removed npa project

It has been replaced by https://github.com/frankmorgner/OpenSC

.gitmodules

@@ -1,7 +1,3 @@
-[submodule "npa/src/opensc"]
- path = npa/src/opensc
- url = git:https://github.com/OpenSC/OpenSC.git
- ignore = dirty
 [submodule "ACardEmulator/app/src/main/external/ykneo-openpgp"]
  path = ACardEmulator/app/src/main/external/ykneo-openpgp
  url = https://github.com/Yubico/ykneo-openpgp.git
@@ -17,3 +13,6 @@
 [submodule "ACardEmulator/app/src/main/external/GidsApplet"]
  path = ACardEmulator/app/src/main/external/GidsApplet
  url = https://github.com/vletoux/GidsApplet.git
+[submodule "ccid/src/OpenSC"]
+ path = ccid/src/OpenSC
+ url = https://github.com/frankmorgner/OpenSC

.travis.yml

@@ -39,41 +39,15 @@ install:
  fi
 
 before_script:
- # libnpa requires OpenPACE
- - git clone https://github.com/frankmorgner/openpace && cd openpace
- - autoreconf -vis
- - if [ -z "$HOST" ]; then
- ./configure --prefix=$PREFIX --enable-openssl-install --enable-python || cat config.log;
- else
- export CROSS_COMPILE=$HOST-;
- ./configure --prefix=$PREFIX --enable-openssl-install --host=$HOST --enable-openssl-install || cat config.log;
- touch src/cvc-create.1 src/cvc-print.1;
- fi
- - make install
- # libnpa requires OpenSC
- - cd $TRAVIS_BUILD_DIR/npa/src/opensc
- - grep _sc_card_add_ec_alg src/libopensc/libopensc.exports || echo _sc_card_add_ec_alg >> src/libopensc/libopensc.exports
- - grep _sc_card_add_rsa_alg src/libopensc/libopensc.exports || echo _sc_card_add_rsa_alg >> src/libopensc/libopensc.exports
- - grep _sc_match_atr src/libopensc/libopensc.exports || echo _sc_match_atr >> src/libopensc/libopensc.exports
- - grep sc_apdu_set_resp src/libopensc/libopensc.exports || echo sc_apdu_set_resp >> src/libopensc/libopensc.exports
- - grep sc_apdu_get_octets src/libopensc/libopensc.exports || echo sc_apdu_get_octets >> src/libopensc/libopensc.exports
- - grep sc_pkcs15_pincache_add src/libopensc/libopensc.exports || echo sc_pkcs15_pincache_add >> src/libopensc/libopensc.exports
+ # ccid requires OpenSC
+ - git clone https://github.com/frankmorgner/OpenSC && cd OpenSC
  - ./bootstrap
  - if [ -z "$HOST" ]; then
  ./configure --prefix=$PREFIX || cat config.log;
  else
  ./configure --prefix=$PREFIX --host=$HOST LDFLAGS="-I$PREFIX/include" CFLAGS="-I$PREFIX/include" CXXFLAGS="-I$PREFIX/include" LIBS="-I$PREFIX/include" || cat config.log;
  fi
  - make install
- # Configure libnpa
- - cd $TRAVIS_BUILD_DIR/npa
- - autoreconf -vsi
- - if [ -z "$HOST" ]; then
- ./configure OPENSC_LIBS="-L$PREFIX/lib -lopensc -lcrypto" || cat config.log;
- else
- ./configure --host=$HOST OPENSC_LIBS="-L$PREFIX/lib -lopensc -lcrypto" || cat config.log;
- touch src/npa-tool.1;
- fi
  # Configure virtualsmartcard
  - cd $TRAVIS_BUILD_DIR/virtualsmartcard && autoreconf -vsi
  - if [ -z "$HOST" ]; then
@@ -94,7 +68,7 @@ before_script:
  ./configure --host=$HOST || cat config.log;
  fi
  - if [ -z "$HOST" ]; then
- cd $TRAVIS_BUILD_DIR/ccid && autoreconf -vsi && ./configure OPENSSL_CFLAGS="-I$PREFIX/include" OPENSSL_LIBS="-L$PREFIX/lib -lcrypto" OPENSC_LIBS="-L$PREFIX/lib -lopensc" || cat config.log;
+ cd $TRAVIS_BUILD_DIR/ccid && autoreconf -vsi && ./configure OPENSC_LIBS="-L$PREFIX/lib -lopensc" || cat config.log;
  fi
 
 addons:
@@ -107,8 +81,6 @@ addons:
  branch_pattern: coverity_scan
 
 script:
- # Build libnpa
- - make -C $TRAVIS_BUILD_DIR/npa
  # Build virtualsmartcard
  - make -C $TRAVIS_BUILD_DIR/virtualsmartcard
  # Verify virtualsmartcard

ccid/configure.ac

@@ -75,44 +75,20 @@ CPPFLAGS="$saved_CPPFLAGS"
 LIBS="$saved_LIBS"
 
 # --enable-pace
-WITH_PACE=no
-AC_ARG_ENABLE(pace,
- AS_HELP_STRING([--enable-pace], [Enable Password Authenticated Connection Establishment (PACE) @<:@detect@:>@]),
- [enable_pace="${enableval}"], [enable_pace=detect])
 saved_CPPFLAGS="$CPPFLAGS"
 saved_LIBS="$LIBS"
-if test "x$enable_pace" != xno ; then
- WITH_PACE=yes
- PKG_CHECK_EXISTS([libnpa],
- [PKG_CHECK_MODULES([LIBNPA], [libnpa])],
- [AC_MSG_WARN([libnpa not found by pkg-config])])
- CPPFLAGS="$CPPFLAGS $LIBNPA_CFLAGS -I${srcdir}/src/opensc/src"
- LIBS="$LDFLAGS $LIBNPA_LIBS"
- AC_CHECK_HEADERS(npa/npa.h, [], [ WITH_PACE=no ])
- AC_MSG_CHECKING([for perform_pace])
- AC_TRY_LINK_FUNC(perform_pace, [ AC_MSG_RESULT([yes]) ], [ WITH_PACE=no ])
-
- if test x$WITH_PACE = xno -a x$enable_pace = xyes ; then
- AC_MSG_ERROR([libnpa not found, use ./configure LIBNPA_CFLAGS=... LIBNPA_LIBS=...])
- fi
-fi
-if test "x$WITH_PACE" == xno ; then
- PKG_CHECK_EXISTS([libopensc],
- [PKG_CHECK_MODULES([OPENSC], [libopensc >= 0.12.1])],
- [AC_MSG_WARN([libopensc >= 0.12.1 not found by pkg-config])])
- test -z "$OPENSC_LIBS" && OPENSC_LIBS="-lopensc $OPENSSL_LIBS"
- LIBS="$LDFLAGS $OPENSC_LIBS"
- AC_MSG_CHECKING([for sc_bytes2apdu])
- AC_TRY_LINK_FUNC(sc_bytes2apdu, [ AC_MSG_RESULT([yes]) ],
- [ AC_MSG_ERROR([libopensc >= 0.12.1 not found, use ./configure OPENSC_LIBS=...]) ])
-fi
-AC_CHECK_FUNCS([sc_apdu_set_resp sc_apdu_get_octets _sc_match_atr])
+PKG_CHECK_EXISTS([libopensc],
+ [PKG_CHECK_MODULES([OPENSC], [libopensc >= 0.12.1])],
+ [AC_MSG_WARN([libopensc >= 0.12.1 not found by pkg-config])])
+test -z "$OPENSC_LIBS" && OPENSC_LIBS="-lopensc $OPENSSL_LIBS"
+LIBS="$LDFLAGS $OPENSC_LIBS"
+AC_MSG_CHECKING([for sc_bytes2apdu])
+AC_TRY_LINK_FUNC(sc_bytes2apdu, [ AC_MSG_RESULT([yes]) ],
+[ AC_MSG_ERROR([libopensc >= 0.12.1 not found, use ./configure OPENSC_LIBS=...]) ])
+AC_CHECK_FUNCS([sc_apdu_set_resp sc_apdu_get_octets _sc_match_atr boxing_buf_to_pace_input])
 CPPFLAGS="$saved_CPPFLAGS"
 LIBS="$saved_LIBS"
 
-AM_CONDITIONAL(WITH_PACE, test "${WITH_PACE}" = "yes")
-AM_COND_IF(WITH_PACE, [AC_DEFINE(WITH_PACE, 1, [enable PACE support])])
-
 
 PACKAGE_SUMMARY="Emulate a USB CCID compliant smart card reader"
 AC_SUBST(PACKAGE_SUMMARY)
@@ -157,10 +133,6 @@ PTHREAD_LIBS: ${PTHREAD_LIBS}
 OPENSC_LIBS: ${OPENSC_LIBS}
 OPENSSL_CFLAGS: ${OPENSSL_CFLAGS}
 OPENSSL_LIBS: ${OPENSSL_LIBS}
-LIBNPA_CFLAGS: ${LIBNPA_CFLAGS}
-LIBNPA_LIBS: ${LIBNPA_LIBS}
-
-PACE support: ${WITH_PACE}
 
 
 HELP2MAN: ${HELP2MAN}

ccid/src/Makefile.am

@@ -10,14 +10,14 @@ do_subst = $(SED) \
 BUILT_SOURCES = cmdline.h cmdline.c
 
 EXTRA_DIST = ccid-emulator.ggo ccid-emulator.ggo.in
-EXTRA_DIST += $(shell find $(top_srcdir)/src/opensc/src -path '*/.git' -prune -o -type f -a -name '*.h' -print)
+EXTRA_DIST += $(shell find $(top_srcdir)/src/OpenSC/src -path '*/.git' -prune -o -type f -a -name '*.h' -print)
 MAINTAINERCLEANFILES = $(BUILT_SOURCES) ccid-emulator.ggo $(dist_man1_MANS)
 
 dist_man1_MANS = $(abs_builddir)/ccid-emulator.1
 
-ccid_emulator_SOURCES = ccid.c usbstring.c usb.c $(BUILT_SOURCES)
-ccid_emulator_LDADD = $(OPENSSL_LIBS) $(PTHREAD_LIBS)
-ccid_emulator_CFLAGS = $(OPENSSL_CFLAGS) $(PTHREAD_CFLAGS) -I$(top_srcdir)/src/opensc/src
+ccid_emulator_SOURCES = ccid.c usbstring.c usb.c scutil.c $(BUILT_SOURCES)
+ccid_emulator_LDADD = $(OPENSC_LIBS) $(OPENSSL_LIBS) $(PTHREAD_LIBS)
+ccid_emulator_CFLAGS = $(OPENSSL_CFLAGS) $(PTHREAD_CFLAGS) -I$(top_srcdir)/src/OpenSC/src
 
 
 ccid-emulator.c: $(BUILT_SOURCES)
@@ -43,15 +43,5 @@ bin_PROGRAMS = ccid-emulator
 noinst_HEADERS = \
  ccid.h \
  ccid-types.h \
- npa/scutil.h \
- sslutil.h \
+ scutil.h \
  usbstring.h
-
-
-if WITH_PACE
-ccid_emulator_LDADD += $(LIBNPA_LIBS)
-ccid_emulator_CFLAGS += $(LIBNPA_CFLAGS)
-else
-ccid_emulator_SOURCES += scutil.c
-ccid_emulator_LDADD += $(OPENSC_LIBS)
-endif

ccid/src/ccid.c

@@ -19,6 +19,8 @@
 #include <asm/byteorder.h>
 #include <libopensc/log.h>
 #include <libopensc/opensc.h>
+#include <libopensc/reader-boxing.h>
+#include <sm/sm-eac.h>
 #include <openssl/evp.h>
 #include <stdarg.h>
 #include <stdint.h>
@@ -28,20 +30,18 @@
 #include <unistd.h>
 
 #include "ccid.h"
-#include "sslutil.h"
 #include "config.h"
 
 #include <npa/scutil.h>
 
+#ifndef HAVE_BOXING_BUF_TO_PACE_INPUT
+#include <libopensc/reader-boxing.c>
+#endif
+
 static sc_context_t *ctx = NULL;
 static sc_card_t *card = NULL;
 static sc_reader_t *reader = NULL;
 
-#ifdef WITH_PACE
-#include <npa/boxing.h>
-#include <npa/iso-sm.h>
-#include <npa/npa.h>
-
 static int
 perform_pseudo_apdu_EstablishPACEChannel(sc_apdu_t *apdu)
 {
@@ -88,9 +88,6 @@ perform_pseudo_apdu_GetReaderPACECapabilities(sc_apdu_t *apdu)
  return boxing_pace_capabilities_to_buf(reader->ctx,
  sc_reader_t_capabilities, &apdu->resp, &apdu->resplen);
 }
-#else
-int sc_sm_stop(struct sc_card *card) { return SC_SUCCESS; }
-#endif
 
 static int
 perform_PC_to_RDR_GetSlotStatus(const __u8 *in, size_t inlen, __u8 **out, size_t *outlen);
@@ -577,29 +574,19 @@ perform_pseudo_apdu(sc_reader_t *reader, sc_apdu_t *apdu)
  break;
  case 0x01:
  /* GetReaderPACECapabilities */
-#ifdef WITH_PACE
  LOG_TEST_RET(ctx,
  perform_pseudo_apdu_GetReaderPACECapabilities(apdu),
  "Could not get reader's PACE Capabilities");
  apdu->sw1 = iso_sw_ok.sw1;
  apdu->sw2 = iso_sw_ok.sw2;
-#else
- apdu->sw1 = 0x6D;
- apdu->sw2 = 0x00;
-#endif
  break;
  case 0x02:
  /* EstablishPACEChannel */
-#ifdef WITH_PACE
  LOG_TEST_RET(ctx,
  perform_pseudo_apdu_EstablishPACEChannel(apdu),
  "Could not perform PACE");
  apdu->sw1 = iso_sw_ok.sw1;
  apdu->sw2 = iso_sw_ok.sw2;
-#else
- apdu->sw1 = 0x6D;
- apdu->sw2 = 0x00;
-#endif
  break;
  case 0x03:
  /* DestroyPACEChannel */
@@ -949,7 +936,6 @@ write_pin(sc_apdu_t *apdu, struct sc_pin_cmd_pin *pin, uint8_t blocksize,
  blocksize - justify_offset, pin, encoding, sc_result);
 }
 
-#ifdef WITH_PACE
 static int
 perform_PC_to_RDR_Secure_EstablishPACEChannel(sc_card_t *card,
  const __u8 *abData, size_t abDatalen,
@@ -1197,23 +1183,6 @@ perform_PC_to_RDR_Secure_GetReadersPACECapabilities(__u8 **abDataOut,
 
  return SC_SUCCESS;
 }
-#else
-static int
-perform_PC_to_RDR_Secure_EstablishPACEChannel(sc_card_t *card,
- const __u8 *abData, size_t abDatalen,
- __u8 **abDataOut, size_t *abDataOutLen)
-{
- sc_debug(ctx, SC_LOG_DEBUG_VERBOSE, "ccid compiled without PACE support.");
- return SC_ERROR_NOT_SUPPORTED;
-}
-static int
-perform_PC_to_RDR_Secure_GetReadersPACECapabilities(__u8 **abDataOut,
- size_t *abDataOutLen)
-{
- sc_debug(ctx, SC_LOG_DEBUG_VERBOSE, "ccid compiled without PACE support.");
- return SC_ERROR_NOT_SUPPORTED;
-}
-#endif
 
 static int
 perform_PC_to_RDR_Secure(const __u8 *in, size_t inlen, __u8** out, size_t *outlen)
@@ -1394,7 +1363,6 @@ perform_PC_to_RDR_Secure(const __u8 *in, size_t inlen, __u8** out, size_t *outle
  0)) {
  sc_result = SC_ERROR_INTERNAL;
  sc_debug(ctx, SC_LOG_DEBUG_VERBOSE, "Could not read PIN.\n");
- ssl_error(ctx);
  goto err;
  }
  } else {
@@ -1406,7 +1374,6 @@ perform_PC_to_RDR_Secure(const __u8 *in, size_t inlen, __u8** out, size_t *outle
  0)) {
  sc_result = SC_ERROR_INTERNAL;
  sc_debug(ctx, SC_LOG_DEBUG_VERBOSE, "Could not read current PIN.\n");
- ssl_error(ctx);
  goto err;
  }
  }
@@ -1417,7 +1384,6 @@ perform_PC_to_RDR_Secure(const __u8 *in, size_t inlen, __u8** out, size_t *outle
  modify->bConfirmPIN & CCID_PIN_CONFIRM_NEW)) {
  sc_result = SC_ERROR_INTERNAL;
  sc_debug(ctx, SC_LOG_DEBUG_VERBOSE, "Could not read new PIN.\n");
- ssl_error(ctx);
  goto err;
  }
  }