FLASH_UPGRADE_SUPPORT is not relevant to GNU/Linux.

ChangeLog

@@ -1,5 +1,7 @@
 2017-10-02  NIIBE Yutaka  <gniibe@fsij.org>
 
+	* src/openpgp.c, src/flash.c: Distinguish FLASH_UPGRADE_SUPPORT.
+
 	* src/main.c [GNU_LINUX_EMULATION]: Use emulated_main.
 	(MEMORY_SIZE, MEMORY_END): Fix for GNU/Linux.
 

src/flash.c

@@ -694,6 +694,7 @@ flash_write_binary (uint8_t file_id, const uint8_t *data,
       maxsize = 6;
       p = &openpgpcard_aid[8];
     }
+#ifdef FLASH_UPGRADE_SUPPORT
   else if (file_id >= FILEID_UPDATE_KEY_0 && file_id <= FILEID_UPDATE_KEY_3)
     {
       maxsize = FIRMWARE_UPDATE_KEY_CONTENT_LEN;
@@ -705,6 +706,7 @@ flash_write_binary (uint8_t file_id, const uint8_t *data,
 	  return 0;
 	}
     }
+#endif
 #if defined(CERTDO_SUPPORT)
   else if (file_id == FILEID_CH_CERTIFICATE)
     {

src/openpgp.c

@@ -648,6 +648,7 @@ cmd_pgp_gakp (void)
     }
 }
 
+#ifdef FLASH_UPGRADE_SUPPORT
 const uint8_t *
 gpg_get_firmware_update_key (uint8_t keyno)
 {
@@ -657,6 +658,7 @@ gpg_get_firmware_update_key (uint8_t keyno)
   p = &_updatekey_store + keyno * FIRMWARE_UPDATE_KEY_CONTENT_LEN;
   return p;
 }
+#endif
 
 #ifdef CERTDO_SUPPORT
 #define FILEID_CH_CERTIFICATE_IS_VALID 1
@@ -669,7 +671,6 @@ cmd_read_binary (void)
 {
   int is_short_EF = (P1 (apdu) & 0x80) != 0;
   uint8_t file_id;
-  const uint8_t *p;
   uint16_t offset;
 
   DEBUG_INFO (" - Read binary\r\n");
@@ -679,13 +680,6 @@ cmd_read_binary (void)
   else
     file_id = file_selection - FILE_EF_SERIAL_NO + FILEID_SERIAL_NO;
 
-  if ((!FILEID_CH_CERTIFICATE_IS_VALID && file_id == FILEID_CH_CERTIFICATE)
-      || file_id > FILEID_CH_CERTIFICATE)
-    {
-      GPG_NO_FILE ();
-      return;
-    }
-
   if (is_short_EF)
     {
       file_selection = file_id - FILEID_SERIAL_NO + FILE_EF_SERIAL_NO;
@@ -705,22 +699,26 @@ cmd_read_binary (void)
 	}
       return;
     }
-
-  if (file_id >= FILEID_UPDATE_KEY_0 && file_id <= FILEID_UPDATE_KEY_3)
+#ifdef FLASH_UPGRADE_SUPPORT
+  else if (file_id >= FILEID_UPDATE_KEY_0 && file_id <= FILEID_UPDATE_KEY_3)
     {
       if (offset != 0)
 	GPG_MEMORY_FAILURE ();
       else
 	{
+	  const uint8_t *p;
+
 	  p = gpg_get_firmware_update_key (file_id - FILEID_UPDATE_KEY_0);
 	  res_APDU_size = FIRMWARE_UPDATE_KEY_CONTENT_LEN;
 	  memcpy (res_APDU, p, FIRMWARE_UPDATE_KEY_CONTENT_LEN);
 	  GPG_SUCCESS ();
 	}
     }
+#endif
 #if defined(CERTDO_SUPPORT)
-  else /* file_id == FILEID_CH_CERTIFICATE */
+  else if (file_id == FILEID_CH_CERTIFICATE)
     {
+      const uint8_t *p;
       uint16_t len = 256;
 
       p = &ch_certificate_start;
@@ -737,6 +735,11 @@ cmd_read_binary (void)
 	}
     }
 #endif
+  else
+    {
+      GPG_NO_FILE ();
+      return;
+    }
 }
 
 static void
@@ -1200,6 +1203,7 @@ modify_binary (uint8_t op, uint8_t p1, uint8_t p2, int len)
       return;
     }
 
+#ifdef FLASH_UPGRADE_SUPPORT
   if (file_id >= FILEID_UPDATE_KEY_0 && file_id <= FILEID_UPDATE_KEY_3
       && len == 0 && offset == 0)
     {
@@ -1219,6 +1223,7 @@ modify_binary (uint8_t op, uint8_t p1, uint8_t p2, int len)
 	  flash_erase_page ((uintptr_t)p);
 	}
     }
+#endif
 
   GPG_SUCCESS ();
 }
@@ -1248,6 +1253,7 @@ cmd_write_binary (void)
 }
 
 
+#ifdef FLASH_UPGRADE_SUPPORT
 static void
 cmd_external_authenticate (void)
 {
@@ -1289,6 +1295,7 @@ cmd_external_authenticate (void)
   set_res_sw (0xff, 0xff);
   DEBUG_INFO ("EXTERNAL AUTHENTICATE done.\r\n");
 }
+#endif
 
 static void
 cmd_get_challenge (void)
@@ -1395,8 +1402,10 @@ const struct command cmds[] = {
   { INS_ACTIVATE_FILE, cmd_activate_file },
 #endif
   { INS_PGP_GENERATE_ASYMMETRIC_KEY_PAIR, cmd_pgp_gakp },
+#ifdef FLASH_UPGRADE_SUPPORT
   { INS_EXTERNAL_AUTHENTICATE,	            /* Not in OpenPGP card protocol */
     cmd_external_authenticate },
+#endif
   { INS_GET_CHALLENGE, cmd_get_challenge }, /* Not in OpenPGP card protocol */
   { INS_INTERNAL_AUTHENTICATE, cmd_internal_authenticate },
   { INS_SELECT_FILE, cmd_select_file },