giomba
/
opensc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge branch 'master' into coverity_scan 

Conflicts:
	.travis.yml
This commit is contained in:
Frank Morgner 2015-02-02 23:59:59 +01:00
parent 02214dca86 db0cb7557c
commit 2a7db13d34
73 changed files with 450 additions and 296 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
.travis.yml
View File

@ -1,10 +1,4 @@
language: C
compiler: gcc
before_install: sudo apt-get update
install: sudo apt-get install libpcsclite-dev
env:
- CONF="--prefix=/ --disable-openct --enable-pcsc --enable-strict --disable-man --disable-doc"
# script: ./bootstrap && ./configure $CONF && make
env:
global:
@ -12,14 +6,51 @@ env:
# via the "travis encrypt" command using the project repo's public key
- secure: "UkHn7wy4im8V1nebCWbAetnDSOLRUbOlF6++ovk/7Bnso1/lnhXHelyzgRxfD/oI68wm9nnRV+RQEZ9+72Ug1CyvHxyyxxkwal/tPeHH4B/L+aGdPi0id+5OZSKIm77VP3m5s102sJMJgH7DFd03+nUd0K26p0tk8ad4j1geV4c="
matrix:
include:
- compiler: clang
- compiler: gcc
- compiler: gcc
env: HOST=i686-w64-mingw32
before_install:
- if [ $TRAVIS_OS_NAME == linux ]; then
sudo apt-get update;
fi
install:
- if [ $TRAVIS_OS_NAME == linux ]; then
if [ -z "$HOST" ]; then
sudo apt-get install libpcsclite-dev xsltproc docbook-xsl;
else
sudo apt-get install mingw-w64 binutils-mingw-w64-i686 gcc-mingw-w64-i686;
fi
fi
before_script:
- ./bootstrap
- if [ -z "$HOST" ]; then
./configure --enable-doc --enable-dnie-ui;
else
unset CC;
unset CXX;
./configure --host=$HOST --disable-openssl;
fi
addons:
coverity_scan:
project:
name: "OpenSC/OpenSC"
description: "Build submitted via Travis CI"
notification_email: viktor.tarasov@gmail.com
build_command_prepend: "./bootstrap && ./configure --disable-openct --enable-pcsc --enable-strict --disable-man --disable-doc; make clean"
build_command: "make -j 4"
branch_pattern: coverity_scan
script: if [ ${COVERITY_SCAN_BRANCH} != 1 ]; then make ; fi
script:
- if [ "${COVERITY_SCAN_BRANCH}" != 1 ]; then
make;
fi
- if [ -z "$HOST" -a "${COVERITY_SCAN_BRANCH}" != 1 ]; then
make check;
make dist;
fi

2
src/common/compat_getopt_main.c
View File

@ -234,7 +234,7 @@ main(int argc, char * argv[])
case 'o': /* -output=FILE */
outfilename = optarg;
/* we allow "-" as a synonym for stdout here */
if (! strcmp(optarg, "-"))
if (optarg && !strcmp(optarg, "-"))
{
outfilename = 0;
}

4
src/libopensc/apdu.c
View File

@ -203,8 +203,10 @@ int sc_apdu_get_octets(sc_context_t *ctx, const sc_apdu_t *apdu, u8 **buf,
if (nbuf == NULL)
return SC_ERROR_OUT_OF_MEMORY;
/* encode the APDU in the buffer */
if (sc_apdu2bytes(ctx, apdu, proto, nbuf, nlen) != SC_SUCCESS)
if (sc_apdu2bytes(ctx, apdu, proto, nbuf, nlen) != SC_SUCCESS) {
free(nbuf);
return SC_ERROR_INTERNAL;
}
*buf = nbuf;
*len = nlen;

4
src/libopensc/card-asepcos.c
View File

@ -872,8 +872,8 @@ static int asepcos_build_pin_apdu(sc_card_t *card, sc_apdu_t *apdu,
memcpy(p, data->pin1.data, data->pin1.len);
p += data->pin1.len;
} else {
memcpy(p, data->pin1.data, data->pin1.len);
p += data->pin1.len;
memcpy(p, data->pin2.data, data->pin2.len);
p += data->pin2.len;
}
apdu->lc = p - buf;
apdu->datalen = p - buf;

2
src/libopensc/card-authentic.c
View File

@ -650,7 +650,7 @@ authentic_reduce_path(struct sc_card *card, struct sc_path *path)
LOG_FUNC_CALLED(ctx);
if (path->len <= 2 || path->type == SC_PATH_TYPE_DF_NAME || !path)
if (!path || path->len <= 2 || path->type == SC_PATH_TYPE_DF_NAME)
LOG_FUNC_RETURN(ctx, SC_SUCCESS);
if (!card->cache.valid || !card->cache.current_df)

5
src/libopensc/card-dnie.c
View File

@ -346,7 +346,6 @@ static int dnie_get_info(sc_card_t * card, char *data[])
}
res = dnie_read_file(card, path, &file, &buffer, &bufferlen);
if (res != SC_SUCCESS) {
msg = "Cannot read IDESP EF";
data[3]=NULL;
goto get_info_ph3;
}
@ -1195,7 +1194,7 @@ static int dnie_set_security_env(struct sc_card *card,
sc_log(card->ctx, "checking key references");
if (env->key_ref_len != 1) {
sc_log(card->ctx, "Null or invalid key ID reference");
result = SC_ERROR_INVALID_ARGUMENTS;
LOG_FUNC_RETURN(card->ctx, SC_ERROR_INVALID_ARGUMENTS);
}
sc_log(card->ctx, "Using key reference '%s'",
sc_dump_hex(env->key_ref, env->key_ref_len));
@ -1747,7 +1746,7 @@ static int dnie_process_fci(struct sc_card *card,
case 0x15: /* EF for keys: linear variable simple TLV */
file->type = SC_FILE_TYPE_WORKING_EF;
/* pin file 3F000000 has also this EF type */
if ( ( file->prop_attr[3] == 0x00 ) && (file->prop_attr[3] == 0x00 ) ) {
if ( ( file->prop_attr[2] == 0x00 ) && (file->prop_attr[3] == 0x00 ) ) {
sc_log(ctx,"Processing pin EF");
break;
}

2
src/libopensc/card-epass2003.c
View File

@ -227,7 +227,7 @@ des3_encrypt_cbc(const unsigned char *key, int keysize, unsigned char iv[8],
static int
des3_decrypt_cbc(const unsigned char *key, int keysize, unsigned char iv[8],
des3_decrypt_cbc(const unsigned char *key, int keysize, unsigned char iv[EVP_MAX_IV_LENGTH],
const unsigned char *input, size_t length, unsigned char *output)
{
unsigned char bKey[24] = { 0 };

2
src/libopensc/card-gemsafeV1.c
View File

@ -369,7 +369,7 @@ static u8 gemsafe_flags2algref(struct sc_card *card, const struct sc_security_en
} else if (env->operation == SC_SEC_OPERATION_DECIPHER) {
if (env->algorithm_flags & SC_ALGORITHM_RSA_PAD_PKCS1)
ret = (card->type == SC_CARD_TYPE_GEMSAFEV1_PTEID ||
card->type == SC_CARD_TYPE_GEMSAFEV1_PTEID) ? 0x02 : 0x12;
card->type == SC_CARD_TYPE_GEMSAFEV1_SEEID) ? 0x02 : 0x12;
}
return ret;

21
src/libopensc/card-iasecc.c
View File

@ -414,7 +414,8 @@ iasecc_init_gemalto(struct sc_card *card)
card->caps |= SC_CARD_CAP_USE_FCI_AC;
sc_format_path("3F00", &path);
sc_select_file(card, &path, NULL);
rv = sc_select_file(card, &path, NULL);
LOG_TEST_RET(ctx, rv, "MF selection error");
rv = iasecc_parse_ef_atr(card);
sc_log(ctx, "rv %i", rv);
@ -2565,7 +2566,8 @@ iasecc_sdo_create(struct sc_card *card, struct iasecc_sdo *sdo)
rv = iasecc_sdo_put_data(card, &update);
LOG_TEST_RET(ctx, rv, "failed to update 'Compulsory usage' data");
field->on_card = 1;
if (field)
field->on_card = 1;
}
free(data);
@ -3252,14 +3254,19 @@ static int
iasecc_compute_signature(struct sc_card *card,
const unsigned char *in, size_t in_len, unsigned char *out, size_t out_len)
{
struct sc_context *ctx = card->ctx;
struct iasecc_private_data *prv = (struct iasecc_private_data *) card->drv_data;
struct sc_security_env *env = &prv->security_env;
struct sc_context *ctx;
struct iasecc_private_data *prv;
struct sc_security_env *env;
if (!card || !in || !out)
return SC_ERROR_INVALID_ARGUMENTS;
ctx = card->ctx;
prv = (struct iasecc_private_data *) card->drv_data;
env = &prv->security_env;
LOG_FUNC_CALLED(ctx);
sc_log(ctx, "inlen %i, outlen %i", in_len, out_len);
if (!card || !in || !out)
LOG_TEST_RET(ctx, SC_ERROR_INVALID_ARGUMENTS, "Invalid compute signature arguments");
if (env->operation == SC_SEC_OPERATION_SIGN)
return iasecc_compute_signature_dst(card, in, in_len, out, out_len);

8
src/libopensc/card-mcrd.c
View File

@ -379,13 +379,13 @@ static int mcrd_init(sc_card_t * card)
priv->curpathlen = 1;
sc_format_path ("3f00", &tmppath);
sc_select_file (card, &tmppath, NULL);
r = sc_select_file (card, &tmppath, NULL);
/* Not needed for the fixed EstEID profile */
if (!is_esteid_card(card))
load_special_files(card);
return SC_SUCCESS;
return r;
}
static int mcrd_finish(sc_card_t * card)
@ -1188,7 +1188,9 @@ static int mcrd_set_security_env(sc_card_t * card,
/* Make sure we always start from MF */
sc_format_path ("3f00", &tmppath);
sc_select_file (card, &tmppath, NULL);
r = sc_select_file (card, &tmppath, NULL);
if (r < 0)
return r;
/* We now know that cache is not valid */
select_esteid_df(card);
switch (env->operation) {

4
src/libopensc/card-muscle.c
View File

@ -472,7 +472,9 @@ static int muscle_init(sc_card_t *card)
card->caps |= SC_CARD_CAP_RNG;
/* Card type detection */
_sc_match_atr(card, muscle_atrs, &card->type);
if (SC_SUCCESS != _sc_match_atr(card, muscle_atrs, &card->type))
SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_INVALID_CARD);
if(card->type == SC_CARD_TYPE_MUSCLE_ETOKEN_72K) {
card->caps |= SC_CARD_CAP_APDU_EXT;
}

6
src/libopensc/card-myeid.c
View File

@ -305,8 +305,8 @@ static int encode_file_structure(sc_card_t *card, const sc_file_t *file,
u8 *out, size_t *outlen)
{
const sc_acl_entry_t *read, *update, *delete, *generate;
u8 buf[40];
int i;
u8 buf[41];
size_t i;
LOG_FUNC_CALLED(card->ctx);
/* PrivateKey
@ -412,7 +412,7 @@ static int encode_file_structure(sc_card_t *card, const sc_file_t *file,
buf[25] = 0x84;
buf[26] = (u8)file->namelen;
for(i=0;i < (int)file->namelen;i++)
for(i=0;i < file->namelen;i++)
buf[i + 26] = file->name[i];
buf[1] = 0x19 + file->namelen + 2;

10
src/libopensc/card-oberthur.c
View File

@ -397,7 +397,8 @@ auth_process_fci(struct sc_card *card, struct sc_file *file,
case 0x38:
file->type = SC_FILE_TYPE_DF;
file->size = attr[0];
sc_file_set_type_attr(file,attr,attr_len);
if (SC_SUCCESS != sc_file_set_type_attr(file,attr,attr_len))
SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_UNKNOWN_DATA_RECEIVED);
break;
default:
SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_UNKNOWN_DATA_RECEIVED);
@ -1108,16 +1109,17 @@ auth_compute_signature(struct sc_card *card, const unsigned char *in, size_t ile
unsigned char resp[SC_MAX_APDU_BUFFER_SIZE];
int rv;
SC_FUNC_CALLED(card->ctx, SC_LOG_DEBUG_VERBOSE);
sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL, "inlen %i, outlen %i\n", ilen, olen);
if (!card || !in || !out) {
SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_INVALID_ARGUMENTS);
return SC_ERROR_INVALID_ARGUMENTS;
}
else if (ilen > 96) {
sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL, "Illegal input length %d\n", ilen);
SC_TEST_RET(card->ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_INVALID_ARGUMENTS, "Illegal input length");
}
SC_FUNC_CALLED(card->ctx, SC_LOG_DEBUG_VERBOSE);
sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL, "inlen %i, outlen %i\n", ilen, olen);
sc_format_apdu(card, &apdu, SC_APDU_CASE_4_SHORT, 0x2A, 0x9E, 0x9A);
apdu.datalen = ilen;
apdu.data = in;

2
src/libopensc/card-openpgp.c
View File

@ -883,7 +883,7 @@ static unsigned int pgp_strip_path(sc_card_t *card, const sc_path_t *path)
{
unsigned int start_point = 0;
/* start_point will move through the path string */
if (path->value == NULL || path->len == 0)
if (path->len == 0)
return 0;
/* Ignore 3F00 (MF) at the beginning */

14
src/libopensc/card-piv.c
View File

@ -784,8 +784,6 @@ static int piv_find_aid(sc_card_t * card, sc_file_t *aid_file)
SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_VERBOSE, SC_ERROR_NO_CARD_SUPPORT);
card->ops->process_fci(card, aid_file, apdu.resp+2, apdu.resp[1]);
if (aid_file->name == NULL)
SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_NO_CARD_SUPPORT);
SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_NORMAL, i);
}
@ -1559,7 +1557,7 @@ static int piv_general_mutual_authenticate(sc_card_t *card,
r = sc_lock(card);
if (r != SC_SUCCESS)
goto err;
SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_NORMAL, r);
locked = 1;
p = sbuf;
@ -1829,7 +1827,7 @@ static int piv_general_external_authenticate(sc_card_t *card,
r = sc_lock(card);
if (r != SC_SUCCESS)
goto err;
SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_NORMAL, r);
locked = 1;
p = sbuf;
@ -2143,7 +2141,9 @@ static int piv_get_challenge(sc_card_t *card, u8 *rnd, size_t len)
sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL,"challenge len=%d",len);
sc_lock(card);
r = sc_lock(card);
if (r != SC_SUCCESS)
SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_NORMAL, r);
p = sbuf;
*p++ = 0x7c;
@ -2179,9 +2179,9 @@ static int piv_get_challenge(sc_card_t *card, u8 *rnd, size_t len)
rbuf = NULL;
}
sc_unlock(card);
r = sc_unlock(card);
SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_NORMAL, 0);
SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_NORMAL, r);
}

2
src/libopensc/card-setcos.c
View File

@ -438,7 +438,7 @@ static int setcos_create_file_44(sc_card_t *card, sc_file_t *file)
const int* p_idx;
int i;
int len = 0;
u8 bBuf[32];
u8 bBuf[64];
/* Get specific operation groups for specified file-type */
switch (file->type){

2
src/libopensc/card-tcos.c
View File

@ -161,8 +161,6 @@ static int tcos_construct_fci(const sc_file_t *file,
/* Directory name */
if (file->type == SC_FILE_TYPE_DF) {
if (file->namelen) {
if (file->namelen > 16 || !file->name)
return SC_ERROR_INVALID_ARGUMENTS;
sc_asn1_put_tag(0x84, file->name, file->namelen,
p, 16, &p);
}

17
src/libopensc/card-westcos.c
View File

@ -1109,6 +1109,15 @@ static int westcos_sign_decipher(int mode, sc_card_t *card,
return SC_ERROR_INVALID_ARGUMENTS;
sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL,
"westcos_sign_decipher outlen=%d\n", outlen);
#ifndef ENABLE_OPENSSL
r = SC_ERROR_NOT_SUPPORTED;
#else
if (keyfile == NULL || mem == NULL || card->drv_data == NULL) {
r = SC_ERROR_OUT_OF_MEMORY;
goto out;
}
priv_data = (priv_data_t *) card->drv_data;
if(priv_data->flags & RSA_CRYPTO_COMPONENT)
@ -1134,14 +1143,6 @@ static int westcos_sign_decipher(int mode, sc_card_t *card,
r = apdu.resplen;
goto out2;
}
#ifndef ENABLE_OPENSSL
r = SC_ERROR_NOT_SUPPORTED;
#else
if (keyfile == NULL || mem == NULL || priv_data == NULL) {
r = SC_ERROR_OUT_OF_MEMORY;
goto out;
}
if ((priv_data->env.flags) & SC_ALGORITHM_RSA_PAD_PKCS1)
pad = RSA_PKCS1_PADDING;

34
src/libopensc/card.c
View File

@ -29,6 +29,7 @@
#include "internal.h"
#include "asn1.h"
#include "common/compat_strlcpy.h"
/*
#define INVALIDATE_CARD_CACHE_IN_UNLOCK
@ -222,18 +223,17 @@ int sc_connect_card(sc_reader_t *reader, sc_card_t **card_out)
}
if (card->name == NULL)
card->name = card->driver->name;
*card_out = card;
/* Override card limitations with reader limitations.
* Note that zero means no limitations at all.
/* Override card limitations with reader limitations.
* Note that zero means no limitations at all.
*/
if ((card->max_recv_size == 0) ||
((reader->driver->max_recv_size != 0) && (reader->driver->max_recv_size < card->max_recv_size)))
card->max_recv_size = reader->driver->max_recv_size;
if ((card->max_recv_size == 0) ||
((reader->driver->max_recv_size != 0) && (reader->driver->max_recv_size < card->max_recv_size)))
card->max_recv_size = reader->driver->max_recv_size;
if ((card->max_send_size == 0) ||
((reader->driver->max_send_size != 0) && (reader->driver->max_send_size < card->max_send_size)))
card->max_send_size = reader->driver->max_send_size;
if ((card->max_send_size == 0) ||
((reader->driver->max_send_size != 0) && (reader->driver->max_send_size < card->max_send_size)))
card->max_send_size = reader->driver->max_send_size;
sc_log(ctx, "card info name:'%s', type:%i, flags:0x%X, max_send/recv_size:%i/%i",
card->name, card->type, card->flags, card->max_send_size, card->max_recv_size);
@ -246,6 +246,7 @@ int sc_connect_card(sc_reader_t *reader, sc_card_t **card_out)
goto err;
}
#endif
*card_out = card;
LOG_FUNC_RETURN(ctx, SC_SUCCESS);
err:
@ -403,10 +404,11 @@ int sc_create_file(sc_card_t *card, sc_file_t *file)
{
int r;
char pbuf[SC_MAX_PATH_STRING_SIZE];
const sc_path_t *in_path = &file->path;
const sc_path_t *in_path;
assert(card != NULL);
assert(card != NULL && file != NULL);
in_path = &file->path;
r = sc_path_print(pbuf, sizeof(pbuf), in_path);
if (r != SC_SUCCESS)
pbuf[0] = '\0';
@ -864,14 +866,16 @@ sc_algorithm_info_t * sc_card_find_gostr3410_alg(sc_card_t *card,
static int match_atr_table(sc_context_t *ctx, struct sc_atr_table *table, struct sc_atr *atr)
{
u8 *card_atr_bin = atr->value;
size_t card_atr_bin_len = atr->len;
u8 *card_atr_bin;
size_t card_atr_bin_len;
char card_atr_hex[3 * SC_MAX_ATR_SIZE];
size_t card_atr_hex_len;
unsigned int i = 0;
if (ctx == NULL || table == NULL || atr == NULL)
return -1;
card_atr_bin = atr->value;
card_atr_bin_len = atr->len;
sc_bin_to_hex(card_atr_bin, card_atr_bin_len, card_atr_hex, sizeof(card_atr_hex), ':');
card_atr_hex_len = strlen(card_atr_hex);
@ -1255,8 +1259,8 @@ sc_card_sm_check(struct sc_card *card)
rv = sc_card_sm_load(card, module_path, module_name);
LOG_TEST_RET(ctx, rv, "Failed to load SM module");
strncpy(card->sm_ctx.module.filename, module_name, sizeof(card->sm_ctx.module.filename));
strncpy(card->sm_ctx.config_section, sm, sizeof(card->sm_ctx.config_section));
strlcpy(card->sm_ctx.module.filename, module_name, sizeof(card->sm_ctx.module.filename));
strlcpy(card->sm_ctx.config_section, sm, sizeof(card->sm_ctx.config_section));
/* allocate resources for the external SM module */
sc_log(ctx, "'module_init' handler %p", card->sm_ctx.module.ops.module_init);

4
src/libopensc/ctbcs.c
View File

@ -45,7 +45,7 @@ ctbcs_build_perform_verification_apdu(sc_apdu_t *apdu, struct sc_pin_cmd_data *d
{
const char *prompt;
size_t buflen, count = 0, j = 0, len;
static u8 buf[254];
static u8 buf[256];
u8 control;
ctbcs_init_apdu(apdu,
@ -113,7 +113,7 @@ ctbcs_build_modify_verification_apdu(sc_apdu_t *apdu, struct sc_pin_cmd_data *da
{
const char *prompt;
size_t buflen, count = 0, j = 0, len;
static u8 buf[254];
static u8 buf[256];
u8 control;
ctbcs_init_apdu(apdu,

2
src/libopensc/ctx.c
View File

@ -840,7 +840,7 @@ int sc_set_card_driver(sc_context_t *ctx, const char *short_name)
if (short_name == NULL) {
ctx->forced_driver = NULL;
match = 1;
} else while (ctx->card_drivers[i] != NULL && i < SC_MAX_CARD_DRIVERS) {
} else while (i < SC_MAX_CARD_DRIVERS && ctx->card_drivers[i] != NULL) {
struct sc_card_driver *drv = ctx->card_drivers[i];
if (strcmp(short_name, drv->short_name) == 0) {

4
src/libopensc/cwa-dnie.c
View File

@ -265,8 +265,10 @@ int dnie_read_file(sc_card_t * card,
res = SC_SUCCESS;
goto dnie_read_file_end;
dnie_read_file_err:
if (*file)
if (*file) {
sc_file_free(*file);
*file = NULL;
}
dnie_read_file_end:
if (msg)
sc_log(ctx, msg);

8
src/libopensc/cwa14890.c
View File

@ -1434,10 +1434,6 @@ int cwa_encode_apdu(sc_card_t * card,
u8 *msgbuf = NULL; /* to encrypt apdu data */
u8 *cryptbuf = NULL;
/* reserve extra bytes for padding and tlv header */
msgbuf = calloc(12 + from->lc, sizeof(u8)); /* to encrypt apdu data */
cryptbuf = calloc(12 + from->lc, sizeof(u8));
/* mandatory check */
if (!card || !card->ctx || !provider)
return SC_ERROR_INVALID_ARGUMENTS;
@ -1450,6 +1446,10 @@ int cwa_encode_apdu(sc_card_t * card,
LOG_FUNC_RETURN(ctx, SC_ERROR_SM_NOT_INITIALIZED);
if (sm_session->state != CWA_SM_ACTIVE)
LOG_FUNC_RETURN(ctx, SC_ERROR_SM_INVALID_LEVEL);
/* reserve extra bytes for padding and tlv header */
msgbuf = calloc(12 + from->lc, sizeof(u8)); /* to encrypt apdu data */
cryptbuf = calloc(12 + from->lc, sizeof(u8));
if (!msgbuf || !cryptbuf)
LOG_FUNC_RETURN(ctx, SC_ERROR_OUT_OF_MEMORY);

11
src/libopensc/iasecc-sdo.c
View File

@ -1287,4 +1287,15 @@ iasecc_docp_copy(struct sc_context *ctx, struct iasecc_sdo_docp *in, struct iase
LOG_FUNC_RETURN(ctx, SC_SUCCESS);
}
#else
/* we need to define the functions below to export them */
#include "errors.h"
int
iasecc_sdo_encode_update_field()
{
return SC_ERROR_NOT_SUPPORTED;
}
#endif /* ENABLE_OPENSSL */

5
src/libopensc/iasecc-sm.c
View File

@ -25,6 +25,7 @@
#include "internal.h"
#include "asn1.h"
#include "cardctl.h"
#include "common/compat_strlcpy.h"
#include "sm.h"
#include "iasecc.h"
@ -156,7 +157,7 @@ iasecc_sm_external_authentication(struct sc_card *card, unsigned skey_ref, int *
if (card->sm_ctx.sm_mode == SM_MODE_NONE)
LOG_TEST_RET(ctx, SC_ERROR_NOT_SUPPORTED, "Cannot do 'External Authentication' without SM activated ");
strncpy(sm_info->config_section, card->sm_ctx.config_section, sizeof(sm_info->config_section));
strlcpy(sm_info->config_section, card->sm_ctx.config_section, sizeof(sm_info->config_section));
sm_info->cmd = SM_CMD_EXTERNAL_AUTH;
sm_info->serialnr = card->serialnr;
sm_info->card_type = card->type;
@ -296,7 +297,7 @@ iasecc_sm_initialize(struct sc_card *card, unsigned se_num, unsigned cmd)
LOG_FUNC_CALLED(ctx);
strncpy(sm_info->config_section, card->sm_ctx.config_section, sizeof(sm_info->config_section));
strlcpy(sm_info->config_section, card->sm_ctx.config_section, sizeof(sm_info->config_section));
sm_info->cmd = cmd;
sm_info->serialnr = card->serialnr;
sm_info->card_type = card->type;

2
src/libopensc/iso7816.c
View File

@ -657,7 +657,7 @@ iso7816_construct_fci(struct sc_card *card, const sc_file_t *file,
p, *outlen - (p - out), &p);
}
if (file->sec_attr_len) {
assert(sizeof(buf) >= file->prop_attr_len);
assert(sizeof(buf) >= file->sec_attr_len);
memcpy(buf, file->sec_attr, file->sec_attr_len);
sc_asn1_put_tag(0x86, buf, file->sec_attr_len,
p, *outlen - (p - out), &p);

14
src/libopensc/log.c
View File

@ -235,3 +235,17 @@ sc_dump_hex(const u8 * in, size_t count)
return dump_buf;
}
char *
sc_dump_oid(const struct sc_object_id *oid)
{
static char dump_buf[SC_MAX_OBJECT_ID_OCTETS * 20];
size_t ii;
memset(dump_buf, 0, sizeof(dump_buf));
if (oid)
for (ii=0; ii<SC_MAX_OBJECT_ID_OCTETS && oid->value[ii] != -1; ii++)
snprintf(dump_buf + strlen(dump_buf), sizeof(dump_buf) - strlen(dump_buf), "%s%i", (ii ? "." : ""), oid->value[ii]);
return dump_buf;
}

2
src/libopensc/log.h
View File

@ -60,7 +60,7 @@ void _sc_log(struct sc_context *ctx, const char *format, ...);
void sc_hex_dump(struct sc_context *ctx, int level, const u8 * buf, size_t len, char *out, size_t outlen);
char * sc_dump_hex(const u8 * in, size_t count);
char * sc_dump_oid(const struct sc_object_id *oid);
#define SC_FUNC_CALLED(ctx, level) do { \
sc_do_log(ctx, level, __FILE__, __LINE__, __FUNCTION__, "called\n"); \
} while (0)

3
src/libopensc/muscle.c
View File

@ -662,8 +662,7 @@ int msc_compute_crypt_init(sc_card_t *card,
SC_TEST_RET(card->ctx, SC_LOG_DEBUG_NORMAL, r, "APDU transmit failed");
if(apdu.sw1 == 0x90 && apdu.sw2 == 0x00) {
short receivedData = outputBuffer[0] << 8 | outputBuffer[1];
*outputDataLength = receivedData;
*outputDataLength = 0;
*outputDataLength = receivedData;
assert(receivedData <= MSC_MAX_APDU);
memcpy(outputData, outputBuffer + 2, receivedData);

6
src/libopensc/pkcs15-cache.c
View File

@ -112,8 +112,10 @@ int sc_pkcs15_read_cached_file(struct sc_pkcs15_card *p15card,
free(data);
return SC_ERROR_FILE_NOT_FOUND;
}
if (offset)
fseek(f, (long)offset, SEEK_SET);
if (offset) {
if (0 != fseek(f, (long)offset, SEEK_SET))
return SC_ERROR_FILE_NOT_FOUND;
}
if (data)
*buf = data;
got = fread(*buf, 1, count, f);

4
src/libopensc/pkcs15-dnie.c
View File

@ -41,7 +41,9 @@ int dump_ef(sc_card_t * card, const char *path, u8 * buf, size_t * buf_len)
int rv;
sc_file_t *file = sc_file_new();
sc_format_path(path, &file->path);
sc_select_file(card, &file->path, &file);
rv = sc_select_file(card, &file->path, &file);
if (rv < 0)
return rv;
if (file->size > *buf_len)
return SC_ERROR_BUFFER_TOO_SMALL;
rv = sc_read_binary(card, 0, buf, file->size, 0);

2
src/libopensc/pkcs15-itacns.c
View File

@ -499,6 +499,8 @@ static int itacns_add_data_files(sc_pkcs15_card_t *p15card)
sizeof(obj.label));
data.path = path;
rv = sc_pkcs15emu_add_data_object(p15card, &obj, &data);
SC_TEST_RET(p15card->card->ctx, SC_LOG_DEBUG_NORMAL, rv,
"Could not add data file");
}
/*

9
src/libopensc/pkcs15-sc-hsm.c
View File

@ -504,9 +504,12 @@ static int sc_pkcs15emu_sc_hsm_add_pubkey(sc_pkcs15_card_t *p15card, sc_pkcs15_p
memset(&pubkey_info, 0, sizeof(pubkey_info));
memset(&pubkey_obj, 0, sizeof(pubkey_obj));
sc_pkcs15_encode_pubkey(ctx, &pubkey, &pubkey_obj.content.value, &pubkey_obj.content.len);
sc_pkcs15_encode_pubkey(ctx, &pubkey, &pubkey_info.direct.raw.value, &pubkey_info.direct.raw.len);
sc_pkcs15_encode_pubkey_as_spki(ctx, &pubkey, &pubkey_info.direct.spki.value, &pubkey_info.direct.spki.len);
r = sc_pkcs15_encode_pubkey(ctx, &pubkey, &pubkey_obj.content.value, &pubkey_obj.content.len);
LOG_TEST_RET(ctx, r, "Could not encode public key");
r = sc_pkcs15_encode_pubkey(ctx, &pubkey, &pubkey_info.direct.raw.value, &pubkey_info.direct.raw.len);
LOG_TEST_RET(ctx, r, "Could not encode public key");
r = sc_pkcs15_encode_pubkey_as_spki(ctx, &pubkey, &pubkey_info.direct.spki.value, &pubkey_info.direct.spki.len);
LOG_TEST_RET(ctx, r, "Could not encode public key");
pubkey_info.id = key_info->id;
strlcpy(pubkey_obj.label, label, sizeof(pubkey_obj.label));

6
src/libopensc/pkcs15-syn.c
View File

@ -271,7 +271,11 @@ static int parse_emu_block(sc_pkcs15_card_t *p15card, scconf_block *conf)
/* try to get version of the driver/api */
get_version = (const char *(*)(void)) sc_dlsym(handle, "sc_driver_version");
if (get_version) {
sscanf(get_version(), "%u.%u.%u", &major, &minor, &fix);
if (3 != sscanf(get_version(), "%u.%u.%u", &major, &minor, &fix)) {
sc_debug(ctx, SC_LOG_DEBUG_NORMAL,
"unable to get modules version number\n");
return SC_ERROR_INTERNAL;
}
}
if (!get_version || (major == 0 && minor <= 9 && fix < 3) < 0) {

6
src/libopensc/pkcs15-tcos.c
View File

@ -25,6 +25,7 @@
#include <stdio.h>
#include "common/compat_strlcpy.h"
#include "common/compat_strlcat.h"
#include "internal.h"
#include "pkcs15.h"
#include "cardctl.h"
@ -260,8 +261,9 @@ static int insert_pin(
static char *dirpath(char *dir, const char *path){
static char buf[SC_MAX_PATH_STRING_SIZE];
strcpy(buf,dir);
return strcat(buf,path);
strlcpy(buf,dir,sizeof buf);
strlcat(buf,path,sizeof buf);
return buf;
}
static int detect_netkey(

3
src/libopensc/pkcs15.c
View File

@ -1311,7 +1311,8 @@ __sc_pkcs15_search_objects(struct sc_pkcs15_card *p15card, unsigned int class_ma
/* Enumerate the DF's, so p15card->obj_list is
* populated. */
/* FIXME dont ignore errors */
sc_pkcs15_parse_df(p15card, df);
if (SC_SUCCESS != sc_pkcs15_parse_df(p15card, df))
continue;
}
/* And now loop over all objects */

14
src/libopensc/reader-pcsc.c
View File

@ -768,7 +768,7 @@ static unsigned long part10_detect_pace_capabilities(sc_reader_t *reader)
PACE_FUNCTION_GetReaderPACECapabilities, /* idxFunction */
0, 0, /* lengthInputData */
};
u8 rbuf[6];
u8 rbuf[7];
u8 *p = rbuf;
size_t rcount = sizeof rbuf;
struct pcsc_private_data *priv;
@ -781,9 +781,13 @@ static unsigned long part10_detect_pace_capabilities(sc_reader_t *reader)
goto err;
if (priv->pace_ioctl) {
pcsc_internal_transmit(reader, pace_capabilities_buf,
sizeof pace_capabilities_buf, rbuf, &rcount,
priv->pace_ioctl);
if (0 > pcsc_internal_transmit(reader, pace_capabilities_buf,
sizeof pace_capabilities_buf, rbuf, &rcount,
priv->pace_ioctl)) {
sc_debug(reader->ctx, SC_LOG_DEBUG_NORMAL,
"PC/SC v2 part 10 amd1: Get PACE properties failed!");
goto err;
}
if (rcount != 7)
goto err;
@ -1797,7 +1801,7 @@ static int transform_pace_output(u8 *rbuf, size_t rbuflen,
if (parsed+2 > rbuflen)
return SC_ERROR_UNKNOWN_DATA_RECEIVED;
pace_output->mse_set_at_sw1 = rbuf[parsed+0];
pace_output->mse_set_at_sw1 = rbuf[parsed+1];
pace_output->mse_set_at_sw2 = rbuf[parsed+1];
parsed += 2;
/* length_CardAccess */

21
src/libopensc/sc.c
View File

@ -274,17 +274,18 @@ void sc_format_path(const char *str, sc_path_t *path)
{
int type = SC_PATH_TYPE_PATH;
memset(path, 0, sizeof(*path));
if (*str == 'i' || *str == 'I') {
type = SC_PATH_TYPE_FILE_ID;
str++;
if (path) {
memset(path, 0, sizeof(*path));
if (*str == 'i' || *str == 'I') {
type = SC_PATH_TYPE_FILE_ID;
str++;
}
path->len = sizeof(path->value);
if (sc_hex_to_bin(str, path->value, &path->len) >= 0) {
path->type = type;
}
path->count = -1;
}
path->len = sizeof(path->value);
if (sc_hex_to_bin(str, path->value, &path->len) >= 0) {
path->type = type;
}
path->count = -1;
return;
}
int sc_append_path(sc_path_t *dest, const sc_path_t *src)

25
src/pkcs11/framework-pkcs15.c
View File

@ -867,7 +867,7 @@ check_cert_data_read(struct pkcs15_fw_data *fw_data, struct pkcs15_cert_object *
/* now that we have the cert and pub key, lets see if we can bind anything else */
pkcs15_bind_related_objects(fw_data);
return 0;
return rv;
}
@ -2087,7 +2087,9 @@ pkcs15_create_secret_key(struct sc_pkcs11_slot *slot, struct sc_profile *profile
return rv;
/* CKA_TOKEN defaults to false */
attr_find(pTemplate, ulCount, CKA_TOKEN, &_token, NULL);
rv = attr_find(pTemplate, ulCount, CKA_TOKEN, &_token, NULL);
if (rv != CKR_OK)
return rv;
switch (key_type) {
/* Only support GENERIC_SECRET for now */
@ -3446,10 +3448,12 @@ pkcs15_prkey_get_attribute(struct sc_pkcs11_session *session,
check_attribute_buffer(attr, sizeof(CK_ULONG));
switch (prkey->prv_p15obj->type) {
case SC_PKCS15_TYPE_PRKEY_EC:
if (key && key->u.ec.params.field_length > 0)
*(CK_ULONG *) attr->pValue = key->u.ec.params.field_length;
else
*(CK_ULONG *) attr->pValue = (key->u.ec.ecpointQ.len - 1) / 2 *8;
if (key) {
if (key->u.ec.params.field_length > 0)
*(CK_ULONG *) attr->pValue = key->u.ec.params.field_length;
else
*(CK_ULONG *) attr->pValue = (key->u.ec.ecpointQ.len - 1) / 2 *8;
}
return CKR_OK;
default:
*(CK_ULONG *) attr->pValue = prkey->prv_info->modulus_length;
@ -3845,8 +3849,8 @@ pkcs15_pubkey_get_attribute(struct sc_pkcs11_session *session, void *object, CK_
case CKA_EC_PARAMS:
case CKA_EC_POINT:
if (pubkey->pub_data == NULL)
/* FIXME: check the return value? */
check_cert_data_read(fw_data, cert);
if (SC_SUCCESS != check_cert_data_read(fw_data, cert))
return sc_to_cryptoki_error(SC_ERROR_INTERNAL, "check_cert_data_read");
break;
}
@ -4667,8 +4671,11 @@ register_mechanisms(struct sc_pkcs11_card *p11card)
alg_info++;
}
if (flags & SC_ALGORITHM_ECDSA_RAW)
if (flags & SC_ALGORITHM_ECDSA_RAW) {
rc = register_ec_mechanisms(p11card, flags, ec_ext_flags, ec_min_key_size, ec_max_key_size);
if (rc != CKR_OK)
return rc;
}
if (flags & (SC_ALGORITHM_GOSTR3410_RAW
| SC_ALGORITHM_GOSTR3410_HASH_NONE

2
src/pkcs11/pkcs11-global.c
View File

@ -688,7 +688,7 @@ out:
sc_wait_for_event(context, 0, NULL, NULL, -1, &reader_states);
}
sc_log(context, "C_WaitForSlotEvent() = %s, event in 0x%lx", lookup_enum (RV_T, rv), *pSlot);
sc_log(context, "C_WaitForSlotEvent() = %s", lookup_enum (RV_T, rv));
sc_pkcs11_unlock();
return rv;
}

2
src/pkcs11/pkcs11-object.c
View File

@ -394,7 +394,7 @@ C_FindObjectsInit(CK_SESSION_HANDLE hSession, /* the session's handle */
sizeof(CK_OBJECT_HANDLE) * operation->allocated_handles);
if (operation->handles == NULL) {
rv = CKR_HOST_MEMORY;
break;
goto out;
}
}
operation->handles[operation->num_handles++] = object->handle;

2
src/pkcs11/pkcs11-spy.c
View File

@ -68,7 +68,7 @@ init_spy(void)
if (pkcs11_spy) {
/* with our own pkcs11.h we need to maintain this ourself */
pkcs11_spy->version.major = 2;
pkcs11_spy->version.major = 11;
pkcs11_spy->version.minor = 11;
pkcs11_spy->C_Initialize = C_Initialize;
pkcs11_spy->C_Finalize = C_Finalize;
pkcs11_spy->C_GetInfo = C_GetInfo;

2
src/pkcs15init/pkcs15-asepcos.c
View File

@ -510,7 +510,7 @@ static int asepcos_do_create_key(sc_card_t *card, size_t ksize, int fileid,
int r;
size_t len;
sc_file_t *nfile = NULL;
u8 buf[512], *p = buf;
u8 buf[1024], *p = buf;
if (sizeof(buf) < kdlen + 11)
return SC_ERROR_BUFFER_TOO_SMALL;

7
src/pkcs15init/pkcs15-entersafe.c
View File

@ -292,10 +292,9 @@ static int entersafe_create_pin(sc_profile_t *profile, sc_pkcs15_card_t *p15card
data.key_data.symmetric.key_len=16;
r = sc_card_ctl(card, SC_CARDCTL_ENTERSAFE_WRITE_KEY, &data);
if (pin_obj) {
/* Cache new PIN value. */
sc_pkcs15_pincache_add(p15card, pin_obj, pin, pin_len);
}
/* Cache new PIN value. */
sc_pkcs15_pincache_add(p15card, pin_obj, pin, pin_len);
}
{/*puk*/

3
src/pkcs15init/pkcs15-epass2003.c
View File

@ -470,8 +470,7 @@ static int epass2003_pkcs15_store_key(struct sc_profile *profile,
SC_TEST_RET(card->ctx, SC_LOG_DEBUG_NORMAL, r,
"store key: cannot update private key");
if (file)
sc_file_free(file);
sc_file_free(file);
SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_VERBOSE, r);
}

3
src/pkcs15init/pkcs15-gpk.c
View File

@ -458,8 +458,7 @@ gpk_create_key(sc_profile_t *profile, sc_pkcs15_card_t *p15card, sc_pkcs15_objec
#endif
done:
if (keyfile)
sc_file_free(keyfile);
sc_file_free(keyfile);
return r;
}

13
src/pkcs15init/pkcs15-jcop.c
View File

@ -140,10 +140,10 @@ jcop_create_key(sc_profile_t *profile, sc_pkcs15_card_t *p15card, sc_pkcs15_obje
size_t bytes, mod_len, prv_len;
int r;
if (obj->type != SC_PKCS15_TYPE_PRKEY_RSA) {
sc_debug(p15card->card->ctx, SC_LOG_DEBUG_NORMAL, "JCOP supports only RSA keys.");
return SC_ERROR_NOT_SUPPORTED;
}
if (obj->type != SC_PKCS15_TYPE_PRKEY_RSA) {
sc_debug(p15card->card->ctx, SC_LOG_DEBUG_NORMAL, "JCOP supports only RSA keys.");
return SC_ERROR_NOT_SUPPORTED;
}
/* The caller is supposed to have chosen a key file path for us */
if (key_info->path.len == 0 || key_info->modulus_length == 0)
return SC_ERROR_INVALID_ARGUMENTS;
@ -155,7 +155,7 @@ jcop_create_key(sc_profile_t *profile, sc_pkcs15_card_t *p15card, sc_pkcs15_obje
mod_len = key_info->modulus_length / 8;
bytes = mod_len / 2;
prv_len = 2 + 5 * bytes;
prv_len = 2 + 5 * bytes;
keyfile->size = prv_len;
/* Fix up PIN references in file ACL */
@ -164,8 +164,7 @@ jcop_create_key(sc_profile_t *profile, sc_pkcs15_card_t *p15card, sc_pkcs15_obje
if (r >= 0)
r = sc_pkcs15init_create_file(profile, p15card, keyfile);
if (keyfile)
sc_file_free(keyfile);
sc_file_free(keyfile);
return r;
}

51
src/pkcs15init/pkcs15-lib.c
View File

@ -350,7 +350,7 @@ sc_pkcs15init_bind(struct sc_card *card, const char *name, const char *profile_o
* If none is defined, use the default profile name.
*/
if (!get_profile_from_config(card, card_profile, sizeof(card_profile)))
strcpy(card_profile, driver);
strlcpy(card_profile, driver, sizeof card_profile);
if (profile_option != NULL)
strlcpy(card_profile, profile_option, sizeof(card_profile));
@ -1888,8 +1888,7 @@ sc_pkcs15init_store_data(struct sc_pkcs15_card *p15card, struct sc_profile *prof
*path = file->path;
if (file)
sc_file_free(file);
sc_file_free(file);
LOG_FUNC_RETURN(ctx, r);
}
@ -2197,7 +2196,7 @@ sc_pkcs15init_select_intrinsic_id(struct sc_pkcs15_card *p15card, struct sc_prof
{
struct sc_context *ctx = p15card->card->ctx;
struct sc_pkcs15_pubkey *pubkey = NULL;
unsigned id_style = profile->id_style;
unsigned id_style;
struct sc_pkcs15_id id;
unsigned char *id_data = NULL;
size_t id_data_len = 0;
@ -2207,15 +2206,17 @@ sc_pkcs15init_select_intrinsic_id(struct sc_pkcs15_card *p15card, struct sc_prof
#ifndef ENABLE_OPENSSL
LOG_FUNC_RETURN(ctx, SC_SUCCESS);
#else
if (!id_out)
if (!id_out || !profile)
LOG_FUNC_RETURN(ctx, SC_ERROR_INVALID_ARGUMENTS);
id_style = profile->id_style;
/* ID already exists */
if (id_out->len)
LOG_FUNC_RETURN(ctx, SC_SUCCESS);
/* Native ID style is not intrisic one */
if (profile->id_style == SC_PKCS15INIT_ID_STYLE_NATIVE)
if (id_style == SC_PKCS15INIT_ID_STYLE_NATIVE)
LOG_FUNC_RETURN(ctx, SC_SUCCESS);
memset(&id, 0, sizeof(id));
@ -2283,7 +2284,7 @@ sc_pkcs15init_select_intrinsic_id(struct sc_pkcs15_card *p15card, struct sc_prof
break;
default:
sc_log(ctx, "Unsupported ID style: %i", profile->id_style);
sc_log(ctx, "Unsupported ID style: %i", id_style);
LOG_TEST_RET(ctx, SC_ERROR_NOT_SUPPORTED, "Non supported ID style");
}
@ -2672,7 +2673,8 @@ sc_pkcs15init_update_any_df(struct sc_pkcs15_card *p15card,
int update_odf = is_new, r = 0;
LOG_FUNC_CALLED(ctx);
sc_profile_get_file_by_path(profile, &df->path, &file);
r = sc_profile_get_file_by_path(profile, &df->path, &file);
LOG_TEST_RET(ctx, r, "Failed get file path");
if (file == NULL)
sc_select_file(card, &df->path, &file);
@ -3158,6 +3160,7 @@ sc_pkcs15init_get_transport_key(struct sc_profile *profile, struct sc_pkcs15_car
if (callbacks.get_key) {
rv = callbacks.get_key(profile, type, reference, defbuf, defsize, pinbuf, pinsize);
LOG_TEST_RET(ctx, rv, "Cannot get key");
}
else if (rv >= 0) {
if (*pinsize < defsize)
@ -3238,25 +3241,23 @@ sc_pkcs15init_verify_secret(struct sc_profile *profile, struct sc_pkcs15_card *p
sc_log(ctx, "Symbolic PIN resolved to PIN(type:CHV,reference:%i)", type, reference);
}
if (p15card) {
if (path && path->len) {
struct sc_path tmp_path = *path;
int iter;
if (path && path->len) {
struct sc_path tmp_path = *path;
int iter;
r = SC_ERROR_OBJECT_NOT_FOUND;
for (iter = tmp_path.len/2; iter >= 0 && r == SC_ERROR_OBJECT_NOT_FOUND; iter--, tmp_path.len -= 2)
r = sc_pkcs15_find_pin_by_type_and_reference(p15card,
tmp_path.len ? &tmp_path : NULL,
type, reference, &pin_obj);
}
else {
r = sc_pkcs15_find_pin_by_type_and_reference(p15card, NULL, type, reference, &pin_obj);
}
r = SC_ERROR_OBJECT_NOT_FOUND;
for (iter = tmp_path.len/2; iter >= 0 && r == SC_ERROR_OBJECT_NOT_FOUND; iter--, tmp_path.len -= 2)
r = sc_pkcs15_find_pin_by_type_and_reference(p15card,
tmp_path.len ? &tmp_path : NULL,
type, reference, &pin_obj);
}
else {
r = sc_pkcs15_find_pin_by_type_and_reference(p15card, NULL, type, reference, &pin_obj);
}
if (!r && pin_obj) {
memcpy(&auth_info, pin_obj->data, sizeof(auth_info));
sc_log(ctx, "found PIN object '%s'", pin_obj->label);
}
if (!r && pin_obj) {
memcpy(&auth_info, pin_obj->data, sizeof(auth_info));
sc_log(ctx, "found PIN object '%s'", pin_obj->label);
}
if (pin_obj) {

8
src/pkcs15init/pkcs15-myeid.c
View File

@ -189,7 +189,7 @@ myeid_init_card(sc_profile_t *profile,
*/
static int
myeid_create_dir(sc_profile_t *profile, sc_pkcs15_card_t *p15card, sc_file_t *df) {
struct sc_context *ctx = p15card->card->ctx;
struct sc_context *ctx;
struct sc_file *file = NULL;
int r = 0, ii;
static const char *create_dfs[] = {
@ -209,9 +209,10 @@ myeid_create_dir(sc_profile_t *profile, sc_pkcs15_card_t *p15card, sc_file_t *df
SC_PKCS15_DODF
};
if (!profile || !p15card || !df)
if (!profile || !p15card || !p15card->card || !df)
return SC_ERROR_INVALID_ARGUMENTS;
ctx = p15card->card->ctx;
LOG_FUNC_CALLED(ctx);
sc_log(ctx, "id (%x)", df->id);
@ -447,6 +448,9 @@ myeid_create_key(struct sc_profile *profile, struct sc_pkcs15_card *p15card,
file->ef_structure = SC_CARDCTL_MYEID_KEY_EC;
memcpy(&key_info->path.value, &file->path.value, file->path.len);
if (!file->path.len)
LOG_TEST_RET(ctx, SC_ERROR_INVALID_ARGUMENTS,
"Cannot determine private key file");
key_info->key_reference = file->path.value[file->path.len - 1] & 0xFF;
sc_log(ctx, "Path of MyEID private key file to create %s",

23
src/pkcs15init/pkcs15-oberthur-awp.c
View File

@ -330,12 +330,10 @@ awp_create_container(struct sc_pkcs15_card *p15card, struct sc_profile *profile,
rv = awp_create_container_record(p15card, profile, file, acc);
if (clist)
sc_file_free(clist);
if (file)
sc_file_free(file);
if (list)
free(list);
sc_file_free(file);
sc_file_free(clist);
SC_FUNC_RETURN(ctx, SC_LOG_DEBUG_NORMAL, rv);
}
@ -784,10 +782,8 @@ awp_encode_key_info(struct sc_pkcs15_card *p15card, struct sc_pkcs15_object *obj
if (obj->type == COSM_TYPE_PUBKEY_RSA || obj->type == COSM_TYPE_PRKEY_RSA)
ki->flags |= COSM_GENERATED;
if (obj->label) {
ki->label.value = (unsigned char *)strdup(obj->label);
ki->label.len = strlen(obj->label);
}
ki->label.value = (unsigned char *)strdup(obj->label);
ki->label.len = strlen(obj->label);
sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "cosm_encode_key_info() label(%i):%s",ki->label.len, ki->label.value);
/*
@ -1090,10 +1086,8 @@ awp_encode_data_info(struct sc_pkcs15_card *p15card, struct sc_pkcs15_object *ob
di->flags = 0x0000;
if (obj->label) {
di->label.value = (unsigned char *)strdup(obj->label);
di->label.len = strlen(obj->label);
}
di->label.value = (unsigned char *)strdup(obj->label);
di->label.len = strlen(obj->label);
di->app.len = strlen(data_info->app_label);
if (di->app.len) {
@ -1669,8 +1663,8 @@ awp_delete_from_container(struct sc_pkcs15_card *p15card,
rv = 0;
if (buff) free(buff);
if (file) sc_file_free(file);
if (clist) sc_file_free(clist);
sc_file_free(file);
SC_FUNC_RETURN(ctx, SC_LOG_DEBUG_NORMAL, rv);
}
@ -1744,8 +1738,7 @@ awp_remove_from_object_list( struct sc_pkcs15_card *p15card, struct sc_profile *
done:
if (buff)
free(buff);
if (lst)
sc_file_free(lst);
sc_file_free(lst);
if (lst_file)
sc_file_free(lst_file);

6
src/pkcs15init/pkcs15-oberthur.c
View File

@ -63,15 +63,17 @@ static int
cosm_write_tokeninfo (struct sc_pkcs15_card *p15card, struct sc_profile *profile,
char *label, unsigned flags)
{
struct sc_context *ctx = p15card->card->ctx;
struct sc_context *ctx;
struct sc_file *file = NULL;
int rv;
size_t sz;
char *buffer = NULL;
if (!p15card || !profile)
if (!p15card || !p15card->card || !profile)
return SC_ERROR_INVALID_ARGUMENTS;
ctx = p15card->card->ctx;
SC_FUNC_CALLED(ctx, SC_LOG_DEBUG_VERBOSE);
sc_debug(ctx, SC_LOG_DEBUG_NORMAL, "cosm_write_tokeninfo() label '%s'; flags 0x%X", label, flags);
if (sc_profile_get_file(profile, COSM_TITLE"-token-info", &file))

6
src/pkcs15init/pkcs15-openpgp.c
View File

@ -187,7 +187,7 @@ static int openpgp_generate_key(sc_profile_t *profile, sc_pkcs15_card_t *p15card
/* The OpenPGP supports only 32-bit exponent. */
key_info.exponent_len = 32;
key_info.exponent = calloc(4, 1);
key_info.exponent = calloc(key_info.exponent_len>>3, 1); /* 1/8 */
if (key_info.exponent == NULL)
LOG_FUNC_RETURN(ctx, SC_ERROR_NOT_ENOUGH_MEMORY);
@ -204,10 +204,10 @@ static int openpgp_generate_key(sc_profile_t *profile, sc_pkcs15_card_t *p15card
sc_log(ctx, "Set output exponent info");
pubkey->u.rsa.exponent.len = key_info.exponent_len;
pubkey->u.rsa.exponent.data = calloc(key_info.exponent_len, 1);
pubkey->u.rsa.exponent.data = calloc(key_info.exponent_len>>3, 1); /* 1/8 */
if (pubkey->u.rsa.exponent.data == NULL)
goto out;
memcpy(pubkey->u.rsa.exponent.data, key_info.exponent, key_info.exponent_len);
memcpy(pubkey->u.rsa.exponent.data, key_info.exponent, key_info.exponent_len>>3); /* 1/8 */
out:
if (key_info.modulus)

3
src/pkcs15init/pkcs15-sc-hsm.c
View File

@ -271,9 +271,10 @@ static int sc_hsm_generate_key(struct sc_profile *profile, struct sc_pkcs15_card
r = sc_hsm_encode_gakp_ec(p15card, &cvc, key_info);
break;
default:
LOG_FUNC_RETURN(card->ctx, SC_ERROR_NOT_IMPLEMENTED);
r = SC_ERROR_NOT_IMPLEMENTED;
break;
}
LOG_TEST_RET(p15card->card->ctx, r, "Could not encode GAKP cdata");
r = sc_pkcs15emu_sc_hsm_encode_cvc(p15card, &cvc, &cvcbin, &cvclen);
sc_pkcs15emu_sc_hsm_free_cvc(&cvc);

3
src/pkcs15init/pkcs15-setcos.c
View File

@ -236,8 +236,7 @@ setcos_create_pin(sc_profile_t *profile, sc_pkcs15_card_t *p15card,
SC_TEST_RET(ctx, SC_LOG_DEBUG_NORMAL, r, "Cannot set MF into the activated state");
}
if(pinfile)
sc_file_free(pinfile);
sc_file_free(pinfile);
SC_FUNC_RETURN(ctx, SC_LOG_DEBUG_NORMAL, r);
}

2
src/pkcs15init/pkcs15-westcos.c
View File

@ -270,6 +270,8 @@ static int westcos_pkcs15init_generate_key(sc_profile_t *profile,
pubkey->algorithm = SC_ALGORITHM_RSA;
r = sc_pkcs15_decode_pubkey(p15card->card->ctx, pubkey, p, lg);
if (r < 0)
goto out;
}
(void) BIO_reset(mem);

3
src/pkcs15init/profile.c
View File

@ -507,7 +507,6 @@ sc_profile_get_pin_info(struct sc_profile *profile,
if (pi == NULL)
return;
pi->pin.tries_left = pi->pin.tries_left;
pi->pin.max_tries = pi->pin.tries_left;
*info = pi->pin;
}
@ -2059,7 +2058,7 @@ sc_profile_find_file_by_path(struct sc_profile *pro, const sc_path_t *path)
sc_log(ctx, "find profile file by path:%s", sc_print_path(path));
#endif
if (!path->len && !path->aid.len)
if (!path || (!path->len && !path->aid.len))
return NULL;
for (fi = pro->ef_list; fi; fi = fi->next) {

37
src/scconf/parse.c
View File

@ -82,8 +82,9 @@ static scconf_item *scconf_item_find(scconf_parser * parser)
scconf_item *item;
for (item = parser->block->items; item; item = item->next) {
if (item->type == SCCONF_ITEM_TYPE_VALUE &&
strcasecmp(item->key, parser->key) == 0) {
if (item && item->type == SCCONF_ITEM_TYPE_VALUE
&& item->key && parser->key
&& strcasecmp(item->key, parser->key) == 0) {
return item;
}
}
@ -148,20 +149,24 @@ scconf_item *scconf_item_add(scconf_context * config, scconf_block * block, scco
scconf_list_copy(dst->name, &parser.name);
}
scconf_item_add_internal(&parser, type);
switch (parser.current_item->type) {
case SCCONF_ITEM_TYPE_COMMENT:
parser.current_item->value.comment = strdup((const char *) data);
break;
case SCCONF_ITEM_TYPE_BLOCK:
if (!dst)
return NULL;
dst->parent = parser.block;
parser.current_item->value.block = dst;
scconf_list_destroy(parser.name);
break;
case SCCONF_ITEM_TYPE_VALUE:
scconf_list_copy((const scconf_list *) data, &parser.current_item->value.list);
break;
if (parser.current_item) {
switch (parser.current_item->type) {
case SCCONF_ITEM_TYPE_COMMENT:
parser.current_item->value.comment = strdup((const char *) data);
break;
case SCCONF_ITEM_TYPE_BLOCK:
if (!dst)
return NULL;
dst->parent = parser.block;
parser.current_item->value.block = dst;
scconf_list_destroy(parser.name);
break;
case SCCONF_ITEM_TYPE_VALUE:
scconf_list_copy((const scconf_list *) data, &parser.current_item->value.list);
break;
}
} else {
/* FIXME is it an error if item is NULL? */
}
return parser.current_item;
}

6
src/scconf/sclex.c
View File

@ -57,8 +57,10 @@ static void buf_addch(BUFHAN * bp, char ch)
bp->bufmax += 256;
bp->buf = (char *) realloc(bp->buf, bp->bufmax);
}
bp->buf[bp->bufcur++] = ch;
bp->buf[bp->bufcur] = '\0';
if (bp->buf) {
bp->buf[bp->bufcur++] = ch;
bp->buf[bp->bufcur] = '\0';
}
}
static int buf_nextch(BUFHAN * bp)

3
src/tests/base64.c
View File

@ -38,6 +38,7 @@ int main(int argc, char *argv[])
fwrite(outbuf, len, 1, stdout);
r = 0;
err:
fclose(inf);
if (inf)
fclose(inf);
return r;
}

8
src/tests/lottery.c
View File

@ -32,8 +32,12 @@ int main(int argc, char *argv[])
for (i = 0; i < 39; i++) {
nbuf[i] = i + 1;
}
if (c == 0)
gettimeofday(&tv1, NULL);
if (c == 0) {
if (0 != gettimeofday(&tv1, NULL)) {
fprintf(stderr, "gettimeofday() failed: %s\n", sc_strerror(r));
return 1;
}
}
sc_lock(card);
r = sc_get_challenge(card, buf, 14);
sc_unlock(card);

18
src/tests/p15dump.c
View File

@ -23,18 +23,21 @@ static int dump_objects(const char *what, int type)
printf("\nEnumerating %s... ", what);
fflush(stdout);
sc_lock(card);
if (SC_SUCCESS != sc_lock(card))
return 1;
count = sc_pkcs15_get_objects(p15card, type, NULL, 0);
if (count < 0) {
printf("failed.\n");
fprintf(stderr, "Error enumerating %s: %s\n",
what, sc_strerror(count));
sc_unlock(card);
if (SC_SUCCESS != sc_unlock(card))
return 1;
return 1;
}
if (count == 0) {
printf("none found.\n");
sc_unlock(card);
if (SC_SUCCESS != sc_unlock(card))
return 1;
return 0;
}
printf("%u found.\n", count);
@ -48,7 +51,8 @@ static int dump_objects(const char *what, int type)
sc_test_print_object(objs[i]);
}
free(objs);
sc_unlock(card);
if (SC_SUCCESS != sc_unlock(card))
return 1;
return (count < 0) ? 1 : 0;
}
@ -111,7 +115,8 @@ int main(int argc, char *argv[])
return 1;
printf("Looking for a PKCS#15 compatible Smart Card... ");
fflush(stdout);
sc_lock(card);
if (SC_SUCCESS != sc_lock(card))
return 1;
i = sc_pkcs15_bind(card, NULL, &p15card);
/* Keep card locked to prevent useless calls to sc_logout */
if (i) {
@ -129,7 +134,8 @@ int main(int argc, char *argv[])
dump_unusedspace();
sc_pkcs15_unbind(p15card);
sc_unlock(card);
if (SC_SUCCESS != sc_unlock(card))
return 1;
sc_test_cleanup();
return 0;
}

22
src/tests/pintest.c
View File

@ -36,6 +36,10 @@ static int enum_pins(struct sc_pkcs15_object ***ret)
return 0;
}
objs = calloc(n, sizeof(*objs));
if (!objs) {
fprintf(stderr, "Not enough memory!\n");
return 1;
}
sc_pkcs15_get_objects(p15card, SC_PKCS15_TYPE_AUTH_PIN, objs, n);
for (i = 0; i < n; i++) {
sc_test_print_object(objs[i]);
@ -59,9 +63,11 @@ static int ask_and_verify_pin(struct sc_pkcs15_object *pin_obj)
sprintf(prompt, "Please enter PIN code [%s]: ", pin_obj->label);
pass = (u8 *) getpass(prompt);
sc_lock(card);
if (SC_SUCCESS != sc_lock(card))
return 1;
i = sc_pkcs15_verify_pin(p15card, pin_obj, pass, strlen((char *) pass));
sc_unlock(card);
if (SC_SUCCESS != sc_unlock(card))
return 1;
if (i) {
if (i == SC_ERROR_PIN_CODE_INCORRECT)
fprintf(stderr,
@ -90,9 +96,11 @@ int main(int argc, char *argv[])
printf("Slot is capable of doing pinpad operations!\n");
printf("Looking for a PKCS#15 compatible Smart Card... ");
fflush(stdout);
sc_lock(card);
if (SC_SUCCESS != sc_lock(card))
return 1;
i = sc_pkcs15_bind(card, NULL, &p15card);
sc_unlock(card);
if (SC_SUCCESS != sc_unlock(card))
return 1;
if (i) {
fprintf(stderr, "failed: %s\n", sc_strerror(i));
sc_test_cleanup();
@ -100,9 +108,11 @@ int main(int argc, char *argv[])
}
printf("found.\n");
printf("Enumerating PIN codes...\n");
sc_lock(card);
if (SC_SUCCESS != sc_lock(card))
return 1;
count = enum_pins(&objs);
sc_unlock(card);
if (SC_SUCCESS != sc_unlock(card))
return 1;
if (count < 0) {
sc_pkcs15_unbind(p15card);
sc_test_cleanup();

6
src/tools/cardos-tool.c
View File

@ -593,7 +593,7 @@ static int cardos_format(const char *opt_startkey)
if (check_apdu(&apdu))
return 1;
if (apdu.resplen < 0x04) {
printf("expected 4-6 bytes form GET DATA for startkey data, but got only %u\n", apdu.resplen);
printf("expected 4-6 bytes form GET DATA for startkey data, but got only %zu\n", apdu.resplen);
printf("aborting\n");
return 1;
}
@ -914,7 +914,7 @@ static int cardos_change_startkey(const char *change_startkey_apdu)
if (check_apdu(&apdu))
return 1;
if (apdu.resplen < 0x04) {
printf("expected 4-6 bytes form GET DATA for startkey data, but got only %u\n", apdu.resplen);
printf("expected 4-6 bytes form GET DATA for startkey data, but got only %zu\n", apdu.resplen);
printf("aborting\n");
return 1;
}
@ -999,7 +999,7 @@ change_startkey:
if (check_apdu(&apdu))
return 1;
if (apdu.resplen < 0x04) {
printf("expected 4-6 bytes form GET DATA for startkey data, but got only %u\n", apdu.resplen);
printf("expected 4-6 bytes form GET DATA for startkey data, but got only %zu\n", apdu.resplen);
printf("aborting\n");
return 1;
}

7
src/tools/cryptoflex-tool.c
View File

@ -28,6 +28,7 @@
#include "libopensc/pkcs15.h"
#include "common/compat_strlcpy.h"
#include "common/compat_strlcat.h"
#include "util.h"
static const char *app_name = "cryptoflex-tool";
@ -145,7 +146,7 @@ static int select_app_df(void)
strcpy(str, "3F00");
if (opt_appdf != NULL)
strcat(str, opt_appdf);
strlcat(str, opt_appdf, sizeof str);
sc_format_path(str, &path);
r = sc_select_file(card, &path, &file);
if (r) {
@ -715,7 +716,7 @@ static int encode_private_key(RSA *rsa, u8 *key, size_t *keysize)
static int encode_public_key(RSA *rsa, u8 *key, size_t *keysize)
{
u8 buf[512], *p = buf;
u8 buf[1024], *p = buf;
u8 bnbuf[256];
int base = 0;
int r;
@ -945,7 +946,7 @@ static int create_pin(void)
}
strcpy(buf, "3F00");
if (opt_appdf != NULL)
strcat(buf, opt_appdf);
strlcat(buf, opt_appdf, sizeof buf);
sc_format_path(buf, &path);
return create_pin_file(&path, opt_pin_num, "");

2
src/tools/dnie-tool.c
View File

@ -146,7 +146,7 @@ int main(int argc, char* argv[])
if (r) {
fprintf(stderr, "Error: Failed to establish context: %s\n",
sc_strerror(r));
return -1;
goto dnie_tool_end;
}
if (verbose > 1) {

2
src/tools/openpgp-tool.c
View File

@ -370,6 +370,8 @@ static int do_dump_do(sc_card_t *card, unsigned int tag)
if(opt_raw) {
r = 0;
tmp = dup(fileno(stdout));
if (tmp < 0)
return EXIT_FAILURE;
fp = freopen(NULL, "wb", stdout);
if(fp) {
r = fwrite(buffer, sizeof(char), sizeof(buffer), fp);

14
src/tools/piv-tool.c
View File

@ -113,13 +113,16 @@ static int load_object(const char * object_id, const char * object_file)
int r;
struct stat stat_buf;
if((fp=fopen(object_file, "r"))==NULL){
if(!object_file || (fp=fopen(object_file, "r")) == NULL){
printf("Cannot open object file, %s %s\n",
(object_file)?object_file:"", strerror(errno));
return -1;
}
stat(object_file, &stat_buf);
if (0 != stat(object_file, &stat_buf)) {
printf("unable to read file %s\n",object_file);
return -1;
}
derlen = stat_buf.st_size;
der = malloc(derlen);
if (der == NULL) {
@ -173,13 +176,16 @@ static int load_cert(const char * cert_id, const char * cert_file,
if (compress) { /* file is gziped already */
struct stat stat_buf;
stat(cert_file, &stat_buf);
if (0 != stat(cert_file, &stat_buf)) {
printf("unable to read file %s\n",cert_file);
return -1;
}
derlen = stat_buf.st_size;
der = malloc(derlen);
if (der == NULL) {
printf("file %s is too big, %lu\n",
cert_file, (unsigned long)derlen);
return-1 ;
return -1 ;
}
if (1 != fread(der, derlen, 1, fp)) {
printf("unable to read file %s\n",cert_file);

19
src/tools/pkcs11-tool.c
View File

@ -47,6 +47,8 @@
#include "pkcs11/pkcs11.h"
#include "pkcs11/pkcs11-opensc.h"
#include "libopensc/asn1.h"
#include "common/compat_strlcat.h"
#include "common/compat_strlcpy.h"
#include "util.h"
extern void *C_LoadModule(const char *name, CK_FUNCTION_LIST_PTR_PTR);
@ -1145,7 +1147,7 @@ static void init_token(CK_SLOT_ID slot)
util_fatal("No PIN entered, exiting\n");
if (!new_pin || !*new_pin || strlen(new_pin) > 20)
util_fatal("Invalid SO PIN\n");
strcpy(new_buf, new_pin);
strlcpy(new_buf, new_pin, sizeof new_buf);
free(new_pin); new_pin = NULL;
printf("Please enter the new SO PIN (again): ");
r = util_getpass(&new_pin, &len, stdin);
@ -1318,7 +1320,7 @@ static int unlock_pin(CK_SLOT_ID slot, CK_SESSION_HANDLE sess, int login_type)
r = util_getpass(&new_pin, &len, stdin);
if (r < 0)
return 1;
strcpy(new_buf, new_pin);
strlcpy(new_buf, new_pin, sizeof new_buf);
printf("Please enter the new PIN again: ");
r = util_getpass(&new_pin, &len, stdin);
@ -2836,7 +2838,7 @@ get_mechanisms(CK_SLOT_ID slot, CK_MECHANISM_TYPE_PTR *pList, CK_FLAGS flags)
CK_RV rv;
rv = p11->C_GetMechanismList(slot, *pList, &ulCount);
*pList = calloc(ulCount, sizeof(*pList));
*pList = calloc(ulCount, sizeof(**pList));
if (*pList == NULL)
util_fatal("calloc failed: %m");
@ -3844,7 +3846,8 @@ static int wrap_unwrap(CK_SESSION_HANDLE session,
return 1;
}
EVP_DecryptInit(&seal_ctx, algo, key, iv);
if (!EVP_DecryptInit(&seal_ctx, algo, key, iv))
return 1;
len = sizeof(cleartext);
EVP_DecryptUpdate(&seal_ctx, cleartext, &len, ciphered, ciphered_len);
@ -4215,7 +4218,7 @@ static void test_kpgen_certwrite(CK_SLOT_ID slot, CK_SESSION_HANDLE session)
return;
tmp = getID(session, priv_key, (CK_ULONG *) &opt_object_id_len);
if (opt_object_id == NULL || opt_object_id_len == 0) {
if (opt_object_id_len == 0) {
printf("ERR: newly generated private key has no (or an empty) CKA_ID\n");
return;
}
@ -4370,7 +4373,7 @@ static void test_ec(CK_SLOT_ID slot, CK_SESSION_HANDLE session)
return;
tmp = getID(session, priv_key, (CK_ULONG *) &opt_object_id_len);
if (opt_object_id == NULL || opt_object_id_len == 0) {
if (opt_object_id_len == 0) {
printf("ERR: newly generated private key has no (or an empty) CKA_ID\n");
return;
}
@ -4434,8 +4437,8 @@ static const char *p11_flag_names(struct flag_info *list, CK_FLAGS value)
buffer[0] = '\0';
while (list->value) {
if (list->value & value) {
strcat(buffer, sepa);
strcat(buffer, list->name);
strlcat(buffer, sepa, sizeof buffer);
strlcat(buffer, list->name, sizeof buffer);
value &= ~list->value;
sepa = ", ";
}

24
src/tools/pkcs15-init.c
View File

@ -1010,8 +1010,7 @@ is_cacert_already_present(struct sc_pkcs15init_certargs *args)
if (!cinfo->authority)
continue;
if (args->label && objs[i]->label
&& strcmp(args->label, objs[i]->label))
if (strcmp(args->label, objs[i]->label))
continue;
/* XXX we should also match the usage field here */
@ -1296,8 +1295,7 @@ static int get_cert_info(sc_pkcs15_card_t *myp15card, sc_pkcs15_object_t *certob
}
done:
if (cert)
sc_pkcs15_free_certificate(cert);
sc_pkcs15_free_certificate(cert);
if (othercert)
sc_pkcs15_free_certificate(othercert);
@ -1312,7 +1310,7 @@ done:
*/
static int do_delete_crypto_objects(sc_pkcs15_card_t *myp15card,
struct sc_profile *profile,
const sc_pkcs15_id_t id,
const sc_pkcs15_id_t *id,
unsigned int which)
{
sc_pkcs15_object_t *objs[10]; /* 1 priv + 1 pub + chain of at most 8 certs, should be enough */
@ -1328,23 +1326,23 @@ static int do_delete_crypto_objects(sc_pkcs15_card_t *myp15card,
}
for (i = 0; i< r; i++)
if (sc_pkcs15_compare_id(&id, &((struct sc_pkcs15_prkey_info *)key_objs[i]->data)->id))
if (sc_pkcs15_compare_id(id, &((struct sc_pkcs15_prkey_info *)key_objs[i]->data)->id))
objs[count++] = key_objs[i];
if (!count)
fprintf(stderr, "NOTE: couldn't find privkey %s to delete\n", sc_pkcs15_print_id(&id));
fprintf(stderr, "NOTE: couldn't find privkey %s to delete\n", sc_pkcs15_print_id(id));
}
if (which & SC_PKCS15INIT_TYPE_PUBKEY) {
if (sc_pkcs15_find_pubkey_by_id(myp15card, &id, &objs[count]) != 0)
fprintf(stderr, "NOTE: couldn't find pubkey %s to delete\n", sc_pkcs15_print_id(&id));
if (sc_pkcs15_find_pubkey_by_id(myp15card, id, &objs[count]) != 0)
fprintf(stderr, "NOTE: couldn't find pubkey %s to delete\n", sc_pkcs15_print_id(id));
else
count++;
}
if (which & SC_PKCS15INIT_TYPE_CERT) {
if (sc_pkcs15_find_cert_by_id(myp15card, &id, &objs[count]) != 0)
fprintf(stderr, "NOTE: couldn't find cert %s to delete\n", sc_pkcs15_print_id(&id));
if (sc_pkcs15_find_cert_by_id(myp15card, id, &objs[count]) != 0)
fprintf(stderr, "NOTE: couldn't find cert %s to delete\n", sc_pkcs15_print_id(id));
else {
count++;
del_cert = 1;
@ -1417,7 +1415,7 @@ do_delete_objects(struct sc_profile *profile, unsigned int myopt_delete_flags)
util_fatal("Specify the --id for key(s) or cert(s) to be deleted\n");
sc_pkcs15_format_id(opt_objectid, &id);
r = do_delete_crypto_objects(p15card, profile, id, myopt_delete_flags);
r = do_delete_crypto_objects(p15card, profile, &id, myopt_delete_flags);
if (r >= 0)
count += r;
}
@ -2840,7 +2838,7 @@ static int verify_pin(struct sc_pkcs15_card *p15card, char *auth_id_str)
if (opt_no_prompt)
return SC_ERROR_OBJECT_NOT_FOUND;
if (pin_obj->label)
if (0 < strnlen(pin_obj->label, sizeof pin_obj->label))
snprintf(pin_label, sizeof(pin_label), "User PIN [%s]", pin_obj->label);
else
snprintf(pin_label, sizeof(pin_label), "User PIN");

56
src/tools/pkcs15-tool.c
View File

@ -306,7 +306,7 @@ print_pem_object(const char *kind, const u8*data, size_t data_len)
return 0;
}
static int
static void
list_data_object(const char *kind, const unsigned char *data, size_t data_len)
{
char title[0x100];
@ -321,8 +321,6 @@ list_data_object(const char *kind, const unsigned char *data, size_t data_len)
printf("%02X", data[i]);
}
printf("\n");
return 0;
}
static int
@ -457,7 +455,7 @@ static int list_data_objects(void)
int idx;
struct sc_pkcs15_data_info *cinfo = (struct sc_pkcs15_data_info *) objs[i]->data;
if (objs[i]->label)
if (0 < strnlen(objs[i]->label, sizeof objs[i]->label))
printf("Data object '%s'\n", objs[i]->label);
else
printf("Data object <%i>\n", i);
@ -478,7 +476,7 @@ static int list_data_objects(void)
continue; /* DEE emulation may say there is a file */
return 1;
}
r = list_data_object("\tData", data_object->data, data_object->data_len);
list_data_object("\tData", data_object->data, data_object->data_len);
sc_pkcs15_free_data_object(data_object);
}
else {
@ -589,6 +587,7 @@ static void print_pubkey_info(const struct sc_pkcs15_object *obj)
"neverExtract", "local"
};
const unsigned int af_count = NELEMENTS(access_flags);
int have_path = (pubkey->path.len != 0) || (pubkey->path.aid.len != 0);
printf("Public %s Key [%s]\n", types[7 & obj->type], obj->label);
print_common_flags(obj);
@ -607,18 +606,29 @@ static void print_pubkey_info(const struct sc_pkcs15_object *obj)
print_access_rules(obj->access_rules, SC_PKCS15_MAX_ACCESS_RULES);
if (pubkey->modulus_length)
if (pubkey->modulus_length) {
printf("\tModLength : %lu\n", (unsigned long)pubkey->modulus_length);
else
printf("\tFieldLength : %lu\n", (unsigned long)pubkey->field_length);
}
else if (pubkey->field_length) {
printf("\tFieldLength : %lu\n", (unsigned long)pubkey->field_length);
}
else if (obj->type == SC_PKCS15_TYPE_PUBKEY_EC && have_path) {
sc_pkcs15_pubkey_t *pkey = NULL;
if (!sc_pkcs15_read_pubkey(p15card, obj, &pkey)) {
printf("\tFieldLength : %lu\n", (unsigned long)pkey->u.ec.params.field_length);
sc_pkcs15_free_pubkey(pkey);
}
}
printf("\tKey ref : %d (0x%X)\n", pubkey->key_reference, pubkey->key_reference);
printf("\tNative : %s\n", pubkey->native ? "yes" : "no");
if (pubkey->path.len || pubkey->path.aid.len)
if (have_path)
printf("\tPath : %s\n", sc_print_path(&pubkey->path));
if (obj->auth_id.len != 0)
printf("\tAuth ID : %s\n", sc_pkcs15_print_id(&obj->auth_id));
printf("\tID : %s\n", sc_pkcs15_print_id(&pubkey->id));
printf("\tDirectValue : <%s>\n", obj->content.len ? "present" : "absent");
if (!have_path || obj->content.len)
printf("\tDirectValue : <%s>\n", obj->content.len ? "present" : "absent");
}
static int list_public_keys(void)
@ -783,17 +793,17 @@ static int read_ssh_key(void)
struct sc_pkcs15_object *obj = NULL;
sc_pkcs15_pubkey_t *pubkey = NULL;
sc_pkcs15_cert_t *cert = NULL;
FILE *outf = NULL;
FILE *outf = NULL;
if (opt_outfile != NULL) {
outf = fopen(opt_outfile, "w");
if (outf == NULL) {
fprintf(stderr, "Error opening file '%s': %s\n", opt_outfile, strerror(errno));
goto fail2;
}
}
if (opt_outfile != NULL) {
outf = fopen(opt_outfile, "w");
if (outf == NULL) {
fprintf(stderr, "Error opening file '%s': %s\n", opt_outfile, strerror(errno));
goto fail2;
}
}
else {
outf = stdout;
outf = stdout;
}
id.len = SC_PKCS15_MAX_ID_SIZE;
@ -988,8 +998,8 @@ static int read_ssh_key(void)
free(uu);
}
if (outf != stdout)
fclose(outf);
if (outf != stdout)
fclose(outf);
if (cert)
sc_pkcs15_free_certificate(cert);
else if (pubkey)
@ -999,8 +1009,8 @@ static int read_ssh_key(void)
fail:
printf("can't convert key: buffer too small\n");
fail2:
if (outf != stdout)
fclose(outf);
if (outf && outf != stdout)
fclose(outf);
if (cert)
sc_pkcs15_free_certificate(cert);
else if (pubkey)

17
src/tools/sc-hsm-tool.c
View File

@ -62,6 +62,8 @@ static int verbose = 0;
#define MAX_KEY 1024
#define MAX_WRAPPED_KEY (MAX_CERT + MAX_PRKD + MAX_KEY)
#define SEED_LENGTH 16
enum {
OPT_SO_PIN = 0x100,
OPT_PIN,
@ -139,14 +141,15 @@ static sc_card_t *card = NULL;
* @param s Secret to share
* @param n Maximum number of shares
* @param rngSeed Seed value for CPRNG
* @param rngSeedLength Lenght of Seed value for CPRNG
*
*/
static void generatePrime(BIGNUM *prime, const BIGNUM *s, const unsigned int n, unsigned char *rngSeed)
static void generatePrime(BIGNUM *prime, const BIGNUM *s, const unsigned int n, unsigned char *rngSeed, const unsigned int rngSeedLength)
{
int bits = 0;
// Seed the RNG
RAND_seed(rngSeed, sizeof(rngSeed));
RAND_seed(rngSeed, rngSeedLength);
// Determine minimum number of bits for prime >= max(2^r, n + 1)
bits = BN_num_bits_word(n + 1) > BN_num_bits(s) ? (BN_num_bits_word(n + 1)) : (BN_num_bits(s));
@ -424,7 +427,7 @@ void clearScreen()
void waitForEnterKeyPressed()
{
char c;
int c;
fflush(stdout);
while ((c = getchar()) != '\n' && c != EOF) {
@ -851,7 +854,7 @@ static int generate_pwd_shares(sc_card_t *card, char **pwd, int *pwdlen, int pas
/*
* Generate seed and calculate a prime depending on the size of the secret
*/
r = sc_get_challenge(card, rngseed, 16);
r = sc_get_challenge(card, rngseed, SEED_LENGTH);
if (r < 0) {
printf("Error generating random seed failed with %s", sc_strerror(r));
OPENSSL_cleanse(*pwd, *pwdlen);
@ -859,7 +862,7 @@ static int generate_pwd_shares(sc_card_t *card, char **pwd, int *pwdlen, int pas
return r;
}
generatePrime(&prime, &secret, password_shares_total, rngseed);
generatePrime(&prime, &secret, password_shares_total, rngseed, SEED_LENGTH);
// Allocate data buffer for the generated shares
shares = malloc(password_shares_total * sizeof(secret_share_t));
@ -1169,7 +1172,10 @@ static int wrap_key(sc_card_t *card, int keyid, const char *outf, const char *pi
memcpy(ptr, key, key_len);
ptr += key_len;
free(key);
key = NULL;
key_len = 0;
// Add private key description
if (ef_prkd_len > 0) {
@ -1184,7 +1190,6 @@ static int wrap_key(sc_card_t *card, int keyid, const char *outf, const char *pi
}
// Encode key, key decription and certificate object in sequence
key_len = 0;
wrap_with_tag(0x30, keyblob, ptr - keyblob, &key, &key_len);
out = fopen(outf, "wb");

17
src/tools/util.c
View File

@ -376,7 +376,8 @@ util_getpass (char **lineptr, size_t *len, FILE *stream)
{
#define MAX_PASS_SIZE 128
char *buf;
unsigned int i;
size_t i;
int ch = 0;
#ifndef _WIN32
struct termios old, new;
@ -395,26 +396,26 @@ util_getpass (char **lineptr, size_t *len, FILE *stream)
for (i = 0; i < MAX_PASS_SIZE - 1; i++) {
#ifndef _WIN32
buf[i] = getchar();
ch = getchar();
#else
buf[i] = _getch();
ch = _getch();
#endif
if (buf[i] == 0 || buf[i] == 3)
if (ch == 0 || ch == 3)
break;
if (buf[i] == '\n' || buf[i] == '\r')
if (ch == '\n' || ch == '\r')
break;
buf[i] = (char) ch;
}
#ifndef _WIN32
tcsetattr (fileno (stdout), TCSAFLUSH, &old);
fputs("\n", stdout);
#endif
if (buf[i] == 0 || buf[i] == 3) {
if (ch == 0 || ch == 3) {
free(buf);
return -1;
}
buf[i] = 0;
if (*lineptr && (!len || *len < i+1)) {
free(*lineptr);
*lineptr = NULL;

10
src/tools/westcos-tool.c
View File

@ -305,7 +305,7 @@ static int cert2der(X509 *cert, u8 **value)
static int create_file_cert(sc_card_t *card)
{
int r;
int size;
int size = 0;
sc_path_t path;
sc_file_t *file = NULL;
@ -313,12 +313,13 @@ static int create_file_cert(sc_card_t *card)
r = sc_select_file(card, &path, &file);
if(r) goto out;
size = (file->size) - 32;
if(file)
{
size = (file->size) - 32;
sc_file_free(file);
file = NULL;
} else {
size = 2048;
}
sc_format_path("0002", &path);
@ -903,8 +904,7 @@ out:
sc_disconnect_card(card);
}
if (ctx)
sc_release_context(ctx);
sc_release_context(ctx);
return EXIT_SUCCESS;
}