rpms
/
esc
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Resolves: rhbz #2007544,2000928,2000929 

- Bugzilla Bug  2007544 - The esc provides outdated configuration for opensc
- Bugzilla Bug  2000928 - ESC does not detect smart cards and crashes upon launch [rhel-9.0.0]
- Bugzilla Bug  2000929 - [RHEL-9][AppStream] esc present in comps but missing from repository [rhel-9.0.0]
This commit is contained in:
Jack Magne 2021-12-13 14:53:53 -08:00
parent 67b388426e
commit 16166ad2e3
15 changed files with 5369 additions and 223 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
esc
View File

@ -18,7 +18,35 @@
# END COPYRIGHT BLOCK
ESC_PATH=/usr/lib64/esc-1.1.2
function processArgs {
for arg in $1
do
if [ $arg == "--version" ]
then
echo ""
echo "Smart Card Manager: Version: $VERSION ."
echo ""
exit 0
fi
if [ $arg == "--help" ]
then
echo ""
echo "Smart Card Manager: GUI tool to manage smart cards."
echo "Run by selecting from the system menu or by typing , esc at the terminal."
echo ""
exit 0
fi
done
}
processArgs $*
ESC_PATH=$LIBDIR/esc-1.1.2
ESC_BIN=esc.js
ESC_EXEC=gjs
@ -28,7 +56,7 @@ export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$ESC_PATH/lib
cd $ESC_PATH
$ESC_EXEC ./$ESC_BIN &
$ESC_EXEC --include-path $ESC_PATH ./$ESC_BIN &
exit 0

33
esc-1.1.2-fix1.patch Normal file
View File

@ -0,0 +1,33 @@
diff -up ./esc/src/lib/coolkey/Makefile.am.fix1 ./esc/src/lib/coolkey/Makefile.am
--- ./esc/src/lib/coolkey/Makefile.am.fix1 2018-10-08 14:04:44.963523599 -0700
+++ ./esc/src/lib/coolkey/Makefile.am 2018-10-08 14:06:18.605022660 -0700
@@ -54,6 +54,7 @@ lib_LTLIBRARIES += libCoolkey-1.0.la
libCoolkey_1_0_la_CFLAGS = @PCSC_CFLAGS@ @NSPR_CFLAGS@ @NSS_CFLAGS@ -I ../nss-http-client
libCoolkey_1_0_la_CPPFLAGS = @PCSC_CFLAGS@ @NSPR_CFLAGS@ @NSS_CFLAGS@ -I ../nss-http-client
libCoolkey_1_0_la_LIBADD = $(COOLKEY_LIBS)
+libCoolkey_1_0_la_LDFLAGS = -Wl,-z,now
libCoolkey_1_0_la_SOURCES = $(source_c) $(source_cpp)
coolkeyincludedir = $(includedir)/src/lib/coolkey
diff -up ./esc/src/lib/coolkey-mgr/Makefile.am.fix1 ./esc/src/lib/coolkey-mgr/Makefile.am
--- ./esc/src/lib/coolkey-mgr/Makefile.am.fix1 2018-10-08 14:04:30.132602938 -0700
+++ ./esc/src/lib/coolkey-mgr/Makefile.am 2018-10-08 14:05:38.265238463 -0700
@@ -59,6 +59,7 @@ source_cpp = \
lib_LTLIBRARIES += libcoolkeymgr-1.0.la
libcoolkeymgr_1_0_la_LIBADD = $(COOLKEY_MGR_LIBS) $(ESC_LIBS) $(OTHER_LIBS)
+libcoolkeymgr_1_0_la_LDFLAGS = -Wl,-z,now
libcoolkeymgr_1_0_la_SOURCES = $(source_c) $(source_cpp) $(source_h)
coolkeymgrincludedir = $(includedir)/coolkey-mgr
diff -up ./esc/src/lib/nss-http-client/Makefile.am.fix1 ./esc/src/lib/nss-http-client/Makefile.am
--- ./esc/src/lib/nss-http-client/Makefile.am.fix1 2018-10-08 14:04:57.302457592 -0700
+++ ./esc/src/lib/nss-http-client/Makefile.am 2018-10-08 14:06:44.701883050 -0700
@@ -52,6 +52,7 @@ lib_LTLIBRARIES += libNssHttpClient-1.0.
#libNssHttpClient_1_0_la_CFLAGS = @PCSC_CFLAGS@ @NSPR_CFLAGS@ @NSS_CFLAGS@ -DLINUX -I ../coolkey
libNssHttpClient_1_0_la_CPPFLAGS = @PCSC_CFLAGS@ @NSPR_CFLAGS@ @NSS_CFLAGS@ -I ../coolkey @DEFS@
libNssHttpClient_1_0_la_LIBADD = $(COOLKEY_LIBS)
+libNssHttpClient_1_0_la_LDFLAGS = -Wl,-z,now
libNssHttpClient_1_0_la_SOURCES = $(source_c) $(source_cpp) $(source_h)
coolkeyincludedir = $(includedir)/src/lib/coolkey

291
esc-1.1.2-fix10.patch Normal file
View File

@ -0,0 +1,291 @@
diff -up ./esc/esc-1.1.2/esc/src/app/esc.js.fix10 ./esc/esc-1.1.2/esc/src/app/esc.js
--- ./esc/src/app/esc.js.fix10 2020-12-02 15:47:00.688951279 -0800
+++ ./esc/src/app/esc.js 2020-12-02 15:47:00.690951273 -0800
@@ -370,12 +370,20 @@ class ESC {
let nick = "";
if(certObj.token == null)
token = "internal";
- else
+ else {
token = certObj.token;
+ }
nick = certObj.nick;
-
- certDetail = this._execProgram(['/usr/bin/certutil','-L','-d', this._getConfigPath(), '-h', token, '-f' , pFileName, '-n', token + ":" + nick]);
+
+ let tokenNick = '"' + token + ":" + nick + '"' ;
+ token = '"' + token + '"';
+ let argv1 = ['/usr/bin/certutil','-L','-d', this._getConfigPath(), '-h', token, '-f' , pFileName, '-n', tokenNick];
+
+ print("argv1: " + argv1);
+
+
+ certDetail = this._execProgram(argv1);
return certDetail;
}
@@ -475,7 +483,7 @@ class ESC {
result = -1;
return result;
}
-
+
result = stdoutb.toString();
} catch (e) {
@@ -792,19 +800,18 @@ class ESC {
let status = this._selectedTokenInfo.status;
if(status == 4 /* enrolled */) {
- this._pinMgr = new PinDialog.pinDialog(this);
- this._pinMgr.launchPinPrompt(this._promptPinDone.bind(this));
+ let coolkey_token = this._selectedTokenInfo;
+
+ this._tokenInfoBuffer.text +=
+ this.mgr.get_certs_info(coolkey_token);
+
}
}
- _promptPinDone(tempFileName) {
-
- let coolkey_token = this._selectedTokenInfo;
-
- this._tokenInfoBuffer.text +=
- this._getCertList(coolkey_token,tempFileName) + "\n";
+ _promptPinDone(tempFileName) {
}
+
_response_cb() {
if(this._messageDialog) {
this._messageDialog.destroy();
diff -up ./esc/src/app/opensc.esc.conf.fix10 ./esc/src/app/opensc.esc.conf
--- ./esc/src/app/opensc.esc.conf.fix10 2020-12-02 15:51:05.812283690 -0800
+++ ./esc/src/app/opensc.esc.conf 2020-12-02 15:51:30.835215539 -0800
@@ -94,6 +94,7 @@ app default {
module_path = /usr/lib64;
}
framework pkcs15 {
+ use_file_caching = true;
builtin_emulators = coolkey, cac, cac1, PIV-II;
}
}
diff -up ./esc/src/app/pinDialog.js.fix10 ./esc/src/app/pinDialog.js
--- ./esc/src/app/pinDialog.js.fix10 2020-12-02 15:47:00.683951293 -0800
+++ ./esc/src/app/pinDialog.js 2020-12-02 15:47:00.691951271 -0800
@@ -94,7 +94,6 @@ pinDialog.prototype = {
if(this.notify) {
this.notify(this.tempFileName);
}
-
this.clearTempFile();
this.dialog.destroy();
this.dialog = null;
diff -up ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix10 ./esc/src/lib/coolkey/CoolKeyHandler.cpp
--- ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix10 2020-12-02 16:25:29.075670723 -0800
+++ ./esc/src/lib/coolkey/CoolKeyHandler.cpp 2020-12-02 16:30:53.310789119 -0800
@@ -46,6 +46,7 @@
static const char *cac_manu_id= "Common Access Card";
static const char *piv_manu_id= "piv II ";
+static const char *piv_manu_id_1= "piv_II";
//static char *test_extended_login = "s=325&msg_type=13&invalid_login=0&blocked=0&error=&required_parameter0=id%3DUSER%5FID%26name%3DUser+ID%26desc%3DUser+ID%26type%3Dstring%26option%3Doption1%2Coption2%2Coption3&required_parameter1=id%3DUSER%5FPWD%26name%3DUser+Password%26desc%3DUser+Password%26type%3Dpassword%26option%3D&required_parameter2=id%3DUSER%5FPIN%26name%3DPIN%26desc%3DOne+time+PIN+received+via+mail%26type%3Dpassword%26option%3D";
@@ -2300,7 +2301,9 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co
if(!memcmp( tokenInfo.manufacturerID,cac_manu_id,strlen(cac_manu_id ))) {
isACAC = 1;
} else if(!memcmp(tokenInfo.manufacturerID, piv_manu_id, strlen(piv_manu_id))) {
- isAPIV = 1;
+ isAPIV = 1;
+ } else if(!memcmp(tokenInfo.manufacturerID, piv_manu_id_1, strlen(piv_manu_id_1))) {
+ isAPIV = 1;
} else {
isACOOLKey = 1;
}
diff -up ./esc/src/lib/coolkey-mgr/coolkey-api.cpp.fix10 ./esc/src/lib/coolkey-mgr/coolkey-api.cpp
--- ./esc/src/lib/coolkey-mgr/coolkey-api.cpp.fix10 2020-12-02 15:47:00.673951320 -0800
+++ ./esc/src/lib/coolkey-mgr/coolkey-api.cpp 2020-12-02 15:47:00.691951271 -0800
@@ -17,6 +17,8 @@
#include "coolkey-api.h"
#include "rhCoolKey.h"
+#include <string>
+
static rhCoolKey *coolkey = NULL;
static const char * coolkeyDbusName = NULL;
@@ -79,6 +81,54 @@ char *coolkey_get_phone_home(char *url)
}
}
+/* get a string with all the certs detail for a token */
+
+char *coolkey_get_certs_info(int keyType, const char *keyID) {
+
+ string str_result;
+ if (coolkey == NULL) {
+ return NULL;
+ }
+
+ char *result = NULL;
+ char **names = NULL;
+ PRUint32 count = 0;
+ HRESULT res = coolkey->GetCoolKeyCertNicknames(keyType, keyID, &count, &names);
+
+ if(count > 0 && res == S_OK) {
+ for(int i = 0 ; i < count ; i++) {
+ char *curName = names[i];
+
+ if(curName) {
+ char *certDetail = NULL;
+ str_result = str_result + curName + "\n" ;
+ res = coolkey->GetCoolKeyCertInfo(keyType, keyID, curName, &certDetail);
+ if(res == S_OK && certDetail != NULL) {
+ str_result = str_result + certDetail + "\n";
+ PL_strfree(certDetail);
+ certDetail = NULL;
+ }
+ }
+ }
+ }
+
+ if(str_result.c_str()) {
+ result = PL_strdup((char *) str_result.c_str());
+ }
+
+ for(int i = 0 ; i < count ; i++) {
+ if(names[i]) {
+ PL_strfree(names[i]);
+ names[i] = NULL;
+ }
+ }
+
+ PR_Free(names);
+ names = NULL;
+
+ return result;
+}
+
/* get a block of data about a token in a structure format */
tokenInfo *coolkey_get_token_info(int keyType, const char *keyID) {
diff -up ./esc/src/lib/coolkey-mgr/coolkey-api.h.fix10 ./esc/src/lib/coolkey-mgr/coolkey-api.h
--- ./esc/src/lib/coolkey-mgr/coolkey-api.h.fix10 2020-12-02 15:47:00.673951320 -0800
+++ ./esc/src/lib/coolkey-mgr/coolkey-api.h 2020-12-02 15:47:00.691951271 -0800
@@ -43,6 +43,8 @@ void coolkey_init(const char *db_dir, co
void coolkey_destroy();
char *coolkey_get_phone_home(char *url);
+char *coolkey_get_certs_info(int keyType, const char *keyID);
+
tokenInfo *coolkey_get_token_info(int keyType,const char *keyID);
void coolkey_free_token_info(tokenInfo *tInfo);
diff -up ./esc/src/lib/coolkey-mgr/coolkey-mgr.c.fix10 ./esc/src/lib/coolkey-mgr/coolkey-mgr.c
--- ./esc/src/lib/coolkey-mgr/coolkey-mgr.c.fix10 2020-12-02 15:47:00.673951320 -0800
+++ ./esc/src/lib/coolkey-mgr/coolkey-mgr.c 2020-12-02 15:47:00.691951271 -0800
@@ -346,6 +346,36 @@ cleanup:
}
+gchar*
+coolkey_mgr_get_certs_info(CoolkeyMgr *self, CoolkeyToken* token) {
+
+ gchar *cuid = NULL;
+ gchar *keyType = NULL;
+ int keyTypeInt = 0;
+ gchar *certInfo = NULL;
+
+ g_object_get(token,"key_type", &keyType,NULL);
+ g_object_get(token,"cuid", &cuid, NULL);
+
+ if(keyType == NULL || cuid == NULL) {
+ goto cleanup;
+ }
+
+ keyTypeInt = atoi(keyType);
+
+ if(keyType == NULL || cuid == NULL) {
+ goto cleanup;
+ }
+
+ certInfo = coolkey_get_certs_info(keyTypeInt, cuid);
+
+cleanup:
+
+ g_free (keyType);
+ g_free (cuid);
+
+ return certInfo;
+}
void
coolkey_mgr_get_token_info(CoolkeyMgr* self, CoolkeyToken* token) {
diff -up ./esc/src/lib/coolkey-mgr/coolkey-mgr.h.fix10 ./esc/src/lib/coolkey-mgr/coolkey-mgr.h
--- ./esc/src/lib/coolkey-mgr/coolkey-mgr.h.fix10 2020-12-02 15:47:00.673951320 -0800
+++ ./esc/src/lib/coolkey-mgr/coolkey-mgr.h 2020-12-02 15:47:00.691951271 -0800
@@ -46,6 +46,8 @@ int coolkey_mgr_cancel_token_operation(C
void coolkey_mgr_get_token_info(CoolkeyMgr* self, CoolkeyToken* token);
+gchar * coolkey_mgr_get_certs_info(CoolkeyMgr*self, CoolkeyToken* token);
+
gchar * coolkey_mgr_phone_home(CoolkeyMgr* self, gchar *url);
gchar * coolkey_mgr_speak (CoolkeyMgr* self, gchar *words);
diff -up ./esc/src/lib/coolkey/NSSManager.cpp.fix10 ./esc/src/lib/coolkey/NSSManager.cpp
--- ./esc/src/lib/coolkey/NSSManager.cpp.fix10 2020-12-02 15:47:00.680951301 -0800
+++ ./esc/src/lib/coolkey/NSSManager.cpp 2020-12-02 15:47:00.691951271 -0800
@@ -41,7 +41,7 @@
#include <iostream>
#include <sstream>
-
+#include <algorithm>
#include "SlotUtils.h"
static PRLogModuleInfo *coolKeyLogNSS = PR_NewLogModule("coolKeyNSS");
@@ -314,7 +314,10 @@ NSSManager::GetKeyCertNicknames( const C
CERTCertificate *cert = node->cert;
if(cert)
{
- if(cert->slot != slot)
+ char *certSlotName = PK11_GetSlotName(cert->slot);
+ char *slotName = PK11_GetSlotName(slot);
+
+ if(strcmp(certSlotName, slotName))
{
CERT_RemoveCertListNode(node);
}
@@ -346,7 +349,10 @@ NSSManager::GetKeyCertNicknames( const C
PR_LOG( coolKeyLogNSS, PR_LOG_DEBUG, ("%s NSSManager::GetCertKeyNicknames name %s \n",GetTStamp(tBuff,56),curName));
string str = curName;
- aStrings.push_back (str);
+
+ if (find(aStrings.begin(), aStrings.end(), str) == aStrings.end()) {
+ aStrings.push_back (str);
+ }
}
CERT_FreeNicknames(nicknames);
@@ -691,6 +697,16 @@ HRESULT NSSManager::GetKeyCertInfo(const
aCertInfo = issuedToCNStr + "\n" + issuerCNStr + "\n"
+ notBeforeStr + "\n" + notAfterStr + "\n" + serialStr ;
PR_LOG( coolKeyLogNSS, PR_LOG_DEBUG, ("%s NSSManager::GetKeyCertInfo issuerCN %s issuedToCN %s \n",GetTStamp(tBuff,56),issuerCN, issuedToCN));
+
+ if(nBefore) {
+ PORT_Free(nBefore);
+ nBefore = NULL;
+ }
+
+ if(nAfter) {
+ PORT_Free(nAfter);
+ nAfter = NULL;
+ }
break;
}

58
esc-1.1.2-fix11.patch Normal file
View File

@ -0,0 +1,58 @@
diff -up ./esc/src/lib/coolkey/Makefile.am.fix11 ./esc/src/lib/coolkey/Makefile.am
--- ./esc/src/lib/coolkey/Makefile.am.fix11 2021-09-23 15:54:17.207378817 -0700
+++ ./esc/src/lib/coolkey/Makefile.am 2021-09-23 17:36:26.312894242 -0700
@@ -24,6 +24,7 @@ EXTRA_DIST =
DISTCLEANFILES =
lib_LTLIBRARIES =
bin_PROGRAMS =
+COOLKEY_CFLAGS=-D_FORTIFY_SOURCE=2 -fcf-protection=full
AM_CPPFLAGS += \
$(COOLKEY_CFLAGS) \
@@ -51,8 +52,8 @@ source_c = \
lib_LTLIBRARIES += libCoolkey-1.0.la
-libCoolkey_1_0_la_CFLAGS = @PCSC_CFLAGS@ @NSPR_CFLAGS@ @NSS_CFLAGS@ -I ../nss-http-client
-libCoolkey_1_0_la_CPPFLAGS = @PCSC_CFLAGS@ @NSPR_CFLAGS@ @NSS_CFLAGS@ -I ../nss-http-client
+libCoolkey_1_0_la_CFLAGS = @PCSC_CFLAGS@ @NSPR_CFLAGS@ @NSS_CFLAGS@ $(AM_CFLAGS) -I ../nss-http-client
+libCoolkey_1_0_la_CPPFLAGS = @PCSC_CFLAGS@ @NSPR_CFLAGS@ @NSS_CFLAGS@ $(AM_CPPFLAGS) -I ../nss-http-client
libCoolkey_1_0_la_LIBADD = $(COOLKEY_LIBS)
libCoolkey_1_0_la_LDFLAGS = -Wl,-z,now
libCoolkey_1_0_la_SOURCES = $(source_c) $(source_cpp)
diff -up ./esc/src/lib/coolkey-mgr/Makefile.am.fix11 ./esc/src/lib/coolkey-mgr/Makefile.am
--- ./esc/src/lib/coolkey-mgr/Makefile.am.fix11 2021-09-23 17:37:12.680837943 -0700
+++ ./esc/src/lib/coolkey-mgr/Makefile.am 2021-09-23 18:25:02.611294039 -0700
@@ -24,8 +24,9 @@ EXTRA_DIST =
DISTCLEANFILES =
lib_LTLIBRARIES =
bin_PROGRAMS =
+COOLKEY_MGR_CFLAGS=-fcf-protection=full
-OTHER_CPPFLAGS = -I ../coolkey $(PCSC_CFLAGS)
+OTHER_CPPFLAGS = -I ../coolkey $(PCSC_CFLAGS) $(COOLKEY_MGR_CFLAGS)
OTHER_LIBS = -L../coolkey/.libs -lCoolkey-1.0 -L../nss-http-client/.libs -lNssHttpClient-1.0 $(DBUS_LIBS)
ESC_CFLAGS += $(DBUS_CFLAGS)
diff -up ./esc/src/lib/nss-http-client/Makefile.am.fix11 ./esc/src/lib/nss-http-client/Makefile.am
--- ./esc/src/lib/nss-http-client/Makefile.am.fix11 2021-09-23 16:09:43.841312015 -0700
+++ ./esc/src/lib/nss-http-client/Makefile.am 2021-09-23 17:36:44.518872136 -0700
@@ -24,6 +24,7 @@ EXTRA_DIST =
DISTCLEANFILES =
lib_LTLIBRARIES =
bin_PROGRAMS =
+NSS_HTTP_CLIENT_CFLAGS=-D_FORTIFY_SOURCE=2 -fcf-protection=full
AM_CPPFLAGS += \
$(NSS_HTTP_CLIENT_CFLAGS) \
$(NULL)
@@ -49,8 +50,8 @@ source_c = \
MYDEFS = @DEFS@
lib_LTLIBRARIES += libNssHttpClient-1.0.la
-#libNssHttpClient_1_0_la_CFLAGS = @PCSC_CFLAGS@ @NSPR_CFLAGS@ @NSS_CFLAGS@ -DLINUX -I ../coolkey
-libNssHttpClient_1_0_la_CPPFLAGS = @PCSC_CFLAGS@ @NSPR_CFLAGS@ @NSS_CFLAGS@ -I ../coolkey @DEFS@
+#libNssHttpClient_1_0_la_CFLAGS = @PCSC_CFLAGS@ @NSPR_CFLAGS@ @NSS_CFLAGS@ -DLINUX $(AM_CFLAGS) -I ../coolkey
+libNssHttpClient_1_0_la_CPPFLAGS = @PCSC_CFLAGS@ @NSPR_CFLAGS@ @NSS_CFLAGS@ $(AM_CPPFLAGS) -I ../coolkey @DEFS@
libNssHttpClient_1_0_la_LIBADD = $(COOLKEY_LIBS)
libNssHttpClient_1_0_la_LDFLAGS = -Wl,-z,now
libNssHttpClient_1_0_la_SOURCES = $(source_c) $(source_cpp) $(source_h)

70
esc-1.1.2-fix12.patch Normal file
View File

@ -0,0 +1,70 @@
diff -up ./esc/configure.ac.fix12 ./esc/configure.ac
--- ./esc/configure.ac.fix12 2021-09-27 14:53:49.932567105 -0700
+++ ./esc/configure.ac 2021-09-27 15:31:30.949185258 -0700
@@ -47,6 +47,30 @@ PKG_CHECK_MODULES([DBUS],[dbus-1])
AC_PROG_CC_STDC
# Compiler flags
+
+AC_CANONICAL_HOST
+ARCH_CPPFLAGS=""
+ARCH_CFLAGS=""
+
+AS_CASE([$host_os],
+ [linux*],
+ [
+ AS_CASE([$host_cpu],
+ [x86_64],
+ [
+ ARCH_CPPFLAGS="-fcf-protection=full"
+ ARCH_CFLAGS="-fcf-protection=full"
+ ],
+ [i?86],
+ [
+ ARCH_CPPFLAGS="-fcf-protection=full"
+ ARCH_CFLAGS="-fcf-protection=full"
+ ])
+ ])
+AC_SUBST(ARCH_CPPFLAGS)
+AC_SUBST(ARCH_CFLAGS)
+
+
ESC_CFLAGS="$GOBJECT_CFLAGS"
ESC_LIBS="$GOBJECT_LIBS $NSS_LIBS"
diff -up ./esc/src/lib/coolkey/Makefile.am.fix12 ./esc/src/lib/coolkey/Makefile.am
--- ./esc/src/lib/coolkey/Makefile.am.fix12 2021-09-27 15:26:24.130634037 -0700
+++ ./esc/src/lib/coolkey/Makefile.am 2021-09-27 15:27:24.332545740 -0700
@@ -24,7 +24,7 @@ EXTRA_DIST =
DISTCLEANFILES =
lib_LTLIBRARIES =
bin_PROGRAMS =
-COOLKEY_CFLAGS=-D_FORTIFY_SOURCE=2 -fcf-protection=full
+COOLKEY_CFLAGS=-D_FORTIFY_SOURCE=2 $(ARCH_CFLAGS)
AM_CPPFLAGS += \
$(COOLKEY_CFLAGS) \
diff -up ./esc/src/lib/coolkey-mgr/Makefile.am.fix12 ./esc/src/lib/coolkey-mgr/Makefile.am
--- ./esc/src/lib/coolkey-mgr/Makefile.am.fix12 2021-09-27 15:34:18.400943562 -0700
+++ ./esc/src/lib/coolkey-mgr/Makefile.am 2021-09-27 15:34:51.020896480 -0700
@@ -24,7 +24,7 @@ EXTRA_DIST =
DISTCLEANFILES =
lib_LTLIBRARIES =
bin_PROGRAMS =
-COOLKEY_MGR_CFLAGS=-fcf-protection=full
+COOLKEY_MGR_CFLAGS=$(ARCH_CFLAGS)
OTHER_CPPFLAGS = -I ../coolkey $(PCSC_CFLAGS) $(COOLKEY_MGR_CFLAGS)
OTHER_LIBS = -L../coolkey/.libs -lCoolkey-1.0 -L../nss-http-client/.libs -lNssHttpClient-1.0 $(DBUS_LIBS)
diff -up ./esc/src/lib/nss-http-client/Makefile.am.fix12 ./esc/src/lib/nss-http-client/Makefile.am
--- ./esc/src/lib/nss-http-client/Makefile.am.fix12 2021-09-27 15:33:16.482032935 -0700
+++ ./esc/src/lib/nss-http-client/Makefile.am 2021-09-27 15:34:04.524963592 -0700
@@ -24,7 +24,7 @@ EXTRA_DIST =
DISTCLEANFILES =
lib_LTLIBRARIES =
bin_PROGRAMS =
-NSS_HTTP_CLIENT_CFLAGS=-D_FORTIFY_SOURCE=2 -fcf-protection=full
+NSS_HTTP_CLIENT_CFLAGS=-D_FORTIFY_SOURCE=2 $(ARCH_CFLAGS)
AM_CPPFLAGS += \
$(NSS_HTTP_CLIENT_CFLAGS) \
$(NULL)

103
esc-1.1.2-fix2.patch Normal file
View File

@ -0,0 +1,103 @@
diff -up ./esc/src/lib/coolkey/CoolKey.cpp.fix2 ./esc/src/lib/coolkey/CoolKey.cpp
--- ./esc/src/lib/coolkey/CoolKey.cpp.fix2 2018-10-11 18:34:34.622987227 -0700
+++ ./esc/src/lib/coolkey/CoolKey.cpp 2018-10-11 18:36:11.918476971 -0700
@@ -492,13 +492,11 @@ HRESULT CoolKeyGetCUIDDirectly(char *aBu
}
cardCtxt = CKYCardContext_Create(SCARD_SCOPE_USER);
- assert(cardCtxt);
if (!cardCtxt) {
goto done;
}
conn = CKYCardConnection_Create(cardCtxt);
- assert(conn);
if (!conn) {
goto done;
}
@@ -559,13 +557,11 @@ HRESULT CoolKeyGetATRDirectly(char *aBuf
}
cardCtxt = CKYCardContext_Create(SCARD_SCOPE_USER);
- assert(cardCtxt);
if (!cardCtxt) {
goto done;
}
conn = CKYCardConnection_Create(cardCtxt);
- assert(conn);
if (!conn) {
goto done;
}
@@ -629,13 +625,11 @@ HRESULT CoolKeyGetLifeCycleDirectly(CKYB
}
cardCtxt = CKYCardContext_Create(SCARD_SCOPE_USER);
- assert(cardCtxt);
if (!cardCtxt) {
goto done;
}
conn = CKYCardConnection_Create(cardCtxt);
- assert(conn);
if (!conn) {
goto done;
}
@@ -691,13 +685,11 @@ HRESULT CoolKeyGetCPLCDataDirectly(CKYAp
}
cardCtxt = CKYCardContext_Create(SCARD_SCOPE_USER);
- assert(cardCtxt);
if (!cardCtxt) {
goto done;
}
conn = CKYCardConnection_Create(cardCtxt);
- assert(conn);
if (!conn) {
goto done;
}
@@ -752,19 +744,16 @@ static void PR_CALLBACK BlinkTimer(void
const char *readerName = NULL;
CKYCardContext *cardCtxt = CKYCardContext_Create(SCARD_SCOPE_USER);
- assert(cardCtxt);
if (!cardCtxt) {
goto done;
}
conn = CKYCardConnection_Create(cardCtxt);
- assert(conn);
if (!conn) {
goto done;
}
readerName = GetReaderNameForKeyID(&params->mKey);
- assert(readerName);
if (!readerName) {
goto done;
}
@@ -1336,7 +1325,6 @@ HRESULT CoolKeyGetIssuerInfo(const CoolK
CKYCardContext *cardCtxt = CKYCardContext_Create(SCARD_SCOPE_USER);
- assert(cardCtxt);
if (!cardCtxt) {
CoolKeyLogMsg( PR_LOG_ERROR, "%s Attempting to get key issuer info. Can't create Card Context !.\n",GetTStamp(tBuff,56));
result = E_FAIL;
@@ -1344,7 +1332,6 @@ HRESULT CoolKeyGetIssuerInfo(const CoolK
}
conn = CKYCardConnection_Create(cardCtxt);
- assert(conn);
if (!conn) {
CoolKeyLogMsg( PR_LOG_ERROR, "%s Attempting to get key issuer info. Can't create Card Connection!\n",GetTStamp(tBuff,56));
result = E_FAIL;
@@ -1352,7 +1339,6 @@ HRESULT CoolKeyGetIssuerInfo(const CoolK
}
readerName = GetReaderNameForKeyID(aKey);
- assert(readerName);
if (!readerName) {
CoolKeyLogMsg( PR_LOG_ERROR, "%s Attempting to get key issuer info. Can't get reader name!\n",GetTStamp(tBuff,56));
result = E_FAIL;

300
esc-1.1.2-fix3.patch Normal file
View File

@ -0,0 +1,300 @@
diff -up ./esc/configure.ac.fix3 ./esc/configure.ac
--- ./esc/configure.ac.fix3 2018-07-30 14:51:37.000000000 -0700
+++ ./esc/configure.ac 2018-10-12 14:06:48.349544811 -0700
@@ -56,8 +56,6 @@ AM_PROG_AR
AM_SILENT_RULES([yes])
LT_INIT
-SCARD_LIB_NAME="libpcsclite.so.1"
-
# Versioning
ESC_MAJOR_VERSION=esc_major_version
ESC_MINOR_VERSION=esc_minor_version
@@ -75,6 +73,7 @@ GOBJECT_INTROSPECTION_CHECK(1.56.1)
# Output
AC_DEFINE([DLL_SUFFIX], ["so"], [Description])
AC_DEFINE([LINUX], [1], [Description])
+AC_DEFINE([SCARD_LIB_NAME],["libpcsclite.so.1"], [Description])
AC_SUBST(ESC_CFLAGS)
AC_SUBST(ESC_LIBS)
AC_CONFIG_FILES([Makefile src/app/Makefile src/lib/coolkey/Makefile src/lib/nss-http-client/Makefile src/lib/coolkey-mgr/Makefile])
diff -up ./esc/src/app/esc.js.fix3 ./esc/src/app/esc.js
--- ./esc/src/app/esc.js.fix3 2018-10-12 17:59:36.790939337 -0700
+++ ./esc/src/app/esc.js 2018-10-12 19:26:51.847470201 -0700
@@ -44,13 +44,16 @@ const CoolKeyNotify = new Lang.Class({
this._unique_name = "Unknown";
this._dbusImpl = Gio.DBusExportedObject.wrapJSObject(CoolKeyNotifyIface, this);
this._dbusImpl.export(Gio.DBus.session, '/com/jmagne/CoolKeyNotify');
- this._dbusId = Gio.DBus.session.own_name( 'com.rm5248', Gio.BusNameOwnerFlags.NONE, this._nameAcquired.bind(this), this._nameLost);
+ this._dbusId = Gio.DBus.session.own_name( 'com.rm5248', Gio.BusNameOwnerFlags.NONE, this._nameAcquired.bind(this), this._nameLost.bind(this));
},
_nameAcquired: function( name ) {
this._unique_name = name.unique_name;
this._client._createCoolKeyMgr(this._unique_name);
},
_nameLost: function( name ) {
+ if(this._client._window) {
+ this._client._window.destroy();
+ }
},
notifyCoolKeyEvent: function(aKeyType, aKeyID, aKeyState, aData, strData) {
@@ -76,6 +79,7 @@ class ESC {
this._window.present();
}
_onStartup() {
+ this.mgr = null;
this._buildUI();
this.notify = new CoolKeyNotify(this);
}
@@ -95,8 +99,10 @@ class ESC {
this.notify._dbusImpl.unexport();
this.notify = null;
}
- this.mgr.cleanup();
- this.mgr = null;
+ if(this.mgr) {
+ this.mgr.cleanup();
+ this.mgr = null;
+ }
this._window.destroy();
}
@@ -212,9 +218,7 @@ class ESC {
if (res == false) {
this._configFile.set_string("ESC","name","Smart Card Utility");
- print("attmpeting to create: " + config_name);
res = this._configFile.save_to_file(config_name);
- print("res: " + res);
}
}
diff -up ./esc/src/lib/coolkey/cky_card.c.fix3 ./esc/src/lib/coolkey/cky_card.c
--- ./esc/src/lib/coolkey/cky_card.c.fix3 2018-05-03 14:03:07.000000000 -0700
+++ ./esc/src/lib/coolkey/cky_card.c 2018-10-12 14:06:48.350544806 -0700
@@ -139,21 +139,15 @@ typedef struct _SCard {
goto fail; \
}
-#ifdef WIN32
-#define SCARD_LIB_NAME "winscard.dll"
-#else
-#ifdef MAC
-#define SCARD_LIB_NAME "PCSC.Framework/PCSC"
-#else
#ifdef LINUX
-#define SCARD_LIB_NAME "libpcsclite.so"
+#ifndef SCARD_LIB_NAME
+#define SCARD_LIB_NAME "libpcsclite.so.1"
#else
#ifndef SCARD_LIB_NAME
#error "define wincard library for this platform"
#endif
#endif
#endif
-#endif
static SCard *
ckySCard_Init(void)
diff -up ./esc/src/lib/coolkey/CoolKey.cpp.fix3 ./esc/src/lib/coolkey/CoolKey.cpp
diff -up ./esc/src/lib/coolkey-mgr/coolkey-api.cpp.fix3 ./esc/src/lib/coolkey-mgr/coolkey-api.cpp
--- ./esc/src/lib/coolkey-mgr/coolkey-api.cpp.fix3 2018-10-12 15:12:59.937348875 -0700
+++ ./esc/src/lib/coolkey-mgr/coolkey-api.cpp 2018-10-12 18:28:34.674060797 -0700
@@ -71,6 +71,12 @@ tokenInfo *coolkey_get_token_info(int ke
if(tInfo == NULL) {
exit(1);
}
+
+ tInfo ->atr = NULL;
+ tInfo->issuerInfo = NULL;
+ tInfo->issuer = NULL;
+ tInfo->issuedTo = NULL;
+ tInfo->status = 0;
coolkey->GetCoolKeyATR(keyType, keyID, &tInfo->atr);
diff -up ./esc/src/lib/coolkey-mgr/rhCoolKey.cpp.fix3 ./esc/src/lib/coolkey-mgr/rhCoolKey.cpp
--- ./esc/src/lib/coolkey-mgr/rhCoolKey.cpp.fix3 2018-10-12 14:22:05.938864628 -0700
+++ ./esc/src/lib/coolkey-mgr/rhCoolKey.cpp 2018-10-12 19:15:26.447926406 -0700
@@ -1053,17 +1053,19 @@ HRESULT rhCoolKey::GetCoolKeyCertInfo(PR
HRESULT rhCoolKey::GetCoolKeyATR(PRUint32 aKeyType, const char *aKeyID, char **_retval)
{
char tBuff[56];
+ if(aKeyID == NULL || _retval == NULL) {
+ return E_FAIL;
+ }
*_retval = NULL;
AutoCoolKey key(aKeyType, aKeyID);
- char atr[128];
- HRESULT res = CoolKeyGetATR(&key, (char *)&atr,sizeof(atr));
- PR_LOG( coolKeyLog, PR_LOG_DEBUG, ("%s Attempting to get the key's ATR: Key: %s, ATR %s. \n",GetTStamp(tBuff,56),aKeyID, (char *) atr));
- if(res == S_OK)
- {
- char *temp = (char *) PL_strdup(atr);
- *_retval = temp;
+ char atr[128] = {};
+ HRESULT res = CoolKeyGetATR(&key, (char *)&atr,sizeof(atr));
+ PR_LOG( coolKeyLog, PR_LOG_DEBUG, ("%s Attempting to get the key's ATR: Key: %s, ATR %s. \n",GetTStamp(tBuff,56),aKeyID, (char *) atr));
+
+ if(res == S_OK) {
+ *_retval = (char *) PL_strdup(atr);
}
- return NS_OK;
+ return res;
}
/* string GetCoolKeyTokenName (in unsigned long aKeyType, in string aKeyID); */
@@ -1097,24 +1099,25 @@ HRESULT rhCoolKey::GetCoolKeyTokenName(P
HRESULT rhCoolKey::GetCoolKeyIssuerInfo(PRUint32 aKeyType, const char *aKeyID, char **_retval)
{
char tBuff[56];
+
+ if(aKeyID == NULL || _retval == NULL) {
+ return E_FAIL;
+ }
*_retval = NULL;
AutoCoolKey key(aKeyType, aKeyID);
- char issuerInfo[256];
+ char issuerInfo[256] = {};
HRESULT res = CoolKeyGetIssuerInfo(&key, (char *)&issuerInfo,256);
::CoolKeyLogMsg( 1, "%s Attempting to get the key's Issuer: Key: %s, Issuer %s. \n",GetTStamp(tBuff,56),aKeyID, (char *) issuerInfo);
- if(res == S_OK)
- {
- char *temp = (char *) PL_strdup(issuerInfo);
- *_retval = temp;
-
+ if(res == S_OK) {
+ *_retval = (char *) PL_strdup(issuerInfo);
}
- return NS_OK;
+ return res;
}
/* void rhGetCoolKeyPolicy (in unsigned long aKeyType, in string aKeyID, out string policy); */
@@ -1153,28 +1156,22 @@ HRESULT rhCoolKey::GetCoolKeyPolicy(PRUi
HRESULT rhCoolKey::GetCoolKeyUID(PRUint32 aKeyType, const char *aKeyID, char **uid)
{
char tBuff[56];
- if (!aKeyID) {
- return NS_ERROR_FAILURE;
+ if (aKeyID == NULL || uid == NULL) {
+ return E_FAIL;
}
AutoCoolKey key(aKeyType, ( char *)aKeyID);
- char buff[512];
+ char buff[512] = {};
int bufLength = 512;
- buff[0] = 0;
- CoolKeyGetUID(&key, (char *) buff, bufLength);
-
- if(!buff[0])
- {
- return NS_OK;
- }
+ HRESULT res = CoolKeyGetUID(&key, (char *) buff, bufLength);
PR_LOG(coolKeyLog,PR_LOG_DEBUG,("%s rhCoolKey::RhGetCoolKeyGetUID %s \n",GetTStamp(tBuff,56),(char *) buff));
- char *temp = (char *) PL_strdup(buff);
-
- *uid = temp;
+ if(res == S_OK) {
+ char *uid = (char *) PL_strdup(buff);
+ }
return NS_OK;
@@ -1185,32 +1182,25 @@ HRESULT rhCoolKey::GetCoolKeyUID(PRUint3
HRESULT rhCoolKey::GetCoolKeyIssuedTo(PRUint32 aKeyType, const char *aKeyID, char **issuedTo)
{
char tBuff[56];
- if (!aKeyID) {
- return NS_ERROR_FAILURE;
+ if (aKeyID == NULL || issuedTo == NULL) {
+ return E_FAIL;
}
+ *issuedTo = NULL;
AutoCoolKey key(aKeyType, ( char *)aKeyID);
- // const char *keyName = CoolKeyGetTokenName(&key);
-
- char buff[512];
+ char buff[512] = {};
int bufLength = 512;
- buff[0] = 0;
- CoolKeyGetIssuedTo(&key, (char *) buff, bufLength);
-
- if(!buff[0])
- {
- return NS_OK;
- }
+ HRESULT res = CoolKeyGetIssuedTo(&key, (char *) buff, bufLength);
PR_LOG(coolKeyLog,PR_LOG_DEBUG,("%s rhCoolKey::RhGetCoolKeyGetIssuedTo %s \n",GetTStamp(tBuff,56),(char *) buff));
- char *temp = (char *) PL_strdup(buff);
-
- *issuedTo = temp;
+ if(res == S_OK) {
+ *issuedTo = (char *) PL_strdup(buff);
+ }
- return NS_OK;
+ return res;
}
@@ -1218,32 +1208,24 @@ HRESULT rhCoolKey::GetCoolKeyIssuedTo(PR
HRESULT rhCoolKey::GetCoolKeyIssuer(PRUint32 aKeyType, const char *aKeyID, char **issuer)
{
char tBuff[56];
- if (!aKeyID) {
- return NS_ERROR_FAILURE;
+ if (!aKeyID || !issuer) {
+ return E_FAIL;
}
AutoCoolKey key(aKeyType, ( char *)aKeyID);
- // const char *keyName = CoolKeyGetTokenName(&key);
-
- char buff[512];
+ char buff[512] = {};
int bufLength = 512;
- buff[0] = 0;
- CoolKeyGetIssuer(&key, (char *) buff, bufLength);
-
- if(!buff[0])
- {
- return NS_OK;
- }
+ HRESULT res = CoolKeyGetIssuer(&key, (char *) buff, bufLength);
PR_LOG(coolKeyLog,PR_LOG_DEBUG,("%s rhCoolKey::RhGetCoolKeyGetIssuer %s \n",GetTStamp(tBuff,56),(char *) buff));
- char *temp = (char *) PL_strdup(buff);
-
- *issuer = temp;
+ if(res == S_OK) {
+ *issuer = (char *) PL_strdup(buff);
+ }
- return NS_OK;
+ return res;
}
diff -up ./esc/src/lib/coolkey-mgr/rhCoolKey.h.fix3 ./esc/src/lib/coolkey-mgr/rhCoolKey.h

3722
esc-1.1.2-fix4.patch Normal file
View File

File diff suppressed because it is too large Load Diff

12
esc-1.1.2-fix5.patch Normal file
View File

@ -0,0 +1,12 @@
diff -up ./esc/src/lib/nss-http-client/httpClientNss.cpp.fix5 ./esc/src/lib/nss-http-client/httpClientNss.cpp
--- ./esc/src/lib/nss-http-client/httpClientNss.cpp.fix5 2019-10-29 11:16:36.042807434 -0700
+++ ./esc/src/lib/nss-http-client/httpClientNss.cpp 2019-10-29 11:18:22.169301918 -0700
@@ -172,6 +172,8 @@ PSHttpResponse *HttpClientNss::httpSendC
request.addHeader( "Content-Type", "text/plain" );
+ request.setMethod(method);
+
if(cb)
{
request.setChunkedCallback(cb);

250
esc-1.1.2-fix6.patch Normal file
View File

@ -0,0 +1,250 @@
diff -up ./esc/src/app/opensc.esc.conf.fix6 ./esc/src/app/opensc.esc.conf
--- ./esc/src/app/opensc.esc.conf.fix6 2019-11-14 18:19:13.343923930 -0800
+++ ./esc/src/app/opensc.esc.conf 2019-11-15 11:30:01.967034720 -0800
@@ -26,6 +26,11 @@ app default {
# Default: stderr
#
#debug_file = /tmp/opensc.log;
+ # sc650 scp01 (older version)
+ card_atr
+ 3B:FF:14:00:FF:81:31:FE:45:80:25:A0:00:00:00:56:57:53:43:36:35:30:03:02:39 {
+ pkcs11_enable_InitToken = yes;
+ }
card_atr
3B:FF:14:00:FF:81:31:FE:45:80:25:A0:00:00:00:56:57:53:43:36:35:30:03:03:38 {
@@ -52,12 +57,31 @@ app default {
pkcs11_enable_InitToken = yes;
}
+ card_atr
+ 3B:95:95:40:FF:AE:01:03:00:00 {
+ pkcs11_enable_InitToken = yes;
+ }
+
+
+ #g&d 6.0 smart cafe scp03
card_atr
3B:FE:18:00:00:80:31:FE:45:53:43:45:36:30:2D:43:44:30:38:31:2D:6E:46:A9 {
pkcs11_enable_InitToken = yes;
}
+ #g&d 7.0 smart cafe scp03
+ card_atr
+ 3B:F9:96:00:00:80:31:FE:45:53:43:45:37:20:03:00:20:46:42 {
+ pkcs11_enable_InitToken = yes;
+ }
+
+ #sc650 scp03
+
+ card_atr
+ 3B:FF:14:00:FF:81:31:FE:45:80:25:A0:00:00:00:56:57:53:43:36:35:30:04:02:3E {
+ pkcs11_enable_InitToken = yes;
+ }
reader_driver ctapi {
}
diff -up ./esc/src/lib/coolkey/CoolKey.cpp.fix6 ./esc/src/lib/coolkey/CoolKey.cpp
--- ./esc/src/lib/coolkey/CoolKey.cpp.fix6 2019-11-13 18:30:45.454938214 -0800
+++ ./esc/src/lib/coolkey/CoolKey.cpp 2019-11-14 18:16:49.078377331 -0800
@@ -542,6 +542,67 @@ done:
}
+/* Return the full reader name since nss can't seem to give us the whole name
+ * when the length is longer than 65 chars.
+ * Caller has to free the returned string.
+ */
+char *CoolKeyGetFullReaderName(const char *nssReaderName)
+{
+ char* fullReaderName = NULL;
+ CKYReaderNameList readerNames;
+ CKYCardContext *cardCtxt = NULL;
+ CKYStatus ret = CKYSCARDERR;
+ int readerCount = 0;
+ char tBuff[56];
+ PR_LOG( coolKeyLog, PR_LOG_DEBUG, ("%s CoolKeyGetFullReaderName entering:\n",GetTStamp(tBuff,56)));
+
+ if(nssReaderName == NULL) {
+ goto done;
+ }
+
+ cardCtxt = CKYCardContext_Create(SCARD_SCOPE_USER);
+ if (!cardCtxt) {
+ goto done;
+ }
+
+ ret = CKYCardContext_ListReaders(cardCtxt, &readerNames);
+ if (ret != CKYSUCCESS) {
+ goto done;
+ }
+
+ readerCount = CKYReaderNameList_GetCount(readerNames);
+
+ /* none found, return success */
+ if (readerCount == 0) {
+ goto done;
+ }
+
+ /* step through reader list to match to our possible partial reader name from nss. */
+ for (int i=0; i < readerCount ; i++) {
+ const char *thisReader = CKYReaderNameList_GetValue(readerNames, i);
+
+ const char *match = strstr(thisReader, nssReaderName );
+ if(match == NULL) {
+ PR_LOG( coolKeyLog, PR_LOG_DEBUG, ("%s CoolKeyGetFullReaderName reader: %s not the one. \n",thisReader,GetTStamp(tBuff,56)));
+
+ } else {
+ fullReaderName = strdup(thisReader);
+ PR_LOG( coolKeyLog, PR_LOG_DEBUG, ("%s CoolKeyGetFullReaderName correct full name: %s \n",fullReaderName,GetTStamp(tBuff,56)));
+ }
+ }
+
+done:
+
+ if (cardCtxt) {
+ CKYCardContext_Destroy(cardCtxt);
+ }
+
+ if(readerNames) {
+ CKYReaderNameList_Destroy(readerNames);
+ }
+ return fullReaderName;
+
+}
HRESULT CoolKeyGetATRDirectly(char *aBuff, int aBuffLen,const char *readerName) {
diff -up ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix6 ./esc/src/lib/coolkey/CoolKeyHandler.cpp
--- ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix6 2019-11-13 18:30:59.934918507 -0800
+++ ./esc/src/lib/coolkey/CoolKeyHandler.cpp 2019-11-14 17:16:03.946077277 -0800
@@ -2209,10 +2209,10 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co
SECStatus status;
HRESULT hres,atrRes,cuidRes,cycleRes;
- CKYBuffer cardATR;
- CKYBuffer_InitEmpty(&cardATR);
char *readerName = PK11_GetSlotName(aSlot);
-
+
+ char *actualReaderName = CoolKeyGetFullReaderName(readerName);
+
memset((void *) &tokenInfo,0,sizeof(tokenInfo));
ATR.data = NULL; // initialize for error processing
label.data = NULL; // initialize for error processing
@@ -2233,6 +2233,11 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co
char cuidChar[100];
memset((void*) cuidChar,0 ,sizeof(cuidChar));
+ if(actualReaderName == NULL) {
+ goto failed;
+ }
+
+
// get the CUID/Serial number (we *WILL* continue to need it )
status = PK11_GetTokenInfo(aSlot,&tokenInfo);
if (status != SECSuccess) {
@@ -2242,7 +2247,7 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co
tokenInfo.flags=0; //Ignore what opensc says, get the info ourselves later.
//Get the life cycle state:
- cycleRes = CoolKeyGetLifeCycleDirectly(&lifeCycle,readerName);
+ cycleRes = CoolKeyGetLifeCycleDirectly(&lifeCycle,actualReaderName);
if(lifeCycle == 0x7) { // applet only
hasApplet = 1;
@@ -2255,7 +2260,7 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co
//Let's see if we can get the ATR by force explicitly
- atrRes = CoolKeyGetATRDirectly(atrChar,100,readerName);
+ atrRes = CoolKeyGetATRDirectly(atrChar,100,actualReaderName);
if(atrRes == E_FAIL) {
goto failed;
@@ -2310,7 +2315,7 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co
info->mInfoFlags = MapGetFlags(&tokenInfo);
- info->mReaderName = strdup(readerName);
+ info->mReaderName = strdup(actualReaderName);
info->mCUID = (char *)malloc(35); /* should be a define ! */
@@ -2361,6 +2366,9 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co
SECITEM_FreeItem(&label,PR_FALSE);
+ if(actualReaderName) {
+ free(actualReaderName);
+ }
info->mSlot = PK11_ReferenceSlot(aSlot);
info->mSeries = PK11_GetSlotSeries(aSlot);
return info;
@@ -2372,7 +2380,9 @@ failed:
if (info) {
delete info;
}
-
- CKYBuffer_FreeData(&cardATR);
+ if (actualReaderName) {
+ free(actualReaderName);
+ }
+
return NULL;
}
diff -up ./esc/src/lib/coolkey/CoolKey.h.fix6 ./esc/src/lib/coolkey/CoolKey.h
--- ./esc/src/lib/coolkey/CoolKey.h.fix6 2019-11-13 18:30:37.263949374 -0800
+++ ./esc/src/lib/coolkey/CoolKey.h 2019-11-14 17:15:23.216143691 -0800
@@ -300,6 +300,7 @@ HRESULT CoolKeyGetATRDirectly(char *aBuf
HRESULT CoolKeyGetCUIDDirectly(char *aBuff, int aBuffLen, const char *readerName);
HRESULT CoolKeyGetCPLCDataDirectly(CKYAppletRespGetCPLCData *cplc,const char *readerName);
HRESULT CoolKeyGetLifeCycleDirectly(CKYByte *personalized,const char *readerName);
+char *CoolKeyGetFullReaderName(const char *nssReaderName);
}
diff -up ./esc/src/lib/coolkey/NSSManager.cpp.fix6 ./esc/src/lib/coolkey/NSSManager.cpp
--- ./esc/src/lib/coolkey/NSSManager.cpp.fix6 2019-11-14 17:21:14.596622085 -0800
+++ ./esc/src/lib/coolkey/NSSManager.cpp 2019-11-14 18:24:25.461109006 -0800
@@ -402,7 +402,8 @@ HRESULT NSSManager::GetKeyIssuer(const C
if(cert)
{
- if(cert->slot == slot)
+ int not_equal = strncmp(PK11_GetSlotName(slot), PK11_GetSlotName(cert->slot),65);
+ if(not_equal == 0)
{
if(IsCACert(cert))
{
@@ -478,7 +479,8 @@ HRESULT NSSManager::GetKeyUID(const Cool
if(cert)
{
- if(cert->slot == slot)
+ int not_equal = strncmp(PK11_GetSlotName(slot), PK11_GetSlotName(cert->slot),65);
+ if(not_equal == 0)
{
if(IsCACert(cert))
{
@@ -557,7 +559,8 @@ HRESULT NSSManager::GetKeyIssuedTo(const
if(cert)
{
- if(cert->slot == slot)
+ int not_equal = strncmp(PK11_GetSlotName(slot), PK11_GetSlotName(cert->slot),65);
+ if(not_equal == 0)
{
if(IsCACert(cert))
{
@@ -643,7 +646,8 @@ HRESULT NSSManager::GetKeyCertInfo(const
CERTCertificate *cert = node->cert;
if(cert)
{
- if(cert->slot == slot)
+ int not_equal = strncmp(PK11_GetSlotName(slot), PK11_GetSlotName(cert->slot),65);
+ if(not_equal == 0)
{
if(!strcmp(cert->nickname,aCertNickname))
{

343
esc-1.1.2-fix7.patch Normal file
View File

@ -0,0 +1,343 @@
diff -up ./esc/src/app/esc.js.fix7 ./esc/src/app/esc.js
--- ./esc/src/app/esc.js.fix7 2020-05-30 18:57:40.423388032 -0700
+++ ./esc/src/app/esc.js 2020-05-30 19:01:40.769955310 -0700
@@ -30,6 +30,12 @@ const ESC_CONFIG_FILE_NAME = "esc.conf";
const ESC_CONFIG_GROUP = "ESC";
const ESC_PWORD_FILE = "pword";
+const STATUS_ENROLLED="Enrolled";
+const STATUS_FORMATTED="Formatted";
+const STATUS_UNFORMATTED="Unformatted";
+const STATUS_UNKNOWN="Unknown";
+const FORMATTED_CODE=2;
+
const UNKNOWN_LABEL = "unknown";
const CoolKeyNotifyIface = '<node> \
<interface name="com.jmagne.CoolKeyNotify"> \
@@ -185,17 +191,17 @@ class ESC {
_getStatusString(intStatus) {
switch(intStatus) {
case 4:
- return "enrolled";
+ return STATUS_ENROLLED;
break;
case 2:
- return "uninitialized";
+ return STATUS_FORMATTED;
break;
case 1:
- return "unknown";
+ return STATUS_UNFORMATTED;
break;
default:
- return "unknown";
+ return STATUS_UNKNOWN;
break;
}
}
@@ -216,14 +222,30 @@ class ESC {
let issuer = inserted.issuer;
let issuedTo = inserted.issued_to;
+ let cachedIssuer = null;
+
+ if(inserted.is_a_cool_key) {
+ cachedIssuer = this._phoneHomeMgr.getCachedIssuer(aKeyID);
+ }
+
+ if(cachedIssuer != null) {
+ issuer = cachedIssuer;
+ }
+
if(issuer == null || issuer.length == 0) {
- issuer = "unknown";
+ issuer = STATUS_UNKNOWN;
}
if(issuedTo == null || issuedTo.length == 0) {
- issuedTo = "unknown";
+ issuedTo = STATUS_UNKNOWN;
}
+ let newStatus = inserted.status;
+
+ if(newStatus == FORMATTED_CODE) {
+ issuedTo = STATUS_UNKNOWN;
+ }
+
this._tokenStore.set (this._tokenStore.append(), [0, 1, 2, 3, 4],
- [issuer, issuedTo, this._getStatusString(inserted.status), aKeyID,aKeyType]);
+ [issuer, issuedTo, this._getStatusString(newStatus), aKeyID,aKeyType]);
let [ isSelected, iter] = this._tokenStore.get_iter_first();
diff -up ./esc/src/app/opensc.esc.conf.fix7 ./esc/src/app/opensc.esc.conf
--- ./esc/src/app/opensc.esc.conf.fix7 2020-05-30 18:54:14.079618060 -0700
+++ ./esc/src/app/opensc.esc.conf 2020-05-30 19:02:16.191744158 -0700
@@ -89,12 +89,12 @@ app default {
}
reader_driver openct {
};
- card_drivers = coolkey, cac, piv, default;
+ card_drivers = coolkey, cac,cac1, piv, default;
secure_messaging local_authentic {
module_path = /usr/lib64;
}
framework pkcs15 {
- builtin_emulators = coolkey, cac, piv;
+ builtin_emulators = coolkey, cac, cac1, piv;
}
}
app opensc-pkcs11 {
diff -up ./esc/src/app/operationDialog.js.fix7 ./esc/src/app/operationDialog.js
--- ./esc/src/app/operationDialog.js.fix7 2020-05-30 18:54:48.700411683 -0700
+++ ./esc/src/app/operationDialog.js 2020-05-30 19:03:01.354474940 -0700
@@ -47,34 +47,32 @@ operationDialog.prototype = {
if(tokenInfo == null) {
this.app_alert("Invalid Token!");
}
- this.dialog = new Gtk.Dialog ({ transient_for: this.app._window,
- modal: true,deletable: false,
- title: TOKEN_OPERATION, border_width: 10 });
this.operation = operation;
this.tokenInfo = tokenInfo;
let opMessage = "";
if(this.operation == OP_FORMAT) {
- opMessage = "Format Smart Card";
+ opMessage = "Format Smart Card:";
} else if(this.operation == OP_ENROLL) {
- opMessage = "Enroll Smart Card";
+ opMessage = "Enroll Smart Card:";
} else if(this.operation == OP_PIN_RESET) {
- opMessage = "Reset Smart Card Pin";
+ opMessage = "Reset Smart Card Pin:";
} else {
this.app._alert("operationdDialog: Invalid operation!");
return;
}
+ this.dialog = new Gtk.Dialog ({ transient_for: this.app._window,
+ modal: true,deletable: false,
+ title: TOKEN_OPERATION, border_width: 10 });
+
this.area = this.dialog.get_content_area();
this.grid = new Gtk.Grid ({row_spacing: 20, column_spacing: 20});
- this.message = new Gtk.Label ({label: opMessage});
- this.area.add (this.message);
-
//this.throbberImage = new Gtk.Image({file: this.app._currentDir + "/" + "throbber-anim5.gif"});
-
+ this.label = new Gtk.Label({label: opMessage});
this.progressBar = new Gtk.ProgressBar ({ valign: Gtk.Align.CENTER });
this.progressBar.set_fraction(0.0);
@@ -86,15 +84,16 @@ operationDialog.prototype = {
this.ldapUserLabel = new Gtk.Label({label: "Ldap User:"});
this.ldapUserBox = new Gtk.Entry();
- this.grid.attach(this.ldapUserLabel, 0, 0, 1,1);
- this.grid.attach(this.ldapUserBox,1, 0,1,1);
+ this.grid.attach(this.label,0,0,1,1);
+ this.grid.attach(this.ldapUserLabel, 0, 1, 1,1);
+ this.grid.attach(this.ldapUserBox,1, 1,1,1);
this.ldapPasswordLabel = new Gtk.Label({label: "Ldap Password:"});
this.ldapPasswordBox = new Gtk.Entry();
this.ldapPasswordBox.set_visibility(false);
- this.grid.attach(this.ldapPasswordLabel,2,0,1,1);
- this.grid.attach(this.ldapPasswordBox,3,0,1,1);
+ this.grid.attach(this.ldapPasswordLabel,2,1,1,1);
+ this.grid.attach(this.ldapPasswordBox,3,1,1,1);
if(this.operation != OP_FORMAT ) {
@@ -106,10 +105,10 @@ operationDialog.prototype = {
this.confirmPinBox = new Gtk.Entry();
this.confirmPinBox.set_visibility(false);
- this.grid.attach(this.newpinLabel, 0,1,1,1);
- this.grid.attach(this.newpinBox,1,1,1,1);
- this.grid.attach(this.confirmPinLabel,2,1,1,1);
- this.grid.attach(this.confirmPinBox,3,1,1,1);
+ this.grid.attach(this.newpinLabel, 0,2,1,1);
+ this.grid.attach(this.newpinBox,1,2,1,1);
+ this.grid.attach(this.confirmPinLabel,2,2,1,1);
+ this.grid.attach(this.confirmPinBox,3,2,1,1);
}
this.oKButton = new Gtk.Button ({label: OpLabels[this.operation]});
@@ -117,11 +116,11 @@ operationDialog.prototype = {
this.dismissButton = new Gtk.Button({label: "Cancel" });
//this.grid.attach(this.throbberImage,0,2,1,1);
- this.grid.attach(this.progressLabel, 0,2,1,1);
+ this.grid.attach(this.progressLabel, 0,3,1,1);
//this.throbberImage.hide();
- this.grid.attach(this.progressBar, 1,2,1,1);
- this.grid.attach (this.oKButton,2,2,1,1);
- this.grid.attach (this.dismissButton,3,2,1,1);
+ this.grid.attach(this.progressBar, 1,3,1,1);
+ this.grid.attach (this.oKButton,2,3,1,1);
+ this.grid.attach (this.dismissButton,3,3,1,1);
// Connect the button to the function that handles what it does
this.oKButton.connect ("clicked", this.oKHandler.bind(this));
diff -up ./esc/src/app/phoneHome.js.fix7 ./esc/src/app/phoneHome.js
--- ./esc/src/app/phoneHome.js.fix7 2020-05-30 18:55:43.223086670 -0700
+++ ./esc/src/app/phoneHome.js 2020-05-30 19:03:49.787186230 -0700
@@ -93,7 +93,7 @@ phoneHome.prototype = {
this.phArea = this.phDialog.get_content_area();
this.phMessage = new Gtk.Label ({label: "Enter url: ex: http://test.host.com:8080/tps/phoneHome"});
- this.phArea.add (this.phMessage);
+ //this.phArea.add (this.phMessage);
this.phActionArea = this.phDialog.get_action_area();
this.phUrlBox = new Gtk.Entry({width_chars: 35});
@@ -108,9 +108,9 @@ phoneHome.prototype = {
this.phActionArea.add(this.phGrid);
this.phOKButton = Gtk.Button.new_from_stock (Gtk.STOCK_OK);
-
- this.phGrid.attach(this.phUrlBox, 0, 0, 1,1);
- this.phGrid.attach(this.phOKButton,1, 0,1,1);
+ this.phGrid.add(this.phMessage);
+ this.phGrid.attach(this.phUrlBox, 0, 1, 1,1);
+ this.phGrid.attach(this.phOKButton,1, 1,1,1);
// Connect the button to the function that handles what it does
this.phOKButton.connect ("clicked", this.phoneHomeOKHandler.bind(this));
@@ -228,9 +228,9 @@ phoneHome.prototype = {
if(!aKeyID)
return null;
- var issuerValue = this.app._configValueWithKeyID(aKeyID,KEY_ISSUER);
+ let issuerValue = this.app._configValueWithKeyID(aKeyID,KEY_ISSUER);
- if(!issuerValue)
+ if(issuerValue == null)
return null;
issuer = this.app._getConfigValue(issuerValue);
diff -up ./esc/src/app/pinDialog.js.fix7 ./esc/src/app/pinDialog.js
--- ./esc/src/app/pinDialog.js.fix7 2020-05-30 18:55:09.395288320 -0700
+++ ./esc/src/app/pinDialog.js 2020-05-30 19:04:51.380819066 -0700
@@ -36,16 +36,15 @@ pinDialog.prototype = {
launchPinPrompt: function(notify) {
this.notify = notify;
+ this.message = "Token Pin Entry";
this.dialog = new Gtk.Dialog ({ transient_for: this.app._window,
modal: true,
expand: false,
- title: PIN_OPERATION ,border_width: 20, deletable: false });
+ title: this.message ,border_width: 20, deletable: false });
this.area = this.dialog.get_content_area();
this.grid = new Gtk.Grid ({row_spacing: 10, column_spacing: 20});
- this.message = new Gtk.Label ({label: "Enter Token Pin"});
- this.area.add (this.message);
this.actionArea = this.dialog.get_action_area();
this.pinBox = new Gtk.Entry();
diff -up ./esc/src/lib/coolkey/CoolKey.cpp.fix7 ./esc/src/lib/coolkey/CoolKey.cpp
--- ./esc/src/lib/coolkey/CoolKey.cpp.fix7 2020-05-30 18:56:35.827773090 -0700
+++ ./esc/src/lib/coolkey/CoolKey.cpp 2020-05-30 19:05:30.561585507 -0700
@@ -511,6 +511,11 @@ HRESULT CoolKeyGetCUIDDirectly(char *aBu
CKYCardConnection_BeginTransaction(conn);
+ status = CKYApplet_SelectCardManager(conn, &apduRC);
+ if (status != CKYSUCCESS) {
+ goto done;
+ }
+
status = CKYApplet_GetCUID(conn, &cuid, &apduRC);
if (status != CKYSUCCESS) {
goto done;
@@ -764,7 +769,6 @@ HRESULT CoolKeyGetCPLCDataDirectly(CKYAp
}
CKYCardConnection_BeginTransaction(conn);
- unsigned long state;
status = CKYApplet_SelectCardManager(conn, &apduRC);
if (status != CKYSUCCESS) {
diff -up ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix7 ./esc/src/lib/coolkey/CoolKeyHandler.cpp
--- ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix7 2020-05-30 18:56:56.511649792 -0700
+++ ./esc/src/lib/coolkey/CoolKeyHandler.cpp 2020-05-30 19:06:21.955279145 -0700
@@ -2157,11 +2157,22 @@ copySerialNumber(char *dest, const char
// it will probably have Dashes and store in lower case some time in the
// future.
//
-static HRESULT
+static HRESULT
getCUIDFromTokenInfo(CK_TOKEN_INFO *tokenInfo, char *tokenSerialNumber)
{
+ const int minCUIDLen = 18;
+
char *cp = tokenSerialNumber;
+ if( tokenSerialNumber == NULL) {
+ return E_FAIL;
+ }
+
+ if(tokenInfo == NULL) {
+ *cp = 0;
+ return E_FAIL;
+ }
+
if (isxdigit(tokenInfo->manufacturerID[0]) &&
isxdigit(tokenInfo->manufacturerID[1]) &&
isxdigit(tokenInfo->manufacturerID[2]) &&
@@ -2181,6 +2192,10 @@ getCUIDFromTokenInfo(CK_TOKEN_INFO *toke
}
*cp=0;
+ if( strlen(tokenSerialNumber) < minCUIDLen) {
+ return E_FAIL;
+ }
+
return S_OK;
}
@@ -2207,7 +2222,7 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co
CK_TOKEN_INFO tokenInfo;
CoolKeyInfo *info = NULL;
SECStatus status;
- HRESULT hres,atrRes,cuidRes,cycleRes;
+ HRESULT hres,atrRes,cycleRes,cuidRes;
char *readerName = PK11_GetSlotName(aSlot);
@@ -2327,22 +2342,16 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co
goto failed;
}
- hres = getCUIDFromTokenInfo(&tokenInfo, info->mCUID);
- /* shouldn't the be != S_SUCCESS? */
- if (hres == E_FAIL) {
- goto failed;
- }
-
+ cuidRes = getCUIDFromTokenInfo(&tokenInfo, info->mCUID);
//Check for blank cuid and put something there
- if(isACOOLKey && strlen(info->mCUID) == 0 )
- {
+ if(isACOOLKey && cuidRes == E_FAIL) {
//Let's try to get the cuid directly from the token.
cuidRes = CoolKeyGetCUIDDirectly(cuidChar, 100, readerName);
if(cuidRes != S_OK) {
- strcpy(info->mCUID, "blank-token");
+ strcpy(info->mCUID, "unknown");
} else {
strcpy(info->mCUID, cuidChar);
}

60
esc-1.1.2-fix8.patch Normal file
View File

@ -0,0 +1,60 @@
diff -up ./esc/src/app/opensc.esc.conf.fix8 ./esc/src/app/opensc.esc.conf
--- ./esc/src/app/opensc.esc.conf.fix8 2020-08-07 16:17:37.464650003 -0700
+++ ./esc/src/app/opensc.esc.conf 2020-08-07 16:20:21.861957011 -0700
@@ -89,12 +89,12 @@ app default {
}
reader_driver openct {
};
- card_drivers = coolkey, cac,cac1, piv, default;
+ card_drivers = coolkey, cac,cac1, PIV-II, default;
secure_messaging local_authentic {
module_path = /usr/lib64;
}
framework pkcs15 {
- builtin_emulators = coolkey, cac, cac1, piv;
+ builtin_emulators = coolkey, cac, cac1, PIV-II;
}
}
app opensc-pkcs11 {
diff -up ./esc/src/lib/coolkey/CoolKey.cpp.fix8 ./esc/src/lib/coolkey/CoolKey.cpp
--- ./esc/src/lib/coolkey/CoolKey.cpp.fix8 2020-08-07 12:05:35.982966019 -0700
+++ ./esc/src/lib/coolkey/CoolKey.cpp 2020-08-07 16:08:16.747602873 -0700
@@ -593,6 +593,7 @@ char *CoolKeyGetFullReaderName(const cha
} else {
fullReaderName = strdup(thisReader);
PR_LOG( coolKeyLog, PR_LOG_DEBUG, ("%s CoolKeyGetFullReaderName correct full name: %s \n",fullReaderName,GetTStamp(tBuff,56)));
+ break;
}
}
diff -up ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix8 ./esc/src/lib/coolkey/CoolKeyHandler.cpp
--- ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix8 2020-08-07 12:05:44.394982245 -0700
+++ ./esc/src/lib/coolkey/CoolKeyHandler.cpp 2020-08-07 16:10:35.504862004 -0700
@@ -2225,8 +2225,17 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co
HRESULT hres,atrRes,cycleRes,cuidRes;
char *readerName = PK11_GetSlotName(aSlot);
+ int readerNameLen = strlen(readerName);
- char *actualReaderName = CoolKeyGetFullReaderName(readerName);
+ //Since there is no local support to get a reader name by slot,
+ //Will simply do a partial substring compare, using less characters
+ //to avoid any hard coded trailing chars.
+
+ char partialReaderName[60];
+ memset(partialReaderName, 0, 60);
+
+ strncpy(partialReaderName,readerName, 59);
+ char *actualReaderName = CoolKeyGetFullReaderName(partialReaderName);
memset((void *) &tokenInfo,0,sizeof(tokenInfo));
ATR.data = NULL; // initialize for error processing
@@ -2348,7 +2357,7 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co
if(isACOOLKey && cuidRes == E_FAIL) {
//Let's try to get the cuid directly from the token.
- cuidRes = CoolKeyGetCUIDDirectly(cuidChar, 100, readerName);
+ cuidRes = CoolKeyGetCUIDDirectly(cuidChar, 100, actualReaderName);
if(cuidRes != S_OK) {
strcpy(info->mCUID, "unknown");

41
esc-1.1.2-fix9.patch Normal file
View File

@ -0,0 +1,41 @@
diff -up ./esc/src/app/esc.js.fix9 ./esc/src/app/esc.js
--- ./esc/src/app/esc.js.fix9 2020-08-12 11:15:29.423093856 -0700
+++ ./esc/src/app/esc.js 2020-08-12 11:43:47.646556310 -0700
@@ -271,7 +271,6 @@ class ESC {
if(!insertedToken && !doReset) {
return;
}
-
if(doReset) {
this._operationsGrid.remove(this._phoneHomeButton);
this._operationsGrid.remove(this._enrollButton);
@@ -297,6 +296,12 @@ class ESC {
}
this._operationsGrid.show_all();
+ } else {
+ if(insertedToken.status == 4) {
+ this._operationsGrid.add(this._certDetailButton);
+ this._operationsGrid.show_all();
+
+ }
}
}
diff -up ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix9 ./esc/src/lib/coolkey/CoolKeyHandler.cpp
--- ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix9 2020-08-12 10:59:24.844704399 -0700
+++ ./esc/src/lib/coolkey/CoolKeyHandler.cpp 2020-08-12 11:11:05.480713407 -0700
@@ -2329,11 +2329,11 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co
}
//Massage the tokenInfo so it adhered to when coolkey was doing it.
- if(hasApplet) {
+ if(hasApplet == 1 || isACAC == 1 || isAPIV == 1) {
tokenInfo.firmwareVersion.major = 1;
}
- if(isPersonalized) {
+ if(isPersonalized == 1 || isACAC == 1 || isAPIV == 1) {
tokenInfo.flags |= CKF_TOKEN_INITIALIZED;
}

5
esc.desktop
View File

@ -1,8 +1,7 @@
[Desktop Entry]
Type=Application
Encoding=UTF-8
Name=Smart Card Manager
Comment=Enterprise Security Client Smart Card Manager
Categories=System;Application;SystemSetup;X-Red-Hat-Base;
Categories=System;
Exec=esc
Icon=esc.png
Icon=esc

272
esc.spec
View File

@ -1,9 +1,25 @@
Name: esc
Version: 1.1.2
Release: 11%{?dist}
Release: 14%{?dist}
Summary: Enterprise Security Client Smart Card Client
License: GPL+
URL: http://directory.fedora.redhat.com/wiki/CoolKey
Group: Applications/Internet
#Fix to harden linker flags.
Patch0: esc-gcc11.patch
Patch1: esc-1.1.2-fix1.patch
Patch2: esc-1.1.2-fix2.patch
Patch3: esc-1.1.2-fix3.patch
Patch4: esc-1.1.2-fix4.patch
Patch5: esc-1.1.2-fix5.patch
Patch6: esc-1.1.2-fix6.patch
Patch7: esc-1.1.2-fix7.patch
Patch8: esc-1.1.2-fix8.patch
Patch9: esc-1.1.2-fix9.patch
Patch10: esc-1.1.2-fix10.patch
Patch11: esc-1.1.2-fix11.patch
Patch12: esc-1.1.2-fix12.patch
#BuildRequires: doxygen fontconfig-devel
@ -14,6 +30,7 @@ BuildRequires: nspr-devel nss-devel nss-static
BuildRequires: pcsc-lite-devel
BuildRequires: desktop-file-utils
BuildRequires: gcc-c++
%if ! 0%{?rhel} >= 9
BuildRequires: pkgconfig(gconf-2.0)
%endif
@ -23,11 +40,11 @@ BuildRequires: opensc
BuildRequires: gobject-introspection-devel
BuildRequires: gtk3-devel
BuildRequires: gjs-devel
BuildRequires: gcc-c++
BuildRequires: make
Requires: pcsc-lite nss nspr
Requires: pcsc-lite >= 1.9.1-3
Requires: pcsc-lite-ccid >= 1.4.34-4
Requires: nss nspr
Requires: dbus
Requires: opensc
Requires: gjs
@ -35,13 +52,6 @@ Requires: gobject-introspection
Requires: gtk3
Requires: glib2
# 390 does not have smartCards
ExcludeArch: s390 s390x
#xulrunner doesn't seem to support these right now
#Temporary anyway, since xulrunner is going away soon.
# We can't allow the internal xulrunner to leak out
AutoReqProv: 0
%define debug_build 0
@ -55,13 +65,12 @@ AutoReqProv: 0
%define esc_vendor esc
%define autostartdir %{_sysconfdir}/xdg/autostart
%define pixmapdir %{_datadir}/pixmaps
%define docdir %{_defaultdocdir}/%{escname}
%define docdir %{_defaultdocdir}/%{name}
Source0: http://pki.fedoraproject.org/pki/sources/%name/%{escname}.tar.bz2
Source1: http://pki.fedoraproject.org/pki/sources/%name/esc
Source2: http://pki.fedoraproject.org/pki/sources/%name/esc.desktop
Source3: http://pki.fedoraproject.org/pki/sources/%name/esc.png
Patch0: esc-gcc11.patch
%description
@ -71,12 +80,24 @@ cryptographic smartcards.
%prep
%setup -q -c -n %{escname}
%patch0 -p1
#patch esc
%patch0 -p1
%patch1 -p1 -b .fix1
%patch2 -p1 -b .fix2
%patch3 -p1 -b .fix3
%patch4 -p1 -b .fix4
%patch5 -p1 -b .fix5
%patch6 -p1 -b .fix6
%patch7 -p1 -b .fix7
%patch8 -p1 -b .fix8
%patch9 -p1 -b .fix9
%patch10 -p1 -b .fix10
%patch11 -p1 -b .fix11
%patch12 -p1 -b .fix12
%build
export CXXFLAGS="-std=c++14 $RPM_OPT_FLAGS"
echo $RPM_BUILD_DIR
@ -98,7 +119,7 @@ mkdir -p $RPM_BUILD_ROOT/%{pixmapdir}
mkdir -p $RPM_BUILD_ROOT/%{docdir}
echo "dir: " $RPM_BUILD_ROOT/%{escbindir}/%{name}
sed -e 's;\$LIBDIR;'%{_libdir}';g' %{SOURCE1} > $RPM_BUILD_ROOT/%{escbindir}/%{name}
sed -e 's;\$LIBDIR;'%{_libdir}';g' -e 's;\$VERSION;'%{version}';g' %{SOURCE1} > $RPM_BUILD_ROOT/%{escbindir}/%{name}
chmod 755 $RPM_BUILD_ROOT/%{escbindir}/%{name}
mkdir -p $RPM_BUILD_ROOT/%{escdir}
@ -130,6 +151,10 @@ cp %{escname}/esc/LICENSE $RPM_BUILD_ROOT/%{docdir}
%{escbindir}/esc
%{escdir}/lib
%{escdir}/esc.js
%{escdir}/esc.properties
%{escdir}/operationDialog.js
%{escdir}/phoneHome.js
%{escdir}/pinDialog.js
%{escdir}/opensc.esc.conf
@ -138,225 +163,36 @@ cp %{escname}/esc/LICENSE $RPM_BUILD_ROOT/%{docdir}
%{_datadir}/%{appdir}/esc.desktop
%changelog
* Thu Dec 13 2021 Jack Magne <jmagne@redhat.com> - 1.1.2-14
Resolves: rhbs #2007544,2000928,2000929
- Bugzilla Bug 2007544 - The esc provides outdated configuration for opensc
- Bugzilla Bug 2000928 - ESC does not detect smart cards and crashes upon launch [rhel-9.0.0]
- Bugzilla Bug 2000929 - [RHEL-9][AppStream] esc present in comps but missing from repository [rhel-9.0.0]
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 1.1.2-11
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
-
* Thu Apr 15 2021 Mohan Boddu <mboddu@redhat.com> - 1.1.2-10
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
-
* Tue Jan 26 2021 Tomas Popela <tpopela@redhat.com> - 1.1.2-9
- Don't enable GConf2 on RHEL 9 as it won't be available there.
-
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.1.2-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
-
* Tue Jul 28 2020 Jeff Law <law@redhat.com> - 1.1.2-7
- Force C++14 as this code is not C++17 ready
- Fix sprintf format issue
- Fix ordered comparison of a pointer against zero issue
-
* Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.1.2-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
-
* Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.1.2-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
-
* Wed Jul 24 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.1.2-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
-
* Thu Jan 31 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.1.2-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Wed Aug 01 2018 Jack Magne <jmagne@redhat.com> - 1.1.2-1
- Remove uneeded Requires and no longer put in autostart directory.
* Mon Jul 30 2018 Jack Magne <jmagne@redhat.com> - 1.1.2-1
- Build bare bones esc, without xulrunner, using gjs / gobject
- introspection.
* Thu Jun 07 2018 Jack Magne <jmagne@redhat.com> - 1.1.1-5
- Rebuild.
* Mon Apr 23 2018 Jack Magne <jmagne@redhat.com> - 1.1.1-4
- Remove coolkey dependencies, replace with opensc.
* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.1.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Thu Jan 11 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 1.1.1-2
- Remove obsolete scriptlets
* Mon Aug 07 2017 - 1.1.1-1
- Rebuilt using internally built xulrunner, due to the xulrunner package going away.
* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.1.0-32
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.1.0-31
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Sun May 8 2016 Peter Robinson <pbrobinson@fedoraproject.org> 1.1.0-30
- Secondary arch fixes
- Use %%license
* Mon Feb 08 2016 Jack Magne <jmagne@redhat.com> 1.1.0-29
- Apease latest xullrunner api changes.
* Thu Apr 09 2015 Jack Magne <jmagne@redhat.com> 1.1.0-27
- More xulrunner adjustments.
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.1.0-26
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.1.0-25
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Wed Apr 23 2014 Jack Magne <jmagne@redhat.com>=1.1.0-24
- Fix minor http client error.
* Thu Apr 17 2014 Jack Maghe <jmagne@redhat.com>=1.1.0-23
- Appease more xulrunner changes.
* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.1.0-23
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Sun Jul 7 2013 Ville Skyttä <ville.skytta@iki.fi> - 1.1.0-22
- Make buildable with kernels > 3.5.
- %%changelog syntax and bogus date fixes.
- Bump xulrunner version to 22.0.
* Mon Jun 17 2013 Jack Magne <jmagne@redhat.com>- 1.1.0-21
- Appease latest compiler errors and build to xulrunner 21.0.
* Wed Nov 28 2012 Jack Magne <jmagne@redhat.com>- 1.1.0-20
- Gecko no longer supports UniversalXPConnect, remove it.
* Wed Nov 21 2012 Jack Magne <jmagne@redhat.com>- 1.1.0-19
- Pick up latest fixes.
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.1.0-18
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Fri Jun 22 2012 Jack Magne <jmagne@redhat.com>- 1.1.0-17
- Related #688361 - Get ESC to run on Gecko 2.0, again.
* Thu May 10 2012 Jack Magne <jmagne@redhat.com>- 1.1.0-16
- Related #688361 - Get ESC to run on Gecko 2.0.
* Mon Feb 20 2012 Jack Magne <jmagne@redhat.com>- 1.1.0-15
- Related #688361 - Get ESC to run on Gecko 2.0.
* Tue Nov 29 2011 Jack Magne <jmagne@redhat.com>- 1.1.0-14
- Related #688361 - Get ESC to run on Gecko 2.0.
* Thu Apr 15 2010 Jack Magne <jmagne@redhat.com>- 1.1.0-11
- Adjust for new linking rules.
* Tue Sep 15 2009 Jack Magne <jmagne@redhat.com>- 1.1.0-10
- Pick up latest improvements.
* Mon Jun 22 2009 Jack Magne <jmagne@redhat.com>- 1.1.0-9
- Related: #496410, also IPV6 support.
* Fri Jun 19 2009 Jack Magne <jmagne@redhat.com>- 1.1.0-8
- Related: #496410, SSL Conn fix.
* Mon Jun 8 2009 Jack Magne <jmagne@redhat.com>- 1.1.0-7
- Releated: #496410.
* Thu Apr 23 2009 Jack Magne <jmagne@redhat.com>- 1.1.0-6
- Related: #496410. Appease rpmdiff.
* Wed Apr 22 2009 Jack Magne <jmagne@redhat.com>- 1.1.0-5
- Related: #496410, addresses 494981, better error message.
* Wed Apr 22 2009 Jack Magne <jmagne@redhat.com>- 1.1.0-4
- Move to latest rebased code. Related #496410.
* Thu Dec 04 2008 Jack Magne <jmagne@redhat.com>- 1.0.0-39
- Resolves #469202 - Cert Viewer issue
* Tue Nov 11 2008 Jack Magne <jmagne@redhat.com>- 1.0.0-38
- Resolves #471923 - ESC Connection issue.
* Thu Oct 16 2008 Jack Magne <jmagne@redhat.com>- 1.0.0-37
- Resolves #467126 - Blank authentication dialog problem.
* Fri Sep 26 2008 Jack Magne <jmagne@redhat.com>- 1.0.0-36
- Related #200475 - Require the xulrunner package, Resolves #248493
* Thu Sep 18 2008 Jack Magne <jmagne@redhat.com>- 1.0.0-35
- Related 200475, make rpmdiff tests happy.
* Tue Sep 16 2008 Jack Magne <jmagne@redhat.com>- 1.0.0-34
- Resolves #200475 #253081 #437238
* Thu Jan 10 2008 Jack Magne <jmagne@redhat.com>- 1.0.0-33
- Resolves #25324a8 #253268
* Thu Jul 12 2007 Jack Magne <jmagne@redhat.com>- 1.0.0-32
- Resolves #248071 - ESC RPM unistall failure if daemon not running.
* Fri Jun 22 2007 Jack Magne <jmagne@redhat.com>- 1.0.0-31
- Related #208038 - Top things to put in diagnostics log
* Wed Jun 20 2007 Jack Magne <jmagne@redhat.com>- 1.0.0-30
- Related #204021
* Fri Jun 8 2007 Jack Magne <jmagne@redhat.com>- 1.0-0-29
- Related #212010
* Fri Jun 8 2007 Jack Magne <jmagne@redhat.com>- 1.0.0-28
- Resolves #212010
* Tue Jun 5 2007 Jack Magne <jmagne@redhat.com>- 1.0.0-27
- Resolves #203466 Better error message strings.
* Mon May 21 2007 Jack Magne <jmagne@redhat.com>- 1.0.0-26
- Related: #206783 Fix the launcher script to work with new logging.
* Fri May 11 2007 Jack Magne <jmagne@redhat.com>- 1.0.0-25
- Resolves: #206783.
* Mon Apr 23 2007 Jack Magne <jmagne@redhat.com>- 1.0.0-24
- More Desktop appearance fixes.
- Related: #208749
* Mon Apr 23 2007 Jack Magne <jmagne@redhat.com>- 1.0.0-23
- Desktop appearance fixes.
- Related: #208749
* Thu Apr 19 2007 Jack Magne <jmagne@redhat.com>- 1.0.0-22
- Second drop of 5.1 fixes.
- Resolves: #203934, #203935, #204959, #206780, #206792, #207721
- Resolves: #207816, #206791
- Related: #208749
* Wed Apr 18 2007 Jack Magne <jmagne@redhat.com>- 1.0.0-21
- First 5.1 fixes.
- Resolves: #203757, #203806, #204661, #205856, #206788, #206791
- Resolves: #208037, #208333, #210589, #210590, #213912, #226913
- Resolves: #204021, #205498, #224436
* Tue Nov 28 2006 Jack Magne <jmagne@redhat.com>- 1.0.0-20
- fix for bug to commit config changes immediately. Bug #210988
* Wed Nov 15 2006 Jack Magne <jmagne@redhat.com>- 1.0.0-19
-fix for escd double free problem. Bug #209882
* Tue Oct 24 2006 Jack Magne <jmagne@redhat.com>- 1.0.0-18
-rebuilt on RHEL-5 branch
* Wed Oct 4 2006 Jack Magne <jmagne@redhat.com>- 1.0.0-17
- Diagnostics display fixes, Mac and Window fixes.
* Sun Oct 01 2006 Jesse Keating <jkeating@redhat.com> - 1.0.0-16
- rebuilt for unwind info generation, broken in gcc-4.1.1-21
* Fri Sep 22 2006 Jack Magne <jmagne@redhat.com>- 1.0.0-15
- Fix to the build version
* Fri Sep 22 2006 Jack Magne <jmagne@redhat.com>= 1.0.0-14
- Fix to compile error in daemon
* Fri Sep 22 2006 Jack Magne <jmagne@redhat.com>- 1.0.0-13
- Fix to include the new esc daemon.
* Sat Sep 16 2006 Jack Magne <jmagne@redhat.com>- 1.0.0-12
- Fix for Password Reset and minor UI revision.
* Fri Sep 15 2006 Jack Magne <jmagne@redhat.com>- 1.0.0-11
- Further UI enhancement bug fixes
* Thu Sep 7 2006 Jack Magne <jmagne@redhat.com>- 1.0.0-10
- Further strings revisions.
* Wed Aug 30 2006 Jack Magne <jmagne@redhat.com>- 1.0.0-9
- Revision of the strings used in ESC.
* Wed Aug 30 2006 Jack Magne <jmagne@redhat.com>- 1.0.0-8
- Fixes to get libnotify working properly on FC6 systems.
* Tue Aug 22 2006 Jack Magne <jmagne@redhat.com> - 1.0.0-7
- Fix for bug #203211, use of system NSS and NSPR for
- Xulrunner ,addressing the problem running on 64 bit.
- Overwriting 5 and 6 due to important bug #203211.
* Fri Aug 18 2006 Jack Magne <jmagne@redhat.com> - 1.0.0-6
- Correct problem with Patch #6
* Fri Aug 18 2006 Jack Magne <jmagne@redhat.com> - 1.0.0-5
- Build ESC's xulrunner component using system nss and nspr
- Build process creates run script based on {_libdir} variable,
accounting for differences on 64 bit machines.
- UI enhancements
* Tue Aug 1 2006 Matthias Clasen <mclasen@redhat.com> - 1.0.0-4
- Don't auto-generate requires either
* Mon Jul 31 2006 Matthias Clasen <mclasen@redhat.com> - 1.0.0-3
- Don't provide mozilla libraries
* Fri Jul 28 2006 Ray Strode <rstrode@redhat.com> - 1.0.0-2
- remove bogus gtk+ requires (and some others that will
be automatic)
* Tue Jun 13 2006 Jack Magne <jmagne@redhat.com> - 1.0.0-1
- Initial revision for fedora