minidriver.c - testing add md_force_sign_and_exchange

On branch Minidriver-2 Changes to be committed: modified: minidriver.c
dengert · Nov 24, 2024 · 1aa2686 · 1aa2686
1 parent 5ce069c
commit 1aa2686
Showing 1 changed file with 19 additions and 9 deletions.
diff --git a/src/minidriver/minidriver.c b/src/minidriver/minidriver.c
@@ -1812,9 +1812,9 @@ md_set_cmapfile(PCARD_DATA pCardData, struct md_file *file)
 		if (dwret != SCARD_S_SUCCESS)
 			return dwret;
 
-		logprintf(pCardData, 7, "Container[%i] is '%.*s' guid=%.*s\n", ii,
+		logprintf(pCardData, 7, "Container[%i] is '%.*s' guid=%.*s flags:%02X \n", ii,
 			  (int) sizeof key_obj->label, key_obj->label,
-			  (int) sizeof cont->guid, cont->guid);
+			  (int) sizeof cont->guid, cont->guid, cont->flags);
 
 		if (cont->flags & CONTAINER_MAP_VALID_CONTAINER &&
 		    key_obj->auth_id.len > 0) {
@@ -1927,18 +1927,24 @@ md_set_cmapfile(PCARD_DATA pCardData, struct md_file *file)
 		}
 
 		if (cont->flags & CONTAINER_MAP_VALID_CONTAINER &&
-		    cont->flags & CONTAINER_MAP_DEFAULT_CONTAINER)
+		    cont->flags & CONTAINER_MAP_DEFAULT_CONTAINER) {
 			found_default = 1;
+			logprintf(pCardData, 7, "Both CONTAINER_MAP_VALID_CONTAINER and CONTAINER_MAP_DEFAULT_CONTAINER already set\n");
+		}
 
 		/* AT_KEYEXCHANGE is more general key usage,
 		 *	it allows 'decryption' as well as 'signature' key usage.
 		 * AT_SIGNATURE allows only 'signature' usage.
-		 * TODO testing if both can be set at same time  
+		 * TODO TESTING if both can be set at same time  
 		 */
 		cont->size_key_exchange = cont->size_sign = 0;
+		logprintf(pCardData, 7, "prkey_info->usage: %02X\n". prkey_info->usage);
+
 		if (key_obj->type == SC_PKCS15_TYPE_PRKEY_RSA) {
-			/* TODO testing if  both cont->size_sign and cont->size_key_exchange can be set */
-			if (md_get_config_bool(pCardData, "md_sign_and_exchange", FALSE) == TRUE) {
+			if (md_get_config_bool(pCardData, "md_force_sign_and_exchange", FALSE) == TRUE) {
+				cont->size_sign = prkey_info->modulus_length;
+				cont->size_key_exchange = prkey_info->modulus_length;
+			} else if (md_get_config_bool(pCardData, "md_sign_and_exchange", FALSE) == TRUE) {
 				if (prkey_info->usage & USAGE_ANY_SIGN)
 					cont->size_sign = prkey_info->modulus_length;
 				if (prkey_info->usage & USAGE_ANY_DECIPHER)
@@ -1949,13 +1955,17 @@ md_set_cmapfile(PCARD_DATA pCardData, struct md_file *file)
 				cont->size_sign = prkey_info->modulus_length;
 			else
 				cont->size_key_exchange = prkey_info->modulus_length;
+
 		} else if (key_obj->type == SC_PKCS15_TYPE_PRKEY_EC) {
-			/* TODO testing if usage as decipher on EC is meant to be KEYAGREEMENT */
 			unsigned int ec_usage = USAGE_ANY_AGREEMENT;
+			/* TODO TESTING if usage as decipher on EC is meant to be KEYAGREEMENT */
 			if (md_get_config_bool(pCardData, "md_ec_usage_accept_decrypt", FALSE) == TRUE)
-				ec_usage |= SC_PKCS15_PRKEY_USAGE_DECRYPT;
+				ec_usage |= USAGE_ANY_DECIPHER;
 
-			if (md_get_config_bool(pCardData, "md_sign_and_exchange", FALSE) == TRUE) {
+			if (md_get_config_bool(pCardData, "md_force_sign_and_exchange", FALSE) == TRUE) {
+				cont->size_sign = prkey_info->modulus_length;
+				cont->size_key_exchange = prkey_info->modulus_length;
+			} else if (md_get_config_bool(pCardData, "md_sign_and_exchange", FALSE) == TRUE) {
 				if (prkey_info->usage & USAGE_ANY_SIGN)
 					cont->size_sign = prkey_info->field_length;
 				if (prkey_info->usage & ec_usage)