rpms
/
esc
7
0
Fork 0
Code Issues Pull Requests Releases Activity

import esc-1.1.2-14.el8

This commit is contained in:
CentOS Sources 2020-08-21 18:29:21 +00:00 committed by Andrew Lukoshko
commit 41566369d9
14 changed files with 5317 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.esc.metadata Normal file
View File

@ -0,0 +1,2 @@
2750a5e0bc3221503f44a33c9f59aef5a6901203 SOURCES/esc-1.1.2.tar.bz2
115da701c784ea3fc89d2cb1bb0539011d246a1a SOURCES/esc.png

2
.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
SOURCES/esc-1.1.2.tar.bz2
SOURCES/esc.png

64
SOURCES/esc Executable file
View File

@ -0,0 +1,64 @@
#!/bin/sh
#
# BEGIN COPYRIGHT BLOCK
# This Program is free software; you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free Software
# Foundation; version 2 of the License.
#
# This Program is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along with
# this Program; if not, write to the Free Software Foundation, Inc., 59 Temple
# Place, Suite 330, Boston, MA 02111-1307 USA.
#
# Copyright (C) 2005 Red Hat, Inc.
# All rights reserved.
# END COPYRIGHT BLOCK
function processArgs {
for arg in $1
do
if [ $arg == "--version" ]
then
echo ""
echo "Smart Card Manager: Version: $VERSION ."
echo ""
exit 0
fi
if [ $arg == "--help" ]
then
echo ""
echo "Smart Card Manager: GUI tool to manage smart cards."
echo "Run by selecting from the system menu or by typing , esc at the terminal."
echo ""
exit 0
fi
done
}
processArgs $*
ESC_PATH=$LIBDIR/esc-1.1.2
ESC_BIN=esc.js
ESC_EXEC=gjs
export OPENSC_CONF=$ESC_PATH/opensc.esc.conf
export GI_TYPELIB_PATH=$ESC_PATH/lib/girepository-1.0
export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$ESC_PATH/lib
cd $ESC_PATH
$ESC_EXEC --include-path $ESC_PATH ./$ESC_BIN &
exit 0

33
SOURCES/esc-1.1.2-fix1.patch Normal file
View File

@ -0,0 +1,33 @@
diff -up ./esc/src/lib/coolkey/Makefile.am.fix1 ./esc/src/lib/coolkey/Makefile.am
--- ./esc/src/lib/coolkey/Makefile.am.fix1 2018-10-08 14:04:44.963523599 -0700
+++ ./esc/src/lib/coolkey/Makefile.am 2018-10-08 14:06:18.605022660 -0700
@@ -54,6 +54,7 @@ lib_LTLIBRARIES += libCoolkey-1.0.la
libCoolkey_1_0_la_CFLAGS = @PCSC_CFLAGS@ @NSPR_CFLAGS@ @NSS_CFLAGS@ -I ../nss-http-client
libCoolkey_1_0_la_CPPFLAGS = @PCSC_CFLAGS@ @NSPR_CFLAGS@ @NSS_CFLAGS@ -I ../nss-http-client
libCoolkey_1_0_la_LIBADD = $(COOLKEY_LIBS)
+libCoolkey_1_0_la_LDFLAGS = -Wl,-z,now
libCoolkey_1_0_la_SOURCES = $(source_c) $(source_cpp)
coolkeyincludedir = $(includedir)/src/lib/coolkey
diff -up ./esc/src/lib/coolkey-mgr/Makefile.am.fix1 ./esc/src/lib/coolkey-mgr/Makefile.am
--- ./esc/src/lib/coolkey-mgr/Makefile.am.fix1 2018-10-08 14:04:30.132602938 -0700
+++ ./esc/src/lib/coolkey-mgr/Makefile.am 2018-10-08 14:05:38.265238463 -0700
@@ -59,6 +59,7 @@ source_cpp = \
lib_LTLIBRARIES += libcoolkeymgr-1.0.la
libcoolkeymgr_1_0_la_LIBADD = $(COOLKEY_MGR_LIBS) $(ESC_LIBS) $(OTHER_LIBS)
+libcoolkeymgr_1_0_la_LDFLAGS = -Wl,-z,now
libcoolkeymgr_1_0_la_SOURCES = $(source_c) $(source_cpp) $(source_h)
coolkeymgrincludedir = $(includedir)/coolkey-mgr
diff -up ./esc/src/lib/nss-http-client/Makefile.am.fix1 ./esc/src/lib/nss-http-client/Makefile.am
--- ./esc/src/lib/nss-http-client/Makefile.am.fix1 2018-10-08 14:04:57.302457592 -0700
+++ ./esc/src/lib/nss-http-client/Makefile.am 2018-10-08 14:06:44.701883050 -0700
@@ -52,6 +52,7 @@ lib_LTLIBRARIES += libNssHttpClient-1.0.
#libNssHttpClient_1_0_la_CFLAGS = @PCSC_CFLAGS@ @NSPR_CFLAGS@ @NSS_CFLAGS@ -DLINUX -I ../coolkey
libNssHttpClient_1_0_la_CPPFLAGS = @PCSC_CFLAGS@ @NSPR_CFLAGS@ @NSS_CFLAGS@ -I ../coolkey @DEFS@
libNssHttpClient_1_0_la_LIBADD = $(COOLKEY_LIBS)
+libNssHttpClient_1_0_la_LDFLAGS = -Wl,-z,now
libNssHttpClient_1_0_la_SOURCES = $(source_c) $(source_cpp) $(source_h)
coolkeyincludedir = $(includedir)/src/lib/coolkey

103
SOURCES/esc-1.1.2-fix2.patch Normal file
View File

@ -0,0 +1,103 @@
diff -up ./esc/src/lib/coolkey/CoolKey.cpp.fix2 ./esc/src/lib/coolkey/CoolKey.cpp
--- ./esc/src/lib/coolkey/CoolKey.cpp.fix2 2018-10-11 18:34:34.622987227 -0700
+++ ./esc/src/lib/coolkey/CoolKey.cpp 2018-10-11 18:36:11.918476971 -0700
@@ -492,13 +492,11 @@ HRESULT CoolKeyGetCUIDDirectly(char *aBu
}
cardCtxt = CKYCardContext_Create(SCARD_SCOPE_USER);
- assert(cardCtxt);
if (!cardCtxt) {
goto done;
}
conn = CKYCardConnection_Create(cardCtxt);
- assert(conn);
if (!conn) {
goto done;
}
@@ -559,13 +557,11 @@ HRESULT CoolKeyGetATRDirectly(char *aBuf
}
cardCtxt = CKYCardContext_Create(SCARD_SCOPE_USER);
- assert(cardCtxt);
if (!cardCtxt) {
goto done;
}
conn = CKYCardConnection_Create(cardCtxt);
- assert(conn);
if (!conn) {
goto done;
}
@@ -629,13 +625,11 @@ HRESULT CoolKeyGetLifeCycleDirectly(CKYB
}
cardCtxt = CKYCardContext_Create(SCARD_SCOPE_USER);
- assert(cardCtxt);
if (!cardCtxt) {
goto done;
}
conn = CKYCardConnection_Create(cardCtxt);
- assert(conn);
if (!conn) {
goto done;
}
@@ -691,13 +685,11 @@ HRESULT CoolKeyGetCPLCDataDirectly(CKYAp
}
cardCtxt = CKYCardContext_Create(SCARD_SCOPE_USER);
- assert(cardCtxt);
if (!cardCtxt) {
goto done;
}
conn = CKYCardConnection_Create(cardCtxt);
- assert(conn);
if (!conn) {
goto done;
}
@@ -752,19 +744,16 @@ static void PR_CALLBACK BlinkTimer(void
const char *readerName = NULL;
CKYCardContext *cardCtxt = CKYCardContext_Create(SCARD_SCOPE_USER);
- assert(cardCtxt);
if (!cardCtxt) {
goto done;
}
conn = CKYCardConnection_Create(cardCtxt);
- assert(conn);
if (!conn) {
goto done;
}
readerName = GetReaderNameForKeyID(&params->mKey);
- assert(readerName);
if (!readerName) {
goto done;
}
@@ -1336,7 +1325,6 @@ HRESULT CoolKeyGetIssuerInfo(const CoolK
CKYCardContext *cardCtxt = CKYCardContext_Create(SCARD_SCOPE_USER);
- assert(cardCtxt);
if (!cardCtxt) {
CoolKeyLogMsg( PR_LOG_ERROR, "%s Attempting to get key issuer info. Can't create Card Context !.\n",GetTStamp(tBuff,56));
result = E_FAIL;
@@ -1344,7 +1332,6 @@ HRESULT CoolKeyGetIssuerInfo(const CoolK
}
conn = CKYCardConnection_Create(cardCtxt);
- assert(conn);
if (!conn) {
CoolKeyLogMsg( PR_LOG_ERROR, "%s Attempting to get key issuer info. Can't create Card Connection!\n",GetTStamp(tBuff,56));
result = E_FAIL;
@@ -1352,7 +1339,6 @@ HRESULT CoolKeyGetIssuerInfo(const CoolK
}
readerName = GetReaderNameForKeyID(aKey);
- assert(readerName);
if (!readerName) {
CoolKeyLogMsg( PR_LOG_ERROR, "%s Attempting to get key issuer info. Can't get reader name!\n",GetTStamp(tBuff,56));
result = E_FAIL;

300
SOURCES/esc-1.1.2-fix3.patch Normal file
View File

@ -0,0 +1,300 @@
diff -up ./esc/configure.ac.fix3 ./esc/configure.ac
--- ./esc/configure.ac.fix3 2018-07-30 14:51:37.000000000 -0700
+++ ./esc/configure.ac 2018-10-12 14:06:48.349544811 -0700
@@ -56,8 +56,6 @@ AM_PROG_AR
AM_SILENT_RULES([yes])
LT_INIT
-SCARD_LIB_NAME="libpcsclite.so.1"
-
# Versioning
ESC_MAJOR_VERSION=esc_major_version
ESC_MINOR_VERSION=esc_minor_version
@@ -75,6 +73,7 @@ GOBJECT_INTROSPECTION_CHECK(1.56.1)
# Output
AC_DEFINE([DLL_SUFFIX], ["so"], [Description])
AC_DEFINE([LINUX], [1], [Description])
+AC_DEFINE([SCARD_LIB_NAME],["libpcsclite.so.1"], [Description])
AC_SUBST(ESC_CFLAGS)
AC_SUBST(ESC_LIBS)
AC_CONFIG_FILES([Makefile src/app/Makefile src/lib/coolkey/Makefile src/lib/nss-http-client/Makefile src/lib/coolkey-mgr/Makefile])
diff -up ./esc/src/app/esc.js.fix3 ./esc/src/app/esc.js
--- ./esc/src/app/esc.js.fix3 2018-10-12 17:59:36.790939337 -0700
+++ ./esc/src/app/esc.js 2018-10-12 19:26:51.847470201 -0700
@@ -44,13 +44,16 @@ const CoolKeyNotify = new Lang.Class({
this._unique_name = "Unknown";
this._dbusImpl = Gio.DBusExportedObject.wrapJSObject(CoolKeyNotifyIface, this);
this._dbusImpl.export(Gio.DBus.session, '/com/jmagne/CoolKeyNotify');
- this._dbusId = Gio.DBus.session.own_name( 'com.rm5248', Gio.BusNameOwnerFlags.NONE, this._nameAcquired.bind(this), this._nameLost);
+ this._dbusId = Gio.DBus.session.own_name( 'com.rm5248', Gio.BusNameOwnerFlags.NONE, this._nameAcquired.bind(this), this._nameLost.bind(this));
},
_nameAcquired: function( name ) {
this._unique_name = name.unique_name;
this._client._createCoolKeyMgr(this._unique_name);
},
_nameLost: function( name ) {
+ if(this._client._window) {
+ this._client._window.destroy();
+ }
},
notifyCoolKeyEvent: function(aKeyType, aKeyID, aKeyState, aData, strData) {
@@ -76,6 +79,7 @@ class ESC {
this._window.present();
}
_onStartup() {
+ this.mgr = null;
this._buildUI();
this.notify = new CoolKeyNotify(this);
}
@@ -95,8 +99,10 @@ class ESC {
this.notify._dbusImpl.unexport();
this.notify = null;
}
- this.mgr.cleanup();
- this.mgr = null;
+ if(this.mgr) {
+ this.mgr.cleanup();
+ this.mgr = null;
+ }
this._window.destroy();
}
@@ -212,9 +218,7 @@ class ESC {
if (res == false) {
this._configFile.set_string("ESC","name","Smart Card Utility");
- print("attmpeting to create: " + config_name);
res = this._configFile.save_to_file(config_name);
- print("res: " + res);
}
}
diff -up ./esc/src/lib/coolkey/cky_card.c.fix3 ./esc/src/lib/coolkey/cky_card.c
--- ./esc/src/lib/coolkey/cky_card.c.fix3 2018-05-03 14:03:07.000000000 -0700
+++ ./esc/src/lib/coolkey/cky_card.c 2018-10-12 14:06:48.350544806 -0700
@@ -139,21 +139,15 @@ typedef struct _SCard {
goto fail; \
}
-#ifdef WIN32
-#define SCARD_LIB_NAME "winscard.dll"
-#else
-#ifdef MAC
-#define SCARD_LIB_NAME "PCSC.Framework/PCSC"
-#else
#ifdef LINUX
-#define SCARD_LIB_NAME "libpcsclite.so"
+#ifndef SCARD_LIB_NAME
+#define SCARD_LIB_NAME "libpcsclite.so.1"
#else
#ifndef SCARD_LIB_NAME
#error "define wincard library for this platform"
#endif
#endif
#endif
-#endif
static SCard *
ckySCard_Init(void)
diff -up ./esc/src/lib/coolkey/CoolKey.cpp.fix3 ./esc/src/lib/coolkey/CoolKey.cpp
diff -up ./esc/src/lib/coolkey-mgr/coolkey-api.cpp.fix3 ./esc/src/lib/coolkey-mgr/coolkey-api.cpp
--- ./esc/src/lib/coolkey-mgr/coolkey-api.cpp.fix3 2018-10-12 15:12:59.937348875 -0700
+++ ./esc/src/lib/coolkey-mgr/coolkey-api.cpp 2018-10-12 18:28:34.674060797 -0700
@@ -71,6 +71,12 @@ tokenInfo *coolkey_get_token_info(int ke
if(tInfo == NULL) {
exit(1);
}
+
+ tInfo ->atr = NULL;
+ tInfo->issuerInfo = NULL;
+ tInfo->issuer = NULL;
+ tInfo->issuedTo = NULL;
+ tInfo->status = 0;
coolkey->GetCoolKeyATR(keyType, keyID, &tInfo->atr);
diff -up ./esc/src/lib/coolkey-mgr/rhCoolKey.cpp.fix3 ./esc/src/lib/coolkey-mgr/rhCoolKey.cpp
--- ./esc/src/lib/coolkey-mgr/rhCoolKey.cpp.fix3 2018-10-12 14:22:05.938864628 -0700
+++ ./esc/src/lib/coolkey-mgr/rhCoolKey.cpp 2018-10-12 19:15:26.447926406 -0700
@@ -1053,17 +1053,19 @@ HRESULT rhCoolKey::GetCoolKeyCertInfo(PR
HRESULT rhCoolKey::GetCoolKeyATR(PRUint32 aKeyType, const char *aKeyID, char **_retval)
{
char tBuff[56];
+ if(aKeyID == NULL || _retval == NULL) {
+ return E_FAIL;
+ }
*_retval = NULL;
AutoCoolKey key(aKeyType, aKeyID);
- char atr[128];
- HRESULT res = CoolKeyGetATR(&key, (char *)&atr,sizeof(atr));
- PR_LOG( coolKeyLog, PR_LOG_DEBUG, ("%s Attempting to get the key's ATR: Key: %s, ATR %s. \n",GetTStamp(tBuff,56),aKeyID, (char *) atr));
- if(res == S_OK)
- {
- char *temp = (char *) PL_strdup(atr);
- *_retval = temp;
+ char atr[128] = {};
+ HRESULT res = CoolKeyGetATR(&key, (char *)&atr,sizeof(atr));
+ PR_LOG( coolKeyLog, PR_LOG_DEBUG, ("%s Attempting to get the key's ATR: Key: %s, ATR %s. \n",GetTStamp(tBuff,56),aKeyID, (char *) atr));
+
+ if(res == S_OK) {
+ *_retval = (char *) PL_strdup(atr);
}
- return NS_OK;
+ return res;
}
/* string GetCoolKeyTokenName (in unsigned long aKeyType, in string aKeyID); */
@@ -1097,24 +1099,25 @@ HRESULT rhCoolKey::GetCoolKeyTokenName(P
HRESULT rhCoolKey::GetCoolKeyIssuerInfo(PRUint32 aKeyType, const char *aKeyID, char **_retval)
{
char tBuff[56];
+
+ if(aKeyID == NULL || _retval == NULL) {
+ return E_FAIL;
+ }
*_retval = NULL;
AutoCoolKey key(aKeyType, aKeyID);
- char issuerInfo[256];
+ char issuerInfo[256] = {};
HRESULT res = CoolKeyGetIssuerInfo(&key, (char *)&issuerInfo,256);
::CoolKeyLogMsg( 1, "%s Attempting to get the key's Issuer: Key: %s, Issuer %s. \n",GetTStamp(tBuff,56),aKeyID, (char *) issuerInfo);
- if(res == S_OK)
- {
- char *temp = (char *) PL_strdup(issuerInfo);
- *_retval = temp;
-
+ if(res == S_OK) {
+ *_retval = (char *) PL_strdup(issuerInfo);
}
- return NS_OK;
+ return res;
}
/* void rhGetCoolKeyPolicy (in unsigned long aKeyType, in string aKeyID, out string policy); */
@@ -1153,28 +1156,22 @@ HRESULT rhCoolKey::GetCoolKeyPolicy(PRUi
HRESULT rhCoolKey::GetCoolKeyUID(PRUint32 aKeyType, const char *aKeyID, char **uid)
{
char tBuff[56];
- if (!aKeyID) {
- return NS_ERROR_FAILURE;
+ if (aKeyID == NULL || uid == NULL) {
+ return E_FAIL;
}
AutoCoolKey key(aKeyType, ( char *)aKeyID);
- char buff[512];
+ char buff[512] = {};
int bufLength = 512;
- buff[0] = 0;
- CoolKeyGetUID(&key, (char *) buff, bufLength);
-
- if(!buff[0])
- {
- return NS_OK;
- }
+ HRESULT res = CoolKeyGetUID(&key, (char *) buff, bufLength);
PR_LOG(coolKeyLog,PR_LOG_DEBUG,("%s rhCoolKey::RhGetCoolKeyGetUID %s \n",GetTStamp(tBuff,56),(char *) buff));
- char *temp = (char *) PL_strdup(buff);
-
- *uid = temp;
+ if(res == S_OK) {
+ char *uid = (char *) PL_strdup(buff);
+ }
return NS_OK;
@@ -1185,32 +1182,25 @@ HRESULT rhCoolKey::GetCoolKeyUID(PRUint3
HRESULT rhCoolKey::GetCoolKeyIssuedTo(PRUint32 aKeyType, const char *aKeyID, char **issuedTo)
{
char tBuff[56];
- if (!aKeyID) {
- return NS_ERROR_FAILURE;
+ if (aKeyID == NULL || issuedTo == NULL) {
+ return E_FAIL;
}
+ *issuedTo = NULL;
AutoCoolKey key(aKeyType, ( char *)aKeyID);
- // const char *keyName = CoolKeyGetTokenName(&key);
-
- char buff[512];
+ char buff[512] = {};
int bufLength = 512;
- buff[0] = 0;
- CoolKeyGetIssuedTo(&key, (char *) buff, bufLength);
-
- if(!buff[0])
- {
- return NS_OK;
- }
+ HRESULT res = CoolKeyGetIssuedTo(&key, (char *) buff, bufLength);
PR_LOG(coolKeyLog,PR_LOG_DEBUG,("%s rhCoolKey::RhGetCoolKeyGetIssuedTo %s \n",GetTStamp(tBuff,56),(char *) buff));
- char *temp = (char *) PL_strdup(buff);
-
- *issuedTo = temp;
+ if(res == S_OK) {
+ *issuedTo = (char *) PL_strdup(buff);
+ }
- return NS_OK;
+ return res;
}
@@ -1218,32 +1208,24 @@ HRESULT rhCoolKey::GetCoolKeyIssuedTo(PR
HRESULT rhCoolKey::GetCoolKeyIssuer(PRUint32 aKeyType, const char *aKeyID, char **issuer)
{
char tBuff[56];
- if (!aKeyID) {
- return NS_ERROR_FAILURE;
+ if (!aKeyID || !issuer) {
+ return E_FAIL;
}
AutoCoolKey key(aKeyType, ( char *)aKeyID);
- // const char *keyName = CoolKeyGetTokenName(&key);
-
- char buff[512];
+ char buff[512] = {};
int bufLength = 512;
- buff[0] = 0;
- CoolKeyGetIssuer(&key, (char *) buff, bufLength);
-
- if(!buff[0])
- {
- return NS_OK;
- }
+ HRESULT res = CoolKeyGetIssuer(&key, (char *) buff, bufLength);
PR_LOG(coolKeyLog,PR_LOG_DEBUG,("%s rhCoolKey::RhGetCoolKeyGetIssuer %s \n",GetTStamp(tBuff,56),(char *) buff));
- char *temp = (char *) PL_strdup(buff);
-
- *issuer = temp;
+ if(res == S_OK) {
+ *issuer = (char *) PL_strdup(buff);
+ }
- return NS_OK;
+ return res;
}
diff -up ./esc/src/lib/coolkey-mgr/rhCoolKey.h.fix3 ./esc/src/lib/coolkey-mgr/rhCoolKey.h

3722
SOURCES/esc-1.1.2-fix4.patch Normal file
View File

File diff suppressed because it is too large Load Diff

12
SOURCES/esc-1.1.2-fix5.patch Normal file
View File

@ -0,0 +1,12 @@
diff -up ./esc/src/lib/nss-http-client/httpClientNss.cpp.fix5 ./esc/src/lib/nss-http-client/httpClientNss.cpp
--- ./esc/src/lib/nss-http-client/httpClientNss.cpp.fix5 2019-10-29 11:16:36.042807434 -0700
+++ ./esc/src/lib/nss-http-client/httpClientNss.cpp 2019-10-29 11:18:22.169301918 -0700
@@ -172,6 +172,8 @@ PSHttpResponse *HttpClientNss::httpSendC
request.addHeader( "Content-Type", "text/plain" );
+ request.setMethod(method);
+
if(cb)
{
request.setChunkedCallback(cb);

250
SOURCES/esc-1.1.2-fix6.patch Normal file
View File

@ -0,0 +1,250 @@
diff -up ./esc/src/app/opensc.esc.conf.fix6 ./esc/src/app/opensc.esc.conf
--- ./esc/src/app/opensc.esc.conf.fix6 2019-11-14 18:19:13.343923930 -0800
+++ ./esc/src/app/opensc.esc.conf 2019-11-15 11:30:01.967034720 -0800
@@ -26,6 +26,11 @@ app default {
# Default: stderr
#
#debug_file = /tmp/opensc.log;
+ # sc650 scp01 (older version)
+ card_atr
+ 3B:FF:14:00:FF:81:31:FE:45:80:25:A0:00:00:00:56:57:53:43:36:35:30:03:02:39 {
+ pkcs11_enable_InitToken = yes;
+ }
card_atr
3B:FF:14:00:FF:81:31:FE:45:80:25:A0:00:00:00:56:57:53:43:36:35:30:03:03:38 {
@@ -52,12 +57,31 @@ app default {
pkcs11_enable_InitToken = yes;
}
+ card_atr
+ 3B:95:95:40:FF:AE:01:03:00:00 {
+ pkcs11_enable_InitToken = yes;
+ }
+
+
+ #g&d 6.0 smart cafe scp03
card_atr
3B:FE:18:00:00:80:31:FE:45:53:43:45:36:30:2D:43:44:30:38:31:2D:6E:46:A9 {
pkcs11_enable_InitToken = yes;
}
+ #g&d 7.0 smart cafe scp03
+ card_atr
+ 3B:F9:96:00:00:80:31:FE:45:53:43:45:37:20:03:00:20:46:42 {
+ pkcs11_enable_InitToken = yes;
+ }
+
+ #sc650 scp03
+
+ card_atr
+ 3B:FF:14:00:FF:81:31:FE:45:80:25:A0:00:00:00:56:57:53:43:36:35:30:04:02:3E {
+ pkcs11_enable_InitToken = yes;
+ }
reader_driver ctapi {
}
diff -up ./esc/src/lib/coolkey/CoolKey.cpp.fix6 ./esc/src/lib/coolkey/CoolKey.cpp
--- ./esc/src/lib/coolkey/CoolKey.cpp.fix6 2019-11-13 18:30:45.454938214 -0800
+++ ./esc/src/lib/coolkey/CoolKey.cpp 2019-11-14 18:16:49.078377331 -0800
@@ -542,6 +542,67 @@ done:
}
+/* Return the full reader name since nss can't seem to give us the whole name
+ * when the length is longer than 65 chars.
+ * Caller has to free the returned string.
+ */
+char *CoolKeyGetFullReaderName(const char *nssReaderName)
+{
+ char* fullReaderName = NULL;
+ CKYReaderNameList readerNames;
+ CKYCardContext *cardCtxt = NULL;
+ CKYStatus ret = CKYSCARDERR;
+ int readerCount = 0;
+ char tBuff[56];
+ PR_LOG( coolKeyLog, PR_LOG_DEBUG, ("%s CoolKeyGetFullReaderName entering:\n",GetTStamp(tBuff,56)));
+
+ if(nssReaderName == NULL) {
+ goto done;
+ }
+
+ cardCtxt = CKYCardContext_Create(SCARD_SCOPE_USER);
+ if (!cardCtxt) {
+ goto done;
+ }
+
+ ret = CKYCardContext_ListReaders(cardCtxt, &readerNames);
+ if (ret != CKYSUCCESS) {
+ goto done;
+ }
+
+ readerCount = CKYReaderNameList_GetCount(readerNames);
+
+ /* none found, return success */
+ if (readerCount == 0) {
+ goto done;
+ }
+
+ /* step through reader list to match to our possible partial reader name from nss. */
+ for (int i=0; i < readerCount ; i++) {
+ const char *thisReader = CKYReaderNameList_GetValue(readerNames, i);
+
+ const char *match = strstr(thisReader, nssReaderName );
+ if(match == NULL) {
+ PR_LOG( coolKeyLog, PR_LOG_DEBUG, ("%s CoolKeyGetFullReaderName reader: %s not the one. \n",thisReader,GetTStamp(tBuff,56)));
+
+ } else {
+ fullReaderName = strdup(thisReader);
+ PR_LOG( coolKeyLog, PR_LOG_DEBUG, ("%s CoolKeyGetFullReaderName correct full name: %s \n",fullReaderName,GetTStamp(tBuff,56)));
+ }
+ }
+
+done:
+
+ if (cardCtxt) {
+ CKYCardContext_Destroy(cardCtxt);
+ }
+
+ if(readerNames) {
+ CKYReaderNameList_Destroy(readerNames);
+ }
+ return fullReaderName;
+
+}
HRESULT CoolKeyGetATRDirectly(char *aBuff, int aBuffLen,const char *readerName) {
diff -up ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix6 ./esc/src/lib/coolkey/CoolKeyHandler.cpp
--- ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix6 2019-11-13 18:30:59.934918507 -0800
+++ ./esc/src/lib/coolkey/CoolKeyHandler.cpp 2019-11-14 17:16:03.946077277 -0800
@@ -2209,10 +2209,10 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co
SECStatus status;
HRESULT hres,atrRes,cuidRes,cycleRes;
- CKYBuffer cardATR;
- CKYBuffer_InitEmpty(&cardATR);
char *readerName = PK11_GetSlotName(aSlot);
-
+
+ char *actualReaderName = CoolKeyGetFullReaderName(readerName);
+
memset((void *) &tokenInfo,0,sizeof(tokenInfo));
ATR.data = NULL; // initialize for error processing
label.data = NULL; // initialize for error processing
@@ -2233,6 +2233,11 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co
char cuidChar[100];
memset((void*) cuidChar,0 ,sizeof(cuidChar));
+ if(actualReaderName == NULL) {
+ goto failed;
+ }
+
+
// get the CUID/Serial number (we *WILL* continue to need it )
status = PK11_GetTokenInfo(aSlot,&tokenInfo);
if (status != SECSuccess) {
@@ -2242,7 +2247,7 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co
tokenInfo.flags=0; //Ignore what opensc says, get the info ourselves later.
//Get the life cycle state:
- cycleRes = CoolKeyGetLifeCycleDirectly(&lifeCycle,readerName);
+ cycleRes = CoolKeyGetLifeCycleDirectly(&lifeCycle,actualReaderName);
if(lifeCycle == 0x7) { // applet only
hasApplet = 1;
@@ -2255,7 +2260,7 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co
//Let's see if we can get the ATR by force explicitly
- atrRes = CoolKeyGetATRDirectly(atrChar,100,readerName);
+ atrRes = CoolKeyGetATRDirectly(atrChar,100,actualReaderName);
if(atrRes == E_FAIL) {
goto failed;
@@ -2310,7 +2315,7 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co
info->mInfoFlags = MapGetFlags(&tokenInfo);
- info->mReaderName = strdup(readerName);
+ info->mReaderName = strdup(actualReaderName);
info->mCUID = (char *)malloc(35); /* should be a define ! */
@@ -2361,6 +2366,9 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co
SECITEM_FreeItem(&label,PR_FALSE);
+ if(actualReaderName) {
+ free(actualReaderName);
+ }
info->mSlot = PK11_ReferenceSlot(aSlot);
info->mSeries = PK11_GetSlotSeries(aSlot);
return info;
@@ -2372,7 +2380,9 @@ failed:
if (info) {
delete info;
}
-
- CKYBuffer_FreeData(&cardATR);
+ if (actualReaderName) {
+ free(actualReaderName);
+ }
+
return NULL;
}
diff -up ./esc/src/lib/coolkey/CoolKey.h.fix6 ./esc/src/lib/coolkey/CoolKey.h
--- ./esc/src/lib/coolkey/CoolKey.h.fix6 2019-11-13 18:30:37.263949374 -0800
+++ ./esc/src/lib/coolkey/CoolKey.h 2019-11-14 17:15:23.216143691 -0800
@@ -300,6 +300,7 @@ HRESULT CoolKeyGetATRDirectly(char *aBuf
HRESULT CoolKeyGetCUIDDirectly(char *aBuff, int aBuffLen, const char *readerName);
HRESULT CoolKeyGetCPLCDataDirectly(CKYAppletRespGetCPLCData *cplc,const char *readerName);
HRESULT CoolKeyGetLifeCycleDirectly(CKYByte *personalized,const char *readerName);
+char *CoolKeyGetFullReaderName(const char *nssReaderName);
}
diff -up ./esc/src/lib/coolkey/NSSManager.cpp.fix6 ./esc/src/lib/coolkey/NSSManager.cpp
--- ./esc/src/lib/coolkey/NSSManager.cpp.fix6 2019-11-14 17:21:14.596622085 -0800
+++ ./esc/src/lib/coolkey/NSSManager.cpp 2019-11-14 18:24:25.461109006 -0800
@@ -402,7 +402,8 @@ HRESULT NSSManager::GetKeyIssuer(const C
if(cert)
{
- if(cert->slot == slot)
+ int not_equal = strncmp(PK11_GetSlotName(slot), PK11_GetSlotName(cert->slot),65);
+ if(not_equal == 0)
{
if(IsCACert(cert))
{
@@ -478,7 +479,8 @@ HRESULT NSSManager::GetKeyUID(const Cool
if(cert)
{
- if(cert->slot == slot)
+ int not_equal = strncmp(PK11_GetSlotName(slot), PK11_GetSlotName(cert->slot),65);
+ if(not_equal == 0)
{
if(IsCACert(cert))
{
@@ -557,7 +559,8 @@ HRESULT NSSManager::GetKeyIssuedTo(const
if(cert)
{
- if(cert->slot == slot)
+ int not_equal = strncmp(PK11_GetSlotName(slot), PK11_GetSlotName(cert->slot),65);
+ if(not_equal == 0)
{
if(IsCACert(cert))
{
@@ -643,7 +646,8 @@ HRESULT NSSManager::GetKeyCertInfo(const
CERTCertificate *cert = node->cert;
if(cert)
{
- if(cert->slot == slot)
+ int not_equal = strncmp(PK11_GetSlotName(slot), PK11_GetSlotName(cert->slot),65);
+ if(not_equal == 0)
{
if(!strcmp(cert->nickname,aCertNickname))
{

343
SOURCES/esc-1.1.2-fix7.patch Normal file
View File

@ -0,0 +1,343 @@
diff -up ./esc/src/app/esc.js.fix7 ./esc/src/app/esc.js
--- ./esc/src/app/esc.js.fix7 2020-05-30 18:57:40.423388032 -0700
+++ ./esc/src/app/esc.js 2020-05-30 19:01:40.769955310 -0700
@@ -30,6 +30,12 @@ const ESC_CONFIG_FILE_NAME = "esc.conf";
const ESC_CONFIG_GROUP = "ESC";
const ESC_PWORD_FILE = "pword";
+const STATUS_ENROLLED="Enrolled";
+const STATUS_FORMATTED="Formatted";
+const STATUS_UNFORMATTED="Unformatted";
+const STATUS_UNKNOWN="Unknown";
+const FORMATTED_CODE=2;
+
const UNKNOWN_LABEL = "unknown";
const CoolKeyNotifyIface = '<node> \
<interface name="com.jmagne.CoolKeyNotify"> \
@@ -185,17 +191,17 @@ class ESC {
_getStatusString(intStatus) {
switch(intStatus) {
case 4:
- return "enrolled";
+ return STATUS_ENROLLED;
break;
case 2:
- return "uninitialized";
+ return STATUS_FORMATTED;
break;
case 1:
- return "unknown";
+ return STATUS_UNFORMATTED;
break;
default:
- return "unknown";
+ return STATUS_UNKNOWN;
break;
}
}
@@ -216,14 +222,30 @@ class ESC {
let issuer = inserted.issuer;
let issuedTo = inserted.issued_to;
+ let cachedIssuer = null;
+
+ if(inserted.is_a_cool_key) {
+ cachedIssuer = this._phoneHomeMgr.getCachedIssuer(aKeyID);
+ }
+
+ if(cachedIssuer != null) {
+ issuer = cachedIssuer;
+ }
+
if(issuer == null || issuer.length == 0) {
- issuer = "unknown";
+ issuer = STATUS_UNKNOWN;
}
if(issuedTo == null || issuedTo.length == 0) {
- issuedTo = "unknown";
+ issuedTo = STATUS_UNKNOWN;
}
+ let newStatus = inserted.status;
+
+ if(newStatus == FORMATTED_CODE) {
+ issuedTo = STATUS_UNKNOWN;
+ }
+
this._tokenStore.set (this._tokenStore.append(), [0, 1, 2, 3, 4],
- [issuer, issuedTo, this._getStatusString(inserted.status), aKeyID,aKeyType]);
+ [issuer, issuedTo, this._getStatusString(newStatus), aKeyID,aKeyType]);
let [ isSelected, iter] = this._tokenStore.get_iter_first();
diff -up ./esc/src/app/opensc.esc.conf.fix7 ./esc/src/app/opensc.esc.conf
--- ./esc/src/app/opensc.esc.conf.fix7 2020-05-30 18:54:14.079618060 -0700
+++ ./esc/src/app/opensc.esc.conf 2020-05-30 19:02:16.191744158 -0700
@@ -89,12 +89,12 @@ app default {
}
reader_driver openct {
};
- card_drivers = coolkey, cac, piv, default;
+ card_drivers = coolkey, cac,cac1, piv, default;
secure_messaging local_authentic {
module_path = /usr/lib64;
}
framework pkcs15 {
- builtin_emulators = coolkey, cac, piv;
+ builtin_emulators = coolkey, cac, cac1, piv;
}
}
app opensc-pkcs11 {
diff -up ./esc/src/app/operationDialog.js.fix7 ./esc/src/app/operationDialog.js
--- ./esc/src/app/operationDialog.js.fix7 2020-05-30 18:54:48.700411683 -0700
+++ ./esc/src/app/operationDialog.js 2020-05-30 19:03:01.354474940 -0700
@@ -47,34 +47,32 @@ operationDialog.prototype = {
if(tokenInfo == null) {
this.app_alert("Invalid Token!");
}
- this.dialog = new Gtk.Dialog ({ transient_for: this.app._window,
- modal: true,deletable: false,
- title: TOKEN_OPERATION, border_width: 10 });
this.operation = operation;
this.tokenInfo = tokenInfo;
let opMessage = "";
if(this.operation == OP_FORMAT) {
- opMessage = "Format Smart Card";
+ opMessage = "Format Smart Card:";
} else if(this.operation == OP_ENROLL) {
- opMessage = "Enroll Smart Card";
+ opMessage = "Enroll Smart Card:";
} else if(this.operation == OP_PIN_RESET) {
- opMessage = "Reset Smart Card Pin";
+ opMessage = "Reset Smart Card Pin:";
} else {
this.app._alert("operationdDialog: Invalid operation!");
return;
}
+ this.dialog = new Gtk.Dialog ({ transient_for: this.app._window,
+ modal: true,deletable: false,
+ title: TOKEN_OPERATION, border_width: 10 });
+
this.area = this.dialog.get_content_area();
this.grid = new Gtk.Grid ({row_spacing: 20, column_spacing: 20});
- this.message = new Gtk.Label ({label: opMessage});
- this.area.add (this.message);
-
//this.throbberImage = new Gtk.Image({file: this.app._currentDir + "/" + "throbber-anim5.gif"});
-
+ this.label = new Gtk.Label({label: opMessage});
this.progressBar = new Gtk.ProgressBar ({ valign: Gtk.Align.CENTER });
this.progressBar.set_fraction(0.0);
@@ -86,15 +84,16 @@ operationDialog.prototype = {
this.ldapUserLabel = new Gtk.Label({label: "Ldap User:"});
this.ldapUserBox = new Gtk.Entry();
- this.grid.attach(this.ldapUserLabel, 0, 0, 1,1);
- this.grid.attach(this.ldapUserBox,1, 0,1,1);
+ this.grid.attach(this.label,0,0,1,1);
+ this.grid.attach(this.ldapUserLabel, 0, 1, 1,1);
+ this.grid.attach(this.ldapUserBox,1, 1,1,1);
this.ldapPasswordLabel = new Gtk.Label({label: "Ldap Password:"});
this.ldapPasswordBox = new Gtk.Entry();
this.ldapPasswordBox.set_visibility(false);
- this.grid.attach(this.ldapPasswordLabel,2,0,1,1);
- this.grid.attach(this.ldapPasswordBox,3,0,1,1);
+ this.grid.attach(this.ldapPasswordLabel,2,1,1,1);
+ this.grid.attach(this.ldapPasswordBox,3,1,1,1);
if(this.operation != OP_FORMAT ) {
@@ -106,10 +105,10 @@ operationDialog.prototype = {
this.confirmPinBox = new Gtk.Entry();
this.confirmPinBox.set_visibility(false);
- this.grid.attach(this.newpinLabel, 0,1,1,1);
- this.grid.attach(this.newpinBox,1,1,1,1);
- this.grid.attach(this.confirmPinLabel,2,1,1,1);
- this.grid.attach(this.confirmPinBox,3,1,1,1);
+ this.grid.attach(this.newpinLabel, 0,2,1,1);
+ this.grid.attach(this.newpinBox,1,2,1,1);
+ this.grid.attach(this.confirmPinLabel,2,2,1,1);
+ this.grid.attach(this.confirmPinBox,3,2,1,1);
}
this.oKButton = new Gtk.Button ({label: OpLabels[this.operation]});
@@ -117,11 +116,11 @@ operationDialog.prototype = {
this.dismissButton = new Gtk.Button({label: "Cancel" });
//this.grid.attach(this.throbberImage,0,2,1,1);
- this.grid.attach(this.progressLabel, 0,2,1,1);
+ this.grid.attach(this.progressLabel, 0,3,1,1);
//this.throbberImage.hide();
- this.grid.attach(this.progressBar, 1,2,1,1);
- this.grid.attach (this.oKButton,2,2,1,1);
- this.grid.attach (this.dismissButton,3,2,1,1);
+ this.grid.attach(this.progressBar, 1,3,1,1);
+ this.grid.attach (this.oKButton,2,3,1,1);
+ this.grid.attach (this.dismissButton,3,3,1,1);
// Connect the button to the function that handles what it does
this.oKButton.connect ("clicked", this.oKHandler.bind(this));
diff -up ./esc/src/app/phoneHome.js.fix7 ./esc/src/app/phoneHome.js
--- ./esc/src/app/phoneHome.js.fix7 2020-05-30 18:55:43.223086670 -0700
+++ ./esc/src/app/phoneHome.js 2020-05-30 19:03:49.787186230 -0700
@@ -93,7 +93,7 @@ phoneHome.prototype = {
this.phArea = this.phDialog.get_content_area();
this.phMessage = new Gtk.Label ({label: "Enter url: ex: http://test.host.com:8080/tps/phoneHome"});
- this.phArea.add (this.phMessage);
+ //this.phArea.add (this.phMessage);
this.phActionArea = this.phDialog.get_action_area();
this.phUrlBox = new Gtk.Entry({width_chars: 35});
@@ -108,9 +108,9 @@ phoneHome.prototype = {
this.phActionArea.add(this.phGrid);
this.phOKButton = Gtk.Button.new_from_stock (Gtk.STOCK_OK);
-
- this.phGrid.attach(this.phUrlBox, 0, 0, 1,1);
- this.phGrid.attach(this.phOKButton,1, 0,1,1);
+ this.phGrid.add(this.phMessage);
+ this.phGrid.attach(this.phUrlBox, 0, 1, 1,1);
+ this.phGrid.attach(this.phOKButton,1, 1,1,1);
// Connect the button to the function that handles what it does
this.phOKButton.connect ("clicked", this.phoneHomeOKHandler.bind(this));
@@ -228,9 +228,9 @@ phoneHome.prototype = {
if(!aKeyID)
return null;
- var issuerValue = this.app._configValueWithKeyID(aKeyID,KEY_ISSUER);
+ let issuerValue = this.app._configValueWithKeyID(aKeyID,KEY_ISSUER);
- if(!issuerValue)
+ if(issuerValue == null)
return null;
issuer = this.app._getConfigValue(issuerValue);
diff -up ./esc/src/app/pinDialog.js.fix7 ./esc/src/app/pinDialog.js
--- ./esc/src/app/pinDialog.js.fix7 2020-05-30 18:55:09.395288320 -0700
+++ ./esc/src/app/pinDialog.js 2020-05-30 19:04:51.380819066 -0700
@@ -36,16 +36,15 @@ pinDialog.prototype = {
launchPinPrompt: function(notify) {
this.notify = notify;
+ this.message = "Token Pin Entry";
this.dialog = new Gtk.Dialog ({ transient_for: this.app._window,
modal: true,
expand: false,
- title: PIN_OPERATION ,border_width: 20, deletable: false });
+ title: this.message ,border_width: 20, deletable: false });
this.area = this.dialog.get_content_area();
this.grid = new Gtk.Grid ({row_spacing: 10, column_spacing: 20});
- this.message = new Gtk.Label ({label: "Enter Token Pin"});
- this.area.add (this.message);
this.actionArea = this.dialog.get_action_area();
this.pinBox = new Gtk.Entry();
diff -up ./esc/src/lib/coolkey/CoolKey.cpp.fix7 ./esc/src/lib/coolkey/CoolKey.cpp
--- ./esc/src/lib/coolkey/CoolKey.cpp.fix7 2020-05-30 18:56:35.827773090 -0700
+++ ./esc/src/lib/coolkey/CoolKey.cpp 2020-05-30 19:05:30.561585507 -0700
@@ -511,6 +511,11 @@ HRESULT CoolKeyGetCUIDDirectly(char *aBu
CKYCardConnection_BeginTransaction(conn);
+ status = CKYApplet_SelectCardManager(conn, &apduRC);
+ if (status != CKYSUCCESS) {
+ goto done;
+ }
+
status = CKYApplet_GetCUID(conn, &cuid, &apduRC);
if (status != CKYSUCCESS) {
goto done;
@@ -764,7 +769,6 @@ HRESULT CoolKeyGetCPLCDataDirectly(CKYAp
}
CKYCardConnection_BeginTransaction(conn);
- unsigned long state;
status = CKYApplet_SelectCardManager(conn, &apduRC);
if (status != CKYSUCCESS) {
diff -up ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix7 ./esc/src/lib/coolkey/CoolKeyHandler.cpp
--- ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix7 2020-05-30 18:56:56.511649792 -0700
+++ ./esc/src/lib/coolkey/CoolKeyHandler.cpp 2020-05-30 19:06:21.955279145 -0700
@@ -2157,11 +2157,22 @@ copySerialNumber(char *dest, const char
// it will probably have Dashes and store in lower case some time in the
// future.
//
-static HRESULT
+static HRESULT
getCUIDFromTokenInfo(CK_TOKEN_INFO *tokenInfo, char *tokenSerialNumber)
{
+ const int minCUIDLen = 18;
+
char *cp = tokenSerialNumber;
+ if( tokenSerialNumber == NULL) {
+ return E_FAIL;
+ }
+
+ if(tokenInfo == NULL) {
+ *cp = 0;
+ return E_FAIL;
+ }
+
if (isxdigit(tokenInfo->manufacturerID[0]) &&
isxdigit(tokenInfo->manufacturerID[1]) &&
isxdigit(tokenInfo->manufacturerID[2]) &&
@@ -2181,6 +2192,10 @@ getCUIDFromTokenInfo(CK_TOKEN_INFO *toke
}
*cp=0;
+ if( strlen(tokenSerialNumber) < minCUIDLen) {
+ return E_FAIL;
+ }
+
return S_OK;
}
@@ -2207,7 +2222,7 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co
CK_TOKEN_INFO tokenInfo;
CoolKeyInfo *info = NULL;
SECStatus status;
- HRESULT hres,atrRes,cuidRes,cycleRes;
+ HRESULT hres,atrRes,cycleRes,cuidRes;
char *readerName = PK11_GetSlotName(aSlot);
@@ -2327,22 +2342,16 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co
goto failed;
}
- hres = getCUIDFromTokenInfo(&tokenInfo, info->mCUID);
- /* shouldn't the be != S_SUCCESS? */
- if (hres == E_FAIL) {
- goto failed;
- }
-
+ cuidRes = getCUIDFromTokenInfo(&tokenInfo, info->mCUID);
//Check for blank cuid and put something there
- if(isACOOLKey && strlen(info->mCUID) == 0 )
- {
+ if(isACOOLKey && cuidRes == E_FAIL) {
//Let's try to get the cuid directly from the token.
cuidRes = CoolKeyGetCUIDDirectly(cuidChar, 100, readerName);
if(cuidRes != S_OK) {
- strcpy(info->mCUID, "blank-token");
+ strcpy(info->mCUID, "unknown");
} else {
strcpy(info->mCUID, cuidChar);
}

60
SOURCES/esc-1.1.2-fix8.patch Normal file
View File

@ -0,0 +1,60 @@
diff -up ./esc/src/app/opensc.esc.conf.fix8 ./esc/src/app/opensc.esc.conf
--- ./esc/src/app/opensc.esc.conf.fix8 2020-08-07 16:17:37.464650003 -0700
+++ ./esc/src/app/opensc.esc.conf 2020-08-07 16:20:21.861957011 -0700
@@ -89,12 +89,12 @@ app default {
}
reader_driver openct {
};
- card_drivers = coolkey, cac,cac1, piv, default;
+ card_drivers = coolkey, cac,cac1, PIV-II, default;
secure_messaging local_authentic {
module_path = /usr/lib64;
}
framework pkcs15 {
- builtin_emulators = coolkey, cac, cac1, piv;
+ builtin_emulators = coolkey, cac, cac1, PIV-II;
}
}
app opensc-pkcs11 {
diff -up ./esc/src/lib/coolkey/CoolKey.cpp.fix8 ./esc/src/lib/coolkey/CoolKey.cpp
--- ./esc/src/lib/coolkey/CoolKey.cpp.fix8 2020-08-07 12:05:35.982966019 -0700
+++ ./esc/src/lib/coolkey/CoolKey.cpp 2020-08-07 16:08:16.747602873 -0700
@@ -593,6 +593,7 @@ char *CoolKeyGetFullReaderName(const cha
} else {
fullReaderName = strdup(thisReader);
PR_LOG( coolKeyLog, PR_LOG_DEBUG, ("%s CoolKeyGetFullReaderName correct full name: %s \n",fullReaderName,GetTStamp(tBuff,56)));
+ break;
}
}
diff -up ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix8 ./esc/src/lib/coolkey/CoolKeyHandler.cpp
--- ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix8 2020-08-07 12:05:44.394982245 -0700
+++ ./esc/src/lib/coolkey/CoolKeyHandler.cpp 2020-08-07 16:10:35.504862004 -0700
@@ -2225,8 +2225,17 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co
HRESULT hres,atrRes,cycleRes,cuidRes;
char *readerName = PK11_GetSlotName(aSlot);
+ int readerNameLen = strlen(readerName);
- char *actualReaderName = CoolKeyGetFullReaderName(readerName);
+ //Since there is no local support to get a reader name by slot,
+ //Will simply do a partial substring compare, using less characters
+ //to avoid any hard coded trailing chars.
+
+ char partialReaderName[60];
+ memset(partialReaderName, 0, 60);
+
+ strncpy(partialReaderName,readerName, 59);
+ char *actualReaderName = CoolKeyGetFullReaderName(partialReaderName);
memset((void *) &tokenInfo,0,sizeof(tokenInfo));
ATR.data = NULL; // initialize for error processing
@@ -2348,7 +2357,7 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co
if(isACOOLKey && cuidRes == E_FAIL) {
//Let's try to get the cuid directly from the token.
- cuidRes = CoolKeyGetCUIDDirectly(cuidChar, 100, readerName);
+ cuidRes = CoolKeyGetCUIDDirectly(cuidChar, 100, actualReaderName);
if(cuidRes != S_OK) {
strcpy(info->mCUID, "unknown");

41
SOURCES/esc-1.1.2-fix9.patch Normal file
View File

@ -0,0 +1,41 @@
diff -up ./esc/src/app/esc.js.fix9 ./esc/src/app/esc.js
--- ./esc/src/app/esc.js.fix9 2020-08-12 11:15:29.423093856 -0700
+++ ./esc/src/app/esc.js 2020-08-12 11:43:47.646556310 -0700
@@ -271,7 +271,6 @@ class ESC {
if(!insertedToken && !doReset) {
return;
}
-
if(doReset) {
this._operationsGrid.remove(this._phoneHomeButton);
this._operationsGrid.remove(this._enrollButton);
@@ -297,6 +296,12 @@ class ESC {
}
this._operationsGrid.show_all();
+ } else {
+ if(insertedToken.status == 4) {
+ this._operationsGrid.add(this._certDetailButton);
+ this._operationsGrid.show_all();
+
+ }
}
}
diff -up ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix9 ./esc/src/lib/coolkey/CoolKeyHandler.cpp
--- ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix9 2020-08-12 10:59:24.844704399 -0700
+++ ./esc/src/lib/coolkey/CoolKeyHandler.cpp 2020-08-12 11:11:05.480713407 -0700
@@ -2329,11 +2329,11 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co
}
//Massage the tokenInfo so it adhered to when coolkey was doing it.
- if(hasApplet) {
+ if(hasApplet == 1 || isACAC == 1 || isAPIV == 1) {
tokenInfo.firmwareVersion.major = 1;
}
- if(isPersonalized) {
+ if(isPersonalized == 1 || isACAC == 1 || isAPIV == 1) {
tokenInfo.flags |= CKF_TOKEN_INITIALIZED;
}

8
SOURCES/esc.desktop Normal file
View File

@ -0,0 +1,8 @@
[Desktop Entry]
Type=Application
Encoding=UTF-8
Name=Smart Card Manager
Comment=Enterprise Security Client Smart Card Manager
Categories=System;Application;SystemSetup;X-Red-Hat-Base;
Exec=esc
Icon=esc.png

377
SPECS/esc.spec Normal file
View File

@ -0,0 +1,377 @@
Name: esc
Version: 1.1.2
Release: 14%{?dist}
Summary: Enterprise Security Client Smart Card Client
License: GPL+
URL: http://directory.fedora.redhat.com/wiki/CoolKey
Group: Applications/Internet
#Fix to harden linker flags.
Patch1: esc-1.1.2-fix1.patch
Patch2: esc-1.1.2-fix2.patch
Patch3: esc-1.1.2-fix3.patch
Patch4: esc-1.1.2-fix4.patch
Patch5: esc-1.1.2-fix5.patch
Patch6: esc-1.1.2-fix6.patch
Patch7: esc-1.1.2-fix7.patch
Patch8: esc-1.1.2-fix8.patch
Patch9: esc-1.1.2-fix9.patch
#BuildRequires: doxygen fontconfig-devel
BuildRequires: glib2-devel atk-devel
BuildRequires: pkgconfig
BuildRequires: nspr-devel nss-devel nss-static
#BuildRequires: libX11-devel libXt-devel
BuildRequires: pcsc-lite-devel
BuildRequires: desktop-file-utils
BuildRequires: pkgconfig(gconf-2.0)
BuildRequires: dbus-glib-devel
BuildRequires: glib2-devel
BuildRequires: opensc
BuildRequires: gobject-introspection-devel
BuildRequires: gtk3-devel
BuildRequires: gjs-devel
Requires: pcsc-lite nss nspr
Requires: dbus
Requires: opensc
Requires: gjs
Requires: gobject-introspection
Requires: gtk3
Requires: glib2
AutoReqProv: 0
%define debug_build 0
%define escname %{name}-%{version}
%define escdir %{_libdir}/%{escname}
%define escbindir %{_bindir}
%define esc_chromepath chrome/content/esc
%define appdir applications
%define icondir %{_datadir}/icons/hicolor/48x48/apps
%define esc_vendor esc
%define autostartdir %{_sysconfdir}/xdg/autostart
%define pixmapdir %{_datadir}/pixmaps
%define docdir %{_defaultdocdir}/%{name}
Source0: http://pki.fedoraproject.org/pki/sources/%name/%{escname}.tar.bz2
Source1: http://pki.fedoraproject.org/pki/sources/%name/esc
Source2: http://pki.fedoraproject.org/pki/sources/%name/esc.desktop
Source3: http://pki.fedoraproject.org/pki/sources/%name/esc.png
%description
Enterprise Security Client allows the user to enroll and manage their
cryptographic smartcards.
%prep
%setup -q -c -n %{escname}
#patch esc
%patch1 -p1 -b .fix1
%patch2 -p1 -b .fix2
%patch3 -p1 -b .fix3
%patch4 -p1 -b .fix4
%patch5 -p1 -b .fix5
%patch6 -p1 -b .fix6
%patch7 -p1 -b .fix7
%patch8 -p1 -b .fix8
%patch9 -p1 -b .fix9
%build
echo $RPM_BUILD_DIR
echo "build section" $PWD
cd esc
./autogen.sh
make
%install
echo "install section" $PWD
cd esc
make DESTDIR=$RPM_BUILD_ROOT install
mkdir -p $RPM_BUILD_ROOT/%{escbindir}
mkdir -p $RPM_BUILD_ROOT/%{icondir}
mkdir -p $RPM_BUILD_ROOT/%{_datadir}/%{appdir}
mkdir -p $RPM_BUILD_ROOT/%{pixmapdir}
mkdir -p $RPM_BUILD_ROOT/%{docdir}
echo "dir: " $RPM_BUILD_ROOT/%{escbindir}/%{name}
sed -e 's;\$LIBDIR;'%{_libdir}';g' -e 's;\$VERSION;'%{version}';g' %{SOURCE1} > $RPM_BUILD_ROOT/%{escbindir}/%{name}
chmod 755 $RPM_BUILD_ROOT/%{escbindir}/%{name}
mkdir -p $RPM_BUILD_ROOT/%{escdir}
mkdir -p $RPM_BUILD_ROOT/%{escdir}/lib
cp $RPM_BUILD_ROOT/usr/local/bin/* $RPM_BUILD_ROOT/%{escdir}
cp -rf $RPM_BUILD_ROOT/usr/local/lib $RPM_BUILD_ROOT/%{escdir}
rm $RPM_BUILD_ROOT/%{escdir}/lib/*.a
rm $RPM_BUILD_ROOT/%{escdir}/lib/*.la
rm -rf $RPM_BUILD_ROOT/usr/local
cp %{SOURCE3} $RPM_BUILD_ROOT/%{icondir}
ln -s $RPMBUILD_ROOT%{icondir}/esc.png $RPM_BUILD_ROOT/%{pixmapdir}/esc.png
cp %{SOURCE2} $RPM_BUILD_ROOT/%{_datadir}/%{appdir}
cd %{_builddir}
cp %{escname}/esc/LICENSE $RPM_BUILD_ROOT/%{docdir}
%files
%{!?_licensedir:%global license %%doc}
%license %{docdir}/LICENSE
%{escbindir}/esc
%{escdir}/lib
%{escdir}/esc.js
%{escdir}/esc.properties
%{escdir}/operationDialog.js
%{escdir}/phoneHome.js
%{escdir}/pinDialog.js
%{escdir}/opensc.esc.conf
%{icondir}/esc.png
%{pixmapdir}/esc.png
%{_datadir}/%{appdir}/esc.desktop
%changelog
* Fri Aug 07 2020 Jack Magne <jmagne@redhat.com> - 1.1.2-14
- Resolves: rhbz#1848629 - Smartcard is not detected by esc. Ammendment to bug fix.
* Fri Aug 07 2020 Jack Magne <jmagne@redhat.com> - 1.1.2-13
- Resolves: rhbz#1848629 - Smartcard is not detected by esc
* Sat May 30 2020 Jack Magne <jmagne@redhat.com> - 1.1.2-12
- Resolves: rhbz#1646486 - alt tokens not detected by ESC
- Resolves: rhbz#1774750 - ESC's unusual behavior after formatting a blank Gemalto token
- Resolves: rhbz#1774770 - After formatting a Gemalto/SCP03 token, ESC shows incorrect Issuer, Issued To, Status, and Token ID details
* Wed Nov 13 2019 Jack Magne <jmagne@redhat.com> - 1.1.2-11
- Resolves: rhbz#1724787 - ESC - HTTP GET Requests incorrectly Being Sent To TPS for Token Operations [8.2]
- Resolves: rhbz#1734117 - ESC does not detect/recognize both clean and formatted (with phone home) smart cards
- Resolves: rhbz#1733645 - Gemalto, CAC, SCP01 cards are not detected by HP keyboard KUS1206 with builtin smartcard reader
* Fri Jun 14 2019 Jack Magne <jmagne@redhat.com> - 1.1.2-10
- Resolves: rhbz#1679659 - esc changes blocked until gating tests are added.
- Added notification list in yaml file, so entities are notified of changes.
* Thu Apr 25 2019 Jack Magne <jmagne@redhat.com> - 1.1.2-9
- Resolves: rhbz#1679659 - esc changes blocked until gating tests are added
- Fixed the gating test string to adhere to format.
* Mon Apr 15 2019 Jack Magne <jmagne@redhat.com> - 1.1.2-8
- Resolves: rhbz#1679659 - esc changes blocked until gating tests are added
* Fri Feb 01 2019 Jack Magne <jmagne@redhat.com> - 1.1.2-7
- #Related: Bug 1596915 - Remove XULRunner from ESC. Minor launch
- script fix.
* Thu Jan 10 2019 Jack Magne <jmagne@redhat.com> - 1.1.2-6
- #Resolve: Bug 1638011 - esc docdir should not be versioned in rhel8.
- #Resolve: Bug 1596915 - Remove XULRunner from ESC.
* Fri Oct 12 2018 Jack Magne <jmagne@redhat.com> - 1.1.2-4
- #Resolve: Bug 1633238 - ESC crashes when smartcard is detected.
* Mon Oct 08 2018 Jack Magne <jmagne@redhat.com> - 1.1.2-4
- #Resolve: Bug 1630560 - Review annocheck distro flag failures in esc.
* Wed Aug 22 2018 Jack Magne <jmagne@redhat.com> - 1.1.2-3
- Remove remaining arch exclusions.
* Wed Aug 01 2018 Jack Magne <jmagne@redhat.com> - 1.1.2-1
- Remove uneeded Requires and no longer put in autostart directory.
* Mon Jul 30 2018 Jack Magne <jmagne@redhat.com> - 1.1.2-1
- Build bare bones esc, without xulrunner, using gjs / gobject
- introspection.
* Thu Jun 07 2018 Jack Magne <jmagne@redhat.com> - 1.1.1-5
- Rebuild.
* Mon Apr 23 2018 Jack Magne <jmagne@redhat.com> - 1.1.1-4
- Remove coolkey dependencies, replace with opensc.
* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.1.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Thu Jan 11 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 1.1.1-2
- Remove obsolete scriptlets
* Mon Aug 07 2017 - 1.1.1-1
- Rebuilt using internally built xulrunner, due to the xulrunner package going away.
* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.1.0-32
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.1.0-31
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Sun May 8 2016 Peter Robinson <pbrobinson@fedoraproject.org> 1.1.0-30
- Secondary arch fixes
- Use %%license
* Mon Feb 08 2016 Jack Magne <jmagne@redhat.com> 1.1.0-29
- Apease latest xullrunner api changes.
* Thu Apr 09 2015 Jack Magne <jmagne@redhat.com> 1.1.0-27
- More xulrunner adjustments.
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.1.0-26
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.1.0-25
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Wed Apr 23 2014 Jack Magne <jmagne@redhat.com>=1.1.0-24
- Fix minor http client error.
* Thu Apr 17 2014 Jack Maghe <jmagne@redhat.com>=1.1.0-23
- Appease more xulrunner changes.
* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.1.0-23
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Sun Jul 7 2013 Ville Skyttä <ville.skytta@iki.fi> - 1.1.0-22
- Make buildable with kernels > 3.5.
- %%changelog syntax and bogus date fixes.
- Bump xulrunner version to 22.0.
* Mon Jun 17 2013 Jack Magne <jmagne@redhat.com>- 1.1.0-21
- Appease latest compiler errors and build to xulrunner 21.0.
* Wed Nov 28 2012 Jack Magne <jmagne@redhat.com>- 1.1.0-20
- Gecko no longer supports UniversalXPConnect, remove it.
* Wed Nov 21 2012 Jack Magne <jmagne@redhat.com>- 1.1.0-19
- Pick up latest fixes.
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.1.0-18
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Fri Jun 22 2012 Jack Magne <jmagne@redhat.com>- 1.1.0-17
- Related #688361 - Get ESC to run on Gecko 2.0, again.
* Thu May 10 2012 Jack Magne <jmagne@redhat.com>- 1.1.0-16
- Related #688361 - Get ESC to run on Gecko 2.0.
* Mon Feb 20 2012 Jack Magne <jmagne@redhat.com>- 1.1.0-15
- Related #688361 - Get ESC to run on Gecko 2.0.
* Tue Nov 29 2011 Jack Magne <jmagne@redhat.com>- 1.1.0-14
- Related #688361 - Get ESC to run on Gecko 2.0.
* Thu Apr 15 2010 Jack Magne <jmagne@redhat.com>- 1.1.0-11
- Adjust for new linking rules.
* Tue Sep 15 2009 Jack Magne <jmagne@redhat.com>- 1.1.0-10
- Pick up latest improvements.
* Mon Jun 22 2009 Jack Magne <jmagne@redhat.com>- 1.1.0-9
- Related: #496410, also IPV6 support.
* Fri Jun 19 2009 Jack Magne <jmagne@redhat.com>- 1.1.0-8
- Related: #496410, SSL Conn fix.
* Mon Jun 8 2009 Jack Magne <jmagne@redhat.com>- 1.1.0-7
- Releated: #496410.
* Thu Apr 23 2009 Jack Magne <jmagne@redhat.com>- 1.1.0-6
- Related: #496410. Appease rpmdiff.
* Wed Apr 22 2009 Jack Magne <jmagne@redhat.com>- 1.1.0-5
- Related: #496410, addresses 494981, better error message.
* Wed Apr 22 2009 Jack Magne <jmagne@redhat.com>- 1.1.0-4
- Move to latest rebased code. Related #496410.
* Thu Dec 04 2008 Jack Magne <jmagne@redhat.com>- 1.0.0-39
- Resolves #469202 - Cert Viewer issue
* Tue Nov 11 2008 Jack Magne <jmagne@redhat.com>- 1.0.0-38
- Resolves #471923 - ESC Connection issue.
* Thu Oct 16 2008 Jack Magne <jmagne@redhat.com>- 1.0.0-37
- Resolves #467126 - Blank authentication dialog problem.
* Fri Sep 26 2008 Jack Magne <jmagne@redhat.com>- 1.0.0-36
- Related #200475 - Require the xulrunner package, Resolves #248493
* Thu Sep 18 2008 Jack Magne <jmagne@redhat.com>- 1.0.0-35
- Related 200475, make rpmdiff tests happy.
* Tue Sep 16 2008 Jack Magne <jmagne@redhat.com>- 1.0.0-34
- Resolves #200475 #253081 #437238
* Thu Jan 10 2008 Jack Magne <jmagne@redhat.com>- 1.0.0-33
- Resolves #25324a8 #253268
* Thu Jul 12 2007 Jack Magne <jmagne@redhat.com>- 1.0.0-32
- Resolves #248071 - ESC RPM unistall failure if daemon not running.
* Fri Jun 22 2007 Jack Magne <jmagne@redhat.com>- 1.0.0-31
- Related #208038 - Top things to put in diagnostics log
* Wed Jun 20 2007 Jack Magne <jmagne@redhat.com>- 1.0.0-30
- Related #204021
* Fri Jun 8 2007 Jack Magne <jmagne@redhat.com>- 1.0-0-29
- Related #212010
* Fri Jun 8 2007 Jack Magne <jmagne@redhat.com>- 1.0.0-28
- Resolves #212010
* Tue Jun 5 2007 Jack Magne <jmagne@redhat.com>- 1.0.0-27
- Resolves #203466 Better error message strings.
* Mon May 21 2007 Jack Magne <jmagne@redhat.com>- 1.0.0-26
- Related: #206783 Fix the launcher script to work with new logging.
* Fri May 11 2007 Jack Magne <jmagne@redhat.com>- 1.0.0-25
- Resolves: #206783.
* Mon Apr 23 2007 Jack Magne <jmagne@redhat.com>- 1.0.0-24
- More Desktop appearance fixes.
- Related: #208749
* Mon Apr 23 2007 Jack Magne <jmagne@redhat.com>- 1.0.0-23
- Desktop appearance fixes.
- Related: #208749
* Thu Apr 19 2007 Jack Magne <jmagne@redhat.com>- 1.0.0-22
- Second drop of 5.1 fixes.
- Resolves: #203934, #203935, #204959, #206780, #206792, #207721
- Resolves: #207816, #206791
- Related: #208749
* Wed Apr 18 2007 Jack Magne <jmagne@redhat.com>- 1.0.0-21
- First 5.1 fixes.
- Resolves: #203757, #203806, #204661, #205856, #206788, #206791
- Resolves: #208037, #208333, #210589, #210590, #213912, #226913
- Resolves: #204021, #205498, #224436
* Tue Nov 28 2006 Jack Magne <jmagne@redhat.com>- 1.0.0-20
- fix for bug to commit config changes immediately. Bug #210988
* Wed Nov 15 2006 Jack Magne <jmagne@redhat.com>- 1.0.0-19
-fix for escd double free problem. Bug #209882
* Tue Oct 24 2006 Jack Magne <jmagne@redhat.com>- 1.0.0-18
-rebuilt on RHEL-5 branch
* Wed Oct 4 2006 Jack Magne <jmagne@redhat.com>- 1.0.0-17
- Diagnostics display fixes, Mac and Window fixes.
* Sun Oct 01 2006 Jesse Keating <jkeating@redhat.com> - 1.0.0-16
- rebuilt for unwind info generation, broken in gcc-4.1.1-21
* Fri Sep 22 2006 Jack Magne <jmagne@redhat.com>- 1.0.0-15
- Fix to the build version
* Fri Sep 22 2006 Jack Magne <jmagne@redhat.com>= 1.0.0-14
- Fix to compile error in daemon
* Fri Sep 22 2006 Jack Magne <jmagne@redhat.com>- 1.0.0-13
- Fix to include the new esc daemon.
* Sat Sep 16 2006 Jack Magne <jmagne@redhat.com>- 1.0.0-12
- Fix for Password Reset and minor UI revision.
* Fri Sep 15 2006 Jack Magne <jmagne@redhat.com>- 1.0.0-11
- Further UI enhancement bug fixes
* Thu Sep 7 2006 Jack Magne <jmagne@redhat.com>- 1.0.0-10
- Further strings revisions.
* Wed Aug 30 2006 Jack Magne <jmagne@redhat.com>- 1.0.0-9
- Revision of the strings used in ESC.
* Wed Aug 30 2006 Jack Magne <jmagne@redhat.com>- 1.0.0-8
- Fixes to get libnotify working properly on FC6 systems.
* Tue Aug 22 2006 Jack Magne <jmagne@redhat.com> - 1.0.0-7
- Fix for bug #203211, use of system NSS and NSPR for
- Xulrunner ,addressing the problem running on 64 bit.
- Overwriting 5 and 6 due to important bug #203211.
* Fri Aug 18 2006 Jack Magne <jmagne@redhat.com> - 1.0.0-6
- Correct problem with Patch #6
* Fri Aug 18 2006 Jack Magne <jmagne@redhat.com> - 1.0.0-5
- Build ESC's xulrunner component using system nss and nspr
- Build process creates run script based on {_libdir} variable,
accounting for differences on 64 bit machines.
- UI enhancements
* Tue Aug 1 2006 Matthias Clasen <mclasen@redhat.com> - 1.0.0-4
- Don't auto-generate requires either
* Mon Jul 31 2006 Matthias Clasen <mclasen@redhat.com> - 1.0.0-3
- Don't provide mozilla libraries
* Fri Jul 28 2006 Ray Strode <rstrode@redhat.com> - 1.0.0-2
- remove bogus gtk+ requires (and some others that will
be automatic)
* Tue Jun 13 2006 Jack Magne <jmagne@redhat.com> - 1.0.0-1
- Initial revision for fedora