[pkg-opensc-commit] [opensc] 79/295: pkcs15-tool: don't unconditionally lock the card

[Eric Dorland]

This is an automated email from the git hooks/post-receive script.

eric pushed a commit to branch master
in repository opensc.

commit c6db68fdeee256309b1612776960558c553a38f5
Author: Frank Morgner <frankmorgner at gmail.com>
Date:   Mon Sep 19 23:55:41 2016 +0200

    pkcs15-tool: don't unconditionally lock the card
---
 src/pkcs15init/pkcs15-init.h |  6 ------
 src/tools/pkcs15-tool.c      | 13 +++++++++++--
 2 files changed, 11 insertions(+), 8 deletions(-)

diff --git a/src/pkcs15init/pkcs15-init.h b/src/pkcs15init/pkcs15-init.h
index 441fc54..4e7f85a 100644
--- a/src/pkcs15init/pkcs15-init.h
+++ b/src/pkcs15init/pkcs15-init.h
@@ -382,12 +382,6 @@ extern int	sc_pkcs15init_erase_card_recursively(struct sc_pkcs15_card *,
 extern int	sc_pkcs15init_rmdir(struct sc_pkcs15_card *, struct sc_profile *,
 				struct sc_file *);
 
-/* Helper function for CardOS */
-extern int	sc_pkcs15init_requires_restrictive_usage(
-				struct sc_pkcs15_card *,
-				struct sc_pkcs15init_prkeyargs *,
-				unsigned int);
-
 extern int	sc_pkcs15_create_pin_domain(struct sc_profile *, struct sc_pkcs15_card *,
 				const struct sc_pkcs15_id *, struct sc_file **);
 
diff --git a/src/tools/pkcs15-tool.c b/src/tools/pkcs15-tool.c
index 1e9f401..a5edc60 100644
--- a/src/tools/pkcs15-tool.c
+++ b/src/tools/pkcs15-tool.c
@@ -1555,7 +1555,9 @@ static int test_update(sc_card_t *in_card)
 	static u8 fci_bad[] = { 0x00, 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
 	static u8 fci_good[] = { 0x00, 0xFF, 0x00, 0x00, 0x00, 0x00, 0xFF, 0x00, 0x00 };
 
-
+	r = sc_lock(card);
+	if (r < 0)
+		return r;
 
 	if (strcmp("cardos",in_card->driver->short_name) != 0) {
 		printf("not using the cardos driver, card is fine.\n");
@@ -1633,10 +1635,12 @@ static int test_update(sc_card_t *in_card)
 		goto bad_fci;
 	}
 end:
+	sc_unlock(card);
 	/* 0 = card ok, 1 = card vulnerable, 2 = problem! */
 	return rc;
 
 bad_fci:
+	sc_unlock(card);
 	util_hex_dump(stdout,rbuf,apdu.resplen," ");
 	printf("\n");
 	return 2;
@@ -1657,6 +1661,10 @@ static int update(sc_card_t *in_card)
 	apdu.datalen = sizeof(cmd1);
 	apdu.data = cmd1;
 
+	r = sc_lock(card);
+	if (r < 0)
+		return r;
+
 	r = sc_transmit_apdu(card, &apdu);
 	if (r < 0) {
 		printf("selecting folder failed: %s\n", sc_strerror(r));
@@ -1748,6 +1756,7 @@ skip_change_lifecycle:
 
 	printf("security update applied successfully.\n");
 end:
+	sc_unlock(card);
 	return 0;
 }
 
@@ -1930,7 +1939,7 @@ int main(int argc, char * const argv[])
 		sc_ctx_log_to_file(ctx, "stderr");
 	}
 
-	err = util_connect_card(ctx, &card, opt_reader, opt_wait, verbose);
+	err = util_connect_card_ex(ctx, &card, opt_reader, opt_wait, 0, verbose);
 	if (err)
 		goto end;
 

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-opensc/opensc.git