2 * CCID Passthru Card Device emulation
4 * Copyright (c) 2011 Red Hat.
5 * Written by Alon Levy.
7 * This work is licensed under the terms of the GNU GPL, version 2.1 or later.
8 * See the COPYING file in the top-level directory.
11 #include "qemu/osdep.h"
12 #include "qemu/cutils.h"
13 #include "qemu/units.h"
14 #include <libcacard.h>
15 #include "chardev/char-fe.h"
16 #include "hw/qdev-properties.h"
17 #include "hw/qdev-properties-system.h"
18 #include "migration/vmstate.h"
19 #include "qemu/error-report.h"
20 #include "qemu/module.h"
21 #include "qemu/sockets.h"
23 #include "qapi/error.h"
24 #include "qom/object.h"
26 #define DPRINTF(card, lvl, fmt, ...) \
28 if (lvl <= card->debug) { \
29 printf("ccid-card-passthru: " fmt , ## __VA_ARGS__); \
38 /* TODO: do we still need this? */
39 static const uint8_t DEFAULT_ATR
[] = {
41 * From some example somewhere
42 * 0x3B, 0xB0, 0x18, 0x00, 0xD1, 0x81, 0x05, 0xB1, 0x40, 0x38, 0x1F, 0x03, 0x28
45 /* From an Athena smart card */
46 0x3B, 0xD5, 0x18, 0xFF, 0x80, 0x91, 0xFE, 0x1F, 0xC3, 0x80, 0x73, 0xC8, 0x21,
50 #define VSCARD_IN_SIZE (64 * KiB)
52 /* maximum size of ATR - from 7816-3 */
53 #define MAX_ATR_SIZE 40
55 typedef struct PassthruState PassthruState
;
57 struct PassthruState
{
60 uint8_t vscard_in_data
[VSCARD_IN_SIZE
];
61 uint32_t vscard_in_pos
;
62 uint32_t vscard_in_hdr
;
63 uint8_t atr
[MAX_ATR_SIZE
];
68 #define TYPE_CCID_PASSTHRU "ccid-card-passthru"
69 DECLARE_INSTANCE_CHECKER(PassthruState
, PASSTHRU_CCID_CARD
,
73 * VSCard protocol over chardev
74 * This code should not depend on the card type.
77 static void ccid_card_vscard_send_msg(PassthruState
*s
,
78 VSCMsgType type
, uint32_t reader_id
,
79 const uint8_t *payload
, uint32_t length
)
81 VSCMsgHeader scr_msg_header
;
83 scr_msg_header
.type
= htonl(type
);
84 scr_msg_header
.reader_id
= htonl(reader_id
);
85 scr_msg_header
.length
= htonl(length
);
86 /* XXX this blocks entire thread. Rewrite to use
87 * qemu_chr_fe_write and background I/O callbacks */
88 qemu_chr_fe_write_all(&s
->cs
, (uint8_t *)&scr_msg_header
,
89 sizeof(VSCMsgHeader
));
90 qemu_chr_fe_write_all(&s
->cs
, payload
, length
);
93 static void ccid_card_vscard_send_apdu(PassthruState
*s
,
94 const uint8_t *apdu
, uint32_t length
)
96 ccid_card_vscard_send_msg(
97 s
, VSC_APDU
, VSCARD_MINIMAL_READER_ID
, apdu
, length
);
100 static void ccid_card_vscard_send_error(PassthruState
*s
,
101 uint32_t reader_id
, VSCErrorCode code
)
103 VSCMsgError msg
= {.code
= htonl(code
)};
105 ccid_card_vscard_send_msg(
106 s
, VSC_Error
, reader_id
, (uint8_t *)&msg
, sizeof(msg
));
109 static void ccid_card_vscard_send_init(PassthruState
*s
)
112 .version
= htonl(VSCARD_VERSION
),
113 .magic
= VSCARD_MAGIC
,
117 ccid_card_vscard_send_msg(s
, VSC_Init
, VSCARD_UNDEFINED_READER_ID
,
118 (uint8_t *)&msg
, sizeof(msg
));
121 static int ccid_card_vscard_can_read(void *opaque
)
123 PassthruState
*card
= opaque
;
125 return VSCARD_IN_SIZE
>= card
->vscard_in_pos
?
126 VSCARD_IN_SIZE
- card
->vscard_in_pos
: 0;
129 static void ccid_card_vscard_handle_init(
130 PassthruState
*card
, VSCMsgHeader
*hdr
, VSCMsgInit
*init
)
132 uint32_t *capabilities
;
133 int num_capabilities
;
136 capabilities
= init
->capabilities
;
138 1 + ((hdr
->length
- sizeof(VSCMsgInit
)) / sizeof(uint32_t));
139 init
->version
= ntohl(init
->version
);
140 for (i
= 0 ; i
< num_capabilities
; ++i
) {
141 capabilities
[i
] = ntohl(capabilities
[i
]);
143 if (init
->magic
!= VSCARD_MAGIC
) {
144 error_report("wrong magic");
145 /* we can't disconnect the chardev */
147 if (init
->version
!= VSCARD_VERSION
) {
148 DPRINTF(card
, D_WARN
,
149 "got version %d, have %d", init
->version
, VSCARD_VERSION
);
151 /* future handling of capabilities, none exist atm */
152 ccid_card_vscard_send_init(card
);
155 static int check_atr(PassthruState
*card
, uint8_t *data
, int len
)
157 int historical_length
, opt_bytes
;
164 historical_length
= data
[1] & 0xf;
166 if (data
[0] != 0x3b && data
[0] != 0x3f) {
167 DPRINTF(card
, D_WARN
, "atr's T0 is 0x%X, not in {0x3b, 0x3f}\n",
173 while (td
&& td_count
< 2 && opt_bytes
+ historical_length
+ 2 < len
) {
186 td
= data
[opt_bytes
+ 2] >> 4;
189 if (len
< 2 + historical_length
+ opt_bytes
) {
190 DPRINTF(card
, D_WARN
,
191 "atr too short: len %d, but historical_len %d, T1 0x%X\n",
192 len
, historical_length
, data
[1]);
195 if (len
> 2 + historical_length
+ opt_bytes
) {
196 DPRINTF(card
, D_WARN
,
197 "atr too long: len %d, but hist/opt %d/%d, T1 0x%X\n",
198 len
, historical_length
, opt_bytes
, data
[1]);
201 DPRINTF(card
, D_VERBOSE
,
202 "atr passes check: %d total length, %d historical, %d optional\n",
203 len
, historical_length
, opt_bytes
);
208 static void ccid_card_vscard_handle_message(PassthruState
*card
,
209 VSCMsgHeader
*scr_msg_header
)
211 uint8_t *data
= (uint8_t *)&scr_msg_header
[1];
213 switch (scr_msg_header
->type
) {
215 DPRINTF(card
, D_INFO
, "VSC_ATR %d\n", scr_msg_header
->length
);
216 if (scr_msg_header
->length
> MAX_ATR_SIZE
) {
217 error_report("ATR size exceeds spec, ignoring");
218 ccid_card_vscard_send_error(card
, scr_msg_header
->reader_id
,
222 if (!check_atr(card
, data
, scr_msg_header
->length
)) {
223 error_report("ATR is inconsistent, ignoring");
224 ccid_card_vscard_send_error(card
, scr_msg_header
->reader_id
,
228 memcpy(card
->atr
, data
, scr_msg_header
->length
);
229 card
->atr_length
= scr_msg_header
->length
;
230 ccid_card_card_inserted(&card
->base
);
231 ccid_card_vscard_send_error(card
, scr_msg_header
->reader_id
,
235 ccid_card_send_apdu_to_guest(
236 &card
->base
, data
, scr_msg_header
->length
);
239 DPRINTF(card
, D_INFO
, "VSC_CardRemove\n");
240 ccid_card_card_removed(&card
->base
);
241 ccid_card_vscard_send_error(card
,
242 scr_msg_header
->reader_id
, VSC_SUCCESS
);
245 ccid_card_vscard_handle_init(
246 card
, scr_msg_header
, (VSCMsgInit
*)data
);
249 ccid_card_card_error(&card
->base
, *(uint32_t *)data
);
252 if (ccid_card_ccid_attach(&card
->base
) < 0) {
253 ccid_card_vscard_send_error(card
, VSCARD_UNDEFINED_READER_ID
,
254 VSC_CANNOT_ADD_MORE_READERS
);
256 ccid_card_vscard_send_error(card
, VSCARD_MINIMAL_READER_ID
,
260 case VSC_ReaderRemove
:
261 ccid_card_ccid_detach(&card
->base
);
262 ccid_card_vscard_send_error(card
,
263 scr_msg_header
->reader_id
, VSC_SUCCESS
);
266 printf("usb-ccid: chardev: unexpected message of type %X\n",
267 scr_msg_header
->type
);
268 ccid_card_vscard_send_error(card
, scr_msg_header
->reader_id
,
273 static void ccid_card_vscard_drop_connection(PassthruState
*card
)
275 qemu_chr_fe_deinit(&card
->cs
, true);
276 card
->vscard_in_pos
= card
->vscard_in_hdr
= 0;
279 static void ccid_card_vscard_read(void *opaque
, const uint8_t *buf
, int size
)
281 PassthruState
*card
= opaque
;
284 if (card
->vscard_in_pos
+ size
> VSCARD_IN_SIZE
) {
285 error_report("no room for data: pos %u + size %d > %" PRId64
"."
286 " dropping connection.",
287 card
->vscard_in_pos
, size
, VSCARD_IN_SIZE
);
288 ccid_card_vscard_drop_connection(card
);
291 assert(card
->vscard_in_pos
< VSCARD_IN_SIZE
);
292 assert(card
->vscard_in_hdr
< VSCARD_IN_SIZE
);
293 memcpy(card
->vscard_in_data
+ card
->vscard_in_pos
, buf
, size
);
294 card
->vscard_in_pos
+= size
;
295 hdr
= (VSCMsgHeader
*)(card
->vscard_in_data
+ card
->vscard_in_hdr
);
297 while ((card
->vscard_in_pos
- card
->vscard_in_hdr
>= sizeof(VSCMsgHeader
))
298 &&(card
->vscard_in_pos
- card
->vscard_in_hdr
>=
299 sizeof(VSCMsgHeader
) + ntohl(hdr
->length
))) {
300 hdr
->reader_id
= ntohl(hdr
->reader_id
);
301 hdr
->length
= ntohl(hdr
->length
);
302 hdr
->type
= ntohl(hdr
->type
);
303 ccid_card_vscard_handle_message(card
, hdr
);
304 card
->vscard_in_hdr
+= hdr
->length
+ sizeof(VSCMsgHeader
);
305 hdr
= (VSCMsgHeader
*)(card
->vscard_in_data
+ card
->vscard_in_hdr
);
307 if (card
->vscard_in_hdr
== card
->vscard_in_pos
) {
308 card
->vscard_in_pos
= card
->vscard_in_hdr
= 0;
312 static void ccid_card_vscard_event(void *opaque
, QEMUChrEvent event
)
314 PassthruState
*card
= opaque
;
317 case CHR_EVENT_BREAK
:
318 card
->vscard_in_pos
= card
->vscard_in_hdr
= 0;
320 case CHR_EVENT_OPENED
:
321 DPRINTF(card
, D_INFO
, "%s: CHR_EVENT_OPENED\n", __func__
);
323 case CHR_EVENT_MUX_IN
:
324 case CHR_EVENT_MUX_OUT
:
325 case CHR_EVENT_CLOSED
:
331 /* End VSCard handling */
333 static void passthru_apdu_from_guest(
334 CCIDCardState
*base
, const uint8_t *apdu
, uint32_t len
)
336 PassthruState
*card
= PASSTHRU_CCID_CARD(base
);
338 if (!qemu_chr_fe_backend_connected(&card
->cs
)) {
339 printf("ccid-passthru: no chardev, discarding apdu length %u\n", len
);
342 ccid_card_vscard_send_apdu(card
, apdu
, len
);
345 static const uint8_t *passthru_get_atr(CCIDCardState
*base
, uint32_t *len
)
347 PassthruState
*card
= PASSTHRU_CCID_CARD(base
);
349 *len
= card
->atr_length
;
353 static void passthru_realize(CCIDCardState
*base
, Error
**errp
)
355 PassthruState
*card
= PASSTHRU_CCID_CARD(base
);
357 card
->vscard_in_pos
= 0;
358 card
->vscard_in_hdr
= 0;
359 if (qemu_chr_fe_backend_connected(&card
->cs
)) {
360 DPRINTF(card
, D_INFO
, "ccid-card-passthru: initing chardev");
361 qemu_chr_fe_set_handlers(&card
->cs
,
362 ccid_card_vscard_can_read
,
363 ccid_card_vscard_read
,
364 ccid_card_vscard_event
, NULL
, card
, NULL
, true);
365 ccid_card_vscard_send_init(card
);
367 error_setg(errp
, "missing chardev");
370 card
->debug
= parse_debug_env("QEMU_CCID_PASSTHRU_DEBUG", D_VERBOSE
,
372 assert(sizeof(DEFAULT_ATR
) <= MAX_ATR_SIZE
);
373 memcpy(card
->atr
, DEFAULT_ATR
, sizeof(DEFAULT_ATR
));
374 card
->atr_length
= sizeof(DEFAULT_ATR
);
377 static const VMStateDescription passthru_vmstate
= {
378 .name
= "ccid-card-passthru",
380 .minimum_version_id
= 1,
381 .fields
= (VMStateField
[]) {
382 VMSTATE_BUFFER(vscard_in_data
, PassthruState
),
383 VMSTATE_UINT32(vscard_in_pos
, PassthruState
),
384 VMSTATE_UINT32(vscard_in_hdr
, PassthruState
),
385 VMSTATE_BUFFER(atr
, PassthruState
),
386 VMSTATE_UINT8(atr_length
, PassthruState
),
387 VMSTATE_END_OF_LIST()
391 static Property passthru_card_properties
[] = {
392 DEFINE_PROP_CHR("chardev", PassthruState
, cs
),
393 DEFINE_PROP_UINT8("debug", PassthruState
, debug
, 0),
394 DEFINE_PROP_END_OF_LIST(),
397 static void passthru_class_initfn(ObjectClass
*klass
, void *data
)
399 DeviceClass
*dc
= DEVICE_CLASS(klass
);
400 CCIDCardClass
*cc
= CCID_CARD_CLASS(klass
);
402 cc
->realize
= passthru_realize
;
403 cc
->get_atr
= passthru_get_atr
;
404 cc
->apdu_from_guest
= passthru_apdu_from_guest
;
405 set_bit(DEVICE_CATEGORY_INPUT
, dc
->categories
);
406 dc
->desc
= "passthrough smartcard";
407 dc
->vmsd
= &passthru_vmstate
;
408 device_class_set_props(dc
, passthru_card_properties
);
411 static const TypeInfo passthru_card_info
= {
412 .name
= TYPE_CCID_PASSTHRU
,
413 .parent
= TYPE_CCID_CARD
,
414 .instance_size
= sizeof(PassthruState
),
415 .class_init
= passthru_class_initfn
,
417 module_obj(TYPE_CCID_PASSTHRU
);
420 static void ccid_card_passthru_register_types(void)
422 type_register_static(&passthru_card_info
);
425 type_init(ccid_card_passthru_register_types
)