1*a61ed2ceSHans Rosenfeld /*
2*a61ed2ceSHans Rosenfeld * This file and its contents are supplied under the terms of the
3*a61ed2ceSHans Rosenfeld * Common Development and Distribution License ("CDDL"), version 1.0.
4*a61ed2ceSHans Rosenfeld * You may only use this file in accordance with the terms of version
5*a61ed2ceSHans Rosenfeld * 1.0 of the CDDL.
6*a61ed2ceSHans Rosenfeld *
7*a61ed2ceSHans Rosenfeld * A full copy of the text of the CDDL should have accompanied this
8*a61ed2ceSHans Rosenfeld * source. A copy of the CDDL is also available via the Internet at
9*a61ed2ceSHans Rosenfeld * http://www.illumos.org/license/CDDL.
10*a61ed2ceSHans Rosenfeld */
11*a61ed2ceSHans Rosenfeld
12*a61ed2ceSHans Rosenfeld /*
13*a61ed2ceSHans Rosenfeld * Copyright 2019, Joyent, Inc.
14*a61ed2ceSHans Rosenfeld */
15*a61ed2ceSHans Rosenfeld
16*a61ed2ceSHans Rosenfeld /*
17*a61ed2ceSHans Rosenfeld * Open a YubiKey class device read-only and try to get the basic information
18*a61ed2ceSHans Rosenfeld * applet through an APDU, which should fail. Try to get the status, which
19*a61ed2ceSHans Rosenfeld * should succeed, and attempt to power off, which should fail.
20*a61ed2ceSHans Rosenfeld */
21*a61ed2ceSHans Rosenfeld
22*a61ed2ceSHans Rosenfeld #include <err.h>
23*a61ed2ceSHans Rosenfeld #include <stdlib.h>
24*a61ed2ceSHans Rosenfeld #include <sys/types.h>
25*a61ed2ceSHans Rosenfeld #include <sys/stat.h>
26*a61ed2ceSHans Rosenfeld #include <fcntl.h>
27*a61ed2ceSHans Rosenfeld #include <strings.h>
28*a61ed2ceSHans Rosenfeld #include <unistd.h>
29*a61ed2ceSHans Rosenfeld #include <errno.h>
30*a61ed2ceSHans Rosenfeld
31*a61ed2ceSHans Rosenfeld #include <sys/usb/clients/ccid/uccid.h>
32*a61ed2ceSHans Rosenfeld
33*a61ed2ceSHans Rosenfeld static const uint8_t yk_req[] = {
34*a61ed2ceSHans Rosenfeld 0x00, 0xa4, 0x04, 0x00, 0x07, 0xa0, 0x00, 0x00, 0x05, 0x27, 0x20, 0x01
35*a61ed2ceSHans Rosenfeld };
36*a61ed2ceSHans Rosenfeld
37*a61ed2ceSHans Rosenfeld int
main(int argc,char * argv[])38*a61ed2ceSHans Rosenfeld main(int argc, char *argv[])
39*a61ed2ceSHans Rosenfeld {
40*a61ed2ceSHans Rosenfeld int fd, ret;
41*a61ed2ceSHans Rosenfeld uccid_cmd_icc_modify_t uci;
42*a61ed2ceSHans Rosenfeld uccid_cmd_txn_begin_t begin;
43*a61ed2ceSHans Rosenfeld uccid_cmd_status_t ucs;
44*a61ed2ceSHans Rosenfeld uint8_t buf[UCCID_APDU_SIZE_MAX];
45*a61ed2ceSHans Rosenfeld
46*a61ed2ceSHans Rosenfeld if (argc != 2) {
47*a61ed2ceSHans Rosenfeld errx(EXIT_FAILURE, "missing required ccid path");
48*a61ed2ceSHans Rosenfeld }
49*a61ed2ceSHans Rosenfeld
50*a61ed2ceSHans Rosenfeld if ((fd = open(argv[1], O_RDONLY)) < 0) {
51*a61ed2ceSHans Rosenfeld err(EXIT_FAILURE, "failed to open %s", argv[1]);
52*a61ed2ceSHans Rosenfeld }
53*a61ed2ceSHans Rosenfeld
54*a61ed2ceSHans Rosenfeld bzero(&begin, sizeof (begin));
55*a61ed2ceSHans Rosenfeld begin.uct_version = UCCID_CURRENT_VERSION;
56*a61ed2ceSHans Rosenfeld if (ioctl(fd, UCCID_CMD_TXN_BEGIN, &begin) == 0) {
57*a61ed2ceSHans Rosenfeld errx(EXIT_FAILURE, "didn't fail to issue begin ioctl");
58*a61ed2ceSHans Rosenfeld }
59*a61ed2ceSHans Rosenfeld
60*a61ed2ceSHans Rosenfeld if ((ret = write(fd, yk_req, sizeof (yk_req))) != -1) {
61*a61ed2ceSHans Rosenfeld errx(EXIT_FAILURE, "didn't fail to write data");
62*a61ed2ceSHans Rosenfeld }
63*a61ed2ceSHans Rosenfeld
64*a61ed2ceSHans Rosenfeld if (errno != EBADF) {
65*a61ed2ceSHans Rosenfeld err(EXIT_FAILURE, "wrong errno for failed write, "
66*a61ed2ceSHans Rosenfeld "expected EBADF");
67*a61ed2ceSHans Rosenfeld }
68*a61ed2ceSHans Rosenfeld
69*a61ed2ceSHans Rosenfeld if ((ret = read(fd, buf, sizeof (buf))) != -1) {
70*a61ed2ceSHans Rosenfeld errx(EXIT_FAILURE, "didn't fail to read data");
71*a61ed2ceSHans Rosenfeld }
72*a61ed2ceSHans Rosenfeld
73*a61ed2ceSHans Rosenfeld if (errno != EACCES) {
74*a61ed2ceSHans Rosenfeld err(EXIT_FAILURE, "wrong errno for failed read, "
75*a61ed2ceSHans Rosenfeld "expected EACCES");
76*a61ed2ceSHans Rosenfeld }
77*a61ed2ceSHans Rosenfeld
78*a61ed2ceSHans Rosenfeld /* get card status */
79*a61ed2ceSHans Rosenfeld bzero(&ucs, sizeof (ucs));
80*a61ed2ceSHans Rosenfeld ucs.ucs_version = UCCID_CURRENT_VERSION;
81*a61ed2ceSHans Rosenfeld if ((ret = ioctl(fd, UCCID_CMD_STATUS, &ucs)) != 0) {
82*a61ed2ceSHans Rosenfeld err(EXIT_FAILURE, "failed to get status");
83*a61ed2ceSHans Rosenfeld }
84*a61ed2ceSHans Rosenfeld
85*a61ed2ceSHans Rosenfeld
86*a61ed2ceSHans Rosenfeld /* try to power off the card while opened read-only */
87*a61ed2ceSHans Rosenfeld bzero(&uci, sizeof (uci));
88*a61ed2ceSHans Rosenfeld uci.uci_version = UCCID_CURRENT_VERSION;
89*a61ed2ceSHans Rosenfeld uci.uci_action = UCCID_ICC_POWER_OFF;
90*a61ed2ceSHans Rosenfeld if ((ret = ioctl(fd, UCCID_CMD_ICC_MODIFY, &uci)) == 0) {
91*a61ed2ceSHans Rosenfeld errx(EXIT_FAILURE, "didn't fail to power off ICC");
92*a61ed2ceSHans Rosenfeld }
93*a61ed2ceSHans Rosenfeld
94*a61ed2ceSHans Rosenfeld if (errno != EBADF) {
95*a61ed2ceSHans Rosenfeld err(EXIT_FAILURE, "wrong errno for failed write, "
96*a61ed2ceSHans Rosenfeld "expected EBADF");
97*a61ed2ceSHans Rosenfeld }
98*a61ed2ceSHans Rosenfeld
99*a61ed2ceSHans Rosenfeld return (0);
100*a61ed2ceSHans Rosenfeld }
101