When building without OpenPACE there are two unused variables in
sc_hsm_init() that cause compiler to emit warnings about them.
Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
Use the ASN.1 decoder's SC_ASN1_BIT_FIELD decoder to properly decode
into a machine word. As _bitstring_extension is used only for the OID
2.5.29.15 by all callers, which is at most 9 bits wide, this is a
reasonable thing to do.
Note, that there are a number of card drivers that still use
`sc_read_binary` in the wrong way. Unfortunately, I don't have the time
to go through all of them.
Fixes https://github.com/OpenSC/OpenSC/issues/1112
* Support for new MinInt agent card
This card uses the same ATR as the existing card, but the applet installed
does not have the same AID. This card actually works exactly as the
IASECC_SAGEM.
Unify iasecc_init for AMOS/SAGEM and MI cards
* cac: Make the retransmitted APDU valid by restoring the resplen
* cac: Check SWs for all the APDUs and report the errors to underlying layers
* cac: Fallback from CACv1 to CACv2 when CACv1 instruction is not recognized
for the lack of other pointers how to recongnize them
* avoid goto
tools/pkcs15-tool.c:
Dead assignment: Value stored to 'c' is never read
tools/pkcs11-tool.c:
Dead assignment: Value stored to 'n' is never read
Dead assignment: Value stored to 'rv' is never read
libopensc/card-cac.c:
Dead assignemnt: Value stored to 'tl_head_len' is never read
Dead increment: Value stored to 'outp' is never read
common/libpkcs11.c:
Memory leak in case of C_UnloadModule() fails
libopensc/pkcs15-pubkey.c:
Potential memory leaks
pkcs11/mechanism.c:
Potential memory leak
pkcs11/framework-pkcs15.c:
Potential memory leaks
Dereference of null pointer
Dead assignments
tools/sc-hsm-tool.c:
Function call argument is an uninitialized value
Dead assignment: Value stored to 'r' is never read
libopensc/card-openpgp.c:
Dead assignment: ignoring the errors in case of sc_pkcs15_encode_pubkey() failed
libopensc/pkcs15-cac.c:
Dead assignments: ignoring return values
libopensc/pkcs15-coolkey.c:
Dead assignments: ignoring return values
libopensc/card-sc-hsm.c:
Dereference of undefined pointer value: Properly check the file allocation
pkcs11/slot.c:
Dead assignment
pkcs15init/pkcs15-cflex.c:
Dereference of null pointer
Uninitialized argument values
MyEID does not support RAW RSA signature for 2048 bit key.
(Source: MyEID reference manual 2.1.4)
This hack uses decipher operation for calculating
RAW 2048 bit signature.
* Simplify CardOS 5.0 support (removing explicit 5.3 marker since the behavior should be the same)
* Restore RSA_PKCS signatures functionality
Closes https://github.com/OpenSC/OpenSC/pull/1079
- fixes decoding of SecretKeyAttributes
- adds support for algorithmReferences
- adds support for algIndependentKeys (PKCS#15 Generic keys)
- implements encoding of SKDF
- don't use private data on card matching
- instead, return 1 for every known ATR and only select the applet if the ATR is unknown.
- card initialization always selects the applet.
Advantage: decouples memeory management in matching from initializing the card.
Disadvantage: Applet is selected twice in case of an unknown ATR (once for matching and a second time for initializing the card).
Fixes https://github.com/OpenSC/OpenSC/issues/1042
- eac: allow CA without EF.CardSecurity
- sc-hsm: implemented CA based on document PKI
- sc-hsm: adds receive limit for SoC card
- introduces dedicated card type for SoC card
- md: integrate card's PIN pad capabilities
- installer: added SC-HSM SoC card to registry
- pkcs15-tool: Added support for PIN entry on card
- change/unblock PIN: add support for PIN entry on card
- added OpenPACE to macOS build
- travis-ci: install gengetopt/help2man via brew
- sc-hsm: Cache EF.C_DevAut
- sc-hsm: Prevent unnecessary applet selection and state resets
- sc-hsm: added support for session pin
- sc-hsm: avoid multiple AID selection
- sc-hsm: Use the information from match_card for all subsequent selections of the applet
- sc-hsm: cache optional files as empty files (Decoding the files will reveal that they were not existing prior caching. This avoids selecting the file though we have already tried to cache the file before.)
- use dedicated directory for CVC trust anchors
- appveyor: added OpenPACE to windows build
Communication defined by ISO/IEC 14443 is identical to T=1, so make
sure we connect in the right mode to the card so that the constructed
APDUs can be handled by the card.