XCConfigurationList;
+ buildConfigurations = (
+ 52B260920BC5A864007E00F1 /* Development */,
+ 52B260930BC5A864007E00F1 /* Deployment */,
+ );
+ defaultConfigurationIsVisible = 0;
+ defaultConfigurationName = Deployment;
+ };
+ 52B260B30BC5A864007E00F1 /* Build configuration list for PBXNativeTarget "MuscleCard" */ = {
+ isa = XCConfigurationList;
+ buildConfigurations = (
+ 52B260B40BC5A864007E00F1 /* Development */,
+ 52B260B50BC5A864007E00F1 /* Deployment */,
+ );
+ defaultConfigurationIsVisible = 0;
+ defaultConfigurationName = Deployment;
+ };
+ 52B260CF0BC5A864007E00F1 /* Build configuration list for PBXNativeTarget "PIV" */ = {
+ isa = XCConfigurationList;
+ buildConfigurations = (
+ 52B260D00BC5A864007E00F1 /* Development */,
+ 52B260D10BC5A864007E00F1 /* Deployment */,
+ );
+ defaultConfigurationIsVisible = 0;
+ defaultConfigurationName = Deployment;
+ };
+ C27AD2220987FCDC001272E0 /* Build configuration list for PBXProject "Tokend" */ = {
+ isa = XCConfigurationList;
+ buildConfigurations = (
+ C27AD2230987FCDC001272E0 /* Development */,
+ C27AD2240987FCDC001272E0 /* Deployment */,
+ );
+ defaultConfigurationIsVisible = 0;
+ defaultConfigurationName = Deployment;
+ };
+/* End XCConfigurationList section */
+ };
+ rootObject = 08FB7793FE84155DC02AAC07 /* Project object */;
+}
Added: releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/project.xcworkspace/contents.xcworkspacedata
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/project.xcworkspace/contents.xcworkspacedata (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/project.xcworkspace/contents.xcworkspacedata 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Workspace
+ version = "1.0">
+ <FileRef
+ location = "self:Tokend.xcodeproj">
+ </FileRef>
+</Workspace>
Added: releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/project.xcworkspace/xcuserdata/geddis.xcuserdatad/UserInterfaceState.xcuserstate
===================================================================
(Binary files differ)
Property changes on: releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/project.xcworkspace/xcuserdata/geddis.xcuserdatad/UserInterfaceState.xcuserstate
___________________________________________________________________
Added: svn:mime-type
+ application/octet-stream
Added: releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/xcuserdata/geddis.xcuserdatad/xcschemes/BELPIC.xcscheme
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/xcuserdata/geddis.xcuserdatad/xcschemes/BELPIC.xcscheme (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/xcuserdata/geddis.xcuserdatad/xcschemes/BELPIC.xcscheme 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,86 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Scheme
+ version = "1.3">
+ <BuildAction
+ parallelizeBuildables = "YES"
+ buildImplicitDependencies = "YES">
+ <BuildActionEntries>
+ <BuildActionEntry
+ buildForTesting = "YES"
+ buildForRunning = "YES"
+ buildForProfiling = "YES"
+ buildForArchiving = "YES"
+ buildForAnalyzing = "YES">
+ <BuildableReference
+ BuildableIdentifier = "primary"
+ BlueprintIdentifier = "52B260640BC5A864007E00F1"
+ BuildableName = "BELPIC.tokend"
+ BlueprintName = "BELPIC"
+ ReferencedContainer = "container:Tokend.xcodeproj">
+ </BuildableReference>
+ </BuildActionEntry>
+ </BuildActionEntries>
+ </BuildAction>
+ <TestAction
+ selectedDebuggerIdentifier = "Xcode.DebuggerFoundation.Debugger.LLDB"
+ selectedLauncherIdentifier = "Xcode.DebuggerFoundation.Launcher.LLDB"
+ shouldUseLaunchSchemeArgsEnv = "YES"
+ buildConfiguration = "Development">
+ <Testables>
+ </Testables>
+ <MacroExpansion>
+ <BuildableReference
+ BuildableIdentifier = "primary"
+ BlueprintIdentifier = "52B260640BC5A864007E00F1"
+ BuildableName = "BELPIC.tokend"
+ BlueprintName = "BELPIC"
+ ReferencedContainer = "container:Tokend.xcodeproj">
+ </BuildableReference>
+ </MacroExpansion>
+ </TestAction>
+ <LaunchAction
+ selectedDebuggerIdentifier = "Xcode.DebuggerFoundation.Debugger.LLDB"
+ selectedLauncherIdentifier = "Xcode.DebuggerFoundation.Launcher.LLDB"
+ debugProcessAsUID = "4294967295"
+ launchStyle = "0"
+ useCustomWorkingDirectory = "NO"
+ buildConfiguration = "Development"
+ ignoresPersistentStateOnLaunch = "NO"
+ debugDocumentVersioning = "YES"
+ allowLocationSimulation = "YES">
+ <BuildableProductRunnable>
+ <BuildableReference
+ BuildableIdentifier = "primary"
+ BlueprintIdentifier = "52B260640BC5A864007E00F1"
+ BuildableName = "BELPIC.tokend"
+ BlueprintName = "BELPIC"
+ ReferencedContainer = "container:Tokend.xcodeproj">
+ </BuildableReference>
+ </BuildableProductRunnable>
+ <AdditionalOptions>
+ </AdditionalOptions>
+ </LaunchAction>
+ <ProfileAction
+ shouldUseLaunchSchemeArgsEnv = "YES"
+ savedToolIdentifier = ""
+ useCustomWorkingDirectory = "NO"
+ buildConfiguration = "Deployment"
+ debugDocumentVersioning = "YES">
+ <BuildableProductRunnable>
+ <BuildableReference
+ BuildableIdentifier = "primary"
+ BlueprintIdentifier = "52B260640BC5A864007E00F1"
+ BuildableName = "BELPIC.tokend"
+ BlueprintName = "BELPIC"
+ ReferencedContainer = "container:Tokend.xcodeproj">
+ </BuildableReference>
+ </BuildableProductRunnable>
+ </ProfileAction>
+ <AnalyzeAction
+ buildConfiguration = "Development">
+ </AnalyzeAction>
+ <ArchiveAction
+ buildConfiguration = "Deployment"
+ revealArchiveInOrganizer = "YES">
+ </ArchiveAction>
+</Scheme>
Added: releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/xcuserdata/geddis.xcuserdatad/xcschemes/CAC.xcscheme
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/xcuserdata/geddis.xcuserdatad/xcschemes/CAC.xcscheme (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/xcuserdata/geddis.xcuserdatad/xcschemes/CAC.xcscheme 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,86 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Scheme
+ version = "1.3">
+ <BuildAction
+ parallelizeBuildables = "YES"
+ buildImplicitDependencies = "YES">
+ <BuildActionEntries>
+ <BuildActionEntry
+ buildForTesting = "YES"
+ buildForRunning = "YES"
+ buildForProfiling = "YES"
+ buildForArchiving = "YES"
+ buildForAnalyzing = "YES">
+ <BuildableReference
+ BuildableIdentifier = "primary"
+ BlueprintIdentifier = "52B2607D0BC5A864007E00F1"
+ BuildableName = "CAC.tokend"
+ BlueprintName = "CAC"
+ ReferencedContainer = "container:Tokend.xcodeproj">
+ </BuildableReference>
+ </BuildActionEntry>
+ </BuildActionEntries>
+ </BuildAction>
+ <TestAction
+ selectedDebuggerIdentifier = "Xcode.DebuggerFoundation.Debugger.LLDB"
+ selectedLauncherIdentifier = "Xcode.DebuggerFoundation.Launcher.LLDB"
+ shouldUseLaunchSchemeArgsEnv = "YES"
+ buildConfiguration = "Development">
+ <Testables>
+ </Testables>
+ <MacroExpansion>
+ <BuildableReference
+ BuildableIdentifier = "primary"
+ BlueprintIdentifier = "52B2607D0BC5A864007E00F1"
+ BuildableName = "CAC.tokend"
+ BlueprintName = "CAC"
+ ReferencedContainer = "container:Tokend.xcodeproj">
+ </BuildableReference>
+ </MacroExpansion>
+ </TestAction>
+ <LaunchAction
+ selectedDebuggerIdentifier = "Xcode.DebuggerFoundation.Debugger.LLDB"
+ selectedLauncherIdentifier = "Xcode.DebuggerFoundation.Launcher.LLDB"
+ debugProcessAsUID = "4294967295"
+ launchStyle = "0"
+ useCustomWorkingDirectory = "NO"
+ buildConfiguration = "Development"
+ ignoresPersistentStateOnLaunch = "NO"
+ debugDocumentVersioning = "YES"
+ allowLocationSimulation = "YES">
+ <BuildableProductRunnable>
+ <BuildableReference
+ BuildableIdentifier = "primary"
+ BlueprintIdentifier = "52B2607D0BC5A864007E00F1"
+ BuildableName = "CAC.tokend"
+ BlueprintName = "CAC"
+ ReferencedContainer = "container:Tokend.xcodeproj">
+ </BuildableReference>
+ </BuildableProductRunnable>
+ <AdditionalOptions>
+ </AdditionalOptions>
+ </LaunchAction>
+ <ProfileAction
+ shouldUseLaunchSchemeArgsEnv = "YES"
+ savedToolIdentifier = ""
+ useCustomWorkingDirectory = "NO"
+ buildConfiguration = "Deployment"
+ debugDocumentVersioning = "YES">
+ <BuildableProductRunnable>
+ <BuildableReference
+ BuildableIdentifier = "primary"
+ BlueprintIdentifier = "52B2607D0BC5A864007E00F1"
+ BuildableName = "CAC.tokend"
+ BlueprintName = "CAC"
+ ReferencedContainer = "container:Tokend.xcodeproj">
+ </BuildableReference>
+ </BuildableProductRunnable>
+ </ProfileAction>
+ <AnalyzeAction
+ buildConfiguration = "Development">
+ </AnalyzeAction>
+ <ArchiveAction
+ buildConfiguration = "Deployment"
+ revealArchiveInOrganizer = "YES">
+ </ArchiveAction>
+</Scheme>
Added: releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/xcuserdata/geddis.xcuserdatad/xcschemes/CACNG.xcscheme
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/xcuserdata/geddis.xcuserdatad/xcschemes/CACNG.xcscheme (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/xcuserdata/geddis.xcuserdatad/xcschemes/CACNG.xcscheme 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,86 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Scheme
+ version = "1.3">
+ <BuildAction
+ parallelizeBuildables = "YES"
+ buildImplicitDependencies = "YES">
+ <BuildActionEntries>
+ <BuildActionEntry
+ buildForTesting = "YES"
+ buildForRunning = "YES"
+ buildForProfiling = "YES"
+ buildForArchiving = "YES"
+ buildForAnalyzing = "YES">
+ <BuildableReference
+ BuildableIdentifier = "primary"
+ BlueprintIdentifier = "520388F512B802BF007C4317"
+ BuildableName = "CACNG.tokend"
+ BlueprintName = "CACNG"
+ ReferencedContainer = "container:Tokend.xcodeproj">
+ </BuildableReference>
+ </BuildActionEntry>
+ </BuildActionEntries>
+ </BuildAction>
+ <TestAction
+ selectedDebuggerIdentifier = "Xcode.DebuggerFoundation.Debugger.LLDB"
+ selectedLauncherIdentifier = "Xcode.DebuggerFoundation.Launcher.LLDB"
+ shouldUseLaunchSchemeArgsEnv = "YES"
+ buildConfiguration = "Development">
+ <Testables>
+ </Testables>
+ <MacroExpansion>
+ <BuildableReference
+ BuildableIdentifier = "primary"
+ BlueprintIdentifier = "520388F512B802BF007C4317"
+ BuildableName = "CACNG.tokend"
+ BlueprintName = "CACNG"
+ ReferencedContainer = "container:Tokend.xcodeproj">
+ </BuildableReference>
+ </MacroExpansion>
+ </TestAction>
+ <LaunchAction
+ selectedDebuggerIdentifier = "Xcode.DebuggerFoundation.Debugger.LLDB"
+ selectedLauncherIdentifier = "Xcode.DebuggerFoundation.Launcher.LLDB"
+ debugProcessAsUID = "4294967295"
+ launchStyle = "0"
+ useCustomWorkingDirectory = "NO"
+ buildConfiguration = "Development"
+ ignoresPersistentStateOnLaunch = "NO"
+ debugDocumentVersioning = "YES"
+ allowLocationSimulation = "YES">
+ <BuildableProductRunnable>
+ <BuildableReference
+ BuildableIdentifier = "primary"
+ BlueprintIdentifier = "520388F512B802BF007C4317"
+ BuildableName = "CACNG.tokend"
+ BlueprintName = "CACNG"
+ ReferencedContainer = "container:Tokend.xcodeproj">
+ </BuildableReference>
+ </BuildableProductRunnable>
+ <AdditionalOptions>
+ </AdditionalOptions>
+ </LaunchAction>
+ <ProfileAction
+ shouldUseLaunchSchemeArgsEnv = "YES"
+ savedToolIdentifier = ""
+ useCustomWorkingDirectory = "NO"
+ buildConfiguration = "Deployment"
+ debugDocumentVersioning = "YES">
+ <BuildableProductRunnable>
+ <BuildableReference
+ BuildableIdentifier = "primary"
+ BlueprintIdentifier = "520388F512B802BF007C4317"
+ BuildableName = "CACNG.tokend"
+ BlueprintName = "CACNG"
+ ReferencedContainer = "container:Tokend.xcodeproj">
+ </BuildableReference>
+ </BuildableProductRunnable>
+ </ProfileAction>
+ <AnalyzeAction
+ buildConfiguration = "Development">
+ </AnalyzeAction>
+ <ArchiveAction
+ buildConfiguration = "Deployment"
+ revealArchiveInOrganizer = "YES">
+ </ArchiveAction>
+</Scheme>
Added: releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/xcuserdata/geddis.xcuserdatad/xcschemes/MuscleCard.xcscheme
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/xcuserdata/geddis.xcuserdatad/xcschemes/MuscleCard.xcscheme (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/xcuserdata/geddis.xcuserdatad/xcschemes/MuscleCard.xcscheme 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,86 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Scheme
+ version = "1.3">
+ <BuildAction
+ parallelizeBuildables = "YES"
+ buildImplicitDependencies = "YES">
+ <BuildActionEntries>
+ <BuildActionEntry
+ buildForTesting = "YES"
+ buildForRunning = "YES"
+ buildForProfiling = "YES"
+ buildForArchiving = "YES"
+ buildForAnalyzing = "YES">
+ <BuildableReference
+ BuildableIdentifier = "primary"
+ BlueprintIdentifier = "52B260980BC5A864007E00F1"
+ BuildableName = "MuscleCard.tokend"
+ BlueprintName = "MuscleCard"
+ ReferencedContainer = "container:Tokend.xcodeproj">
+ </BuildableReference>
+ </BuildActionEntry>
+ </BuildActionEntries>
+ </BuildAction>
+ <TestAction
+ selectedDebuggerIdentifier = "Xcode.DebuggerFoundation.Debugger.LLDB"
+ selectedLauncherIdentifier = "Xcode.DebuggerFoundation.Launcher.LLDB"
+ shouldUseLaunchSchemeArgsEnv = "YES"
+ buildConfiguration = "Development">
+ <Testables>
+ </Testables>
+ <MacroExpansion>
+ <BuildableReference
+ BuildableIdentifier = "primary"
+ BlueprintIdentifier = "52B260980BC5A864007E00F1"
+ BuildableName = "MuscleCard.tokend"
+ BlueprintName = "MuscleCard"
+ ReferencedContainer = "container:Tokend.xcodeproj">
+ </BuildableReference>
+ </MacroExpansion>
+ </TestAction>
+ <LaunchAction
+ selectedDebuggerIdentifier = "Xcode.DebuggerFoundation.Debugger.LLDB"
+ selectedLauncherIdentifier = "Xcode.DebuggerFoundation.Launcher.LLDB"
+ debugProcessAsUID = "4294967295"
+ launchStyle = "0"
+ useCustomWorkingDirectory = "NO"
+ buildConfiguration = "Development"
+ ignoresPersistentStateOnLaunch = "NO"
+ debugDocumentVersioning = "YES"
+ allowLocationSimulation = "YES">
+ <BuildableProductRunnable>
+ <BuildableReference
+ BuildableIdentifier = "primary"
+ BlueprintIdentifier = "52B260980BC5A864007E00F1"
+ BuildableName = "MuscleCard.tokend"
+ BlueprintName = "MuscleCard"
+ ReferencedContainer = "container:Tokend.xcodeproj">
+ </BuildableReference>
+ </BuildableProductRunnable>
+ <AdditionalOptions>
+ </AdditionalOptions>
+ </LaunchAction>
+ <ProfileAction
+ shouldUseLaunchSchemeArgsEnv = "YES"
+ savedToolIdentifier = ""
+ useCustomWorkingDirectory = "NO"
+ buildConfiguration = "Deployment"
+ debugDocumentVersioning = "YES">
+ <BuildableProductRunnable>
+ <BuildableReference
+ BuildableIdentifier = "primary"
+ BlueprintIdentifier = "52B260980BC5A864007E00F1"
+ BuildableName = "MuscleCard.tokend"
+ BlueprintName = "MuscleCard"
+ ReferencedContainer = "container:Tokend.xcodeproj">
+ </BuildableReference>
+ </BuildableProductRunnable>
+ </ProfileAction>
+ <AnalyzeAction
+ buildConfiguration = "Development">
+ </AnalyzeAction>
+ <ArchiveAction
+ buildConfiguration = "Deployment"
+ revealArchiveInOrganizer = "YES">
+ </ArchiveAction>
+</Scheme>
Added: releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/xcuserdata/geddis.xcuserdatad/xcschemes/PIV.xcscheme
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/xcuserdata/geddis.xcuserdatad/xcschemes/PIV.xcscheme (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/xcuserdata/geddis.xcuserdatad/xcschemes/PIV.xcscheme 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,86 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Scheme
+ version = "1.3">
+ <BuildAction
+ parallelizeBuildables = "YES"
+ buildImplicitDependencies = "YES">
+ <BuildActionEntries>
+ <BuildActionEntry
+ buildForTesting = "YES"
+ buildForRunning = "YES"
+ buildForProfiling = "YES"
+ buildForArchiving = "YES"
+ buildForAnalyzing = "YES">
+ <BuildableReference
+ BuildableIdentifier = "primary"
+ BlueprintIdentifier = "52B260BA0BC5A864007E00F1"
+ BuildableName = "PIV.tokend"
+ BlueprintName = "PIV"
+ ReferencedContainer = "container:Tokend.xcodeproj">
+ </BuildableReference>
+ </BuildActionEntry>
+ </BuildActionEntries>
+ </BuildAction>
+ <TestAction
+ selectedDebuggerIdentifier = "Xcode.DebuggerFoundation.Debugger.LLDB"
+ selectedLauncherIdentifier = "Xcode.DebuggerFoundation.Launcher.LLDB"
+ shouldUseLaunchSchemeArgsEnv = "YES"
+ buildConfiguration = "Development">
+ <Testables>
+ </Testables>
+ <MacroExpansion>
+ <BuildableReference
+ BuildableIdentifier = "primary"
+ BlueprintIdentifier = "52B260BA0BC5A864007E00F1"
+ BuildableName = "PIV.tokend"
+ BlueprintName = "PIV"
+ ReferencedContainer = "container:Tokend.xcodeproj">
+ </BuildableReference>
+ </MacroExpansion>
+ </TestAction>
+ <LaunchAction
+ selectedDebuggerIdentifier = "Xcode.DebuggerFoundation.Debugger.LLDB"
+ selectedLauncherIdentifier = "Xcode.DebuggerFoundation.Launcher.LLDB"
+ debugProcessAsUID = "4294967295"
+ launchStyle = "0"
+ useCustomWorkingDirectory = "NO"
+ buildConfiguration = "Development"
+ ignoresPersistentStateOnLaunch = "NO"
+ debugDocumentVersioning = "YES"
+ allowLocationSimulation = "YES">
+ <BuildableProductRunnable>
+ <BuildableReference
+ BuildableIdentifier = "primary"
+ BlueprintIdentifier = "52B260BA0BC5A864007E00F1"
+ BuildableName = "PIV.tokend"
+ BlueprintName = "PIV"
+ ReferencedContainer = "container:Tokend.xcodeproj">
+ </BuildableReference>
+ </BuildableProductRunnable>
+ <AdditionalOptions>
+ </AdditionalOptions>
+ </LaunchAction>
+ <ProfileAction
+ shouldUseLaunchSchemeArgsEnv = "YES"
+ savedToolIdentifier = ""
+ useCustomWorkingDirectory = "NO"
+ buildConfiguration = "Deployment"
+ debugDocumentVersioning = "YES">
+ <BuildableProductRunnable>
+ <BuildableReference
+ BuildableIdentifier = "primary"
+ BlueprintIdentifier = "52B260BA0BC5A864007E00F1"
+ BuildableName = "PIV.tokend"
+ BlueprintName = "PIV"
+ ReferencedContainer = "container:Tokend.xcodeproj">
+ </BuildableReference>
+ </BuildableProductRunnable>
+ </ProfileAction>
+ <AnalyzeAction
+ buildConfiguration = "Development">
+ </AnalyzeAction>
+ <ArchiveAction
+ buildConfiguration = "Deployment"
+ revealArchiveInOrganizer = "YES">
+ </ArchiveAction>
+</Scheme>
Added: releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/xcuserdata/geddis.xcuserdatad/xcschemes/libtokend.xcscheme
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/xcuserdata/geddis.xcuserdatad/xcschemes/libtokend.xcscheme (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/xcuserdata/geddis.xcuserdatad/xcschemes/libtokend.xcscheme 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,59 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Scheme
+ version = "1.3">
+ <BuildAction
+ parallelizeBuildables = "YES"
+ buildImplicitDependencies = "YES">
+ <BuildActionEntries>
+ <BuildActionEntry
+ buildForTesting = "YES"
+ buildForRunning = "YES"
+ buildForProfiling = "YES"
+ buildForArchiving = "YES"
+ buildForAnalyzing = "YES">
+ <BuildableReference
+ BuildableIdentifier = "primary"
+ BlueprintIdentifier = "52B2602D0BC5A864007E00F1"
+ BuildableName = "libtokend.a"
+ BlueprintName = "libtokend"
+ ReferencedContainer = "container:Tokend.xcodeproj">
+ </BuildableReference>
+ </BuildActionEntry>
+ </BuildActionEntries>
+ </BuildAction>
+ <TestAction
+ selectedDebuggerIdentifier = "Xcode.DebuggerFoundation.Debugger.LLDB"
+ selectedLauncherIdentifier = "Xcode.DebuggerFoundation.Launcher.LLDB"
+ shouldUseLaunchSchemeArgsEnv = "YES"
+ buildConfiguration = "Development">
+ <Testables>
+ </Testables>
+ </TestAction>
+ <LaunchAction
+ selectedDebuggerIdentifier = "Xcode.DebuggerFoundation.Debugger.LLDB"
+ selectedLauncherIdentifier = "Xcode.DebuggerFoundation.Launcher.LLDB"
+ debugProcessAsUID = "4294967295"
+ launchStyle = "0"
+ useCustomWorkingDirectory = "NO"
+ buildConfiguration = "Development"
+ ignoresPersistentStateOnLaunch = "NO"
+ debugDocumentVersioning = "YES"
+ allowLocationSimulation = "YES">
+ <AdditionalOptions>
+ </AdditionalOptions>
+ </LaunchAction>
+ <ProfileAction
+ shouldUseLaunchSchemeArgsEnv = "YES"
+ savedToolIdentifier = ""
+ useCustomWorkingDirectory = "NO"
+ buildConfiguration = "Deployment"
+ debugDocumentVersioning = "YES">
+ </ProfileAction>
+ <AnalyzeAction
+ buildConfiguration = "Development">
+ </AnalyzeAction>
+ <ArchiveAction
+ buildConfiguration = "Deployment"
+ revealArchiveInOrganizer = "YES">
+ </ArchiveAction>
+</Scheme>
Added: releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/xcuserdata/geddis.xcuserdatad/xcschemes/tokend.xcscheme
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/xcuserdata/geddis.xcuserdatad/xcschemes/tokend.xcscheme (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/xcuserdata/geddis.xcuserdatad/xcschemes/tokend.xcscheme 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,59 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Scheme
+ version = "1.3">
+ <BuildAction
+ parallelizeBuildables = "YES"
+ buildImplicitDependencies = "YES">
+ <BuildActionEntries>
+ <BuildActionEntry
+ buildForTesting = "YES"
+ buildForRunning = "YES"
+ buildForProfiling = "YES"
+ buildForArchiving = "YES"
+ buildForAnalyzing = "YES">
+ <BuildableReference
+ BuildableIdentifier = "primary"
+ BlueprintIdentifier = "52B2604B0BC5A864007E00F1"
+ BuildableName = "tokend.framework"
+ BlueprintName = "tokend"
+ ReferencedContainer = "container:Tokend.xcodeproj">
+ </BuildableReference>
+ </BuildActionEntry>
+ </BuildActionEntries>
+ </BuildAction>
+ <TestAction
+ selectedDebuggerIdentifier = "Xcode.DebuggerFoundation.Debugger.LLDB"
+ selectedLauncherIdentifier = "Xcode.DebuggerFoundation.Launcher.LLDB"
+ shouldUseLaunchSchemeArgsEnv = "YES"
+ buildConfiguration = "Development">
+ <Testables>
+ </Testables>
+ </TestAction>
+ <LaunchAction
+ selectedDebuggerIdentifier = "Xcode.DebuggerFoundation.Debugger.LLDB"
+ selectedLauncherIdentifier = "Xcode.DebuggerFoundation.Launcher.LLDB"
+ debugProcessAsUID = "4294967295"
+ launchStyle = "0"
+ useCustomWorkingDirectory = "NO"
+ buildConfiguration = "Development"
+ ignoresPersistentStateOnLaunch = "NO"
+ debugDocumentVersioning = "YES"
+ allowLocationSimulation = "YES">
+ <AdditionalOptions>
+ </AdditionalOptions>
+ </LaunchAction>
+ <ProfileAction
+ shouldUseLaunchSchemeArgsEnv = "YES"
+ savedToolIdentifier = ""
+ useCustomWorkingDirectory = "NO"
+ buildConfiguration = "Deployment"
+ debugDocumentVersioning = "YES">
+ </ProfileAction>
+ <AnalyzeAction
+ buildConfiguration = "Development">
+ </AnalyzeAction>
+ <ArchiveAction
+ buildConfiguration = "Deployment"
+ revealArchiveInOrganizer = "YES">
+ </ArchiveAction>
+</Scheme>
Added: releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/xcuserdata/geddis.xcuserdatad/xcschemes/world.xcscheme
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/xcuserdata/geddis.xcuserdatad/xcschemes/world.xcscheme (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/xcuserdata/geddis.xcuserdatad/xcschemes/world.xcscheme 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,59 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<Scheme
+ version = "1.3">
+ <BuildAction
+ parallelizeBuildables = "YES"
+ buildImplicitDependencies = "YES">
+ <BuildActionEntries>
+ <BuildActionEntry
+ buildForTesting = "YES"
+ buildForRunning = "YES"
+ buildForProfiling = "YES"
+ buildForArchiving = "YES"
+ buildForAnalyzing = "YES">
+ <BuildableReference
+ BuildableIdentifier = "primary"
+ BlueprintIdentifier = "52B2601F0BC5A864007E00F1"
+ BuildableName = "world"
+ BlueprintName = "world"
+ ReferencedContainer = "container:Tokend.xcodeproj">
+ </BuildableReference>
+ </BuildActionEntry>
+ </BuildActionEntries>
+ </BuildAction>
+ <TestAction
+ selectedDebuggerIdentifier = "Xcode.DebuggerFoundation.Debugger.LLDB"
+ selectedLauncherIdentifier = "Xcode.DebuggerFoundation.Launcher.LLDB"
+ shouldUseLaunchSchemeArgsEnv = "YES"
+ buildConfiguration = "Development">
+ <Testables>
+ </Testables>
+ </TestAction>
+ <LaunchAction
+ selectedDebuggerIdentifier = "Xcode.DebuggerFoundation.Debugger.LLDB"
+ selectedLauncherIdentifier = "Xcode.DebuggerFoundation.Launcher.LLDB"
+ debugProcessAsUID = "4294967295"
+ launchStyle = "0"
+ useCustomWorkingDirectory = "NO"
+ buildConfiguration = "Development"
+ ignoresPersistentStateOnLaunch = "NO"
+ debugDocumentVersioning = "YES"
+ allowLocationSimulation = "YES">
+ <AdditionalOptions>
+ </AdditionalOptions>
+ </LaunchAction>
+ <ProfileAction
+ shouldUseLaunchSchemeArgsEnv = "YES"
+ savedToolIdentifier = ""
+ useCustomWorkingDirectory = "NO"
+ buildConfiguration = "Deployment"
+ debugDocumentVersioning = "YES">
+ </ProfileAction>
+ <AnalyzeAction
+ buildConfiguration = "Development">
+ </AnalyzeAction>
+ <ArchiveAction
+ buildConfiguration = "Deployment"
+ revealArchiveInOrganizer = "YES">
+ </ArchiveAction>
+</Scheme>
Added: releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/xcuserdata/geddis.xcuserdatad/xcschemes/xcschememanagement.plist
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/xcuserdata/geddis.xcuserdatad/xcschemes/xcschememanagement.plist (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/Tokend.xcodeproj/xcuserdata/geddis.xcuserdatad/xcschemes/xcschememanagement.plist 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,92 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+ <key>SchemeUserState</key>
+ <dict>
+ <key>BELPIC.xcscheme</key>
+ <dict>
+ <key>orderHint</key>
+ <integer>4</integer>
+ </dict>
+ <key>CAC.xcscheme</key>
+ <dict>
+ <key>orderHint</key>
+ <integer>3</integer>
+ </dict>
+ <key>CACNG.xcscheme</key>
+ <dict>
+ <key>orderHint</key>
+ <integer>6</integer>
+ </dict>
+ <key>MuscleCard.xcscheme</key>
+ <dict>
+ <key>orderHint</key>
+ <integer>5</integer>
+ </dict>
+ <key>PIV.xcscheme</key>
+ <dict>
+ <key>orderHint</key>
+ <integer>0</integer>
+ </dict>
+ <key>libtokend.xcscheme</key>
+ <dict>
+ <key>orderHint</key>
+ <integer>7</integer>
+ </dict>
+ <key>tokend.xcscheme</key>
+ <dict>
+ <key>orderHint</key>
+ <integer>2</integer>
+ </dict>
+ <key>world.xcscheme</key>
+ <dict>
+ <key>orderHint</key>
+ <integer>1</integer>
+ </dict>
+ </dict>
+ <key>SuppressBuildableAutocreation</key>
+ <dict>
+ <key>520388F512B802BF007C4317</key>
+ <dict>
+ <key>primary</key>
+ <true/>
+ </dict>
+ <key>52B2601F0BC5A864007E00F1</key>
+ <dict>
+ <key>primary</key>
+ <true/>
+ </dict>
+ <key>52B2602D0BC5A864007E00F1</key>
+ <dict>
+ <key>primary</key>
+ <true/>
+ </dict>
+ <key>52B2604B0BC5A864007E00F1</key>
+ <dict>
+ <key>primary</key>
+ <true/>
+ </dict>
+ <key>52B260640BC5A864007E00F1</key>
+ <dict>
+ <key>primary</key>
+ <true/>
+ </dict>
+ <key>52B2607D0BC5A864007E00F1</key>
+ <dict>
+ <key>primary</key>
+ <true/>
+ </dict>
+ <key>52B260980BC5A864007E00F1</key>
+ <dict>
+ <key>primary</key>
+ <true/>
+ </dict>
+ <key>52B260BA0BC5A864007E00F1</key>
+ <dict>
+ <key>primary</key>
+ <true/>
+ </dict>
+ </dict>
+</dict>
+</plist>
Added: releases/Apple/OSX-10.6.7/Tokend-40596/testcms.sh
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/testcms.sh (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/testcms.sh 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,49 @@
+#!/bin/sh
+
+# usage: point LOCAL_BUILD_DIR to your build folder, insert a card
+# and run this script
+
+echo $PATH | fgrep -q "${LOCAL_BUILD_DIR}:" || PATH=${LOCAL_BUILD_DIR}:$PATH
+SECURITY=`which security`
+HOME=/tmp/test$$
+export HOME
+
+mkdir $HOME
+cd $HOME
+mkdir Library
+mkdir Library/Preferences
+mkdir Library/Keychains
+
+echo Creating a login.keychain
+$SECURITY create -p login login.keychain
+echo "listing keychains"
+$SECURITY list-keychains
+echo "listing default keychain"
+$SECURITY default-keychain
+
+echo "Looking for the email address of the first certificate on the card"
+if [ "x$EMAIL" == "x" ]; then
+ EMAIL=`$SECURITY find-certificate | awk -F = '/\"alis\"<blob>/ { addr=$2; gsub(/\"/, "", addr); print addr }'`
+ if [ "x$EMAIL" == "x" ]; then
+ echo "No certificate with an email address found."
+ exit 1
+ fi
+fi
+echo "Email addres found: <$EMAIL>"
+
+echo "CONTENT: The secret and possibly signed content." > content.txt
+
+echo "Creating a signed cms message."
+$SECURITY cms -S -N "$EMAIL" -i content.txt -o signed.cms
+echo "Verifying the signed cms message."
+$SECURITY cms -D -i signed.cms -h0
+
+echo "Creating an encrypted cms message."
+$SECURITY cms -E -r "$EMAIL" -i content.txt -o encrypted.cms
+echo "Decrypting the message."
+$SECURITY cms -D -i encrypted.cms
+
+#echo "Exporting the identity to pkcs12."
+#$SECURITY export -f pkcs12 -t identities -p -P testcms -o identity.p12
+
+# arch-tag: D00EE88A-08E5-11D9-B1C3-000A9595DEEE
Added: releases/Apple/OSX-10.6.7/Tokend-40596/testssl.sh
===================================================================
--- releases/Apple/OSX-10.6.7/Tokend-40596/testssl.sh (rev 0)
+++ releases/Apple/OSX-10.6.7/Tokend-40596/testssl.sh 2012-08-24 22:12:18 UTC (rev 150)
@@ -0,0 +1,28 @@
+#!/bin/sh
+
+SECURITY=${SECURITY:=security}
+EMAIL=${EMAIL:=$USER at apple.com}
+SSLVIEW=${SSLVIEW:=sslViewer}
+SERVER=${SERVER:=hurljo3.apple.com}
+HOME=/tmp/test$$
+
+mkdir $HOME
+cd $HOME
+mkdir Library
+mkdir Library/Preferences
+mkdir Library/Keychains
+
+echo Creating a login.keychain
+$SECURITY create -p login login.keychain
+echo "listing keychains"
+$SECURITY list-keychains
+echo "listing default keychain"
+$SECURITY default-keychain
+
+echo "CONTENT: The secret and possibly signed content." > content.txt
+
+echo "Connecting to SSL Test server " $SERVER
+$SSLVIEW $SERVER r c P=4443 V 3 a
+
+# arch-tag: 51571215-09B6-11D9-8D4F-000A95C4302E
+
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/smartcardservices-changes/attachments/20120824/0a3cadbe/attachment-0001.html>
More information about the SmartcardServices-Changes
mailing list