How to use pkcs15.profile option in the card profile?

classic Classic list List threaded Threaded
10 messages Options
Reply | Threaded
Open this post in threaded view
|

How to use pkcs15.profile option in the card profile?

Tarasov Viktor
Hello,

How can I use the pkcs15.profile option in the card profile?
What is the syntax, please?

Kind wishes,
Viktor.

_______________________________________________
opensc-devel mailing list
[hidden email]
http://www.opensc.org/cgi-bin/mailman/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: How to use pkcs15.profile option in the card profile?

Stef Hoeben
Hi,

Tarasov Viktor wrote:

>Hello,
>
>How can I use the pkcs15.profile option in the card profile?
>What is the syntax, please?
>
If you have a card with data on it, you should erase it first with
"pkcs15-init -E"

Then you can do
    pkcs15-init -C -p pkcs15+small      (for the "small" profile option)
or
    pkcs15-init -C -p pkcs15+onepin     (for the "onepin" profile option)

Note: pkcs15-init -E -C doesn't work when changing profile options.

(See also: http://www.opensc.org/files/doc/init_perso_guide.html)

Good luck,
Stef

_______________________________________________
opensc-devel mailing list
[hidden email]
http://www.opensc.org/cgi-bin/mailman/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: How to use pkcs15.profile option in the card profile?

Tarasov Viktor
Stef Hoeben wrote:

> Hi,
>
> Tarasov Viktor wrote:
>
>> Hello,
>>
>> How can I use the pkcs15.profile option in the card profile?
>> What is the syntax, please?
>>
> If you have a card with data on it, you should erase it first with
> "pkcs15-init -E"
>
> Then you can do
>    pkcs15-init -C -p pkcs15+small      (for the "small" profile option)
> or
>    pkcs15-init -C -p pkcs15+onepin     (for the "onepin" profile option)
>
> Note: pkcs15-init -E -C doesn't work when changing profile options.
>
> (See also: http://www.opensc.org/files/doc/init_perso_guide.html)

Thank you.

Does there any possibility to use this option inside the card profile,
and so, to use non-modified pkcs15.profile.
(For example when modifying card structure with Mozilla+pkcs11.)

I mean something like this in the oberthur.profile:
cardinfo {
......
card-option = oberthur;
}

Best regards,
Viktor.

>
> Good luck,
> Stef
>
>
>

_______________________________________________
opensc-devel mailing list
[hidden email]
http://www.opensc.org/cgi-bin/mailman/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: How to use pkcs15.profile option in the card profile?

Stef Hoeben
Tarasov Viktor wrote:

>Stef Hoeben wrote:
>
>  
>
>>Hi,
>>
>>Tarasov Viktor wrote:
>>
>>    
>>
>>>Hello,
>>>
>>>How can I use the pkcs15.profile option in the card profile?
>>>What is the syntax, please?
>>>
>>>      
>>>
>>If you have a card with data on it, you should erase it first with
>>"pkcs15-init -E"
>>
>>Then you can do
>>   pkcs15-init -C -p pkcs15+small      (for the "small" profile option)
>>or
>>   pkcs15-init -C -p pkcs15+onepin     (for the "onepin" profile option)
>>
>>Note: pkcs15-init -E -C doesn't work when changing profile options.
>>
>>(See also: http://www.opensc.org/files/doc/init_perso_guide.html)
>>    
>>
>
>Thank you.
>
>Does there any possibility to use this option inside the card profile,
>and so, to use non-modified pkcs15.profile.
>(For example when modifying card structure with Mozilla+pkcs11.)
>
>I mean something like this in the oberthur.profile:
>cardinfo {
>......
>card-option = oberthur;
>}
>  
>
Guess not.

However, it shouldn't be necessary: if you do "pkcs15-init -C -p
pkcs15+oberthur ..." then
the "oberthur" profile option should be written on the card (in file
3F00\5015\4946); and the
next time you do pkcs15-init-bind(), the "oberthur" profile option will
be taken automatically.
(If not, let us know, then there's a bug.)

Cheers,
Stef

_______________________________________________
opensc-devel mailing list
[hidden email]
http://www.opensc.org/cgi-bin/mailman/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: How to use pkcs15.profile option in the card profile?

Tarasov Viktor
Stef Hoeben wrote:

> Tarasov Viktor wrote:
>
>> Stef Hoeben wrote:
>>
>>  
>>
>>> Hi,
>>>
>>> Tarasov Viktor wrote:
>>>
>>>  
>>>
>>>> Hello,
>>>>
>>>> How can I use the pkcs15.profile option in the card profile?
>>>> What is the syntax, please?
>>>>
>>>>    
>>>
>>> If you have a card with data on it, you should erase it first with
>>> "pkcs15-init -E"
>>>
>>> Then you can do
>>>   pkcs15-init -C -p pkcs15+small      (for the "small" profile option)
>>> or
>>>   pkcs15-init -C -p pkcs15+onepin     (for the "onepin" profile option)
>>>
>>> Note: pkcs15-init -E -C doesn't work when changing profile options.
>>>
>>> (See also: http://www.opensc.org/files/doc/init_perso_guide.html)
>>>  
>>
>>
>> Thank you.
>>
>> Does there any possibility to use this option inside the card profile,
>> and so, to use non-modified pkcs15.profile.
>> (For example when modifying card structure with Mozilla+pkcs11.)
>>
>> I mean something like this in the oberthur.profile:
>> cardinfo {
>> ......
>> card-option = oberthur;
>> }
>>  
>>
> Guess not.
>
> However, it shouldn't be necessary: if you do "pkcs15-init -C -p
> pkcs15+oberthur ..." then
> the "oberthur" profile option should be written on the card (in file
> 3F00\5015\4946); and the
> next time you do pkcs15-init-bind(), the "oberthur" profile option
> will be taken automatically.
> (If not, let us know, then there's a bug.)

No I see.
Thank you,
Viktor.

>
> Cheers,
> Stef
>
>
>

_______________________________________________
opensc-devel mailing list
[hidden email]
http://www.opensc.org/cgi-bin/mailman/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: How to use pkcs15.profile option in the card profile?

Tarasov Viktor
In reply to this post by Stef Hoeben
Stef Hoeben wrote:

> Tarasov Viktor wrote:
>
>> Stef Hoeben wrote:
>>
>>  
>>
>>> Hi,
>>>
>>> Tarasov Viktor wrote:
>>>
>>>  
>>>
>>>> Hello,
>>>>
>>>> How can I use the pkcs15.profile option in the card profile?
>>>> What is the syntax, please?
>>>>
>>>>    
>>>
>>> If you have a card with data on it, you should erase it first with
>>> "pkcs15-init -E"
>>>
>>> Then you can do
>>>   pkcs15-init -C -p pkcs15+small      (for the "small" profile option)
>>> or
>>>   pkcs15-init -C -p pkcs15+onepin     (for the "onepin" profile option)
>>>
>>> Note: pkcs15-init -E -C doesn't work when changing profile options.
>>>
>>> (See also: http://www.opensc.org/files/doc/init_perso_guide.html)
>>>  
>>
>>
>> Thank you.
>>
>> Does there any possibility to use this option inside the card profile,
>> and so, to use non-modified pkcs15.profile.
>> (For example when modifying card structure with Mozilla+pkcs11.)
>>
>> I mean something like this in the oberthur.profile:
>> cardinfo {
>> ......
>> card-option = oberthur;
>> }
>>  
>>
> Guess not.
>
> However, it shouldn't be necessary: if you do "pkcs15-init -C -p
> pkcs15+oberthur ..." then
> the "oberthur" profile option should be written on the card (in file
> 3F00\5015\4946); and the
> next time you do pkcs15-init-bind(), the "oberthur" profile option
> will be taken automatically.
> (If not, let us know, then there's a bug.)

Humble question,
why not to continue in this direction and put the complete profile into
this file?

What is the size (available for the application) of the cards that you
are generally using?
The cards 8k, 16k, are they still in use?

Kind wishes,
Viktor.

>
> Cheers,
> Stef
>
>
>

_______________________________________________
opensc-devel mailing list
[hidden email]
http://www.opensc.org/cgi-bin/mailman/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: How to use pkcs15.profile option in the card profile?

Stef Hoeben
Hi

>>However, it shouldn't be necessary: if you do "pkcs15-init -C -p
>>pkcs15+oberthur ..." then
>>the "oberthur" profile option should be written on the card (in file
>>3F00\5015\4946); and the
>>next time you do pkcs15-init-bind(), the "oberthur" profile option
>>will be taken automatically.
>>(If not, let us know, then there's a bug.)
>>    
>>
>
>Humble question,
>why not to continue in this direction and put the complete profile into
>this file?
>
Hm, good idea (I've been thinking about it too:-)

(For example by ASN.1-encoding the info in the pkcs15.profile and
xxx.profile or so;
that should be pretty compact and there's an ASN.1 parse in OpenSC.)

However, we should remain compatible with the current way, IMHO. So if
the profile
isn't on the card, the pkcs15init should look for them at the hard disk.

Cheers,
Stef

_______________________________________________
opensc-devel mailing list
[hidden email]
http://www.opensc.org/cgi-bin/mailman/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: How to use pkcs15.profile option in the card profile?

Tarasov Viktor
Stef Hoeben wrote:

> Hi
>
>>> However, it shouldn't be necessary: if you do "pkcs15-init -C -p
>>> pkcs15+oberthur ..." then
>>> the "oberthur" profile option should be written on the card (in file
>>> 3F00\5015\4946); and the
>>> next time you do pkcs15-init-bind(), the "oberthur" profile option
>>> will be taken automatically.
>>> (If not, let us know, then there's a bug.)
>>>  
>>
>>
>> Humble question,
>> why not to continue in this direction and put the complete profile into
>> this file?
>>
> Hm, good idea (I've been thinking about it too:-)
>
> (For example by ASN.1-encoding the info in the pkcs15.profile and
> xxx.profile or so;
> that should be pretty compact and there's an ASN.1 parse in OpenSC.)
>
> However, we should remain compatible with the current way, IMHO. So if
> the profile
> isn't on the card, the pkcs15init should look for them at the hard disk.

I've prepared this update for my 'working horse' version.
(It's controlled with new 'card-info' option of the card profile.)
If you consider that it will be usefull for the comunity, I will post
the patch.

Regards,
Viktor.

>
> Cheers,
> Stef
>

_______________________________________________
opensc-devel mailing list
[hidden email]
http://www.opensc.org/cgi-bin/mailman/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: How to use pkcs15.profile option in the card profile?

Stef Hoeben
Tarasov Viktor wrote:

>Stef Hoeben wrote:
>
>  
>
>>Hi
>>
>>    
>>
>>>>However, it shouldn't be necessary: if you do "pkcs15-init -C -p
>>>>pkcs15+oberthur ..." then
>>>>the "oberthur" profile option should be written on the card (in file
>>>>3F00\5015\4946); and the
>>>>next time you do pkcs15-init-bind(), the "oberthur" profile option
>>>>will be taken automatically.
>>>>(If not, let us know, then there's a bug.)
>>>>  
>>>>        
>>>>
>>>Humble question,
>>>why not to continue in this direction and put the complete profile into
>>>this file?
>>>
>>>      
>>>
>>Hm, good idea (I've been thinking about it too:-)
>>
>>(For example by ASN.1-encoding the info in the pkcs15.profile and
>>xxx.profile or so;
>>that should be pretty compact and there's an ASN.1 parse in OpenSC.)
>>
>>However, we should remain compatible with the current way, IMHO. So if
>>the profile
>>isn't on the card, the pkcs15init should look for them at the hard disk.
>>    
>>
>
>I've prepared this update for my 'working horse' version.
>(It's controlled with new 'card-info' option of the card profile.)
>If you consider that it will be usefull for the comunity, I will post
>the patch.
>
Yes, guess it has indeed some advantages to have the profile in the card
instead of the hard disk.

Cheers,
Stef

_______________________________________________
opensc-devel mailing list
[hidden email]
http://www.opensc.org/cgi-bin/mailman/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: How to use pkcs15.profile option in the card profile?

Tarasov Viktor
Stef Hoeben wrote:

> Tarasov Viktor wrote:
>
>> Stef Hoeben wrote:
>>
>>  
>>
>>> Hi
>>>
>>>  
>>>
>>>>> However, it shouldn't be necessary: if you do "pkcs15-init -C -p
>>>>> pkcs15+oberthur ..." then
>>>>> the "oberthur" profile option should be written on the card (in file
>>>>> 3F00\5015\4946); and the
>>>>> next time you do pkcs15-init-bind(), the "oberthur" profile option
>>>>> will be taken automatically.
>>>>> (If not, let us know, then there's a bug.)
>>>>>  
>>>>>      
>>>>
>>>> Humble question,
>>>> why not to continue in this direction and put the complete profile
>>>> into
>>>> this file?
>>>>
>>>>    
>>>
>>> Hm, good idea (I've been thinking about it too:-)
>>>
>>> (For example by ASN.1-encoding the info in the pkcs15.profile and
>>> xxx.profile or so;
>>> that should be pretty compact and there's an ASN.1 parse in OpenSC.)
>>>
>>> However, we should remain compatible with the current way, IMHO. So if
>>> the profile
>>> isn't on the card, the pkcs15init should look for them at the hard
>>> disk.
>>>  
>>
>>
>> I've prepared this update for my 'working horse' version.
>> (It's controlled with new 'card-info' option of the card profile.)
>> If you consider that it will be usefull for the comunity, I will post
>> the patch.
>>
> Yes, guess it has indeed some advantages to have the profile in the
> card instead of the hard disk.
Here it is.
Feature is activated with 'load-profile' option from 'card-info' section
of card profile.
Profiles are encoded into 2-level ASN1 structure and saved in the
separate EF.
Before encoding, profile texts are slightly stripped to 55% of original
size.

Kind wishes,
Viktor.

>
> Cheers,
> Stef
>
>
>


diff -Naur -X ./exclude.txt /home/vtarasov/cvs/opensc.trunk.orig/src/pkcs15init/oberthur.profile /home/vtarasov/cvs/opensc.trunk/src/pkcs15init/oberthur.profile
--- /home/vtarasov/cvs/opensc.trunk.orig/src/pkcs15init/oberthur.profile 2005-08-29 10:46:35.000000000 +0200
+++ /home/vtarasov/cvs/opensc.trunk/src/pkcs15init/oberthur.profile 2005-08-29 11:30:34.000000000 +0200
@@ -14,6 +14,8 @@
  # corresponding certificate.
  keep-public-key = no;   # yes/no
 
+ # Enable on-card save of the pkcs15 and card profiles
+ load-profile    = yes;
 }
 
 # Define reasonable limits for PINs and PUK
diff -Naur -X ./exclude.txt /home/vtarasov/cvs/opensc.trunk.orig/src/pkcs15init/pkcs15-lib.c /home/vtarasov/cvs/opensc.trunk/src/pkcs15init/pkcs15-lib.c
--- /home/vtarasov/cvs/opensc.trunk.orig/src/pkcs15init/pkcs15-lib.c 2005-08-29 10:46:35.000000000 +0200
+++ /home/vtarasov/cvs/opensc.trunk/src/pkcs15init/pkcs15-lib.c 2005-08-29 11:39:07.000000000 +0200
@@ -61,12 +61,18 @@
 #include <opensc/cardctl.h>
 #include <opensc/log.h>
 #include <opensc/scdl.h>
+#include <opensc/asn1.h>
 
 #define OPENSC_INFO_FILEPATH "3F0050154946"
 #define OPENSC_INFO_FILEID 0x4946
 #define OPENSC_INFO_TAG_PROFILE 0x01
 #define OPENSC_INFO_TAG_OPTION 0x02
 
+#define OPENSC_PROFILE_FILEPATH "3F0050154947"
+#define OPENSC_PROFILE_FILEID 0x4947
+#define OPENSC_PROFILE_TAG_PKCS15 0x01
+#define OPENSC_PROFILE_TAG_CARD 0x02
+
 /* Default ID for new key/pin */
 #define DEFAULT_ID 0x45
 #define DEFAULT_PIN_FLAGS 0x03
@@ -134,6 +140,9 @@
 static int sc_pkcs15init_parse_info(sc_card_t *, const u8 *, size_t, sc_profile_t *);
 static int sc_pkcs15init_write_info(sc_card_t *card, sc_profile_t *,
  sc_pkcs15_object_t *pin_obj);
+static int sc_pkcs15init_read_profile(sc_card_t *card, sc_profile_t *profile);
+static int sc_pkcs15init_write_profile(sc_card_t *card, sc_profile_t *,
+ sc_pkcs15_object_t *pin_obj);
 
 static struct profile_operations {
  const char *name;
@@ -326,6 +335,24 @@
  return r;
  }
 
+
+ if ((r = sc_pkcs15init_read_profile(card, profile)) < 0) {
+ sc_profile_free(profile);
+ return r;
+ }
+
+ /* Use on-card profiles only if card contains both of them.
+ */
+ if (!profile->pkcs15_profile || !profile->card_profile)   {
+ if (profile->pkcs15_profile)
+ free(profile->pkcs15_profile);
+ profile->pkcs15_profile = NULL;
+
+ if (profile->card_profile)
+ free(profile->card_profile);
+ profile->card_profile = NULL;
+ }
+
  /* Check the config file for a profile name.
  * If none is defined, use the default profile name.
  */
@@ -336,8 +363,8 @@
  card_profile[sizeof(card_profile) - 1] = '\0';
  }
 
- if ((r = sc_profile_load(profile, profile->name)) < 0
- || (r = sc_profile_load(profile, card_profile)) < 0
+ if ((r = sc_profile_load(profile, profile->name, &profile->pkcs15_profile)) < 0
+ || (r = sc_profile_load(profile, card_profile, &profile->card_profile)) < 0
  || (r = sc_profile_finish(profile)) < 0) {
  sc_error(card->ctx, "Failed to load profile: %s\n", sc_strerror(r));
  sc_profile_free(profile);
@@ -744,6 +771,9 @@
 
  card->ctx->suppress_errors++;
  sc_pkcs15init_write_info(card, profile, pin_obj);
+
+ if (profile->load_profile)
+ sc_pkcs15init_write_profile(card, profile, pin_obj);
  card->ctx->suppress_errors--;
  return r;
 }
@@ -3379,3 +3409,109 @@
  sc_file_free(file);
  return r;
 }
+
+int
+sc_pkcs15init_write_profile(sc_card_t *card, sc_profile_t *profile,
+        sc_pkcs15_object_t *pin_obj)
+{
+    sc_file_t   *file = NULL;
+    sc_file_t   *df = profile->df_info->file;
+    unsigned int    method;
+    unsigned long   key_ref;
+    int     n, r;
+    size_t profile_len, card_profile_len;
+    unsigned char *buf = NULL;
+    size_t bufsize = 0;
+    struct sc_asn1_entry c_attr[2] = {
+        {"profiles", SC_ASN1_STRUCT, ASN1_SEQUENCE | SC_ASN1_CONS, 0, NULL, NULL},
+        {NULL, 0, 0, 0, NULL, NULL}
+    };
+    struct sc_asn1_entry c_profiles[3] = {
+        {"pkcs15_profile", SC_ASN1_UTF8STRING, ASN1_UTF8STRING, SC_ASN1_ALLOC, NULL, NULL},
+        {"card_profile", SC_ASN1_UTF8STRING, ASN1_UTF8STRING, SC_ASN1_ALLOC, NULL, NULL},
+        {NULL, 0, 0, 0, NULL, NULL}
+    };
+
+    if (!profile->pkcs15_profile || !profile->card_profile)
+        return 0;
+
+    file = sc_file_new();
+    file->path.type = SC_PATH_TYPE_PATH;
+    memcpy(file->path.value, df->path.value, df->path.len);
+    file->path.len = df->path.len;
+    sc_append_file_id(&file->path, OPENSC_PROFILE_FILEID);
+    file->type = SC_FILE_TYPE_WORKING_EF;
+    file->ef_structure = SC_FILE_EF_TRANSPARENT;
+    file->id = OPENSC_PROFILE_FILEID;
+
+    if (pin_obj != NULL) {
+        method = SC_AC_CHV;
+        key_ref = ((sc_pkcs15_pin_info_t *) pin_obj->data)->reference;
+    }
+    else {
+        method = SC_AC_NONE; /* Unprotected */
+        key_ref = 0;
+    }
+    for (n = 0; n < SC_MAX_AC_OPS; n++) {
+        if (n == SC_AC_OP_READ)
+            sc_file_add_acl_entry(file, n, SC_AC_NONE, 0);
+        else
+            sc_file_add_acl_entry(file, n, method, key_ref);
+    }
+
+    profile_len = strlen(profile->pkcs15_profile);
+    card_profile_len = strlen(profile->card_profile);
+
+    sc_format_asn1_entry(c_profiles + 0, profile->pkcs15_profile, &profile_len, 1);
+    sc_format_asn1_entry(c_profiles + 1, profile->card_profile, &card_profile_len, 1);
+    sc_format_asn1_entry(c_attr + 0, c_profiles, NULL, 1);
+    r = sc_asn1_encode(card->ctx, c_attr, &buf, &bufsize);
+    if (!r) {
+        file->size = bufsize;
+        r = sc_pkcs15init_update_file(profile, card, file, buf, bufsize);
+    }
+
+    sc_file_free(file);
+    return r;
+}
+
+static int
+sc_pkcs15init_read_profile(sc_card_t *card, sc_profile_t *profile)
+{
+    struct sc_file  *file = NULL;
+    struct sc_path path;
+    int     r;
+    size_t profile_len = 0, card_profile_len = 0;
+    unsigned char *buf = NULL;
+    struct sc_asn1_entry c_attr[2] = {
+        {"profiles", SC_ASN1_STRUCT, ASN1_SEQUENCE | SC_ASN1_CONS, 0, NULL, NULL},
+        {NULL, 0, 0, 0, NULL, NULL}
+    };
+    struct sc_asn1_entry c_profiles[3] = {
+        {"pkcs15_profile", SC_ASN1_UTF8STRING, ASN1_UTF8STRING, SC_ASN1_ALLOC, NULL, NULL},
+        {"card_profile", SC_ASN1_UTF8STRING, ASN1_UTF8STRING, SC_ASN1_ALLOC, NULL, NULL},
+        {NULL, 0, 0, 0, NULL, NULL}
+    };
+
+    sc_format_path(OPENSC_PROFILE_FILEPATH, &path);
+    r = sc_select_file(card, &path, &file);
+    if (r == SC_ERROR_FILE_NOT_FOUND)
+        return 0;
+    else if (r)
+        return r;
+    buf = malloc(file->size);
+    if (!buf)
+        return SC_ERROR_MEMORY_FAILURE;
+    r = sc_read_binary(card, 0, buf, file->size, 0);
+    if (r != file->size)   {
+        return SC_ERROR_INTERNAL;
+    }
+
+    sc_format_asn1_entry(c_profiles + 0, &profile->pkcs15_profile, &profile_len, 1);
+    sc_format_asn1_entry(c_profiles + 1, &profile->card_profile, &card_profile_len, 1);
+    sc_format_asn1_entry(c_attr + 0, c_profiles, NULL, 1);
+    r = sc_asn1_decode(card->ctx, c_attr, buf, file->size, NULL, NULL);
+
+    sc_file_free(file);
+    return r;
+}
diff -Naur -X ./exclude.txt /home/vtarasov/cvs/opensc.trunk.orig/src/pkcs15init/profile.c /home/vtarasov/cvs/opensc.trunk/src/pkcs15init/profile.c
--- /home/vtarasov/cvs/opensc.trunk.orig/src/pkcs15init/profile.c 2005-08-29 10:46:35.000000000 +0200
+++ /home/vtarasov/cvs/opensc.trunk/src/pkcs15init/profile.c 2005-08-29 11:44:23.000000000 +0200
@@ -29,6 +29,7 @@
 #include <stdarg.h>
 #include <string.h>
 #include <limits.h>
+#include <errno.h>
 #ifdef HAVE_STRINGS_H
 #include <strings.h>
 #endif
@@ -223,6 +224,11 @@
  struct pin_info *);
 static void new_macro(sc_profile_t *, const char *, scconf_list *);
 static sc_macro_t * find_macro(sc_profile_t *, const char *);
+static int sc_profile_read_to_string(struct sc_profile *profile,
+ const char *filename, char **buffer);
+static int sc_profile_load_from_memory(struct sc_profile *profile,
+ char *buffer);
+static void sc_strip_profile(char *);
 
 static sc_file_t *
 init_file(unsigned int type)
@@ -281,13 +287,16 @@
 }
 
 int
-sc_profile_load(struct sc_profile *profile, const char *filename)
+sc_profile_load(struct sc_profile *profile, const char *filename, char **buffer)
 {
  struct sc_context *ctx = profile->card->ctx;
  scconf_context *conf;
  const char *profile_dir = NULL;
- char path[PATH_MAX];
- int             res = 0, i;
+ char path[PATH_MAX];
+ int res = 0, i;
+
+ if (buffer && *buffer)
+ return sc_profile_load_from_memory(profile, *buffer);
 
  for (i = 0; ctx->conf_blocks[i]; i++) {
  profile_dir = scconf_get_str(ctx->conf_blocks[i], "profile_dir", NULL);
@@ -330,6 +339,72 @@
 
  res = process_conf(profile, conf);
  scconf_free(conf);
+
+ if (buffer)
+ res = sc_profile_read_to_string(profile, path, buffer);
+
+ return res;
+}
+
+static int
+sc_profile_read_to_string(struct sc_profile *profile, const char *filename,
+ char **buffer)
+{
+ FILE *fp;
+ size_t len;
+ int r;
+
+ if (!buffer)
+ return SC_ERROR_INVALID_ARGUMENTS;
+
+ fp = fopen(filename, "r");
+ if (!fp)   {
+ sc_error(profile->card->ctx,"Cannot open file '%s': %s\n",
+ filename, strerror(errno));
+ return SC_ERROR_FILE_NOT_FOUND;
+ }
+
+ fseek(fp, 0, SEEK_END);
+ len = ftell(fp);
+ fseek(fp, 0, SEEK_SET);
+
+ *buffer = calloc(1, len+1);
+ if (*buffer == NULL)
+ return SC_ERROR_MEMORY_FAILURE;
+
+ r = fread(*buffer, len, 1, fp);
+ if (r != 1)   {
+ sc_error(profile->card->ctx,"Cannot read from '%s'\n", filename);
+ return SC_ERROR_FILE_NOT_FOUND;
+ }
+
+ *(*buffer + len) = '\0';
+
+ sc_strip_profile(*buffer);
+
+ fclose(fp);
+
+ return 0;
+}
+
+static int
+sc_profile_load_from_memory(struct sc_profile *profile, char *buffer)
+{
+ struct sc_context *ctx = profile->card->ctx;
+ scconf_context  *conf;
+ int res = 0;
+
+ conf = scconf_new(NULL);
+ res = scconf_parse_string(conf, buffer);
+ if (res < 0)
+ return SC_ERROR_FILE_NOT_FOUND;
+ else if (res == 0)
+ return SC_ERROR_SYNTAX_ERROR;
+ else if (ctx->debug >= 2)
+ sc_debug(ctx, "profile loaded from memory");
+
+ res = process_conf(profile, conf);
+ scconf_free(conf);
  return res;
 }
 
@@ -415,6 +490,13 @@
 
  if (profile->p15_spec)
  sc_pkcs15_card_free(profile->p15_spec);
+
+ if (profile->pkcs15_profile)
+ free(profile->pkcs15_profile);
+  
+ if (profile->card_profile)
+ free(profile->card_profile);
+
  memset(profile, 0, sizeof(*profile));
  free(profile);
 }
@@ -721,6 +803,12 @@
 }
 
 static int
+do_load_profile(struct state *cur, int argc, char **argv)
+{
+ return get_bool(cur, argv[0], &cur->profile->load_profile);
+}
+
+static int
 do_card_label(struct state *cur, int argc, char **argv)
 {
  struct sc_pkcs15_card *p15card = cur->profile->p15_spec;
@@ -1440,6 +1528,7 @@
  { "label", 1, 1, do_card_label },
  { "manufacturer", 1, 1, do_card_manufacturer},
  { "keep-public-key", 1, 1, do_keep_public_key },
+ { "load-profile", 1,  1,  do_load_profile },
 
  { NULL, 0, 0, NULL }
 };
@@ -2036,3 +2125,71 @@
 
  sc_error(cur->profile->card->ctx, "%s: %s", cur->filename, buffer);
 }
+
+
+static void
+sc_strip_profile(char *in)
+{  
+ char *out;
+ int len, to, ot;
+
+ if (!in)
+ return;
+
+ len = strlen(in);
+ if (!len)
+ return;
+
+ out = malloc(len + 1);
+ if (!out)
+ return;
+
+ for (ot=0; *(in+ot); ot++)
+ if (*(in+ot) == '\r' || *(in+ot) == '\t')
+ *(in+ot) = ' ';
+
+ for (ot=0; *(in+ot); ot++)
+ if (*(in+ot) == '#')   {
+ while (*(in+ot) != '\n' && *(in+ot))
+ *(in+ot++) = ' ';
+ }
+
+ for (to=0, ot=0; ot<len && *(in + ot); )   {
+ switch (*(in+ot))   {
+ case ' ':
+ *(out + to++) = *(in + ot++);
+ while(*(in+ot) == ' ')
+ ot++;
+ break;
+ case '=':
+ case '}':
+ case '{':
+ case ',':
+ case ';':
+ case '\n':
+ *(out + to++) = *(in + ot++);
+ while(isspace(*(in+ot)))
+ ot++;
+ break;
+ case '"':
+ *(out + to++) = *(in + ot++);
+ while(*(in+ot) != '"' && *(in+ot))
+ *(out + to++) = *(in + ot++);
+
+ if (*(in+ot) == 0)  {
+ free(out);
+ return;
+ }
+
+ *(out + to++) = *(in + ot++);
+ break;
+ default:
+ *(out + to++) = *(in + ot++);
+ break;
+ }
+ }
+
+ *(out + to) = '\0';
+ strcpy(in, out);
+ free(out);
+}
diff -Naur -X ./exclude.txt /home/vtarasov/cvs/opensc.trunk.orig/src/pkcs15init/profile.h /home/vtarasov/cvs/opensc.trunk/src/pkcs15init/profile.h
--- /home/vtarasov/cvs/opensc.trunk.orig/src/pkcs15init/profile.h 2005-08-29 10:46:35.000000000 +0200
+++ /home/vtarasov/cvs/opensc.trunk/src/pkcs15init/profile.h 2005-08-29 11:15:37.000000000 +0200
@@ -106,7 +106,7 @@
  unsigned int dsa_access_flags;
  unsigned int protect_certificates;
  unsigned int keep_public_key;
-
+ unsigned int load_profile;
  struct {
  unsigned int direct_certificates;
  unsigned int encode_df_length;
@@ -120,10 +120,13 @@
  * needs to be updated (in other words: if the card content
  * has been changed) */
  int dirty;
+
+ char * card_profile;
+ char * pkcs15_profile;
 };
 
 struct sc_profile *sc_profile_new(void);
-int sc_profile_load(struct sc_profile *, const char *);
+int sc_profile_load(struct sc_profile *, const char *, char **);
 int sc_profile_finish(struct sc_profile *);
 void sc_profile_free(struct sc_profile *);
 int sc_profile_build_pkcs15(struct sc_profile *);

_______________________________________________
opensc-devel mailing list
[hidden email]
http://www.opensc.org/cgi-bin/mailman/listinfo/opensc-devel