From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:40591) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1VIXF8-0001Jp-H8 for qemu-devel@nongnu.org; Sun, 08 Sep 2013 01:09:10 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1VIXF0-0002m0-0k for qemu-devel@nongnu.org; Sun, 08 Sep 2013 01:09:02 -0400 Received: from mail-qa0-x232.google.com ([2607:f8b0:400d:c00::232]:58727) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1VIXEz-0002lu-SE for qemu-devel@nongnu.org; Sun, 08 Sep 2013 01:08:53 -0400 Received: by mail-qa0-f50.google.com with SMTP id f11so1271609qae.2 for ; Sat, 07 Sep 2013 22:08:53 -0700 (PDT) From: Ray Strode Date: Sun, 8 Sep 2013 01:08:39 -0400 Message-Id: <1378616919-18169-3-git-send-email-halfline@gmail.com> In-Reply-To: <1378616919-18169-1-git-send-email-halfline@gmail.com> References: <1378616919-18169-1-git-send-email-halfline@gmail.com> Subject: [Qemu-devel] [PATCH 2/2] libcacard: Lock NSS cert db when selecting an applet on an emulated card List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org Cc: Alon Levy , Ray Strode , Michael Tokarev , Robert Relyea From: Ray Strode When a process in a guest uses an emulated smartcard, libcacard passes the PIN from the guest to the PK11_Authenticate NSS function. The first time PK11_Authenticate is called the passed in PIN is used to unlock the certificate database. Subsequent calls to PK11_Authenticate within the next 60 seconds will transparently succeed, regardless of the passed in PIN. This is a convenience for applications provided by NSS. Of course, the guest may have many applications using the one emulated smart card all driven from the same host qemu process. That means if a user enters the right PIN in one program in the guest, and then enters the wrong PIN in another program in the guest, the wrong PIN will still succeed (as long as it's within 60 seconds of the right PIN being entered). This commit forces the NSS certificate database to be locked anytime an applet is selected on an emulated smartcard by calling vcard_emul_logout. Signed-off-by: Ray Strode --- libcacard/vcard.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/libcacard/vcard.c b/libcacard/vcard.c index 539177b..cf02a25 100644 --- a/libcacard/vcard.c +++ b/libcacard/vcard.c @@ -243,60 +243,65 @@ vcard_find_applet(VCard *card, unsigned char *aid, int aid_len) { VCardApplet *current_applet; for (current_applet = card->applet_list; current_applet; current_applet = current_applet->next) { if (current_applet->aid_len != aid_len) { continue; } if (memcmp(current_applet->aid, aid, aid_len) == 0) { break; } } return current_applet; } unsigned char * vcard_applet_get_aid(VCardApplet *applet, int *aid_len) { if (applet == NULL) { return NULL; } *aid_len = applet->aid_len; return applet->aid; } void vcard_select_applet(VCard *card, int channel, VCardApplet *applet) { assert(channel < MAX_CHANNEL); + + /* If using an emulated card, make sure to log out of any already logged in + * session. */ + vcard_emul_logout(card); + card->current_applet[channel] = applet; /* reset the applet */ if (applet && applet->reset_applet) { applet->reset_applet(card, channel); } } VCardAppletPrivate * vcard_get_current_applet_private(VCard *card, int channel) { VCardApplet *applet = card->current_applet[channel]; if (applet == NULL) { return NULL; } return applet->applet_private; } VCardStatus vcard_process_applet_apdu(VCard *card, VCardAPDU *apdu, VCardResponse **response) { if (card->current_applet[apdu->a_channel]) { return card->current_applet[apdu->a_channel]->process_apdu( card, apdu, response); } return VCARD_NEXT; } /* -- 1.8.3.1