rpms
/
esc
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Compare commits

base: rpms:imports/c8/esc-1.1.2-11.el8
Branches Tags
rpms:c8
rpms:c9s
rpms:c9
rpms:c9-beta
rpms:c8-beta
rpms:c8s
rpms:imports/c9/esc-1.1.2-16.el9
rpms:imports/c8/esc-1.1.2-24.el8
rpms:imports/c9-beta/esc-1.1.2-16.el9
rpms:imports/c8-beta/esc-1.1.2-24.el8
rpms:imports/c8s/esc-1.1.2-24.el8
rpms:imports/c9/esc-1.1.2-15.el9
rpms:imports/c8-beta/esc-1.1.2-22.el8_4
rpms:imports/c9-beta/esc-1.1.2-15.el9
rpms:imports/c9-beta/esc-1.1.2-13.el9_b
rpms:imports/c9-beta/esc-1.1.2-11.el9
rpms:imports/c8-beta/esc-1.1.2-23.el8
rpms:imports/c8-beta/esc-1.1.2-15.el8
rpms:imports/c8-beta/esc-1.1.2-12.el8
rpms:imports/c8-beta/esc-1.1.2-11.el8
rpms:imports/c8-beta/esc-1.1.2-7.el8
rpms:imports/c8s/esc-1.1.2-23.el8
rpms:imports/c8s/esc-1.1.2-21.el8
rpms:imports/c8s/esc-1.1.2-18.el8
rpms:imports/c8s/esc-1.1.2-15.el8
rpms:imports/c8s/esc-1.1.2-14.el8
rpms:imports/c8/esc-1.1.2-22.el8_4
rpms:imports/c8/esc-1.1.2-18.el8
rpms:imports/c8/esc-1.1.2-17.el8_3
rpms:imports/c8/esc-1.1.2-14.el8
rpms:imports/c8/esc-1.1.2-11.el8
...
compare: rpms:c8
Branches Tags
rpms:c9s
rpms:c9
rpms:c8
rpms:c9-beta
rpms:c8-beta
rpms:c8s
rpms:imports/c9/esc-1.1.2-16.el9
rpms:imports/c8/esc-1.1.2-24.el8
rpms:imports/c9-beta/esc-1.1.2-16.el9
rpms:imports/c8-beta/esc-1.1.2-24.el8
rpms:imports/c8s/esc-1.1.2-24.el8
rpms:imports/c9/esc-1.1.2-15.el9
rpms:imports/c8-beta/esc-1.1.2-22.el8_4
rpms:imports/c9-beta/esc-1.1.2-15.el9
rpms:imports/c9-beta/esc-1.1.2-13.el9_b
rpms:imports/c9-beta/esc-1.1.2-11.el9
rpms:imports/c8-beta/esc-1.1.2-23.el8
rpms:imports/c8-beta/esc-1.1.2-15.el8
rpms:imports/c8-beta/esc-1.1.2-12.el8
rpms:imports/c8-beta/esc-1.1.2-11.el8
rpms:imports/c8-beta/esc-1.1.2-7.el8
rpms:imports/c8s/esc-1.1.2-23.el8
rpms:imports/c8s/esc-1.1.2-21.el8
rpms:imports/c8s/esc-1.1.2-18.el8
rpms:imports/c8s/esc-1.1.2-15.el8
rpms:imports/c8s/esc-1.1.2-14.el8
rpms:imports/c8/esc-1.1.2-22.el8_4
rpms:imports/c8/esc-1.1.2-18.el8
rpms:imports/c8/esc-1.1.2-17.el8_3
rpms:imports/c8/esc-1.1.2-14.el8
rpms:imports/c8/esc-1.1.2-11.el8

5 Commits
imports/c8 ... c8

Author SHA1 Message Date
CentOS Sources 1426a8f439 import esc-1.1.2-24.el8 2022-11-08 06:46:33 +00:00
CentOS Sources 5f1bcfa121 import esc-1.1.2-22.el8_4 2021-09-09 16:23:54 +00:00
CentOS Sources 4472a5a02f import esc-1.1.2-18.el8 2021-09-09 16:23:51 +00:00
CentOS Sources f72e0c39b1 import esc-1.1.2-17.el8_3 2021-09-09 16:23:48 +00:00
CentOS Sources 58ab463b97 import esc-1.1.2-14.el8 2021-09-09 16:23:45 +00:00
6 changed files with 872 additions and 2 deletions
Show Stats Expand all files Collapse all files

291
SOURCES/esc-1.1.2-fix10.patch Normal file
View File

@ -0,0 +1,291 @@
diff -up ./esc/esc-1.1.2/esc/src/app/esc.js.fix10 ./esc/esc-1.1.2/esc/src/app/esc.js
--- ./esc/src/app/esc.js.fix10 2020-12-02 15:47:00.688951279 -0800
+++ ./esc/src/app/esc.js 2020-12-02 15:47:00.690951273 -0800
@@ -370,12 +370,20 @@ class ESC {
let nick = "";
if(certObj.token == null)
token = "internal";
- else
+ else {
token = certObj.token;
+ }
nick = certObj.nick;
-
- certDetail = this._execProgram(['/usr/bin/certutil','-L','-d', this._getConfigPath(), '-h', token, '-f' , pFileName, '-n', token + ":" + nick]);
+
+ let tokenNick = '"' + token + ":" + nick + '"' ;
+ token = '"' + token + '"';
+ let argv1 = ['/usr/bin/certutil','-L','-d', this._getConfigPath(), '-h', token, '-f' , pFileName, '-n', tokenNick];
+
+ print("argv1: " + argv1);
+
+
+ certDetail = this._execProgram(argv1);
return certDetail;
}
@@ -475,7 +483,7 @@ class ESC {
result = -1;
return result;
}
-
+
result = stdoutb.toString();
} catch (e) {
@@ -792,19 +800,18 @@ class ESC {
let status = this._selectedTokenInfo.status;
if(status == 4 /* enrolled */) {
- this._pinMgr = new PinDialog.pinDialog(this);
- this._pinMgr.launchPinPrompt(this._promptPinDone.bind(this));
+ let coolkey_token = this._selectedTokenInfo;
+
+ this._tokenInfoBuffer.text +=
+ this.mgr.get_certs_info(coolkey_token);
+
}
}
- _promptPinDone(tempFileName) {
-
- let coolkey_token = this._selectedTokenInfo;
-
- this._tokenInfoBuffer.text +=
- this._getCertList(coolkey_token,tempFileName) + "\n";
+ _promptPinDone(tempFileName) {
}
+
_response_cb() {
if(this._messageDialog) {
this._messageDialog.destroy();
diff -up ./esc/src/app/opensc.esc.conf.fix10 ./esc/src/app/opensc.esc.conf
--- ./esc/src/app/opensc.esc.conf.fix10 2020-12-02 15:51:05.812283690 -0800
+++ ./esc/src/app/opensc.esc.conf 2020-12-02 15:51:30.835215539 -0800
@@ -94,6 +94,7 @@ app default {
module_path = /usr/lib64;
}
framework pkcs15 {
+ use_file_caching = true;
builtin_emulators = coolkey, cac, cac1, PIV-II;
}
}
diff -up ./esc/src/app/pinDialog.js.fix10 ./esc/src/app/pinDialog.js
--- ./esc/src/app/pinDialog.js.fix10 2020-12-02 15:47:00.683951293 -0800
+++ ./esc/src/app/pinDialog.js 2020-12-02 15:47:00.691951271 -0800
@@ -94,7 +94,6 @@ pinDialog.prototype = {
if(this.notify) {
this.notify(this.tempFileName);
}
-
this.clearTempFile();
this.dialog.destroy();
this.dialog = null;
diff -up ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix10 ./esc/src/lib/coolkey/CoolKeyHandler.cpp
--- ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix10 2020-12-02 16:25:29.075670723 -0800
+++ ./esc/src/lib/coolkey/CoolKeyHandler.cpp 2020-12-02 16:30:53.310789119 -0800
@@ -46,6 +46,7 @@
static const char *cac_manu_id= "Common Access Card";
static const char *piv_manu_id= "piv II ";
+static const char *piv_manu_id_1= "piv_II";
//static char *test_extended_login = "s=325&msg_type=13&invalid_login=0&blocked=0&error=&required_parameter0=id%3DUSER%5FID%26name%3DUser+ID%26desc%3DUser+ID%26type%3Dstring%26option%3Doption1%2Coption2%2Coption3&required_parameter1=id%3DUSER%5FPWD%26name%3DUser+Password%26desc%3DUser+Password%26type%3Dpassword%26option%3D&required_parameter2=id%3DUSER%5FPIN%26name%3DPIN%26desc%3DOne+time+PIN+received+via+mail%26type%3Dpassword%26option%3D";
@@ -2300,7 +2301,9 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co
if(!memcmp( tokenInfo.manufacturerID,cac_manu_id,strlen(cac_manu_id ))) {
isACAC = 1;
} else if(!memcmp(tokenInfo.manufacturerID, piv_manu_id, strlen(piv_manu_id))) {
- isAPIV = 1;
+ isAPIV = 1;
+ } else if(!memcmp(tokenInfo.manufacturerID, piv_manu_id_1, strlen(piv_manu_id_1))) {
+ isAPIV = 1;
} else {
isACOOLKey = 1;
}
diff -up ./esc/src/lib/coolkey-mgr/coolkey-api.cpp.fix10 ./esc/src/lib/coolkey-mgr/coolkey-api.cpp
--- ./esc/src/lib/coolkey-mgr/coolkey-api.cpp.fix10 2020-12-02 15:47:00.673951320 -0800
+++ ./esc/src/lib/coolkey-mgr/coolkey-api.cpp 2020-12-02 15:47:00.691951271 -0800
@@ -17,6 +17,8 @@
#include "coolkey-api.h"
#include "rhCoolKey.h"
+#include <string>
+
static rhCoolKey *coolkey = NULL;
static const char * coolkeyDbusName = NULL;
@@ -79,6 +81,54 @@ char *coolkey_get_phone_home(char *url)
}
}
+/* get a string with all the certs detail for a token */
+
+char *coolkey_get_certs_info(int keyType, const char *keyID) {
+
+ string str_result;
+ if (coolkey == NULL) {
+ return NULL;
+ }
+
+ char *result = NULL;
+ char **names = NULL;
+ PRUint32 count = 0;
+ HRESULT res = coolkey->GetCoolKeyCertNicknames(keyType, keyID, &count, &names);
+
+ if(count > 0 && res == S_OK) {
+ for(int i = 0 ; i < count ; i++) {
+ char *curName = names[i];
+
+ if(curName) {
+ char *certDetail = NULL;
+ str_result = str_result + curName + "\n" ;
+ res = coolkey->GetCoolKeyCertInfo(keyType, keyID, curName, &certDetail);
+ if(res == S_OK && certDetail != NULL) {
+ str_result = str_result + certDetail + "\n";
+ PL_strfree(certDetail);
+ certDetail = NULL;
+ }
+ }
+ }
+ }
+
+ if(str_result.c_str()) {
+ result = PL_strdup((char *) str_result.c_str());
+ }
+
+ for(int i = 0 ; i < count ; i++) {
+ if(names[i]) {
+ PL_strfree(names[i]);
+ names[i] = NULL;
+ }
+ }
+
+ PR_Free(names);
+ names = NULL;
+
+ return result;
+}
+
/* get a block of data about a token in a structure format */
tokenInfo *coolkey_get_token_info(int keyType, const char *keyID) {
diff -up ./esc/src/lib/coolkey-mgr/coolkey-api.h.fix10 ./esc/src/lib/coolkey-mgr/coolkey-api.h
--- ./esc/src/lib/coolkey-mgr/coolkey-api.h.fix10 2020-12-02 15:47:00.673951320 -0800
+++ ./esc/src/lib/coolkey-mgr/coolkey-api.h 2020-12-02 15:47:00.691951271 -0800
@@ -43,6 +43,8 @@ void coolkey_init(const char *db_dir, co
void coolkey_destroy();
char *coolkey_get_phone_home(char *url);
+char *coolkey_get_certs_info(int keyType, const char *keyID);
+
tokenInfo *coolkey_get_token_info(int keyType,const char *keyID);
void coolkey_free_token_info(tokenInfo *tInfo);
diff -up ./esc/src/lib/coolkey-mgr/coolkey-mgr.c.fix10 ./esc/src/lib/coolkey-mgr/coolkey-mgr.c
--- ./esc/src/lib/coolkey-mgr/coolkey-mgr.c.fix10 2020-12-02 15:47:00.673951320 -0800
+++ ./esc/src/lib/coolkey-mgr/coolkey-mgr.c 2020-12-02 15:47:00.691951271 -0800
@@ -346,6 +346,36 @@ cleanup:
}
+gchar*
+coolkey_mgr_get_certs_info(CoolkeyMgr *self, CoolkeyToken* token) {
+
+ gchar *cuid = NULL;
+ gchar *keyType = NULL;
+ int keyTypeInt = 0;
+ gchar *certInfo = NULL;
+
+ g_object_get(token,"key_type", &keyType,NULL);
+ g_object_get(token,"cuid", &cuid, NULL);
+
+ if(keyType == NULL || cuid == NULL) {
+ goto cleanup;
+ }
+
+ keyTypeInt = atoi(keyType);
+
+ if(keyType == NULL || cuid == NULL) {
+ goto cleanup;
+ }
+
+ certInfo = coolkey_get_certs_info(keyTypeInt, cuid);
+
+cleanup:
+
+ g_free (keyType);
+ g_free (cuid);
+
+ return certInfo;
+}
void
coolkey_mgr_get_token_info(CoolkeyMgr* self, CoolkeyToken* token) {
diff -up ./esc/src/lib/coolkey-mgr/coolkey-mgr.h.fix10 ./esc/src/lib/coolkey-mgr/coolkey-mgr.h
--- ./esc/src/lib/coolkey-mgr/coolkey-mgr.h.fix10 2020-12-02 15:47:00.673951320 -0800
+++ ./esc/src/lib/coolkey-mgr/coolkey-mgr.h 2020-12-02 15:47:00.691951271 -0800
@@ -46,6 +46,8 @@ int coolkey_mgr_cancel_token_operation(C
void coolkey_mgr_get_token_info(CoolkeyMgr* self, CoolkeyToken* token);
+gchar * coolkey_mgr_get_certs_info(CoolkeyMgr*self, CoolkeyToken* token);
+
gchar * coolkey_mgr_phone_home(CoolkeyMgr* self, gchar *url);
gchar * coolkey_mgr_speak (CoolkeyMgr* self, gchar *words);
diff -up ./esc/src/lib/coolkey/NSSManager.cpp.fix10 ./esc/src/lib/coolkey/NSSManager.cpp
--- ./esc/src/lib/coolkey/NSSManager.cpp.fix10 2020-12-02 15:47:00.680951301 -0800
+++ ./esc/src/lib/coolkey/NSSManager.cpp 2020-12-02 15:47:00.691951271 -0800
@@ -41,7 +41,7 @@
#include <iostream>
#include <sstream>
-
+#include <algorithm>
#include "SlotUtils.h"
static PRLogModuleInfo *coolKeyLogNSS = PR_NewLogModule("coolKeyNSS");
@@ -314,7 +314,10 @@ NSSManager::GetKeyCertNicknames( const C
CERTCertificate *cert = node->cert;
if(cert)
{
- if(cert->slot != slot)
+ char *certSlotName = PK11_GetSlotName(cert->slot);
+ char *slotName = PK11_GetSlotName(slot);
+
+ if(strcmp(certSlotName, slotName))
{
CERT_RemoveCertListNode(node);
}
@@ -346,7 +349,10 @@ NSSManager::GetKeyCertNicknames( const C
PR_LOG( coolKeyLogNSS, PR_LOG_DEBUG, ("%s NSSManager::GetCertKeyNicknames name %s \n",GetTStamp(tBuff,56),curName));
string str = curName;
- aStrings.push_back (str);
+
+ if (find(aStrings.begin(), aStrings.end(), str) == aStrings.end()) {
+ aStrings.push_back (str);
+ }
}
CERT_FreeNicknames(nicknames);
@@ -691,6 +697,16 @@ HRESULT NSSManager::GetKeyCertInfo(const
aCertInfo = issuedToCNStr + "\n" + issuerCNStr + "\n"
+ notBeforeStr + "\n" + notAfterStr + "\n" + serialStr ;
PR_LOG( coolKeyLogNSS, PR_LOG_DEBUG, ("%s NSSManager::GetKeyCertInfo issuerCN %s issuedToCN %s \n",GetTStamp(tBuff,56),issuerCN, issuedToCN));
+
+ if(nBefore) {
+ PORT_Free(nBefore);
+ nBefore = NULL;
+ }
+
+ if(nAfter) {
+ PORT_Free(nAfter);
+ nAfter = NULL;
+ }
break;
}

104
SOURCES/esc-1.1.2-fix11.patch Normal file
View File

@ -0,0 +1,104 @@
diff -up ./esc/src/app/esc.js.fix11 ./esc/src/app/esc.js
--- ./esc/src/app/esc.js.fix11 2022-06-15 19:12:43.974710780 -0400
+++ ./esc/src/app/esc.js 2022-06-15 19:12:54.657664269 -0400
@@ -581,7 +581,6 @@ class ESC {
this._configFile = new GLib.KeyFile();
this._configPath = GLib.get_user_config_dir() + "/esc";
-
let configDir = Gio.File.new_for_path(this._configPath);
try {
@@ -606,6 +605,9 @@ class ESC {
this._configFile.save_to_file(this._configFileName);
}
}
+ _initConfigTokenManuIDs() {
+ this._setConfigValue("esc.token.manu_id.0","Volkswagen AG");
+ }
_buildUI() {
// Create the application window
@@ -637,6 +639,7 @@ class ESC {
this._initConfig();
+ this._initConfigTokenManuIDs();
this._initProperties();
this._statusMessages = null;
diff -up ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix11 ./esc/src/lib/coolkey/CoolKeyHandler.cpp
--- ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix11 2022-06-15 19:10:26.278310248 -0400
+++ ./esc/src/lib/coolkey/CoolKeyHandler.cpp 2022-06-15 19:10:46.824220800 -0400
@@ -63,6 +63,7 @@ static const char *piv_manu_id_1= "piv_
static PRLogModuleInfo *coolKeyLogHN = PR_NewLogModule("coolKeyHandler");
void NotifyEndResult(CoolKeyHandler* context, int operation, int result, int description);
+bool isTokenTypeOtherKnownType(CK_TOKEN_INFO *tokenInfo);
struct AutoCKYBuffer : public CKYBuffer
{
@@ -2246,6 +2247,7 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co
int isACOOLKey = 0;
int isACAC = 0;
int isAPIV = 0;
+ bool isOtherKey = false;
int hasApplet = 0;
int isPersonalized = 0;
@@ -2306,6 +2308,12 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co
isAPIV = 1;
} else {
isACOOLKey = 1;
+ isOtherKey = isTokenTypeOtherKnownType(&tokenInfo);
+ if(isOtherKey == true && hasApplet == 0 && isPersonalized == 0) {
+ isACOOLKey = 0;
+ } else {
+ isOtherKey = false;
+ }
}
// OK, we have everything we need, now build the COOLKEYInfo structure.
@@ -2336,7 +2344,7 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co
tokenInfo.firmwareVersion.major = 1;
}
- if(isPersonalized == 1 || isACAC == 1 || isAPIV == 1) {
+ if(isPersonalized == 1 || isACAC == 1 || isAPIV == 1 || isOtherKey == true) {
tokenInfo.flags |= CKF_TOKEN_INITIALIZED;
}
@@ -2407,3 +2415,33 @@ failed:
return NULL;
}
+
+bool isTokenTypeOtherKnownType(CK_TOKEN_INFO *tokenInfo)
+{
+ char tBuff[56];
+ bool res = false;
+
+ if(tokenInfo == NULL) {
+ return res;
+ }
+ string curManuCfg;
+ string num;
+ for(int i = 0;;i++) {
+ num = to_string(i);
+ curManuCfg = "esc.token.manu_id." + num;
+ const char *curManu = CoolKeyGetConfig(curManuCfg.c_str());
+
+ if(curManu == NULL) {
+ break;
+ }
+
+ int match = memcmp(tokenInfo->manufacturerID, curManu, strlen(curManu));
+ CoolKeyFreeConfig(curManu);
+ if(match == 0) {
+ res = true;
+ break;
+ }
+ }
+ PR_LOG( coolKeyLogHN, PR_LOG_DEBUG, ("%s CoolKeyHandler::isTokenTypeOtherKnownType: result: %d .\n",GetTStamp(tBuff,56), res));
+ return res;
+}

343
SOURCES/esc-1.1.2-fix7.patch Normal file
View File

@ -0,0 +1,343 @@
diff -up ./esc/src/app/esc.js.fix7 ./esc/src/app/esc.js
--- ./esc/src/app/esc.js.fix7 2020-05-30 18:57:40.423388032 -0700
+++ ./esc/src/app/esc.js 2020-05-30 19:01:40.769955310 -0700
@@ -30,6 +30,12 @@ const ESC_CONFIG_FILE_NAME = "esc.conf";
const ESC_CONFIG_GROUP = "ESC";
const ESC_PWORD_FILE = "pword";
+const STATUS_ENROLLED="Enrolled";
+const STATUS_FORMATTED="Formatted";
+const STATUS_UNFORMATTED="Unformatted";
+const STATUS_UNKNOWN="Unknown";
+const FORMATTED_CODE=2;
+
const UNKNOWN_LABEL = "unknown";
const CoolKeyNotifyIface = '<node> \
<interface name="com.jmagne.CoolKeyNotify"> \
@@ -185,17 +191,17 @@ class ESC {
_getStatusString(intStatus) {
switch(intStatus) {
case 4:
- return "enrolled";
+ return STATUS_ENROLLED;
break;
case 2:
- return "uninitialized";
+ return STATUS_FORMATTED;
break;
case 1:
- return "unknown";
+ return STATUS_UNFORMATTED;
break;
default:
- return "unknown";
+ return STATUS_UNKNOWN;
break;
}
}
@@ -216,14 +222,30 @@ class ESC {
let issuer = inserted.issuer;
let issuedTo = inserted.issued_to;
+ let cachedIssuer = null;
+
+ if(inserted.is_a_cool_key) {
+ cachedIssuer = this._phoneHomeMgr.getCachedIssuer(aKeyID);
+ }
+
+ if(cachedIssuer != null) {
+ issuer = cachedIssuer;
+ }
+
if(issuer == null || issuer.length == 0) {
- issuer = "unknown";
+ issuer = STATUS_UNKNOWN;
}
if(issuedTo == null || issuedTo.length == 0) {
- issuedTo = "unknown";
+ issuedTo = STATUS_UNKNOWN;
}
+ let newStatus = inserted.status;
+
+ if(newStatus == FORMATTED_CODE) {
+ issuedTo = STATUS_UNKNOWN;
+ }
+
this._tokenStore.set (this._tokenStore.append(), [0, 1, 2, 3, 4],
- [issuer, issuedTo, this._getStatusString(inserted.status), aKeyID,aKeyType]);
+ [issuer, issuedTo, this._getStatusString(newStatus), aKeyID,aKeyType]);
let [ isSelected, iter] = this._tokenStore.get_iter_first();
diff -up ./esc/src/app/opensc.esc.conf.fix7 ./esc/src/app/opensc.esc.conf
--- ./esc/src/app/opensc.esc.conf.fix7 2020-05-30 18:54:14.079618060 -0700
+++ ./esc/src/app/opensc.esc.conf 2020-05-30 19:02:16.191744158 -0700
@@ -89,12 +89,12 @@ app default {
}
reader_driver openct {
};
- card_drivers = coolkey, cac, piv, default;
+ card_drivers = coolkey, cac,cac1, piv, default;
secure_messaging local_authentic {
module_path = /usr/lib64;
}
framework pkcs15 {
- builtin_emulators = coolkey, cac, piv;
+ builtin_emulators = coolkey, cac, cac1, piv;
}
}
app opensc-pkcs11 {
diff -up ./esc/src/app/operationDialog.js.fix7 ./esc/src/app/operationDialog.js
--- ./esc/src/app/operationDialog.js.fix7 2020-05-30 18:54:48.700411683 -0700
+++ ./esc/src/app/operationDialog.js 2020-05-30 19:03:01.354474940 -0700
@@ -47,34 +47,32 @@ operationDialog.prototype = {
if(tokenInfo == null) {
this.app_alert("Invalid Token!");
}
- this.dialog = new Gtk.Dialog ({ transient_for: this.app._window,
- modal: true,deletable: false,
- title: TOKEN_OPERATION, border_width: 10 });
this.operation = operation;
this.tokenInfo = tokenInfo;
let opMessage = "";
if(this.operation == OP_FORMAT) {
- opMessage = "Format Smart Card";
+ opMessage = "Format Smart Card:";
} else if(this.operation == OP_ENROLL) {
- opMessage = "Enroll Smart Card";
+ opMessage = "Enroll Smart Card:";
} else if(this.operation == OP_PIN_RESET) {
- opMessage = "Reset Smart Card Pin";
+ opMessage = "Reset Smart Card Pin:";
} else {
this.app._alert("operationdDialog: Invalid operation!");
return;
}
+ this.dialog = new Gtk.Dialog ({ transient_for: this.app._window,
+ modal: true,deletable: false,
+ title: TOKEN_OPERATION, border_width: 10 });
+
this.area = this.dialog.get_content_area();
this.grid = new Gtk.Grid ({row_spacing: 20, column_spacing: 20});
- this.message = new Gtk.Label ({label: opMessage});
- this.area.add (this.message);
-
//this.throbberImage = new Gtk.Image({file: this.app._currentDir + "/" + "throbber-anim5.gif"});
-
+ this.label = new Gtk.Label({label: opMessage});
this.progressBar = new Gtk.ProgressBar ({ valign: Gtk.Align.CENTER });
this.progressBar.set_fraction(0.0);
@@ -86,15 +84,16 @@ operationDialog.prototype = {
this.ldapUserLabel = new Gtk.Label({label: "Ldap User:"});
this.ldapUserBox = new Gtk.Entry();
- this.grid.attach(this.ldapUserLabel, 0, 0, 1,1);
- this.grid.attach(this.ldapUserBox,1, 0,1,1);
+ this.grid.attach(this.label,0,0,1,1);
+ this.grid.attach(this.ldapUserLabel, 0, 1, 1,1);
+ this.grid.attach(this.ldapUserBox,1, 1,1,1);
this.ldapPasswordLabel = new Gtk.Label({label: "Ldap Password:"});
this.ldapPasswordBox = new Gtk.Entry();
this.ldapPasswordBox.set_visibility(false);
- this.grid.attach(this.ldapPasswordLabel,2,0,1,1);
- this.grid.attach(this.ldapPasswordBox,3,0,1,1);
+ this.grid.attach(this.ldapPasswordLabel,2,1,1,1);
+ this.grid.attach(this.ldapPasswordBox,3,1,1,1);
if(this.operation != OP_FORMAT ) {
@@ -106,10 +105,10 @@ operationDialog.prototype = {
this.confirmPinBox = new Gtk.Entry();
this.confirmPinBox.set_visibility(false);
- this.grid.attach(this.newpinLabel, 0,1,1,1);
- this.grid.attach(this.newpinBox,1,1,1,1);
- this.grid.attach(this.confirmPinLabel,2,1,1,1);
- this.grid.attach(this.confirmPinBox,3,1,1,1);
+ this.grid.attach(this.newpinLabel, 0,2,1,1);
+ this.grid.attach(this.newpinBox,1,2,1,1);
+ this.grid.attach(this.confirmPinLabel,2,2,1,1);
+ this.grid.attach(this.confirmPinBox,3,2,1,1);
}
this.oKButton = new Gtk.Button ({label: OpLabels[this.operation]});
@@ -117,11 +116,11 @@ operationDialog.prototype = {
this.dismissButton = new Gtk.Button({label: "Cancel" });
//this.grid.attach(this.throbberImage,0,2,1,1);
- this.grid.attach(this.progressLabel, 0,2,1,1);
+ this.grid.attach(this.progressLabel, 0,3,1,1);
//this.throbberImage.hide();
- this.grid.attach(this.progressBar, 1,2,1,1);
- this.grid.attach (this.oKButton,2,2,1,1);
- this.grid.attach (this.dismissButton,3,2,1,1);
+ this.grid.attach(this.progressBar, 1,3,1,1);
+ this.grid.attach (this.oKButton,2,3,1,1);
+ this.grid.attach (this.dismissButton,3,3,1,1);
// Connect the button to the function that handles what it does
this.oKButton.connect ("clicked", this.oKHandler.bind(this));
diff -up ./esc/src/app/phoneHome.js.fix7 ./esc/src/app/phoneHome.js
--- ./esc/src/app/phoneHome.js.fix7 2020-05-30 18:55:43.223086670 -0700
+++ ./esc/src/app/phoneHome.js 2020-05-30 19:03:49.787186230 -0700
@@ -93,7 +93,7 @@ phoneHome.prototype = {
this.phArea = this.phDialog.get_content_area();
this.phMessage = new Gtk.Label ({label: "Enter url: ex: http://test.host.com:8080/tps/phoneHome"});
- this.phArea.add (this.phMessage);
+ //this.phArea.add (this.phMessage);
this.phActionArea = this.phDialog.get_action_area();
this.phUrlBox = new Gtk.Entry({width_chars: 35});
@@ -108,9 +108,9 @@ phoneHome.prototype = {
this.phActionArea.add(this.phGrid);
this.phOKButton = Gtk.Button.new_from_stock (Gtk.STOCK_OK);
-
- this.phGrid.attach(this.phUrlBox, 0, 0, 1,1);
- this.phGrid.attach(this.phOKButton,1, 0,1,1);
+ this.phGrid.add(this.phMessage);
+ this.phGrid.attach(this.phUrlBox, 0, 1, 1,1);
+ this.phGrid.attach(this.phOKButton,1, 1,1,1);
// Connect the button to the function that handles what it does
this.phOKButton.connect ("clicked", this.phoneHomeOKHandler.bind(this));
@@ -228,9 +228,9 @@ phoneHome.prototype = {
if(!aKeyID)
return null;
- var issuerValue = this.app._configValueWithKeyID(aKeyID,KEY_ISSUER);
+ let issuerValue = this.app._configValueWithKeyID(aKeyID,KEY_ISSUER);
- if(!issuerValue)
+ if(issuerValue == null)
return null;
issuer = this.app._getConfigValue(issuerValue);
diff -up ./esc/src/app/pinDialog.js.fix7 ./esc/src/app/pinDialog.js
--- ./esc/src/app/pinDialog.js.fix7 2020-05-30 18:55:09.395288320 -0700
+++ ./esc/src/app/pinDialog.js 2020-05-30 19:04:51.380819066 -0700
@@ -36,16 +36,15 @@ pinDialog.prototype = {
launchPinPrompt: function(notify) {
this.notify = notify;
+ this.message = "Token Pin Entry";
this.dialog = new Gtk.Dialog ({ transient_for: this.app._window,
modal: true,
expand: false,
- title: PIN_OPERATION ,border_width: 20, deletable: false });
+ title: this.message ,border_width: 20, deletable: false });
this.area = this.dialog.get_content_area();
this.grid = new Gtk.Grid ({row_spacing: 10, column_spacing: 20});
- this.message = new Gtk.Label ({label: "Enter Token Pin"});
- this.area.add (this.message);
this.actionArea = this.dialog.get_action_area();
this.pinBox = new Gtk.Entry();
diff -up ./esc/src/lib/coolkey/CoolKey.cpp.fix7 ./esc/src/lib/coolkey/CoolKey.cpp
--- ./esc/src/lib/coolkey/CoolKey.cpp.fix7 2020-05-30 18:56:35.827773090 -0700
+++ ./esc/src/lib/coolkey/CoolKey.cpp 2020-05-30 19:05:30.561585507 -0700
@@ -511,6 +511,11 @@ HRESULT CoolKeyGetCUIDDirectly(char *aBu
CKYCardConnection_BeginTransaction(conn);
+ status = CKYApplet_SelectCardManager(conn, &apduRC);
+ if (status != CKYSUCCESS) {
+ goto done;
+ }
+
status = CKYApplet_GetCUID(conn, &cuid, &apduRC);
if (status != CKYSUCCESS) {
goto done;
@@ -764,7 +769,6 @@ HRESULT CoolKeyGetCPLCDataDirectly(CKYAp
}
CKYCardConnection_BeginTransaction(conn);
- unsigned long state;
status = CKYApplet_SelectCardManager(conn, &apduRC);
if (status != CKYSUCCESS) {
diff -up ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix7 ./esc/src/lib/coolkey/CoolKeyHandler.cpp
--- ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix7 2020-05-30 18:56:56.511649792 -0700
+++ ./esc/src/lib/coolkey/CoolKeyHandler.cpp 2020-05-30 19:06:21.955279145 -0700
@@ -2157,11 +2157,22 @@ copySerialNumber(char *dest, const char
// it will probably have Dashes and store in lower case some time in the
// future.
//
-static HRESULT
+static HRESULT
getCUIDFromTokenInfo(CK_TOKEN_INFO *tokenInfo, char *tokenSerialNumber)
{
+ const int minCUIDLen = 18;
+
char *cp = tokenSerialNumber;
+ if( tokenSerialNumber == NULL) {
+ return E_FAIL;
+ }
+
+ if(tokenInfo == NULL) {
+ *cp = 0;
+ return E_FAIL;
+ }
+
if (isxdigit(tokenInfo->manufacturerID[0]) &&
isxdigit(tokenInfo->manufacturerID[1]) &&
isxdigit(tokenInfo->manufacturerID[2]) &&
@@ -2181,6 +2192,10 @@ getCUIDFromTokenInfo(CK_TOKEN_INFO *toke
}
*cp=0;
+ if( strlen(tokenSerialNumber) < minCUIDLen) {
+ return E_FAIL;
+ }
+
return S_OK;
}
@@ -2207,7 +2222,7 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co
CK_TOKEN_INFO tokenInfo;
CoolKeyInfo *info = NULL;
SECStatus status;
- HRESULT hres,atrRes,cuidRes,cycleRes;
+ HRESULT hres,atrRes,cycleRes,cuidRes;
char *readerName = PK11_GetSlotName(aSlot);
@@ -2327,22 +2342,16 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co
goto failed;
}
- hres = getCUIDFromTokenInfo(&tokenInfo, info->mCUID);
- /* shouldn't the be != S_SUCCESS? */
- if (hres == E_FAIL) {
- goto failed;
- }
-
+ cuidRes = getCUIDFromTokenInfo(&tokenInfo, info->mCUID);
//Check for blank cuid and put something there
- if(isACOOLKey && strlen(info->mCUID) == 0 )
- {
+ if(isACOOLKey && cuidRes == E_FAIL) {
//Let's try to get the cuid directly from the token.
cuidRes = CoolKeyGetCUIDDirectly(cuidChar, 100, readerName);
if(cuidRes != S_OK) {
- strcpy(info->mCUID, "blank-token");
+ strcpy(info->mCUID, "unknown");
} else {
strcpy(info->mCUID, cuidChar);
}

60
SOURCES/esc-1.1.2-fix8.patch Normal file
View File

@ -0,0 +1,60 @@
diff -up ./esc/src/app/opensc.esc.conf.fix8 ./esc/src/app/opensc.esc.conf
--- ./esc/src/app/opensc.esc.conf.fix8 2020-08-07 16:17:37.464650003 -0700
+++ ./esc/src/app/opensc.esc.conf 2020-08-07 16:20:21.861957011 -0700
@@ -89,12 +89,12 @@ app default {
}
reader_driver openct {
};
- card_drivers = coolkey, cac,cac1, piv, default;
+ card_drivers = coolkey, cac,cac1, PIV-II, default;
secure_messaging local_authentic {
module_path = /usr/lib64;
}
framework pkcs15 {
- builtin_emulators = coolkey, cac, cac1, piv;
+ builtin_emulators = coolkey, cac, cac1, PIV-II;
}
}
app opensc-pkcs11 {
diff -up ./esc/src/lib/coolkey/CoolKey.cpp.fix8 ./esc/src/lib/coolkey/CoolKey.cpp
--- ./esc/src/lib/coolkey/CoolKey.cpp.fix8 2020-08-07 12:05:35.982966019 -0700
+++ ./esc/src/lib/coolkey/CoolKey.cpp 2020-08-07 16:08:16.747602873 -0700
@@ -593,6 +593,7 @@ char *CoolKeyGetFullReaderName(const cha
} else {
fullReaderName = strdup(thisReader);
PR_LOG( coolKeyLog, PR_LOG_DEBUG, ("%s CoolKeyGetFullReaderName correct full name: %s \n",fullReaderName,GetTStamp(tBuff,56)));
+ break;
}
}
diff -up ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix8 ./esc/src/lib/coolkey/CoolKeyHandler.cpp
--- ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix8 2020-08-07 12:05:44.394982245 -0700
+++ ./esc/src/lib/coolkey/CoolKeyHandler.cpp 2020-08-07 16:10:35.504862004 -0700
@@ -2225,8 +2225,17 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co
HRESULT hres,atrRes,cycleRes,cuidRes;
char *readerName = PK11_GetSlotName(aSlot);
+ int readerNameLen = strlen(readerName);
- char *actualReaderName = CoolKeyGetFullReaderName(readerName);
+ //Since there is no local support to get a reader name by slot,
+ //Will simply do a partial substring compare, using less characters
+ //to avoid any hard coded trailing chars.
+
+ char partialReaderName[60];
+ memset(partialReaderName, 0, 60);
+
+ strncpy(partialReaderName,readerName, 59);
+ char *actualReaderName = CoolKeyGetFullReaderName(partialReaderName);
memset((void *) &tokenInfo,0,sizeof(tokenInfo));
ATR.data = NULL; // initialize for error processing
@@ -2348,7 +2357,7 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co
if(isACOOLKey && cuidRes == E_FAIL) {
//Let's try to get the cuid directly from the token.
- cuidRes = CoolKeyGetCUIDDirectly(cuidChar, 100, readerName);
+ cuidRes = CoolKeyGetCUIDDirectly(cuidChar, 100, actualReaderName);
if(cuidRes != S_OK) {
strcpy(info->mCUID, "unknown");

41
SOURCES/esc-1.1.2-fix9.patch Normal file
View File

@ -0,0 +1,41 @@
diff -up ./esc/src/app/esc.js.fix9 ./esc/src/app/esc.js
--- ./esc/src/app/esc.js.fix9 2020-08-12 11:15:29.423093856 -0700
+++ ./esc/src/app/esc.js 2020-08-12 11:43:47.646556310 -0700
@@ -271,7 +271,6 @@ class ESC {
if(!insertedToken && !doReset) {
return;
}
-
if(doReset) {
this._operationsGrid.remove(this._phoneHomeButton);
this._operationsGrid.remove(this._enrollButton);
@@ -297,6 +296,12 @@ class ESC {
}
this._operationsGrid.show_all();
+ } else {
+ if(insertedToken.status == 4) {
+ this._operationsGrid.add(this._certDetailButton);
+ this._operationsGrid.show_all();
+
+ }
}
}
diff -up ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix9 ./esc/src/lib/coolkey/CoolKeyHandler.cpp
--- ./esc/src/lib/coolkey/CoolKeyHandler.cpp.fix9 2020-08-12 10:59:24.844704399 -0700
+++ ./esc/src/lib/coolkey/CoolKeyHandler.cpp 2020-08-12 11:11:05.480713407 -0700
@@ -2329,11 +2329,11 @@ CKHGetCoolKeyInfo(PK11SlotInfo *aSlot,Co
}
//Massage the tokenInfo so it adhered to when coolkey was doing it.
- if(hasApplet) {
+ if(hasApplet == 1 || isACAC == 1 || isAPIV == 1) {
tokenInfo.firmwareVersion.major = 1;
}
- if(isPersonalized) {
+ if(isPersonalized == 1 || isACAC == 1 || isAPIV == 1) {
tokenInfo.flags |= CKF_TOKEN_INITIALIZED;
}

35
SPECS/esc.spec
View File

@ -1,6 +1,6 @@
Name: esc
Version: 1.1.2
Release: 11%{?dist}
Release: 24%{?dist}
Summary: Enterprise Security Client Smart Card Client
License: GPL+
URL: http://directory.fedora.redhat.com/wiki/CoolKey
@ -13,6 +13,11 @@ Patch3: esc-1.1.2-fix3.patch
Patch4: esc-1.1.2-fix4.patch
Patch5: esc-1.1.2-fix5.patch
Patch6: esc-1.1.2-fix6.patch
Patch7: esc-1.1.2-fix7.patch
Patch8: esc-1.1.2-fix8.patch
Patch9: esc-1.1.2-fix9.patch
Patch10: esc-1.1.2-fix10.patch
Patch11: esc-1.1.2-fix11.patch
#BuildRequires: doxygen fontconfig-devel
@ -32,7 +37,9 @@ BuildRequires: gtk3-devel
BuildRequires: gjs-devel
Requires: pcsc-lite nss nspr
Requires: pcsc-lite >= 1.8.23-4.1
Requires: pcsc-lite-ccid >= 1.4.29-5.1
Requires: nss nspr
Requires: dbus
Requires: opensc
Requires: gjs
@ -77,6 +84,11 @@ cryptographic smartcards.
%patch4 -p1 -b .fix4
%patch5 -p1 -b .fix5
%patch6 -p1 -b .fix6
%patch7 -p1 -b .fix7
%patch8 -p1 -b .fix8
%patch9 -p1 -b .fix9
%patch10 -p1 -b .fix10
%patch11 -p1 -b .fix11
%build
@ -145,6 +157,25 @@ cp %{escname}/esc/LICENSE $RPM_BUILD_ROOT/%{docdir}
%{_datadir}/%{appdir}/esc.desktop
%changelog
* Fri Jun 24 2022 Jack Magne <jmagne@redhat.com> - 1.1.2-24
- Resolves: rhbz#1905691 - Volkswagen Siemens CardOS M4.4 and 5.0 cards display incorrect status in ESC.
* Fri Jul 02 2021 Jack Magne <jmagne@redhat.com> - 1.1.2-23
- Resolves: rhbz#1970565 - Create explicit pcsc-lite requrement to assure recent pcsc-lite fix [rhel-8.4.0.z], bump release # respin.
- Adjust final pcsc-lite package requirement.
* Fri Jun 25 2021 Jack Magne <jmagne@redhat.com> - 1.1.2-21
- Resolves: rhbz#1970565 - Create explicit pcsc-lite requrement to assure recent pcsc-lite fix [rhel-8.4.0.z], bump release # respin.
* Thu Jun 24 2021 Jack Magne <jmagne@redhat.com> - 1.1.2-20
- Resolves: rhbz#1970565 - Create explicit pcsc-lite requrement to assure recent pcsc-lite fix [rhel-8.4.0.z]
* Mon Nov 23 2020 Jack Magne <jmagne@redhat.com> - 1.1.2-15
- Resolves: rhbz#1870715 - HP Keyboard does not list the certificates on an enrolled smart card.
* Fri Aug 07 2020 Jack Magne <jmagne@redhat.com> - 1.1.2-14
- Resolves: rhbz#1848629 - Smartcard is not detected by esc. Ammendment to bug fix.
* Fri Aug 07 2020 Jack Magne <jmagne@redhat.com> - 1.1.2-13
- Resolves: rhbz#1848629 - Smartcard is not detected by esc
* Sat May 30 2020 Jack Magne <jmagne@redhat.com> - 1.1.2-12
- Resolves: rhbz#1646486 - alt tokens not detected by ESC
- Resolves: rhbz#1774750 - ESC's unusual behavior after formatting a blank Gemalto token
- Resolves: rhbz#1774770 - After formatting a Gemalto/SCP03 token, ESC shows incorrect Issuer, Issued To, Status, and Token ID details
* Wed Nov 13 2019 Jack Magne <jmagne@redhat.com> - 1.1.2-11
- Resolves: rhbz#1724787 - ESC - HTTP GET Requests incorrectly Being Sent To TPS for Token Operations [8.2]
- Resolves: rhbz#1734117 - ESC does not detect/recognize both clean and formatted (with phone home) smart cards