[Pcsclite-cvs-commit] r6320 - /trunk/PCSC/src/readerfactory.c

rousseau at users.alioth.debian.org rousseau at users.alioth.debian.org
Tue Jun 5 09:05:45 UTC 2012 

Author: rousseau
Date: Tue Jun  5 09:05:45 2012
New Revision: 6320

URL: http://svn.debian.org/wsvn/pcsclite/?sc=1&rev=6320
Log:
RFCreateReaderHandle(): generates a 32-bits random for hCard

Since the change in revision 6316 dwIdentity is no more used to identify
a hCard -> reader relation.
So we can just generate a hCard as a full 32-bits random.

The security should be improved with a change from 16-bits random to a
32-bits random. It will be more difficult for a rogue client to guess a
valid hCard value.

Modified:
    trunk/PCSC/src/readerfactory.c

Modified: trunk/PCSC/src/readerfactory.c
URL: http://svn.debian.org/wsvn/pcsclite/trunk/PCSC/src/readerfactory.c?rev=6320&op=diff
==============================================================================
--- trunk/PCSC/src/readerfactory.c (original)
+++ trunk/PCSC/src/readerfactory.c Tue Jun  5 09:05:45 2012
@@ -1015,47 +1015,27 @@
 
 SCARDHANDLE RFCreateReaderHandle(READER_CONTEXT * rContext)
 {
-	USHORT randHandle;
-
-	/* Create a random handle with 16 bits check to see if it already is
-	 * used. */
-	/* FIXME: THIS IS NOT STRONG ENOUGH: A 128-bit token should be
-	 * generated.  The client and server would associate token and hCard
-	 * for authentication. */
-	randHandle = SYS_RandomInt(10, 65000);
-
-	int i;
-again:
-	for (i = 0; i < PCSCLITE_MAX_READERS_CONTEXTS; i++)
-	{
-		if (sReadersContexts[i]->vHandle != 0)
-		{
-			RDR_CLIHANDLES *currentHandle;
-			list_t * l = &sReadersContexts[i]->handlesList;
-
-			(void)pthread_mutex_lock(&sReadersContexts[i]->handlesList_lock);
-			list_iterator_start(l);
-			while (list_iterator_hasnext(l))
-			{
-				currentHandle = list_iterator_next(l);
-				if (((LONG)rContext->dwIdentity + randHandle) ==
-					(currentHandle->hCard))
-				{
-					/* Get a new handle and loop again */
-					randHandle = SYS_RandomInt(10, 65000);
-					list_iterator_stop(l);
-					(void)pthread_mutex_unlock(&sReadersContexts[i]->handlesList_lock);
-					goto again;
-				}
-			}
-			list_iterator_stop(l);
-			(void)pthread_mutex_unlock(&sReadersContexts[i]->handlesList_lock);
-		}
-	}
+	SCARDHANDLE randHandle;
+	READER_CONTEXT *dummy_reader;
+	LONG ret;
+
+	do
+	{
+		/* Create a random handle with 32 bits check to see if it already is
+		 * used. */
+		/* FIXME: THIS IS NOT STRONG ENOUGH: A 128-bit token should be
+		 * generated.  The client and server would associate token and hCard
+		 * for authentication. */
+		randHandle = SYS_RandomInt(0, -1);
+
+		/* do we already use this hCard somewhere? */
+		ret = RFReaderInfoById(randHandle, &dummy_reader);
+	}
+	while (SCARD_S_SUCCESS == ret);
 
 	/* Once the for loop is completed w/o restart a good handle was
 	 * found and the loop can be exited. */
-	return rContext->dwIdentity + randHandle;
+	return randHandle;
 }
 
 LONG RFDestroyReaderHandle(/*@unused@*/ SCARDHANDLE hCard)

More information about the Pcsclite-cvs-commit mailing list