Coverage Report

Created: 2022-07-22 12:05

/libfido2/src/pcsc.c
Line
Count
Source (jump to first uncovered line)
1
/*
2
 * Copyright (c) 2022 Micro Focus or one of its affiliates.
3
 * Copyright (c) 2022 Yubico AB. All rights reserved.
4
 * Use of this source code is governed by a BSD-style
5
 * license that can be found in the LICENSE file.
6
 */
7
8
#if __APPLE__
9
#include <PCSC/wintypes.h>
10
#include <PCSC/winscard.h>
11
#else
12
#include <winscard.h>
13
#endif /* __APPLE__ */
14
15
#include <errno.h>
16
17
#include "fido.h"
18
#include "fido/param.h"
19
#include "iso7816.h"
20
21
#if defined(_WIN32) && !defined(__MINGW32__)
22
#define SCardConnect SCardConnectA
23
#define SCardListReaders SCardListReadersA
24
#endif
25
26
#ifndef SCARD_PROTOCOL_Tx
27
2.96k
#define SCARD_PROTOCOL_Tx SCARD_PROTOCOL_ANY
28
#endif
29
30
9.10k
#define BUFSIZE 1024        /* in bytes; passed to SCardListReaders() */
31
#define APDULEN 264     /* 261 rounded up to the nearest multiple of 8 */
32
3.59k
#define READERS 8        /* maximum number of readers */
33
34
struct pcsc {
35
        SCARDCONTEXT     ctx;
36
        SCARDHANDLE      h;
37
        SCARD_IO_REQUEST req;
38
        uint8_t          rx_buf[APDULEN];
39
        size_t           rx_len;
40
};
41
42
static LONG
43
list_readers(SCARDCONTEXT ctx, char **buf)
44
3.75k
{
45
3.75k
        LONG s;
46
3.75k
        DWORD len;
47
48
3.75k
        len = BUFSIZE;
49
3.75k
        if ((*buf = calloc(1, len)) == NULL)
50
16
                goto fail;
51
3.73k
        if ((s = SCardListReaders(ctx, NULL, *buf, &len)) != SCARD_S_SUCCESS) {
52
1.06k
                fido_log_debug("%s: SCardListReaders 0x%lx", __func__, (long)s);
53
1.06k
                goto fail;
54
1.06k
        }
55
        /* sanity check "multi-string" */
56
2.67k
        if (len > BUFSIZE || len < 2) {
57
241
                fido_log_debug("%s: bogus len=%u", __func__, (unsigned)len);
58
241
                goto fail;
59
241
        }
60
2.43k
        if ((*buf)[len - 1] != 0 || (*buf)[len - 2] != '\0') {
61
66
                fido_log_debug("%s: bogus buf", __func__);
62
66
                goto fail;
63
66
        }
64
2.36k
        return (LONG)SCARD_S_SUCCESS;
65
1.38k
fail:
66
1.38k
        free(*buf);
67
1.38k
        *buf = NULL;
68
69
1.38k
        return (LONG)SCARD_E_NO_READERS_AVAILABLE;
70
2.43k
}
71
72
static char *
73
get_reader(SCARDCONTEXT ctx, const char *path)
74
4.67k
{
75
4.67k
        char *reader = NULL, *buf = NULL;
76
4.67k
        const char prefix[] = FIDO_PCSC_PREFIX "//slot";
77
4.67k
        uint64_t n;
78
79
4.67k
        if (path == NULL)
80
731
                goto out;
81
3.94k
        if (strncmp(path, prefix, strlen(prefix)) != 0 ||
82
3.94k
            fido_to_uint64(path + strlen(prefix), 10, &n) < 0 ||
83
3.94k
            n > READERS - 1) {
84
1.94k
                fido_log_debug("%s: invalid path %s", __func__, path);
85
1.94k
                goto out;
86
1.94k
        }
87
2.00k
        if (list_readers(ctx, &buf) != SCARD_S_SUCCESS) {
88
87
                fido_log_debug("%s: list_readers", __func__);
89
87
                goto out;
90
87
        }
91
4.62k
        for (const char *name = buf; *name != 0; name += strlen(name) + 1) {
92
4.57k
                if (n == 0) {
93
1.86k
                        reader = strdup(name);
94
1.86k
                        goto out;
95
1.86k
                }
96
2.71k
                n--;
97
2.71k
        }
98
46
        fido_log_debug("%s: failed to find reader %s", __func__, path);
99
4.67k
out:
100
4.67k
        free(buf);
101
102
4.67k
        return reader;
103
46
}
104
105
static int
106
prepare_io_request(DWORD prot, SCARD_IO_REQUEST *req)
107
2.94k
{
108
2.94k
        switch (prot) {
109
1.46k
        case SCARD_PROTOCOL_T0:
110
1.46k
                req->dwProtocol = SCARD_PCI_T0->dwProtocol;
111
1.46k
                req->cbPciLength = SCARD_PCI_T0->cbPciLength;
112
1.46k
                break;
113
1.45k
        case SCARD_PROTOCOL_T1:
114
1.45k
                req->dwProtocol = SCARD_PCI_T1->dwProtocol;
115
1.45k
                req->cbPciLength = SCARD_PCI_T1->cbPciLength;
116
1.45k
                break;
117
29
        default:
118
29
                fido_log_debug("%s: unknown protocol %lu", __func__,
119
29
                    (u_long)prot);
120
29
                return -1;
121
2.94k
        }
122
123
2.91k
        return 0;
124
2.94k
}
125
126
static int
127
copy_info(fido_dev_info_t *di, SCARDCONTEXT ctx, const char *reader, size_t idx)
128
1.10k
{
129
1.10k
        SCARDHANDLE h = 0;
130
1.10k
        SCARD_IO_REQUEST req;
131
1.10k
        DWORD prot = 0;
132
1.10k
        LONG s;
133
1.10k
        int ok = -1;
134
135
1.10k
        memset(di, 0, sizeof(*di));
136
1.10k
        memset(&req, 0, sizeof(req));
137
138
1.10k
        if ((s = SCardConnect(ctx, reader, SCARD_SHARE_SHARED,
139
1.10k
            SCARD_PROTOCOL_Tx, &h, &prot)) != SCARD_S_SUCCESS) {
140
8
                fido_log_debug("%s: SCardConnect 0x%lx", __func__, (long)s);
141
8
                goto fail;
142
8
        }
143
1.09k
        if (prepare_io_request(prot, &req) < 0) {
144
13
                fido_log_debug("%s: prepare_io_request", __func__);
145
13
                goto fail;
146
13
        }
147
1.08k
        if (asprintf(&di->path, "%s//slot%zu", FIDO_PCSC_PREFIX, idx) == -1) {
148
6
                di->path = NULL;
149
6
                fido_log_debug("%s: asprintf", __func__);
150
6
                goto fail;
151
6
        }
152
1.08k
        if (nfc_is_fido(di->path) == false) {
153
1.00k
                fido_log_debug("%s: nfc_is_fido: %s", __func__, di->path);
154
1.00k
                goto fail;
155
1.00k
        }
156
77
        if ((di->manufacturer = strdup("PC/SC")) == NULL ||
157
77
            (di->product = strdup(reader)) == NULL)
158
2
                goto fail;
159
160
75
        ok = 0;
161
1.10k
fail:
162
1.10k
        if (h != 0)
163
1.09k
                SCardDisconnect(h, SCARD_LEAVE_CARD);
164
1.10k
        if (ok < 0) {
165
1.03k
                free(di->path);
166
1.03k
                free(di->manufacturer);
167
1.03k
                free(di->product);
168
1.03k
                explicit_bzero(di, sizeof(*di));
169
1.03k
        }
170
171
1.10k
        return ok;
172
75
}
173
174
int
175
fido_pcsc_manifest(fido_dev_info_t *devlist, size_t ilen, size_t *olen)
176
3.28k
{
177
3.28k
        SCARDCONTEXT ctx = 0;
178
3.28k
        char *buf = NULL;
179
3.28k
        LONG s;
180
3.28k
        size_t idx = 0;
181
3.28k
        int r = FIDO_ERR_INTERNAL;
182
183
3.28k
        *olen = 0;
184
185
3.28k
        if (ilen == 0)
186
762
                return FIDO_OK;
187
2.52k
        if (devlist == NULL)
188
751
                return FIDO_ERR_INVALID_ARGUMENT;
189
190
1.77k
        if ((s = SCardEstablishContext(SCARD_SCOPE_SYSTEM, NULL, NULL,
191
1.77k
            &ctx)) != SCARD_S_SUCCESS || ctx == 0) {
192
23
                fido_log_debug("%s: SCardEstablishContext 0x%lx", __func__,
193
23
                    (long)s);
194
23
                if (s == (LONG)SCARD_E_NO_SERVICE ||
195
23
                    s == (LONG)SCARD_E_NO_SMARTCARD)
196
14
                        r = FIDO_OK; /* suppress error */
197
23
                goto out;
198
23
        }
199
1.75k
        if ((s = list_readers(ctx, &buf)) != SCARD_S_SUCCESS) {
200
1.30k
                fido_log_debug("%s: list_readers 0x%lx", __func__, (long)s);
201
1.30k
                if (s == (LONG)SCARD_E_NO_READERS_AVAILABLE)
202
1.30k
                        r = FIDO_OK; /* suppress error */
203
1.30k
                goto out;
204
1.30k
        }
205
206
1.55k
        for (const char *name = buf; *name != 0; name += strlen(name) + 1) {
207
1.12k
                if (idx == READERS) {
208
18
                        fido_log_debug("%s: stopping at %zu readers", __func__,
209
18
                            idx);
210
18
                        r = FIDO_OK;
211
18
                        goto out;
212
18
                }
213
1.10k
                if (copy_info(&devlist[*olen], ctx, name, idx++) == 0) {
214
75
                        devlist[*olen].io = (fido_dev_io_t) {
215
75
                                fido_pcsc_open,
216
75
                                fido_pcsc_close,
217
75
                                fido_pcsc_read,
218
75
                                fido_pcsc_write,
219
75
                        };
220
75
                        devlist[*olen].transport = (fido_dev_transport_t) {
221
75
                                fido_pcsc_rx,
222
75
                                fido_pcsc_tx,
223
75
                        };
224
75
                        if (++(*olen) == ilen)
225
2
                                break;
226
75
                }
227
1.10k
        }
228
229
434
        r = FIDO_OK;
230
1.77k
out:
231
1.77k
        free(buf);
232
1.77k
        if (ctx != 0)
233
1.77k
                SCardReleaseContext(ctx);
234
235
1.77k
        return r;
236
434
}
237
238
void *
239
fido_pcsc_open(const char *path)
240
4.81k
{
241
4.81k
        char *reader = NULL;
242
4.81k
        struct pcsc *dev = NULL;
243
4.81k
        SCARDCONTEXT ctx = 0;
244
4.81k
        SCARDHANDLE h = 0;
245
4.81k
        SCARD_IO_REQUEST req;
246
4.81k
        DWORD prot = 0;
247
4.81k
        LONG s;
248
249
4.81k
        memset(&req, 0, sizeof(req));
250
251
4.81k
        if ((s = SCardEstablishContext(SCARD_SCOPE_SYSTEM, NULL, NULL,
252
4.81k
            &ctx)) != SCARD_S_SUCCESS || ctx == 0) {
253
140
                fido_log_debug("%s: SCardEstablishContext 0x%lx", __func__,
254
140
                    (long)s);
255
140
                goto fail;
256
257
140
        }
258
4.67k
        if ((reader = get_reader(ctx, path)) == NULL) {
259
2.81k
                fido_log_debug("%s: get_reader(%s)", __func__, path);
260
2.81k
                goto fail;
261
2.81k
        }
262
1.85k
        if ((s = SCardConnect(ctx, reader, SCARD_SHARE_SHARED,
263
1.85k
            SCARD_PROTOCOL_Tx, &h, &prot)) != SCARD_S_SUCCESS) {
264
17
                fido_log_debug("%s: SCardConnect 0x%lx", __func__, (long)s);
265
17
                goto fail;
266
17
        }
267
1.84k
        if (prepare_io_request(prot, &req) < 0) {
268
16
                fido_log_debug("%s: prepare_io_request", __func__);
269
16
                goto fail;
270
16
        }
271
1.82k
        if ((dev = calloc(1, sizeof(*dev))) == NULL)
272
13
                goto fail;
273
274
1.81k
        dev->ctx = ctx;
275
1.81k
        dev->h = h;
276
1.81k
        dev->req = req;
277
1.81k
        ctx = 0;
278
1.81k
        h = 0;
279
4.81k
fail:
280
4.81k
        if (h != 0)
281
29
                SCardDisconnect(h, SCARD_LEAVE_CARD);
282
4.81k
        if (ctx != 0)
283
2.96k
                SCardReleaseContext(ctx);
284
4.81k
        free(reader);
285
286
4.81k
        return dev;
287
1.81k
}
288
289
void
290
fido_pcsc_close(void *handle)
291
1.81k
{
292
1.81k
        struct pcsc *dev = handle;
293
294
1.81k
        if (dev->h != 0)
295
1.81k
                SCardDisconnect(dev->h, SCARD_LEAVE_CARD);
296
1.81k
        if (dev->ctx != 0)
297
1.81k
                SCardReleaseContext(dev->ctx);
298
299
1.81k
        explicit_bzero(dev->rx_buf, sizeof(dev->rx_buf));
300
1.81k
        free(dev);
301
1.81k
}
302
303
int
304
fido_pcsc_read(void *handle, unsigned char *buf, size_t len, int ms)
305
1.59k
{
306
1.59k
        struct pcsc *dev = handle;
307
1.59k
        int r;
308
309
1.59k
        (void)ms;
310
1.59k
        if (dev->rx_len == 0 || dev->rx_len > len ||
311
1.59k
            dev->rx_len > sizeof(dev->rx_buf)) {
312
918
                fido_log_debug("%s: rx_len", __func__);
313
918
                return -1;
314
918
        }
315
677
        fido_log_xxd(dev->rx_buf, dev->rx_len, "%s: reading", __func__);
316
677
        memcpy(buf, dev->rx_buf, dev->rx_len);
317
677
        explicit_bzero(dev->rx_buf, sizeof(dev->rx_buf));
318
677
        r = (int)dev->rx_len;
319
677
        dev->rx_len = 0;
320
321
677
        return r;
322
1.59k
}
323
324
int
325
fido_pcsc_write(void *handle, const unsigned char *buf, size_t len)
326
2.40k
{
327
2.40k
        struct pcsc *dev = handle;
328
2.40k
        DWORD n;
329
2.40k
        LONG s;
330
331
2.40k
        if (len > INT_MAX) {
332
751
                fido_log_debug("%s: len", __func__);
333
751
                return -1;
334
751
        }
335
336
1.65k
        explicit_bzero(dev->rx_buf, sizeof(dev->rx_buf));
337
1.65k
        dev->rx_len = 0;
338
1.65k
        n = (DWORD)sizeof(dev->rx_buf);
339
340
1.65k
        fido_log_xxd(buf, len, "%s: writing", __func__);
341
342
1.65k
        if ((s = SCardTransmit(dev->h, &dev->req, buf, (DWORD)len, NULL,
343
1.65k
            dev->rx_buf, &n)) != SCARD_S_SUCCESS) {
344
24
                fido_log_debug("%s: SCardTransmit 0x%lx", __func__, (long)s);
345
24
                explicit_bzero(dev->rx_buf, sizeof(dev->rx_buf));
346
24
                return -1;
347
24
        }
348
1.62k
        dev->rx_len = (size_t)n;
349
350
1.62k
        fido_log_xxd(dev->rx_buf, dev->rx_len, "%s: read", __func__);
351
352
1.62k
        return (int)len;
353
1.65k
}
354
355
int
356
fido_pcsc_tx(fido_dev_t *d, uint8_t cmd, const u_char *buf, size_t count)
357
1.86k
{
358
1.86k
        return fido_nfc_tx(d, cmd, buf, count);
359
1.86k
}
360
361
int
362
fido_pcsc_rx(fido_dev_t *d, uint8_t cmd, u_char *buf, size_t count, int ms)
363
1.82k
{
364
1.82k
        return fido_nfc_rx(d, cmd, buf, count, ms);
365
1.82k
}
366
367
bool
368
fido_is_pcsc(const char *path)
369
492k
{
370
492k
        return strncmp(path, FIDO_PCSC_PREFIX, strlen(FIDO_PCSC_PREFIX)) == 0;
371
492k
}
372
373
int
374
fido_dev_set_pcsc(fido_dev_t *d)
375
4.07k
{
376
4.07k
        if (d->io_handle != NULL) {
377
0
                fido_log_debug("%s: device open", __func__);
378
0
                return -1;
379
0
        }
380
4.07k
        d->io_own = true;
381
4.07k
        d->io = (fido_dev_io_t) {
382
4.07k
                fido_pcsc_open,
383
4.07k
                fido_pcsc_close,
384
4.07k
                fido_pcsc_read,
385
4.07k
                fido_pcsc_write,
386
4.07k
        };
387
4.07k
        d->transport = (fido_dev_transport_t) {
388
4.07k
                fido_pcsc_rx,
389
4.07k
                fido_pcsc_tx,
390
4.07k
        };
391
392
4.07k
        return 0;
393
4.07k
}