18d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/* 28d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * WPA Supplicant / PC/SC smartcard interface for USIM, GSM SIM 304949598a23f501be6eec21697465fd46a28840aDmitry Shmidt * Copyright (c) 2004-2007, 2012, Jouni Malinen <j@w1.fi> 48d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * 5c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt * This software may be distributed under the terms of the BSD license. 6c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt * See README for more details. 78d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * 88d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * This file implements wrapper functions for accessing GSM SIM and 3GPP USIM 98d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * cards through PC/SC smartcard library. These functions are used to implement 108d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * authentication routines for EAP-SIM and EAP-AKA. 118d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt */ 128d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 138d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#include "includes.h" 147f2c753f60025528366b5f19b8b490a47bf5080bDmitry Shmidt#ifdef __APPLE__ 157f2c753f60025528366b5f19b8b490a47bf5080bDmitry Shmidt#include <PCSC/winscard.h> 167f2c753f60025528366b5f19b8b490a47bf5080bDmitry Shmidt#else 178d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#include <winscard.h> 187f2c753f60025528366b5f19b8b490a47bf5080bDmitry Shmidt#endif 198d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 208d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#include "common.h" 218d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#include "pcsc_funcs.h" 228d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 238d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 248d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/* See ETSI GSM 11.11 and ETSI TS 102 221 for details. 258d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * SIM commands: 268d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Command APDU: CLA INS P1 P2 P3 Data 278d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * CLA (class of instruction): A0 for GSM, 00 for USIM 288d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * INS (instruction) 298d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * P1 P2 P3 (parameters, P3 = length of Data) 308d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Response APDU: Data SW1 SW2 318d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * SW1 SW2 (Status words) 328d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Commands (INS P1 P2 P3): 338d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * SELECT: A4 00 00 02 <file_id, 2 bytes> 348d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * GET RESPONSE: C0 00 00 <len> 358d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * RUN GSM ALG: 88 00 00 00 <RAND len = 10> 368d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * RUN UMTS ALG: 88 00 81 <len=0x22> data: 0x10 | RAND | 0x10 | AUTN 378d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * P1 = ID of alg in card 388d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * P2 = ID of secret key 398d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * READ BINARY: B0 <offset high> <offset low> <len> 408d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * READ RECORD: B2 <record number> <mode> <len> 418d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * P2 (mode) = '02' (next record), '03' (previous record), 428d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * '04' (absolute mode) 438d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * VERIFY CHV: 20 00 <CHV number> 08 448d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * CHANGE CHV: 24 00 <CHV number> 10 458d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * DISABLE CHV: 26 00 01 08 468d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * ENABLE CHV: 28 00 01 08 478d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * UNBLOCK CHV: 2C 00 <00=CHV1, 02=CHV2> 10 488d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * SLEEP: FA 00 00 00 498d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt */ 508d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 518d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/* GSM SIM commands */ 528d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define SIM_CMD_SELECT 0xa0, 0xa4, 0x00, 0x00, 0x02 538d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define SIM_CMD_RUN_GSM_ALG 0xa0, 0x88, 0x00, 0x00, 0x10 548d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define SIM_CMD_GET_RESPONSE 0xa0, 0xc0, 0x00, 0x00 558d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define SIM_CMD_READ_BIN 0xa0, 0xb0, 0x00, 0x00 568d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define SIM_CMD_READ_RECORD 0xa0, 0xb2, 0x00, 0x00 578d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define SIM_CMD_VERIFY_CHV1 0xa0, 0x20, 0x00, 0x01, 0x08 588d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 598d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/* USIM commands */ 608d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define USIM_CLA 0x00 618d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define USIM_CMD_RUN_UMTS_ALG 0x00, 0x88, 0x00, 0x81, 0x22 628d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define USIM_CMD_GET_RESPONSE 0x00, 0xc0, 0x00, 0x00 638d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 648d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define SIM_RECORD_MODE_ABSOLUTE 0x04 658d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 668d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define USIM_FSP_TEMPL_TAG 0x62 678d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 688d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define USIM_TLV_FILE_DESC 0x82 698d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define USIM_TLV_FILE_ID 0x83 708d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define USIM_TLV_DF_NAME 0x84 718d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define USIM_TLV_PROPR_INFO 0xA5 728d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define USIM_TLV_LIFE_CYCLE_STATUS 0x8A 738d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define USIM_TLV_FILE_SIZE 0x80 748d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define USIM_TLV_TOTAL_FILE_SIZE 0x81 758d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define USIM_TLV_PIN_STATUS_TEMPLATE 0xC6 768d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define USIM_TLV_SHORT_FILE_ID 0x88 7704949598a23f501be6eec21697465fd46a28840aDmitry Shmidt#define USIM_TLV_SECURITY_ATTR_8B 0x8B 7804949598a23f501be6eec21697465fd46a28840aDmitry Shmidt#define USIM_TLV_SECURITY_ATTR_8C 0x8C 7904949598a23f501be6eec21697465fd46a28840aDmitry Shmidt#define USIM_TLV_SECURITY_ATTR_AB 0xAB 808d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 818d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define USIM_PS_DO_TAG 0x90 828d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 838d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define AKA_RAND_LEN 16 848d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define AKA_AUTN_LEN 16 858d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define AKA_AUTS_LEN 14 868d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define RES_MAX_LEN 16 878d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define IK_LEN 16 888d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define CK_LEN 16 898d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 908d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 9104949598a23f501be6eec21697465fd46a28840aDmitry Shmidt/* GSM files 9204949598a23f501be6eec21697465fd46a28840aDmitry Shmidt * File type in first octet: 9304949598a23f501be6eec21697465fd46a28840aDmitry Shmidt * 3F = Master File 9404949598a23f501be6eec21697465fd46a28840aDmitry Shmidt * 7F = Dedicated File 9504949598a23f501be6eec21697465fd46a28840aDmitry Shmidt * 2F = Elementary File under the Master File 9604949598a23f501be6eec21697465fd46a28840aDmitry Shmidt * 6F = Elementary File under a Dedicated File 9704949598a23f501be6eec21697465fd46a28840aDmitry Shmidt */ 9804949598a23f501be6eec21697465fd46a28840aDmitry Shmidt#define SCARD_FILE_MF 0x3F00 9904949598a23f501be6eec21697465fd46a28840aDmitry Shmidt#define SCARD_FILE_GSM_DF 0x7F20 10004949598a23f501be6eec21697465fd46a28840aDmitry Shmidt#define SCARD_FILE_UMTS_DF 0x7F50 10104949598a23f501be6eec21697465fd46a28840aDmitry Shmidt#define SCARD_FILE_GSM_EF_IMSI 0x6F07 10204949598a23f501be6eec21697465fd46a28840aDmitry Shmidt#define SCARD_FILE_GSM_EF_AD 0x6FAD 10304949598a23f501be6eec21697465fd46a28840aDmitry Shmidt#define SCARD_FILE_EF_DIR 0x2F00 10404949598a23f501be6eec21697465fd46a28840aDmitry Shmidt#define SCARD_FILE_EF_ICCID 0x2FE2 10504949598a23f501be6eec21697465fd46a28840aDmitry Shmidt#define SCARD_FILE_EF_CK 0x6FE1 10604949598a23f501be6eec21697465fd46a28840aDmitry Shmidt#define SCARD_FILE_EF_IK 0x6FE2 10704949598a23f501be6eec21697465fd46a28840aDmitry Shmidt 10804949598a23f501be6eec21697465fd46a28840aDmitry Shmidt#define SCARD_CHV1_OFFSET 13 10904949598a23f501be6eec21697465fd46a28840aDmitry Shmidt#define SCARD_CHV1_FLAG 0x80 11004949598a23f501be6eec21697465fd46a28840aDmitry Shmidt 11104949598a23f501be6eec21697465fd46a28840aDmitry Shmidt 1128d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidttypedef enum { SCARD_GSM_SIM, SCARD_USIM } sim_types; 1138d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1148d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstruct scard_data { 1158d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt SCARDCONTEXT ctx; 1168d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt SCARDHANDLE card; 1177f2c753f60025528366b5f19b8b490a47bf5080bDmitry Shmidt#ifdef __APPLE__ 1187f2c753f60025528366b5f19b8b490a47bf5080bDmitry Shmidt uint32_t protocol; 1197f2c753f60025528366b5f19b8b490a47bf5080bDmitry Shmidt#else 1208d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt DWORD protocol; 1217f2c753f60025528366b5f19b8b490a47bf5080bDmitry Shmidt#endif 1228d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt sim_types sim_type; 1238d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt int pin1_required; 1248d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt}; 1258d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1268d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#ifdef __MINGW32_VERSION 1278d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/* MinGW does not yet support WinScard, so load the needed functions 1288d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * dynamically from winscard.dll for now. */ 1298d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1308d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic HINSTANCE dll = NULL; /* winscard.dll */ 1318d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1328d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic const SCARD_IO_REQUEST *dll_g_rgSCardT0Pci, *dll_g_rgSCardT1Pci; 1338d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#undef SCARD_PCI_T0 1348d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define SCARD_PCI_T0 (dll_g_rgSCardT0Pci) 1358d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#undef SCARD_PCI_T1 1368d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define SCARD_PCI_T1 (dll_g_rgSCardT1Pci) 1378d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1388d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1398d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic WINSCARDAPI LONG WINAPI 1408d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt(*dll_SCardEstablishContext)(IN DWORD dwScope, 1418d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt IN LPCVOID pvReserved1, 1428d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt IN LPCVOID pvReserved2, 1438d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt OUT LPSCARDCONTEXT phContext); 1448d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define SCardEstablishContext dll_SCardEstablishContext 1458d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1468d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic long (*dll_SCardReleaseContext)(long hContext); 1478d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define SCardReleaseContext dll_SCardReleaseContext 1488d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1498d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic WINSCARDAPI LONG WINAPI 1508d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt(*dll_SCardListReadersA)(IN SCARDCONTEXT hContext, 1518d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt IN LPCSTR mszGroups, 1528d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt OUT LPSTR mszReaders, 1538d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt IN OUT LPDWORD pcchReaders); 1548d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#undef SCardListReaders 1558d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define SCardListReaders dll_SCardListReadersA 1568d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1578d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic WINSCARDAPI LONG WINAPI 1588d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt(*dll_SCardConnectA)(IN SCARDCONTEXT hContext, 1598d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt IN LPCSTR szReader, 1608d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt IN DWORD dwShareMode, 1618d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt IN DWORD dwPreferredProtocols, 1628d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt OUT LPSCARDHANDLE phCard, 1638d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt OUT LPDWORD pdwActiveProtocol); 1648d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#undef SCardConnect 1658d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define SCardConnect dll_SCardConnectA 1668d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1678d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic WINSCARDAPI LONG WINAPI 1688d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt(*dll_SCardDisconnect)(IN SCARDHANDLE hCard, 1698d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt IN DWORD dwDisposition); 1708d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define SCardDisconnect dll_SCardDisconnect 1718d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1728d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic WINSCARDAPI LONG WINAPI 1738d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt(*dll_SCardTransmit)(IN SCARDHANDLE hCard, 1748d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt IN LPCSCARD_IO_REQUEST pioSendPci, 1758d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt IN LPCBYTE pbSendBuffer, 1768d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt IN DWORD cbSendLength, 1778d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt IN OUT LPSCARD_IO_REQUEST pioRecvPci, 1788d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt OUT LPBYTE pbRecvBuffer, 1798d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt IN OUT LPDWORD pcbRecvLength); 1808d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define SCardTransmit dll_SCardTransmit 1818d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1828d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic WINSCARDAPI LONG WINAPI 1838d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt(*dll_SCardBeginTransaction)(IN SCARDHANDLE hCard); 1848d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define SCardBeginTransaction dll_SCardBeginTransaction 1858d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1868d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic WINSCARDAPI LONG WINAPI 1878d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt(*dll_SCardEndTransaction)(IN SCARDHANDLE hCard, IN DWORD dwDisposition); 1888d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define SCardEndTransaction dll_SCardEndTransaction 1898d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1908d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1918d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic int mingw_load_symbols(void) 1928d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 1938d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt char *sym; 1948d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1958d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (dll) 1968d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return 0; 1978d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1988d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt dll = LoadLibrary("winscard"); 1998d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (dll == NULL) { 2008d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "WinSCard: Could not load winscard.dll " 2018d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "library"); 2028d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 2038d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 2048d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 2058d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define LOADSYM(s) \ 2068d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt sym = #s; \ 2078d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt dll_ ## s = (void *) GetProcAddress(dll, sym); \ 2088d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (dll_ ## s == NULL) \ 2098d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt goto fail; 2108d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 2118d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt LOADSYM(SCardEstablishContext); 2128d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt LOADSYM(SCardReleaseContext); 2138d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt LOADSYM(SCardListReadersA); 2148d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt LOADSYM(SCardConnectA); 2158d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt LOADSYM(SCardDisconnect); 2168d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt LOADSYM(SCardTransmit); 2178d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt LOADSYM(SCardBeginTransaction); 2188d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt LOADSYM(SCardEndTransaction); 2198d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt LOADSYM(g_rgSCardT0Pci); 2208d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt LOADSYM(g_rgSCardT1Pci); 2218d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 2228d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#undef LOADSYM 2238d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 2248d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return 0; 2258d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 2268d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtfail: 2278d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "WinSCard: Could not get address for %s from " 2288d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "winscard.dll", sym); 2298d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt FreeLibrary(dll); 2308d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt dll = NULL; 2318d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 2328d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 2338d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 2348d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 2358d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic void mingw_unload_symbols(void) 2368d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 2378d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (dll == NULL) 2388d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return; 2398d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 2408d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt FreeLibrary(dll); 2418d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt dll = NULL; 2428d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 2438d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 2448d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#else /* __MINGW32_VERSION */ 2458d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 2468d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define mingw_load_symbols() 0 2478d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#define mingw_unload_symbols() do { } while (0) 2488d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 2498d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#endif /* __MINGW32_VERSION */ 2508d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 2518d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 2528d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic int _scard_select_file(struct scard_data *scard, unsigned short file_id, 2538d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt unsigned char *buf, size_t *buf_len, 2548d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt sim_types sim_type, unsigned char *aid, 2558d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt size_t aidlen); 2568d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic int scard_select_file(struct scard_data *scard, unsigned short file_id, 2578d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt unsigned char *buf, size_t *buf_len); 2588d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic int scard_verify_pin(struct scard_data *scard, const char *pin); 2598d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic int scard_get_record_len(struct scard_data *scard, 2608d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt unsigned char recnum, unsigned char mode); 2618d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic int scard_read_record(struct scard_data *scard, 2628d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt unsigned char *data, size_t len, 2638d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt unsigned char recnum, unsigned char mode); 2648d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 2658d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 2668d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic int scard_parse_fsp_templ(unsigned char *buf, size_t buf_len, 2678d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt int *ps_do, int *file_len) 2688d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 26904949598a23f501be6eec21697465fd46a28840aDmitry Shmidt unsigned char *pos, *end; 27004949598a23f501be6eec21697465fd46a28840aDmitry Shmidt 27104949598a23f501be6eec21697465fd46a28840aDmitry Shmidt if (ps_do) 27204949598a23f501be6eec21697465fd46a28840aDmitry Shmidt *ps_do = -1; 27304949598a23f501be6eec21697465fd46a28840aDmitry Shmidt if (file_len) 27404949598a23f501be6eec21697465fd46a28840aDmitry Shmidt *file_len = -1; 27504949598a23f501be6eec21697465fd46a28840aDmitry Shmidt 27604949598a23f501be6eec21697465fd46a28840aDmitry Shmidt pos = buf; 27704949598a23f501be6eec21697465fd46a28840aDmitry Shmidt end = pos + buf_len; 27804949598a23f501be6eec21697465fd46a28840aDmitry Shmidt if (*pos != USIM_FSP_TEMPL_TAG) { 27904949598a23f501be6eec21697465fd46a28840aDmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: file header did not " 28004949598a23f501be6eec21697465fd46a28840aDmitry Shmidt "start with FSP template tag"); 28104949598a23f501be6eec21697465fd46a28840aDmitry Shmidt return -1; 28204949598a23f501be6eec21697465fd46a28840aDmitry Shmidt } 28304949598a23f501be6eec21697465fd46a28840aDmitry Shmidt pos++; 28404949598a23f501be6eec21697465fd46a28840aDmitry Shmidt if (pos >= end) 28504949598a23f501be6eec21697465fd46a28840aDmitry Shmidt return -1; 286d80a401aed31d06f261efd19223cf55d1a2a8228Dmitry Shmidt if (pos[0] < end - pos) 28704949598a23f501be6eec21697465fd46a28840aDmitry Shmidt end = pos + 1 + pos[0]; 28804949598a23f501be6eec21697465fd46a28840aDmitry Shmidt pos++; 28904949598a23f501be6eec21697465fd46a28840aDmitry Shmidt wpa_hexdump(MSG_DEBUG, "SCARD: file header FSP template", 29004949598a23f501be6eec21697465fd46a28840aDmitry Shmidt pos, end - pos); 29104949598a23f501be6eec21697465fd46a28840aDmitry Shmidt 292fb45fd5cfed8bdccd0859c7fc05449fc187e2d06Dmitry Shmidt while (end - pos >= 2) { 293fb45fd5cfed8bdccd0859c7fc05449fc187e2d06Dmitry Shmidt unsigned char type, len; 294fb45fd5cfed8bdccd0859c7fc05449fc187e2d06Dmitry Shmidt 295fb45fd5cfed8bdccd0859c7fc05449fc187e2d06Dmitry Shmidt type = pos[0]; 296fb45fd5cfed8bdccd0859c7fc05449fc187e2d06Dmitry Shmidt len = pos[1]; 29704949598a23f501be6eec21697465fd46a28840aDmitry Shmidt wpa_printf(MSG_MSGDUMP, "SCARD: file header TLV 0x%02x len=%d", 298fb45fd5cfed8bdccd0859c7fc05449fc187e2d06Dmitry Shmidt type, len); 299fb45fd5cfed8bdccd0859c7fc05449fc187e2d06Dmitry Shmidt pos += 2; 300fb45fd5cfed8bdccd0859c7fc05449fc187e2d06Dmitry Shmidt 301fb45fd5cfed8bdccd0859c7fc05449fc187e2d06Dmitry Shmidt if (len > (unsigned int) (end - pos)) 30204949598a23f501be6eec21697465fd46a28840aDmitry Shmidt break; 3038d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 304fb45fd5cfed8bdccd0859c7fc05449fc187e2d06Dmitry Shmidt switch (type) { 30504949598a23f501be6eec21697465fd46a28840aDmitry Shmidt case USIM_TLV_FILE_DESC: 30604949598a23f501be6eec21697465fd46a28840aDmitry Shmidt wpa_hexdump(MSG_MSGDUMP, "SCARD: File Descriptor TLV", 307fb45fd5cfed8bdccd0859c7fc05449fc187e2d06Dmitry Shmidt pos, len); 30804949598a23f501be6eec21697465fd46a28840aDmitry Shmidt break; 30904949598a23f501be6eec21697465fd46a28840aDmitry Shmidt case USIM_TLV_FILE_ID: 31004949598a23f501be6eec21697465fd46a28840aDmitry Shmidt wpa_hexdump(MSG_MSGDUMP, "SCARD: File Identifier TLV", 311fb45fd5cfed8bdccd0859c7fc05449fc187e2d06Dmitry Shmidt pos, len); 31204949598a23f501be6eec21697465fd46a28840aDmitry Shmidt break; 31304949598a23f501be6eec21697465fd46a28840aDmitry Shmidt case USIM_TLV_DF_NAME: 31404949598a23f501be6eec21697465fd46a28840aDmitry Shmidt wpa_hexdump(MSG_MSGDUMP, "SCARD: DF name (AID) TLV", 315fb45fd5cfed8bdccd0859c7fc05449fc187e2d06Dmitry Shmidt pos, len); 31604949598a23f501be6eec21697465fd46a28840aDmitry Shmidt break; 31704949598a23f501be6eec21697465fd46a28840aDmitry Shmidt case USIM_TLV_PROPR_INFO: 31804949598a23f501be6eec21697465fd46a28840aDmitry Shmidt wpa_hexdump(MSG_MSGDUMP, "SCARD: Proprietary " 319fb45fd5cfed8bdccd0859c7fc05449fc187e2d06Dmitry Shmidt "information TLV", pos, len); 32004949598a23f501be6eec21697465fd46a28840aDmitry Shmidt break; 32104949598a23f501be6eec21697465fd46a28840aDmitry Shmidt case USIM_TLV_LIFE_CYCLE_STATUS: 32204949598a23f501be6eec21697465fd46a28840aDmitry Shmidt wpa_hexdump(MSG_MSGDUMP, "SCARD: Life Cycle Status " 323fb45fd5cfed8bdccd0859c7fc05449fc187e2d06Dmitry Shmidt "Integer TLV", pos, len); 32404949598a23f501be6eec21697465fd46a28840aDmitry Shmidt break; 32504949598a23f501be6eec21697465fd46a28840aDmitry Shmidt case USIM_TLV_FILE_SIZE: 32604949598a23f501be6eec21697465fd46a28840aDmitry Shmidt wpa_hexdump(MSG_MSGDUMP, "SCARD: File size TLV", 327fb45fd5cfed8bdccd0859c7fc05449fc187e2d06Dmitry Shmidt pos, len); 328fb45fd5cfed8bdccd0859c7fc05449fc187e2d06Dmitry Shmidt if ((len == 1 || len == 2) && file_len) { 329fb45fd5cfed8bdccd0859c7fc05449fc187e2d06Dmitry Shmidt if (len == 1) 330fb45fd5cfed8bdccd0859c7fc05449fc187e2d06Dmitry Shmidt *file_len = (int) pos[0]; 3318d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt else 332fb45fd5cfed8bdccd0859c7fc05449fc187e2d06Dmitry Shmidt *file_len = WPA_GET_BE16(pos); 3338d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: file_size=%d", 3348d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt *file_len); 3358d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 33604949598a23f501be6eec21697465fd46a28840aDmitry Shmidt break; 33704949598a23f501be6eec21697465fd46a28840aDmitry Shmidt case USIM_TLV_TOTAL_FILE_SIZE: 33804949598a23f501be6eec21697465fd46a28840aDmitry Shmidt wpa_hexdump(MSG_MSGDUMP, "SCARD: Total file size TLV", 339fb45fd5cfed8bdccd0859c7fc05449fc187e2d06Dmitry Shmidt pos, len); 34004949598a23f501be6eec21697465fd46a28840aDmitry Shmidt break; 34104949598a23f501be6eec21697465fd46a28840aDmitry Shmidt case USIM_TLV_PIN_STATUS_TEMPLATE: 34204949598a23f501be6eec21697465fd46a28840aDmitry Shmidt wpa_hexdump(MSG_MSGDUMP, "SCARD: PIN Status Template " 343fb45fd5cfed8bdccd0859c7fc05449fc187e2d06Dmitry Shmidt "DO TLV", pos, len); 344fb45fd5cfed8bdccd0859c7fc05449fc187e2d06Dmitry Shmidt if (len >= 2 && pos[0] == USIM_PS_DO_TAG && 345fb45fd5cfed8bdccd0859c7fc05449fc187e2d06Dmitry Shmidt pos[1] >= 1 && ps_do) { 3468d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: PS_DO=0x%02x", 347fb45fd5cfed8bdccd0859c7fc05449fc187e2d06Dmitry Shmidt pos[2]); 348fb45fd5cfed8bdccd0859c7fc05449fc187e2d06Dmitry Shmidt *ps_do = (int) pos[2]; 3498d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 35004949598a23f501be6eec21697465fd46a28840aDmitry Shmidt break; 35104949598a23f501be6eec21697465fd46a28840aDmitry Shmidt case USIM_TLV_SHORT_FILE_ID: 35204949598a23f501be6eec21697465fd46a28840aDmitry Shmidt wpa_hexdump(MSG_MSGDUMP, "SCARD: Short File " 353fb45fd5cfed8bdccd0859c7fc05449fc187e2d06Dmitry Shmidt "Identifier (SFI) TLV", pos, len); 35404949598a23f501be6eec21697465fd46a28840aDmitry Shmidt break; 35504949598a23f501be6eec21697465fd46a28840aDmitry Shmidt case USIM_TLV_SECURITY_ATTR_8B: 35604949598a23f501be6eec21697465fd46a28840aDmitry Shmidt case USIM_TLV_SECURITY_ATTR_8C: 35704949598a23f501be6eec21697465fd46a28840aDmitry Shmidt case USIM_TLV_SECURITY_ATTR_AB: 35804949598a23f501be6eec21697465fd46a28840aDmitry Shmidt wpa_hexdump(MSG_MSGDUMP, "SCARD: Security attribute " 359fb45fd5cfed8bdccd0859c7fc05449fc187e2d06Dmitry Shmidt "TLV", pos, len); 36004949598a23f501be6eec21697465fd46a28840aDmitry Shmidt break; 36104949598a23f501be6eec21697465fd46a28840aDmitry Shmidt default: 36204949598a23f501be6eec21697465fd46a28840aDmitry Shmidt wpa_hexdump(MSG_MSGDUMP, "SCARD: Unrecognized TLV", 363fb45fd5cfed8bdccd0859c7fc05449fc187e2d06Dmitry Shmidt pos, len); 36404949598a23f501be6eec21697465fd46a28840aDmitry Shmidt break; 36504949598a23f501be6eec21697465fd46a28840aDmitry Shmidt } 3668d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 367fb45fd5cfed8bdccd0859c7fc05449fc187e2d06Dmitry Shmidt pos += len; 3688d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 36904949598a23f501be6eec21697465fd46a28840aDmitry Shmidt if (pos == end) 37004949598a23f501be6eec21697465fd46a28840aDmitry Shmidt return 0; 37104949598a23f501be6eec21697465fd46a28840aDmitry Shmidt } 37204949598a23f501be6eec21697465fd46a28840aDmitry Shmidt return -1; 3738d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 3748d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 3758d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 3768d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic int scard_pin_needed(struct scard_data *scard, 3778d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt unsigned char *hdr, size_t hlen) 3788d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 3798d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (scard->sim_type == SCARD_GSM_SIM) { 3808d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (hlen > SCARD_CHV1_OFFSET && 3818d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt !(hdr[SCARD_CHV1_OFFSET] & SCARD_CHV1_FLAG)) 3828d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return 1; 3838d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return 0; 3848d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 3858d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 3868d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (scard->sim_type == SCARD_USIM) { 3878d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt int ps_do; 3888d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (scard_parse_fsp_templ(hdr, hlen, &ps_do, NULL)) 3898d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 3908d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt /* TODO: there could be more than one PS_DO entry because of 3918d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * multiple PINs in key reference.. */ 3928d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (ps_do > 0 && (ps_do & 0x80)) 3938d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return 1; 3948d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return 0; 3958d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 3968d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 3978d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 3988d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 3998d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 4008d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 4018d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic int scard_get_aid(struct scard_data *scard, unsigned char *aid, 4028d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt size_t maxlen) 4038d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 4048d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt int rlen, rec; 4058d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt struct efdir { 4068d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt unsigned char appl_template_tag; /* 0x61 */ 4078d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt unsigned char appl_template_len; 4088d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt unsigned char appl_id_tag; /* 0x4f */ 4098d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt unsigned char aid_len; 4108d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt unsigned char rid[5]; 4118d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt unsigned char appl_code[2]; /* 0x1002 for 3G USIM */ 4128d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } *efdir; 413fb45fd5cfed8bdccd0859c7fc05449fc187e2d06Dmitry Shmidt unsigned char buf[127], *aid_pos; 4148d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt size_t blen; 415fb45fd5cfed8bdccd0859c7fc05449fc187e2d06Dmitry Shmidt unsigned int aid_len = 0; 4168d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 4178d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt efdir = (struct efdir *) buf; 418fb45fd5cfed8bdccd0859c7fc05449fc187e2d06Dmitry Shmidt aid_pos = &buf[4]; 4198d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt blen = sizeof(buf); 4208d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (scard_select_file(scard, SCARD_FILE_EF_DIR, buf, &blen)) { 4218d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: Failed to read EF_DIR"); 4228d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 4238d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 4248d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_hexdump(MSG_DEBUG, "SCARD: EF_DIR select", buf, blen); 4258d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 4268d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt for (rec = 1; rec < 10; rec++) { 4278d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt rlen = scard_get_record_len(scard, rec, 4288d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt SIM_RECORD_MODE_ABSOLUTE); 4298d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (rlen < 0) { 4308d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: Failed to get EF_DIR " 4318d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "record length"); 4328d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 4338d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 4348d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt blen = sizeof(buf); 4358d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (rlen > (int) blen) { 4368d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: Too long EF_DIR record"); 4378d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 4388d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 4398d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (scard_read_record(scard, buf, rlen, rec, 4408d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt SIM_RECORD_MODE_ABSOLUTE) < 0) { 4418d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: Failed to read " 4428d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "EF_DIR record %d", rec); 4438d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 4448d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 4458d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_hexdump(MSG_DEBUG, "SCARD: EF_DIR record", buf, rlen); 4468d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 4478d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (efdir->appl_template_tag != 0x61) { 4488d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: Unexpected application " 4498d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "template tag 0x%x", 4508d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt efdir->appl_template_tag); 4518d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt continue; 4528d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 4538d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 4548d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (efdir->appl_template_len > rlen - 2) { 4558d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: Too long application " 4568d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "template (len=%d rlen=%d)", 4578d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt efdir->appl_template_len, rlen); 4588d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt continue; 4598d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 4608d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 4618d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (efdir->appl_id_tag != 0x4f) { 4628d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: Unexpected application " 4638d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "identifier tag 0x%x", efdir->appl_id_tag); 4648d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt continue; 4658d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 4668d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 467fb45fd5cfed8bdccd0859c7fc05449fc187e2d06Dmitry Shmidt aid_len = efdir->aid_len; 468fb45fd5cfed8bdccd0859c7fc05449fc187e2d06Dmitry Shmidt if (aid_len < 1 || aid_len > 16) { 469fb45fd5cfed8bdccd0859c7fc05449fc187e2d06Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: Invalid AID length %u", 470fb45fd5cfed8bdccd0859c7fc05449fc187e2d06Dmitry Shmidt aid_len); 4718d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt continue; 4728d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 4738d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 4748d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_hexdump(MSG_DEBUG, "SCARD: AID from EF_DIR record", 475fb45fd5cfed8bdccd0859c7fc05449fc187e2d06Dmitry Shmidt aid_pos, aid_len); 4768d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 4778d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (efdir->appl_code[0] == 0x10 && 4788d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt efdir->appl_code[1] == 0x02) { 4798d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: 3G USIM app found from " 4808d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "EF_DIR record %d", rec); 4818d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt break; 4828d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 4838d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 4848d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 4858d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (rec >= 10) { 4868d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: 3G USIM app not found " 4878d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "from EF_DIR records"); 4888d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 4898d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 4908d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 491fb45fd5cfed8bdccd0859c7fc05449fc187e2d06Dmitry Shmidt if (aid_len > maxlen) { 4928d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: Too long AID"); 4938d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 4948d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 4958d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 496fb45fd5cfed8bdccd0859c7fc05449fc187e2d06Dmitry Shmidt os_memcpy(aid, aid_pos, aid_len); 4978d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 498fb45fd5cfed8bdccd0859c7fc05449fc187e2d06Dmitry Shmidt return aid_len; 4998d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 5008d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 5018d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 5028d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/** 5038d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * scard_init - Initialize SIM/USIM connection using PC/SC 50404949598a23f501be6eec21697465fd46a28840aDmitry Shmidt * @reader: Reader name prefix to search for 5058d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Returns: Pointer to private data structure, or %NULL on failure 5068d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * 5078d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * This function is used to initialize SIM/USIM connection. PC/SC is used to 508e0e48dc666fb14a7bb60264ca87463ba7bc1fe0bDmitry Shmidt * open connection to the SIM/USIM card. In addition, local flag is set if a 509e0e48dc666fb14a7bb60264ca87463ba7bc1fe0bDmitry Shmidt * PIN is needed to access some of the card functions. Once the connection is 510e0e48dc666fb14a7bb60264ca87463ba7bc1fe0bDmitry Shmidt * not needed anymore, scard_deinit() can be used to close it. 5118d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt */ 512e0e48dc666fb14a7bb60264ca87463ba7bc1fe0bDmitry Shmidtstruct scard_data * scard_init(const char *reader) 5138d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 5148d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt long ret; 5157f2c753f60025528366b5f19b8b490a47bf5080bDmitry Shmidt#ifdef __APPLE__ 5167f2c753f60025528366b5f19b8b490a47bf5080bDmitry Shmidt uint32_t len; 5177f2c753f60025528366b5f19b8b490a47bf5080bDmitry Shmidt#else 5187f2c753f60025528366b5f19b8b490a47bf5080bDmitry Shmidt unsigned long len; 5197f2c753f60025528366b5f19b8b490a47bf5080bDmitry Shmidt#endif 5207f2c753f60025528366b5f19b8b490a47bf5080bDmitry Shmidt unsigned long pos; 5218d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt struct scard_data *scard; 5228d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#ifdef CONFIG_NATIVE_WINDOWS 5238d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt TCHAR *readers = NULL; 5248d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#else /* CONFIG_NATIVE_WINDOWS */ 5258d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt char *readers = NULL; 5268d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#endif /* CONFIG_NATIVE_WINDOWS */ 5278d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt unsigned char buf[100]; 5288d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt size_t blen; 5298d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt int transaction = 0; 5308d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt int pin_needed; 5318d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 5328d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: initializing smart card interface"); 5338d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (mingw_load_symbols()) 5348d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return NULL; 5358d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt scard = os_zalloc(sizeof(*scard)); 5368d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (scard == NULL) 5378d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return NULL; 5388d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 5398d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt ret = SCardEstablishContext(SCARD_SCOPE_SYSTEM, NULL, NULL, 5408d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt &scard->ctx); 5418d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (ret != SCARD_S_SUCCESS) { 5428d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: Could not establish smart card " 5438d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "context (err=%ld)", ret); 5448d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt goto failed; 5458d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 5468d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 5478d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt ret = SCardListReaders(scard->ctx, NULL, NULL, &len); 5488d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (ret != SCARD_S_SUCCESS) { 5498d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: SCardListReaders failed " 5508d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "(err=%ld)", ret); 5518d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt goto failed; 5528d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 5538d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 5548d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#ifdef UNICODE 5558d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt len *= 2; 5568d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#endif /* UNICODE */ 5578d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt readers = os_malloc(len); 5588d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (readers == NULL) { 5598d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_INFO, "SCARD: malloc failed\n"); 5608d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt goto failed; 5618d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 5628d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 5638d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt ret = SCardListReaders(scard->ctx, NULL, readers, &len); 5648d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (ret != SCARD_S_SUCCESS) { 5658d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: SCardListReaders failed(2) " 5668d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "(err=%ld)", ret); 5678d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt goto failed; 5688d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 5698d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (len < 3) { 5708d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_WARNING, "SCARD: No smart card readers " 5718d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "available."); 5728d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt goto failed; 5738d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 57404949598a23f501be6eec21697465fd46a28840aDmitry Shmidt wpa_hexdump_ascii(MSG_DEBUG, "SCARD: Readers", (u8 *) readers, len); 57504949598a23f501be6eec21697465fd46a28840aDmitry Shmidt /* 57604949598a23f501be6eec21697465fd46a28840aDmitry Shmidt * readers is a list of available readers. The last entry is terminated 57704949598a23f501be6eec21697465fd46a28840aDmitry Shmidt * with double null. 57804949598a23f501be6eec21697465fd46a28840aDmitry Shmidt */ 57904949598a23f501be6eec21697465fd46a28840aDmitry Shmidt pos = 0; 58004949598a23f501be6eec21697465fd46a28840aDmitry Shmidt#ifdef UNICODE 58104949598a23f501be6eec21697465fd46a28840aDmitry Shmidt /* TODO */ 58204949598a23f501be6eec21697465fd46a28840aDmitry Shmidt#else /* UNICODE */ 58304949598a23f501be6eec21697465fd46a28840aDmitry Shmidt while (pos < len) { 58404949598a23f501be6eec21697465fd46a28840aDmitry Shmidt if (reader == NULL || 58504949598a23f501be6eec21697465fd46a28840aDmitry Shmidt os_strncmp(&readers[pos], reader, os_strlen(reader)) == 0) 58604949598a23f501be6eec21697465fd46a28840aDmitry Shmidt break; 58704949598a23f501be6eec21697465fd46a28840aDmitry Shmidt while (pos < len && readers[pos]) 58804949598a23f501be6eec21697465fd46a28840aDmitry Shmidt pos++; 58904949598a23f501be6eec21697465fd46a28840aDmitry Shmidt pos++; /* skip separating null */ 59004949598a23f501be6eec21697465fd46a28840aDmitry Shmidt if (pos < len && readers[pos] == '\0') 59104949598a23f501be6eec21697465fd46a28840aDmitry Shmidt pos = len; /* double null terminates list */ 59204949598a23f501be6eec21697465fd46a28840aDmitry Shmidt } 59304949598a23f501be6eec21697465fd46a28840aDmitry Shmidt#endif /* UNICODE */ 59404949598a23f501be6eec21697465fd46a28840aDmitry Shmidt if (pos >= len) { 59504949598a23f501be6eec21697465fd46a28840aDmitry Shmidt wpa_printf(MSG_WARNING, "SCARD: No reader with prefix '%s' " 59604949598a23f501be6eec21697465fd46a28840aDmitry Shmidt "found", reader); 59704949598a23f501be6eec21697465fd46a28840aDmitry Shmidt goto failed; 59804949598a23f501be6eec21697465fd46a28840aDmitry Shmidt } 59904949598a23f501be6eec21697465fd46a28840aDmitry Shmidt 6008d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#ifdef UNICODE 60104949598a23f501be6eec21697465fd46a28840aDmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: Selected reader='%S'", &readers[pos]); 6028d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#else /* UNICODE */ 60304949598a23f501be6eec21697465fd46a28840aDmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: Selected reader='%s'", &readers[pos]); 6048d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt#endif /* UNICODE */ 6058d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 60604949598a23f501be6eec21697465fd46a28840aDmitry Shmidt ret = SCardConnect(scard->ctx, &readers[pos], SCARD_SHARE_SHARED, 60704949598a23f501be6eec21697465fd46a28840aDmitry Shmidt SCARD_PROTOCOL_T0 | SCARD_PROTOCOL_T1, 60804949598a23f501be6eec21697465fd46a28840aDmitry Shmidt &scard->card, &scard->protocol); 6098d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (ret != SCARD_S_SUCCESS) { 6108d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (ret == (long) SCARD_E_NO_SMARTCARD) 6118d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_INFO, "No smart card inserted."); 6128d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt else 6138d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_WARNING, "SCardConnect err=%lx", ret); 6148d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt goto failed; 6158d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 6168d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 6178d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_free(readers); 6188d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt readers = NULL; 6198d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 6208d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: card=0x%x active_protocol=%lu (%s)", 6217f2c753f60025528366b5f19b8b490a47bf5080bDmitry Shmidt (unsigned int) scard->card, (unsigned long) scard->protocol, 6228d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt scard->protocol == SCARD_PROTOCOL_T0 ? "T0" : "T1"); 6238d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 6248d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt ret = SCardBeginTransaction(scard->card); 6258d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (ret != SCARD_S_SUCCESS) { 6268d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: Could not begin transaction: " 6278d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "0x%x", (unsigned int) ret); 6288d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt goto failed; 6298d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 6308d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt transaction = 1; 6318d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 6328d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt blen = sizeof(buf); 6338d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 634e0e48dc666fb14a7bb60264ca87463ba7bc1fe0bDmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: verifying USIM support"); 635e0e48dc666fb14a7bb60264ca87463ba7bc1fe0bDmitry Shmidt if (_scard_select_file(scard, SCARD_FILE_MF, buf, &blen, 636e0e48dc666fb14a7bb60264ca87463ba7bc1fe0bDmitry Shmidt SCARD_USIM, NULL, 0)) { 637e0e48dc666fb14a7bb60264ca87463ba7bc1fe0bDmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: USIM is not supported. Trying to use GSM SIM"); 638e0e48dc666fb14a7bb60264ca87463ba7bc1fe0bDmitry Shmidt scard->sim_type = SCARD_GSM_SIM; 639e0e48dc666fb14a7bb60264ca87463ba7bc1fe0bDmitry Shmidt } else { 640e0e48dc666fb14a7bb60264ca87463ba7bc1fe0bDmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: USIM is supported"); 641e0e48dc666fb14a7bb60264ca87463ba7bc1fe0bDmitry Shmidt scard->sim_type = SCARD_USIM; 6428d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 6438d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 6448d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (scard->sim_type == SCARD_GSM_SIM) { 6458d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt blen = sizeof(buf); 6468d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (scard_select_file(scard, SCARD_FILE_MF, buf, &blen)) { 6478d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: Failed to read MF"); 6488d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt goto failed; 6498d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 6508d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 6518d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt blen = sizeof(buf); 6528d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (scard_select_file(scard, SCARD_FILE_GSM_DF, buf, &blen)) { 6538d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: Failed to read GSM DF"); 6548d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt goto failed; 6558d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 6568d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } else { 6578d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt unsigned char aid[32]; 6588d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt int aid_len; 6598d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 6608d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt aid_len = scard_get_aid(scard, aid, sizeof(aid)); 6618d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (aid_len < 0) { 6628d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: Failed to find AID for " 6638d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "3G USIM app - try to use standard 3G RID"); 6648d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_memcpy(aid, "\xa0\x00\x00\x00\x87", 5); 6658d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt aid_len = 5; 6668d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 6678d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_hexdump(MSG_DEBUG, "SCARD: 3G USIM AID", aid, aid_len); 6688d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 6698d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt /* Select based on AID = 3G RID from EF_DIR. This is usually 6708d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * starting with A0 00 00 00 87. */ 6718d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt blen = sizeof(buf); 6728d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (_scard_select_file(scard, 0, buf, &blen, scard->sim_type, 6738d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt aid, aid_len)) { 6748d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_INFO, "SCARD: Failed to read 3G USIM " 6758d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "app"); 6768d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_hexdump(MSG_INFO, "SCARD: 3G USIM AID", 6778d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt aid, aid_len); 6788d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt goto failed; 6798d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 6808d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 6818d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 6828d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt /* Verify whether CHV1 (PIN1) is needed to access the card. */ 6838d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt pin_needed = scard_pin_needed(scard, buf, blen); 6848d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (pin_needed < 0) { 6858d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: Failed to determine whether PIN " 6868d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "is needed"); 6878d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt goto failed; 6888d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 6898d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (pin_needed) { 6908d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt scard->pin1_required = 1; 69104949598a23f501be6eec21697465fd46a28840aDmitry Shmidt wpa_printf(MSG_DEBUG, "PIN1 needed for SIM access (retry " 69204949598a23f501be6eec21697465fd46a28840aDmitry Shmidt "counter=%d)", scard_get_pin_retry_counter(scard)); 6938d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 6948d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 6958d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt ret = SCardEndTransaction(scard->card, SCARD_LEAVE_CARD); 6968d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (ret != SCARD_S_SUCCESS) { 6978d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: Could not end transaction: " 6988d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "0x%x", (unsigned int) ret); 6998d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 7008d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 7018d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return scard; 7028d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 7038d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtfailed: 7048d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (transaction) 7058d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt SCardEndTransaction(scard->card, SCARD_LEAVE_CARD); 7068d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_free(readers); 7078d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt scard_deinit(scard); 7088d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return NULL; 7098d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 7108d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 7118d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 7128d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/** 7138d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * scard_set_pin - Set PIN (CHV1/PIN1) code for accessing SIM/USIM commands 7148d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * @scard: Pointer to private data from scard_init() 7158d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * @pin: PIN code as an ASCII string (e.g., "1234") 7168d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Returns: 0 on success, -1 on failure 7178d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt */ 7188d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtint scard_set_pin(struct scard_data *scard, const char *pin) 7198d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 7208d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (scard == NULL) 7218d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 7228d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 7238d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt /* Verify whether CHV1 (PIN1) is needed to access the card. */ 7248d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (scard->pin1_required) { 7258d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (pin == NULL) { 7268d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "No PIN configured for SIM " 7278d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "access"); 7288d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 7298d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 7308d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (scard_verify_pin(scard, pin)) { 7318d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_INFO, "PIN verification failed for " 7328d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "SIM access"); 7338d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 7348d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 7358d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 7368d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 7378d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return 0; 7388d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 7398d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 7408d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 7418d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/** 7428d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * scard_deinit - Deinitialize SIM/USIM connection 7438d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * @scard: Pointer to private data from scard_init() 7448d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * 7458d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * This function closes the SIM/USIM connect opened with scard_init(). 7468d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt */ 7478d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtvoid scard_deinit(struct scard_data *scard) 7488d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 7498d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt long ret; 7508d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 7518d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (scard == NULL) 7528d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return; 7538d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 7548d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: deinitializing smart card interface"); 7558d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (scard->card) { 7568d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt ret = SCardDisconnect(scard->card, SCARD_UNPOWER_CARD); 7578d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (ret != SCARD_S_SUCCESS) { 7588d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: Failed to disconnect " 7598d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "smart card (err=%ld)", ret); 7608d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 7618d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 7628d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 7638d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (scard->ctx) { 7648d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt ret = SCardReleaseContext(scard->ctx); 7658d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (ret != SCARD_S_SUCCESS) { 7668d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "Failed to release smart card " 7678d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "context (err=%ld)", ret); 7688d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 7698d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 7708d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_free(scard); 7718d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt mingw_unload_symbols(); 7728d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 7738d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 7748d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 7758d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic long scard_transmit(struct scard_data *scard, 7768d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt unsigned char *_send, size_t send_len, 7778d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt unsigned char *_recv, size_t *recv_len) 7788d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 7798d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt long ret; 7807f2c753f60025528366b5f19b8b490a47bf5080bDmitry Shmidt#ifdef __APPLE__ 7817f2c753f60025528366b5f19b8b490a47bf5080bDmitry Shmidt uint32_t rlen; 7827f2c753f60025528366b5f19b8b490a47bf5080bDmitry Shmidt#else 7838d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt unsigned long rlen; 7847f2c753f60025528366b5f19b8b490a47bf5080bDmitry Shmidt#endif 7858d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 7868d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_hexdump_key(MSG_DEBUG, "SCARD: scard_transmit: send", 7878d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt _send, send_len); 7888d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt rlen = *recv_len; 7898d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt ret = SCardTransmit(scard->card, 7908d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt scard->protocol == SCARD_PROTOCOL_T1 ? 7918d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt SCARD_PCI_T1 : SCARD_PCI_T0, 7928d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt _send, (unsigned long) send_len, 7938d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt NULL, _recv, &rlen); 7948d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt *recv_len = rlen; 7958d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (ret == SCARD_S_SUCCESS) { 7968d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_hexdump(MSG_DEBUG, "SCARD: scard_transmit: recv", 7978d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt _recv, rlen); 7988d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } else { 7998d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_WARNING, "SCARD: SCardTransmit failed " 8008d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "(err=0x%lx)", ret); 8018d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 8028d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return ret; 8038d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 8048d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 8058d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 8068d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic int _scard_select_file(struct scard_data *scard, unsigned short file_id, 8078d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt unsigned char *buf, size_t *buf_len, 8088d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt sim_types sim_type, unsigned char *aid, 8098d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt size_t aidlen) 8108d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 8118d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt long ret; 8128d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt unsigned char resp[3]; 8138d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt unsigned char cmd[50] = { SIM_CMD_SELECT }; 8148d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt int cmdlen; 8158d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt unsigned char get_resp[5] = { SIM_CMD_GET_RESPONSE }; 8168d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt size_t len, rlen; 8178d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 8188d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (sim_type == SCARD_USIM) { 8198d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt cmd[0] = USIM_CLA; 8208d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt cmd[3] = 0x04; 8218d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt get_resp[0] = USIM_CLA; 8228d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 8238d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 8248d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: select file %04x", file_id); 8258d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (aid) { 8268d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_hexdump(MSG_DEBUG, "SCARD: select file by AID", 8278d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt aid, aidlen); 8288d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (5 + aidlen > sizeof(cmd)) 8298d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 8308d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt cmd[2] = 0x04; /* Select by AID */ 8318d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt cmd[4] = aidlen; /* len */ 8328d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_memcpy(cmd + 5, aid, aidlen); 8338d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt cmdlen = 5 + aidlen; 8348d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } else { 8358d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt cmd[5] = file_id >> 8; 8368d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt cmd[6] = file_id & 0xff; 8378d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt cmdlen = 7; 8388d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 8398d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt len = sizeof(resp); 8408d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt ret = scard_transmit(scard, cmd, cmdlen, resp, &len); 8418d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (ret != SCARD_S_SUCCESS) { 8428d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_WARNING, "SCARD: SCardTransmit failed " 8438d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "(err=0x%lx)", ret); 8448d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 8458d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 8468d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 8478d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (len != 2) { 8488d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_WARNING, "SCARD: unexpected resp len " 8498d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "%d (expected 2)", (int) len); 8508d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 8518d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 8528d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 8538d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (resp[0] == 0x98 && resp[1] == 0x04) { 8548d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt /* Security status not satisfied (PIN_WLAN) */ 8558d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_WARNING, "SCARD: Security status not satisfied " 8568d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "(PIN_WLAN)"); 8578d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 8588d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 8598d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 8608d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (resp[0] == 0x6e) { 8618d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: used CLA not supported"); 8628d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 8638d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 8648d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 8658d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (resp[0] != 0x6c && resp[0] != 0x9f && resp[0] != 0x61) { 8668d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_WARNING, "SCARD: unexpected response 0x%02x " 8678d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "(expected 0x61, 0x6c, or 0x9f)", resp[0]); 8688d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 8698d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 8708d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt /* Normal ending of command; resp[1] bytes available */ 8718d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt get_resp[4] = resp[1]; 8728d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: trying to get response (%d bytes)", 8738d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt resp[1]); 8748d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 8758d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt rlen = *buf_len; 8768d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt ret = scard_transmit(scard, get_resp, sizeof(get_resp), buf, &rlen); 8778d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (ret == SCARD_S_SUCCESS) { 8788d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt *buf_len = resp[1] < rlen ? resp[1] : rlen; 8798d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return 0; 8808d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 8818d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 8828d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_WARNING, "SCARD: SCardTransmit err=0x%lx\n", ret); 8838d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 8848d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 8858d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 8868d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 8878d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic int scard_select_file(struct scard_data *scard, unsigned short file_id, 8888d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt unsigned char *buf, size_t *buf_len) 8898d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 8908d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return _scard_select_file(scard, file_id, buf, buf_len, 8918d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt scard->sim_type, NULL, 0); 8928d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 8938d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 8948d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 8958d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic int scard_get_record_len(struct scard_data *scard, unsigned char recnum, 8968d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt unsigned char mode) 8978d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 8988d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt unsigned char buf[255]; 8998d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt unsigned char cmd[5] = { SIM_CMD_READ_RECORD /* , len */ }; 9008d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt size_t blen; 9018d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt long ret; 9028d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 9038d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (scard->sim_type == SCARD_USIM) 9048d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt cmd[0] = USIM_CLA; 9058d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt cmd[2] = recnum; 9068d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt cmd[3] = mode; 9078d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt cmd[4] = sizeof(buf); 9088d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 9098d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt blen = sizeof(buf); 9108d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt ret = scard_transmit(scard, cmd, sizeof(cmd), buf, &blen); 9118d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (ret != SCARD_S_SUCCESS) { 9128d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: failed to determine file " 9138d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "length for record %d", recnum); 9148d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 9158d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 9168d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 9178d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_hexdump(MSG_DEBUG, "SCARD: file length determination response", 9188d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt buf, blen); 9198d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 9201f69aa52ea2e0a73ac502565df8c666ee49cab6aDmitry Shmidt if (blen < 2 || (buf[0] != 0x6c && buf[0] != 0x67)) { 9218d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: unexpected response to file " 9228d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "length determination"); 9238d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 9248d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 9258d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 9268d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return buf[1]; 9278d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 9288d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 9298d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 9308d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic int scard_read_record(struct scard_data *scard, 9318d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt unsigned char *data, size_t len, 9328d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt unsigned char recnum, unsigned char mode) 9338d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 9348d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt unsigned char cmd[5] = { SIM_CMD_READ_RECORD /* , len */ }; 9358d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt size_t blen = len + 3; 9368d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt unsigned char *buf; 9378d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt long ret; 9388d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 9398d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (scard->sim_type == SCARD_USIM) 9408d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt cmd[0] = USIM_CLA; 9418d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt cmd[2] = recnum; 9428d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt cmd[3] = mode; 9438d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt cmd[4] = len; 9448d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 9458d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt buf = os_malloc(blen); 9468d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (buf == NULL) 9478d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 9488d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 9498d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt ret = scard_transmit(scard, cmd, sizeof(cmd), buf, &blen); 9508d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (ret != SCARD_S_SUCCESS) { 9518d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_free(buf); 9528d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -2; 9538d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 9548d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (blen != len + 2) { 9558d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: record read returned unexpected " 9568d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "length %ld (expected %ld)", 9578d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt (long) blen, (long) len + 2); 9588d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_free(buf); 9598d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -3; 9608d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 9618d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 9628d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (buf[len] != 0x90 || buf[len + 1] != 0x00) { 9638d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: record read returned unexpected " 9648d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "status %02x %02x (expected 90 00)", 9658d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt buf[len], buf[len + 1]); 9668d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_free(buf); 9678d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -4; 9688d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 9698d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 9708d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_memcpy(data, buf, len); 9718d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_free(buf); 9728d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 9738d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return 0; 9748d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 9758d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 9768d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 9778d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic int scard_read_file(struct scard_data *scard, 9788d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt unsigned char *data, size_t len) 9798d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 9808d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt unsigned char cmd[5] = { SIM_CMD_READ_BIN /* , len */ }; 9818d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt size_t blen = len + 3; 9828d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt unsigned char *buf; 9838d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt long ret; 9848d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 9858d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt cmd[4] = len; 9868d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 9878d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt buf = os_malloc(blen); 9888d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (buf == NULL) 9898d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 9908d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 9918d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (scard->sim_type == SCARD_USIM) 9928d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt cmd[0] = USIM_CLA; 9938d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt ret = scard_transmit(scard, cmd, sizeof(cmd), buf, &blen); 9948d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (ret != SCARD_S_SUCCESS) { 9958d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_free(buf); 9968d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -2; 9978d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 9988d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (blen != len + 2) { 9998d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: file read returned unexpected " 10008d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "length %ld (expected %ld)", 10018d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt (long) blen, (long) len + 2); 10028d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_free(buf); 10038d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -3; 10048d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 10058d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 10068d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (buf[len] != 0x90 || buf[len + 1] != 0x00) { 10078d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: file read returned unexpected " 10088d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "status %02x %02x (expected 90 00)", 10098d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt buf[len], buf[len + 1]); 10108d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_free(buf); 10118d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -4; 10128d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 10138d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 10148d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_memcpy(data, buf, len); 10158d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_free(buf); 10168d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 10178d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return 0; 10188d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 10198d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 10208d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 10218d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtstatic int scard_verify_pin(struct scard_data *scard, const char *pin) 10228d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 10238d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt long ret; 10248d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt unsigned char resp[3]; 10258d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt unsigned char cmd[5 + 8] = { SIM_CMD_VERIFY_CHV1 }; 10268d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt size_t len; 10278d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 10288d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: verifying PIN"); 10298d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 10308d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (pin == NULL || os_strlen(pin) > 8) 10318d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 10328d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 10338d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (scard->sim_type == SCARD_USIM) 10348d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt cmd[0] = USIM_CLA; 10358d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_memcpy(cmd + 5, pin, os_strlen(pin)); 10368d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_memset(cmd + 5 + os_strlen(pin), 0xff, 8 - os_strlen(pin)); 10378d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 10388d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt len = sizeof(resp); 10398d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt ret = scard_transmit(scard, cmd, sizeof(cmd), resp, &len); 10408d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (ret != SCARD_S_SUCCESS) 10418d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -2; 10428d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 10438d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (len != 2 || resp[0] != 0x90 || resp[1] != 0x00) { 10448d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_WARNING, "SCARD: PIN verification failed"); 10458d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 10468d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 10478d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 10488d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: PIN verified successfully"); 10498d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return 0; 10508d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 10518d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 10528d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 105304949598a23f501be6eec21697465fd46a28840aDmitry Shmidtint scard_get_pin_retry_counter(struct scard_data *scard) 105404949598a23f501be6eec21697465fd46a28840aDmitry Shmidt{ 105504949598a23f501be6eec21697465fd46a28840aDmitry Shmidt long ret; 105604949598a23f501be6eec21697465fd46a28840aDmitry Shmidt unsigned char resp[3]; 105704949598a23f501be6eec21697465fd46a28840aDmitry Shmidt unsigned char cmd[5] = { SIM_CMD_VERIFY_CHV1 }; 105804949598a23f501be6eec21697465fd46a28840aDmitry Shmidt size_t len; 105904949598a23f501be6eec21697465fd46a28840aDmitry Shmidt u16 val; 106004949598a23f501be6eec21697465fd46a28840aDmitry Shmidt 106104949598a23f501be6eec21697465fd46a28840aDmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: fetching PIN retry counter"); 106204949598a23f501be6eec21697465fd46a28840aDmitry Shmidt 106304949598a23f501be6eec21697465fd46a28840aDmitry Shmidt if (scard->sim_type == SCARD_USIM) 106404949598a23f501be6eec21697465fd46a28840aDmitry Shmidt cmd[0] = USIM_CLA; 106504949598a23f501be6eec21697465fd46a28840aDmitry Shmidt cmd[4] = 0; /* Empty data */ 106604949598a23f501be6eec21697465fd46a28840aDmitry Shmidt 106704949598a23f501be6eec21697465fd46a28840aDmitry Shmidt len = sizeof(resp); 106804949598a23f501be6eec21697465fd46a28840aDmitry Shmidt ret = scard_transmit(scard, cmd, sizeof(cmd), resp, &len); 106904949598a23f501be6eec21697465fd46a28840aDmitry Shmidt if (ret != SCARD_S_SUCCESS) 107004949598a23f501be6eec21697465fd46a28840aDmitry Shmidt return -2; 107104949598a23f501be6eec21697465fd46a28840aDmitry Shmidt 107204949598a23f501be6eec21697465fd46a28840aDmitry Shmidt if (len != 2) { 107304949598a23f501be6eec21697465fd46a28840aDmitry Shmidt wpa_printf(MSG_WARNING, "SCARD: failed to fetch PIN retry " 107404949598a23f501be6eec21697465fd46a28840aDmitry Shmidt "counter"); 107504949598a23f501be6eec21697465fd46a28840aDmitry Shmidt return -1; 107604949598a23f501be6eec21697465fd46a28840aDmitry Shmidt } 107704949598a23f501be6eec21697465fd46a28840aDmitry Shmidt 107804949598a23f501be6eec21697465fd46a28840aDmitry Shmidt val = WPA_GET_BE16(resp); 107904949598a23f501be6eec21697465fd46a28840aDmitry Shmidt if (val == 0x63c0 || val == 0x6983) { 108004949598a23f501be6eec21697465fd46a28840aDmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: PIN has been blocked"); 108104949598a23f501be6eec21697465fd46a28840aDmitry Shmidt return 0; 108204949598a23f501be6eec21697465fd46a28840aDmitry Shmidt } 108304949598a23f501be6eec21697465fd46a28840aDmitry Shmidt 108404949598a23f501be6eec21697465fd46a28840aDmitry Shmidt if (val >= 0x63c0 && val <= 0x63cf) 108504949598a23f501be6eec21697465fd46a28840aDmitry Shmidt return val & 0x000f; 108604949598a23f501be6eec21697465fd46a28840aDmitry Shmidt 108704949598a23f501be6eec21697465fd46a28840aDmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: Unexpected PIN retry counter response " 108804949598a23f501be6eec21697465fd46a28840aDmitry Shmidt "value 0x%x", val); 108904949598a23f501be6eec21697465fd46a28840aDmitry Shmidt return 0; 109004949598a23f501be6eec21697465fd46a28840aDmitry Shmidt} 109104949598a23f501be6eec21697465fd46a28840aDmitry Shmidt 109204949598a23f501be6eec21697465fd46a28840aDmitry Shmidt 10938d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/** 10948d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * scard_get_imsi - Read IMSI from SIM/USIM card 10958d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * @scard: Pointer to private data from scard_init() 10968d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * @imsi: Buffer for IMSI 10978d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * @len: Length of imsi buffer; set to IMSI length on success 10988d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Returns: 0 on success, -1 if IMSI file cannot be selected, -2 if IMSI file 10998d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * selection returns invalid result code, -3 if parsing FSP template file fails 11008d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * (USIM only), -4 if IMSI does not fit in the provided imsi buffer (len is set 11018d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * to needed length), -5 if reading IMSI file fails. 11028d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * 11038d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * This function can be used to read IMSI from the SIM/USIM card. If the IMSI 11048d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * file is PIN protected, scard_set_pin() must have been used to set the 11058d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * correct PIN code before calling scard_get_imsi(). 11068d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt */ 11078d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtint scard_get_imsi(struct scard_data *scard, char *imsi, size_t *len) 11088d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 11098d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt unsigned char buf[100]; 11108d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt size_t blen, imsilen, i; 11118d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt char *pos; 11128d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 11138d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: reading IMSI from (GSM) EF-IMSI"); 11148d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt blen = sizeof(buf); 11158d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (scard_select_file(scard, SCARD_FILE_GSM_EF_IMSI, buf, &blen)) 11168d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 11178d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (blen < 4) { 11188d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_WARNING, "SCARD: too short (GSM) EF-IMSI " 11198d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "header (len=%ld)", (long) blen); 11208d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -2; 11218d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 11228d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 11238d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (scard->sim_type == SCARD_GSM_SIM) { 1124fb45fd5cfed8bdccd0859c7fc05449fc187e2d06Dmitry Shmidt blen = WPA_GET_BE16(&buf[2]); 11258d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } else { 11268d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt int file_size; 11278d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (scard_parse_fsp_templ(buf, blen, NULL, &file_size)) 11288d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -3; 11298d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt blen = file_size; 11308d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 11318d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (blen < 2 || blen > sizeof(buf)) { 11328d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: invalid IMSI file length=%ld", 11338d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt (long) blen); 11348d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -3; 11358d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 11368d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 11378d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt imsilen = (blen - 2) * 2 + 1; 11388d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: IMSI file length=%ld imsilen=%ld", 11398d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt (long) blen, (long) imsilen); 11408d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (blen < 2 || imsilen > *len) { 11418d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt *len = imsilen; 11428d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -4; 11438d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 11448d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 11458d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (scard_read_file(scard, buf, blen)) 11468d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -5; 11478d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 11488d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt pos = imsi; 11498d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt *pos++ = '0' + (buf[1] >> 4 & 0x0f); 11508d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt for (i = 2; i < blen; i++) { 11518d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt unsigned char digit; 11528d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 11538d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt digit = buf[i] & 0x0f; 11548d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (digit < 10) 11558d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt *pos++ = '0' + digit; 11568d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt else 11578d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt imsilen--; 11588d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 11598d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt digit = buf[i] >> 4 & 0x0f; 11608d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (digit < 10) 11618d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt *pos++ = '0' + digit; 11628d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt else 11638d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt imsilen--; 11648d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 11658d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt *len = imsilen; 11668d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 11678d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return 0; 11688d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 11698d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 11708d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 11718d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/** 1172c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt * scard_get_mnc_len - Read length of MNC in the IMSI from SIM/USIM card 1173c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt * @scard: Pointer to private data from scard_init() 1174c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt * Returns: length (>0) on success, -1 if administrative data file cannot be 1175c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt * selected, -2 if administrative data file selection returns invalid result 1176c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt * code, -3 if parsing FSP template file fails (USIM only), -4 if length of 1177c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt * the file is unexpected, -5 if reading file fails, -6 if MNC length is not 1178c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt * in range (i.e. 2 or 3), -7 if MNC length is not available. 1179c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt * 1180c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt */ 1181c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidtint scard_get_mnc_len(struct scard_data *scard) 1182c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt{ 1183c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt unsigned char buf[100]; 1184c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt size_t blen; 1185c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt int file_size; 1186c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt 1187c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: reading MNC len from (GSM) EF-AD"); 1188c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt blen = sizeof(buf); 1189c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt if (scard_select_file(scard, SCARD_FILE_GSM_EF_AD, buf, &blen)) 1190c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt return -1; 1191c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt if (blen < 4) { 1192c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt wpa_printf(MSG_WARNING, "SCARD: too short (GSM) EF-AD " 1193c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt "header (len=%ld)", (long) blen); 1194c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt return -2; 1195c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt } 1196c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt 1197c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt if (scard->sim_type == SCARD_GSM_SIM) { 1198fb45fd5cfed8bdccd0859c7fc05449fc187e2d06Dmitry Shmidt file_size = WPA_GET_BE16(&buf[2]); 1199c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt } else { 1200c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt if (scard_parse_fsp_templ(buf, blen, NULL, &file_size)) 1201c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt return -3; 1202c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt } 1203c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt if (file_size == 3) { 1204c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: MNC length not available"); 1205c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt return -7; 1206c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt } 1207c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt if (file_size < 4 || file_size > (int) sizeof(buf)) { 1208c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: invalid file length=%ld", 1209c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt (long) file_size); 1210c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt return -4; 1211c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt } 1212c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt 1213c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt if (scard_read_file(scard, buf, file_size)) 1214c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt return -5; 1215c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt buf[3] = buf[3] & 0x0f; /* upper nibble reserved for future use */ 1216c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt if (buf[3] < 2 || buf[3] > 3) { 1217c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: invalid MNC length=%ld", 1218c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt (long) buf[3]); 1219c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt return -6; 1220c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt } 1221c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: MNC length=%ld", (long) buf[3]); 1222c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt return buf[3]; 1223c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt} 1224c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt 1225c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt 1226c5ec7f57ead87efa365800228aa0b09a12d9e6c4Dmitry Shmidt/** 12278d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * scard_gsm_auth - Run GSM authentication command on SIM card 12288d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * @scard: Pointer to private data from scard_init() 12298d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * @_rand: 16-byte RAND value from HLR/AuC 12308d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * @sres: 4-byte buffer for SRES 12318d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * @kc: 8-byte buffer for Kc 12328d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Returns: 0 on success, -1 if SIM/USIM connection has not been initialized, 12338d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * -2 if authentication command execution fails, -3 if unknown response code 12348d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * for authentication command is received, -4 if reading of response fails, 12358d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * -5 if if response data is of unexpected length 12368d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * 12378d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * This function performs GSM authentication using SIM/USIM card and the 12388d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * provided RAND value from HLR/AuC. If authentication command can be completed 12398d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * successfully, SRES and Kc values will be written into sres and kc buffers. 12408d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt */ 12418d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtint scard_gsm_auth(struct scard_data *scard, const unsigned char *_rand, 12428d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt unsigned char *sres, unsigned char *kc) 12438d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 12448d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt unsigned char cmd[5 + 1 + 16] = { SIM_CMD_RUN_GSM_ALG }; 12458d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt int cmdlen; 12468d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt unsigned char get_resp[5] = { SIM_CMD_GET_RESPONSE }; 12478d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt unsigned char resp[3], buf[12 + 3 + 2]; 12488d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt size_t len; 12498d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt long ret; 12508d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 12518d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (scard == NULL) 12528d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 12538d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 12548d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_hexdump(MSG_DEBUG, "SCARD: GSM auth - RAND", _rand, 16); 12558d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (scard->sim_type == SCARD_GSM_SIM) { 12568d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt cmdlen = 5 + 16; 12578d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_memcpy(cmd + 5, _rand, 16); 12588d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } else { 12598d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt cmdlen = 5 + 1 + 16; 12608d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt cmd[0] = USIM_CLA; 12618d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt cmd[3] = 0x80; 12628d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt cmd[4] = 17; 12638d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt cmd[5] = 16; 12648d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_memcpy(cmd + 6, _rand, 16); 12656dc03bd757d3befd2c03a543a402338db03914d6Dmitry Shmidt get_resp[0] = USIM_CLA; 12668d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 12678d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt len = sizeof(resp); 12688d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt ret = scard_transmit(scard, cmd, cmdlen, resp, &len); 12698d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (ret != SCARD_S_SUCCESS) 12708d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -2; 12718d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 12728d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if ((scard->sim_type == SCARD_GSM_SIM && 12738d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt (len != 2 || resp[0] != 0x9f || resp[1] != 0x0c)) || 12748d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt (scard->sim_type == SCARD_USIM && 12758d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt (len != 2 || resp[0] != 0x61 || resp[1] != 0x0e))) { 12768d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_WARNING, "SCARD: unexpected response for GSM " 12778d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "auth request (len=%ld resp=%02x %02x)", 12788d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt (long) len, resp[0], resp[1]); 12798d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -3; 12808d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 12818d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt get_resp[4] = resp[1]; 12828d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 12838d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt len = sizeof(buf); 12848d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt ret = scard_transmit(scard, get_resp, sizeof(get_resp), buf, &len); 12858d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (ret != SCARD_S_SUCCESS) 12868d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -4; 12878d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 12888d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (scard->sim_type == SCARD_GSM_SIM) { 12898d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (len != 4 + 8 + 2) { 12908d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_WARNING, "SCARD: unexpected data " 12918d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "length for GSM auth (len=%ld, expected 14)", 12928d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt (long) len); 12938d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -5; 12948d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 12958d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_memcpy(sres, buf, 4); 12968d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_memcpy(kc, buf + 4, 8); 12978d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } else { 12988d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (len != 1 + 4 + 1 + 8 + 2) { 12998d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_WARNING, "SCARD: unexpected data " 13008d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "length for USIM auth (len=%ld, " 13018d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "expected 16)", (long) len); 13028d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -5; 13038d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 13048d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (buf[0] != 4 || buf[5] != 8) { 13058d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_WARNING, "SCARD: unexpected SREC/Kc " 13068d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "length (%d %d, expected 4 8)", 13078d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt buf[0], buf[5]); 13088d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 13098d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_memcpy(sres, buf + 1, 4); 13108d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_memcpy(kc, buf + 6, 8); 13118d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 13128d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 13138d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_hexdump(MSG_DEBUG, "SCARD: GSM auth - SRES", sres, 4); 13148d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_hexdump(MSG_DEBUG, "SCARD: GSM auth - Kc", kc, 8); 13158d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 13168d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return 0; 13178d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 13188d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 13198d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 13208d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt/** 13218d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * scard_umts_auth - Run UMTS authentication command on USIM card 13228d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * @scard: Pointer to private data from scard_init() 13238d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * @_rand: 16-byte RAND value from HLR/AuC 13248d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * @autn: 16-byte AUTN value from HLR/AuC 13258d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * @res: 16-byte buffer for RES 13268d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * @res_len: Variable that will be set to RES length 13278d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * @ik: 16-byte buffer for IK 13288d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * @ck: 16-byte buffer for CK 13298d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * @auts: 14-byte buffer for AUTS 13308d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * Returns: 0 on success, -1 on failure, or -2 if USIM reports synchronization 13318d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * failure 13328d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * 13338d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * This function performs AKA authentication using USIM card and the provided 13348d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * RAND and AUTN values from HLR/AuC. If authentication command can be 13358d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * completed successfully, RES, IK, and CK values will be written into provided 13368d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * buffers and res_len is set to length of received RES value. If USIM reports 13378d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * synchronization failure, the received AUTS value will be written into auts 13388d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt * buffer. In this case, RES, IK, and CK are not valid. 13398d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt */ 13408d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidtint scard_umts_auth(struct scard_data *scard, const unsigned char *_rand, 13418d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt const unsigned char *autn, 13428d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt unsigned char *res, size_t *res_len, 13438d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt unsigned char *ik, unsigned char *ck, unsigned char *auts) 13448d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt{ 13458d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt unsigned char cmd[5 + 1 + AKA_RAND_LEN + 1 + AKA_AUTN_LEN] = 13468d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt { USIM_CMD_RUN_UMTS_ALG }; 13478d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt unsigned char get_resp[5] = { USIM_CMD_GET_RESPONSE }; 13488d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt unsigned char resp[3], buf[64], *pos, *end; 13498d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt size_t len; 13508d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt long ret; 13518d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 13528d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (scard == NULL) 13538d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 13548d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 13558d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (scard->sim_type == SCARD_GSM_SIM) { 13568d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_ERROR, "SCARD: Non-USIM card - cannot do UMTS " 13578d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "auth"); 13588d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 13598d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 13608d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 13618d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_hexdump(MSG_DEBUG, "SCARD: UMTS auth - RAND", _rand, AKA_RAND_LEN); 13628d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_hexdump(MSG_DEBUG, "SCARD: UMTS auth - AUTN", autn, AKA_AUTN_LEN); 13638d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt cmd[5] = AKA_RAND_LEN; 13648d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_memcpy(cmd + 6, _rand, AKA_RAND_LEN); 13658d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt cmd[6 + AKA_RAND_LEN] = AKA_AUTN_LEN; 13668d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_memcpy(cmd + 6 + AKA_RAND_LEN + 1, autn, AKA_AUTN_LEN); 13678d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 13688d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt len = sizeof(resp); 13698d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt ret = scard_transmit(scard, cmd, sizeof(cmd), resp, &len); 13708d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (ret != SCARD_S_SUCCESS) 13718d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 13728d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 13738d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (len <= sizeof(resp)) 13748d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_hexdump(MSG_DEBUG, "SCARD: UMTS alg response", resp, len); 13758d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 13768d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (len == 2 && resp[0] == 0x98 && resp[1] == 0x62) { 13778d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_WARNING, "SCARD: UMTS auth failed - " 13788d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "MAC != XMAC"); 13798d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 13808d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } else if (len != 2 || resp[0] != 0x61) { 13818d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_WARNING, "SCARD: unexpected response for UMTS " 13828d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt "auth request (len=%ld resp=%02x %02x)", 13838d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt (long) len, resp[0], resp[1]); 13848d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 13858d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 13868d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt get_resp[4] = resp[1]; 13878d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 13888d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt len = sizeof(buf); 13898d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt ret = scard_transmit(scard, get_resp, sizeof(get_resp), buf, &len); 13908d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (ret != SCARD_S_SUCCESS || len > sizeof(buf)) 13918d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 13928d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 13938d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_hexdump(MSG_DEBUG, "SCARD: UMTS get response result", buf, len); 13948d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt if (len >= 2 + AKA_AUTS_LEN && buf[0] == 0xdc && 13958d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt buf[1] == AKA_AUTS_LEN) { 13968d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: UMTS Synchronization-Failure"); 13978d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_memcpy(auts, buf + 2, AKA_AUTS_LEN); 13988d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_hexdump(MSG_DEBUG, "SCARD: AUTS", auts, AKA_AUTS_LEN); 13998d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -2; 14008d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } else if (len >= 6 + IK_LEN + CK_LEN && buf[0] == 0xdb) { 14018d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt pos = buf + 1; 14028d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt end = buf + len; 14038d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 14048d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt /* RES */ 1405d80a401aed31d06f261efd19223cf55d1a2a8228Dmitry Shmidt if (pos[0] > RES_MAX_LEN || pos[0] > end - pos) { 14068d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: Invalid RES"); 14078d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 14088d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 14098d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt *res_len = *pos++; 14108d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_memcpy(res, pos, *res_len); 14118d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt pos += *res_len; 14128d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_hexdump(MSG_DEBUG, "SCARD: RES", res, *res_len); 14138d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 14148d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt /* CK */ 1415d80a401aed31d06f261efd19223cf55d1a2a8228Dmitry Shmidt if (pos[0] != CK_LEN || CK_LEN > end - pos) { 14168d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: Invalid CK"); 14178d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 14188d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 14198d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt pos++; 14208d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_memcpy(ck, pos, CK_LEN); 14218d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt pos += CK_LEN; 14228d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_hexdump(MSG_DEBUG, "SCARD: CK", ck, CK_LEN); 14238d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 14248d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt /* IK */ 1425d80a401aed31d06f261efd19223cf55d1a2a8228Dmitry Shmidt if (pos[0] != IK_LEN || IK_LEN > end - pos) { 14268d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: Invalid IK"); 14278d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 14288d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 14298d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt pos++; 14308d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt os_memcpy(ik, pos, IK_LEN); 14318d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt pos += IK_LEN; 14328d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_hexdump(MSG_DEBUG, "SCARD: IK", ik, IK_LEN); 14338d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 1434c28170251eb54dbf64a9074a07fee377587425b2Dmitry Shmidt if (end > pos) { 1435c28170251eb54dbf64a9074a07fee377587425b2Dmitry Shmidt wpa_hexdump(MSG_DEBUG, 1436c28170251eb54dbf64a9074a07fee377587425b2Dmitry Shmidt "SCARD: Ignore extra data in end", 1437c28170251eb54dbf64a9074a07fee377587425b2Dmitry Shmidt pos, end - pos); 1438c28170251eb54dbf64a9074a07fee377587425b2Dmitry Shmidt } 1439c28170251eb54dbf64a9074a07fee377587425b2Dmitry Shmidt 14408d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return 0; 14418d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt } 14428d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt 14438d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt wpa_printf(MSG_DEBUG, "SCARD: Unrecognized response"); 14448d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt return -1; 14458d520ff1dc2da35cdca849e982051b86468016d8Dmitry Shmidt} 144604949598a23f501be6eec21697465fd46a28840aDmitry Shmidt 144704949598a23f501be6eec21697465fd46a28840aDmitry Shmidt 144804949598a23f501be6eec21697465fd46a28840aDmitry Shmidtint scard_supports_umts(struct scard_data *scard) 144904949598a23f501be6eec21697465fd46a28840aDmitry Shmidt{ 145004949598a23f501be6eec21697465fd46a28840aDmitry Shmidt return scard->sim_type == SCARD_USIM; 145104949598a23f501be6eec21697465fd46a28840aDmitry Shmidt} 1452