add code for setting CHUID

This commit is contained in:
Klas Lindfors
2014-02-05 13:57:09 +01:00
parent 7f75184552
commit 1032f7009f
2 changed files with 51 additions and 2 deletions
+1 -1
View File
@@ -27,7 +27,7 @@
option "verbose" v "Print more information" int optional default="0" argoptional
option "reader" r "Only use a matching reader" string optional default="Yubikey"
option "key" k "Authentication key to use" string optional default="010203040506070801020304050607080102030405060708"
option "action" a "Action to take" values="version","generate","set-mgm-key","reset","pin-retries","import-key","import-certificate" enum multiple
option "action" a "Action to take" values="version","generate","set-mgm-key","reset","pin-retries","import-key","import-certificate","set-chuid" enum multiple
option "slot" s "What key slot to operate on" values="9a","9c","9d","9e" enum optional
option "algorithm" A "What algorithm to use" values="RSA1024","RSA2048","ECCP256" enum optional default="RSA2048"
option "new-key" n "New authentication key to use" string optional
+50 -1
View File
@@ -35,6 +35,7 @@
#include <openssl/des.h>
#include <openssl/pem.h>
#include <openssl/pkcs12.h>
#include <openssl/rand.h>
#if BACKEND_PCSC
#if defined HAVE_PCSC_WINSCARD_H
@@ -52,6 +53,19 @@ unsigned const char aid[] = {
};
#define AID_LEN 5
/* FASC-N containing F9999F9999F999999F0F1F0000000000300001E encoded in
* 4-bit BCD with 1 bit parity. run through the tools/fasc.pl script to get
* bytes. */
unsigned const char chuid_tmpl[] = {
0x5c, 0x03, 0x5f, 0xc1, 0x02, 0x53, 0x3b, 0x30, 0x19, 0xd4, 0xe7, 0x39, 0xea,
0x73, 0x9c, 0xf5, 0x39, 0xce, 0x73, 0x9e, 0x83, 0xa8, 0x68, 0x21, 0x08, 0x42,
0x10, 0x84, 0x21, 0x38, 0x42, 0x10, 0xc3, 0xf9, 0x34, 0x10, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x35, 0x08, 0x32, 0x30, 0x33, 0x30, 0x30, 0x31, 0x30, 0x31, 0x3e, 0x00, 0xfe,
0x00,
};
#define CHUID_GUID_OFFS 35
#define KEY_LEN 24
union u_APDU {
@@ -766,6 +780,37 @@ import_cert_out:
return ret;
}
static bool set_chuid(SCARDHANDLE *card, int verbose) {
APDU apdu;
unsigned char data[0xff];
unsigned char *dataptr = apdu.st.data;
unsigned long recv_len = sizeof(data);
int sw;
memset(apdu.raw, 0, sizeof(apdu));
memcpy(apdu.st.data, chuid_tmpl, sizeof(chuid_tmpl));
dataptr += CHUID_GUID_OFFS;
if(RAND_pseudo_bytes(dataptr, 0x10) == -1) {
fprintf(stderr, "error: no randomness.\n");
return false;
}
if(verbose) {
fprintf(stderr, "Setting the GUID to: ");
dump_hex(dataptr, 0x10);
fprintf(stderr, "\n");
}
apdu.st.ins = 0xdb;
apdu.st.p1 = 0x3f;
apdu.st.p2 = 0xff;
apdu.st.lc = sizeof(chuid_tmpl);
sw = send_data(card, &apdu, sizeof(chuid_tmpl) + 5, data, &recv_len, verbose);
if(sw != 0x9000) {
fprintf(stderr, "Failed setting CHUID.\n");
return false;
}
return true;
}
static int send_data(SCARDHANDLE *card, APDU *apdu, unsigned int send_len,
unsigned char *data, unsigned long *recv_len, int verbose) {
long rc;
@@ -976,7 +1021,11 @@ int main(int argc, char *argv[]) {
return EXIT_FAILURE;
}
break;
case action_arg_setMINUS_chuid:
if(set_chuid(&card, verbosity) == false) {
return EXIT_FAILURE;
}
printf("Successfully set new CHUID.\n");
break;
case action__NULL:
default: