32ed309037
pkcs11: use calloc instead of malloc; remove obsolete malloc.h references.
2013-03-15 23:02:02 +02:00
3b4f7b9ff7
pkcs11: Don't touch readers or inserted cards in C_Initialize in 2.20 mode
...
This significantly speeds up calling C_Initialize.
Thanks to Nikos Mavrogiannopoulos for the tip.
2013-03-15 23:01:16 +02:00
c2b6a0d500
pkcs11: report the library version based on plug-n-play feature.
2013-03-15 21:28:29 +02:00
9901682288
Normalize SC_ERROR_* API and clean up ISO7816-4 errors.
...
* iso7816_check_sw() emits a "informational message" (from ISO7816-4 table 6)
* SW-s which are not known or not meaningful for internal API get translated
to SC_ERROR_CARD_CMD_FAILED by default, so use it also in the SW table
* Remove undefined SW-s and move generic SW-s to their sequential location.
This commit improves 8fc679bf40
2013-03-15 12:30:38 +02:00
6f1ae23b1e
pkcs11: segfault if 'application-file' not defined
...
for some cards with emulated PKCS#15 'file_app' from 'application-info' is not defined
2013-03-12 10:23:35 +01:00
3b0ac5f8e7
pkcs15init: copy DATA object value to 'pkcs15-data-info'
...
When creating new DATA object, keep it's value in 'data' member of
'sc-pkcs15-data-info' data.
Used by pkcs15init emulation layer to store DATA value into a proprietary placement.
2013-03-11 18:25:22 +01:00
c1b6575204
pkcs15init tool: throw error when invalid appliaction-id supplied
...
fix action labels
2013-03-11 18:25:05 +01:00
743ca1cedc
pkcs15: new 'data' member in 'sc_pkcs15_data_info'
...
New member keeps the value of the PKCS#15 DATA object.
Internal pkcs15 procedure that reads DATA object is modified
to check if requested data are already vailable in 'data-info',
an only then try to read the content of dedicated on-card file.
For some emulated PKCS#15 systems value of DATA object is kept as 'direct' value
in a proprietary attribute files and so the common read procedure could not be used.
; some efforts to unify layout of code source.
2013-03-11 13:04:10 +01:00
a24ecd0733
pkcs11-tool: ignore CRYPTOKI_ALREADY_INITIALIZED error
...
https://github.com/OpenSC/OpenSC/pull/118
Print warning and ignore 'Cryptoki library has already been initialized' error
returned by C_Initialize().
2013-03-10 13:45:32 +01:00
8fc679bf40
libopensc: invalid usage of SC_ERROR_MEMORY_FAILURE
...
Initiated by discussion in https://github.com/OpenSC/OpenSC/pull/134 .
SC_ERROR_MEMORY_FAILURE has to be used as a resulting code of the card related operations,
and not as result of the memory allocation problems.
New 'warning' category of SC_ERRORs introduced -- SC_WARNING_xx .
Error text and SC_ERROR associated with return codes 6300 and 6200 has been changed.
2013-03-02 19:29:14 +01:00
b1a4775310
epass2003: properly disable padding
...
EVP_CIPHER_CTX_set_padding needs to be called after EVP_EncryptInit_ex
and EVP_DecryptInit_ex, otherwise padding is re-enabled, which in turn
causes buffer overruns
2013-02-27 23:44:02 +00:00
83dc469f07
epass2003: list_files implemented
2013-02-25 19:21:52 +01:00
7a57fa8689
win32: build and include to MSI package 'openpgp-tool.exe'
2013-02-25 19:12:06 +01:00
16ee818440
Update domain name. paljak.pri.ee is gone since 2011.
2013-02-25 11:58:25 +02:00
3c804ff382
libopensc: more comments about FCP data
2013-02-25 10:20:31 +01:00
4b30292585
more macros for the values from ISO specification
2013-02-24 19:37:35 +01:00
326232de90
libopensc: introduce 'encoded-content' to the sc_file data
...
it's the hold place for the file's initial encoded content.
For some cards such data can be included into the file creation command.
2013-02-24 19:37:35 +01:00
5140c4a1f1
libopensc: use short form of the debug message calls
2013-02-24 19:37:35 +01:00
ee48ea187a
Fix to allow exponents other than 65537 for Feitian ePass 2003
2013-02-16 21:13:17 +01:00
b34d916e60
sc-hsm: Fixed problem deleting CA certificates
...
sc-hsm: Fixed public key format returned when generating ECC keys
2013-02-15 15:02:28 +01:00
0577f7d4f5
sc-hsm-tool: Added support for DKEK password sharing scheme
2013-02-07 15:07:42 +01:00
99af6cd8ee
sc-hsm: Fixed a bug that prevents a newly generated 2048 key to show up at the PKCS#11 interface
2013-01-27 18:42:33 +01:00
6d51b320f3
sc-hsm-tool: Added better error handling for non-SmartCard-HSM cards
2013-01-27 18:42:33 +01:00
f55bb019d9
Update src/tools/pkcs11-tool.c
...
fixed filling key type attr on writing object
pointer refers to local variable from destroyed stack frame
2013-01-27 18:37:45 +01:00
58679a5df1
Fixed file-id in myeid.profile
2013-01-27 18:34:07 +01:00
d30cd83ad4
SM: common SM 'increase-sequence-counter' procedure
2013-01-06 17:34:35 +01:00
6a4de6d551
libopensc: APDU 'allocate & copy'and 'free' procedures
2013-01-06 17:30:41 +01:00
8d7c773561
SM: move SM APDU procedures to dedicated source file
...
new SM errors: 'session-already-opened' and 'invalid-checksum'
declare typed data for DH SM session
2013-01-06 16:40:17 +01:00
4c1c39f3e4
opensc-tool: add 'call-SM-handler' command
...
'open' and 'close' handlers of the card's SM driver can be called
2013-01-06 13:13:08 +01:00
3f30e14087
sm: move SM common crypto procedures to the dedicated library
...
rename 'sm' source directory
2013-01-04 22:29:59 +01:00
250364c060
pkcs15init: fix spurious gcc overflow warning,
...
thanks to Milan Broz (mbroz@redhat.com )
As discussed in pull request #115 (https://github.com/OpenSC/OpenSC/pull/115 ),
'if' test of impossible condition is removed in 'cardos' and 'incypto34' card drivers.
2013-01-04 19:03:46 +01:00
cc5a171ddc
pkcs15: regression in e35febe: compute cert length
...
parse_x509_cert() reviewed.
Now certificate's DER data are allocated and the DER data length is determined in one place.
https://github.com/OpenSC/OpenSC/pull/114
https://github.com/OpenSC/OpenSC/commit/e35febe
2012-12-25 20:05:45 +01:00
3aaf95c21b
cardOS: compile on Windows
...
few coding style remarks
2012-12-16 11:50:08 +01:00
1d75427f55
cardOS: Use information from AlgorithmInfo
...
In set_security_env, the algorithmInfo structure (from the TokenInfo file of
PKCS#15) is parsed to see, what algorithm IDs are supported for signature
operations.
Using the information from AlgorithmInfo set in set_security_env when
computing signatures.
Fixed incorrect order of code blocks. If neither a reference to rsa_sig nor to
rsa_pure_sig is found in AlogirthmInfo, boths methods are enabled before (and
not after) trying pure_sig
2012-12-16 11:23:35 +01:00
d5c2401e19
pkcs15-gemsafeV1.c: Multiple key containers and ATR-specific PIN policies
...
pkcs15-gemsafeV1.c: Change PIN data structure to make MSVC compiler happy
pkcs15-gemsafeV1.c: Turn constants into macros to make MSVC compiler happy
2012-12-16 10:09:44 +01:00
f7c12574ee
pkcs15-tool: initialize 'opt_auth_id' consistently.
...
All the other option values are initialized to NULL, so do the same to
opt_auth_id.
(Although, as they're all static globals, they should be set to 0 at
runtime anyway, I think...)
Signed-Off-By: Anthony Foiani <anthony.foiani@gmail.com>
2012-12-10 00:54:26 -07:00
8b07b9c5a7
compile on Windows, minor codding style issues
2012-12-03 15:21:22 +01:00
457426543d
MyEID ECDSA support
2012-12-03 14:37:13 +01:00
9e9b3d0bd8
tool: in 'do_apdu' increase size of send/receive buffers
2012-11-28 11:09:36 +01:00
60b7e52e06
pkcs15: mandatory 'publicKeyCoefficients' in encode/decode public key procedures
...
http://www.opensc-project.org/pipermail/opensc-devel/2012-November/018586.html
2012-11-20 22:58:37 +01:00
81bbddfc24
card-gemsafeV1: Add a GemSafe V1 ATR
...
Thanks to Lukas Wunner for the patch
2012-11-20 19:11:23 +01:00
27c677188e
pcks11: trivial: fix debug output for CKA_PRIME_1 and CKA_PRIME_2
...
Without this patch, debugging output issues these as unknown
attributes:
... C_CreateObject(): CKA_PRIVATE_EXPONENT = 97F798...
... C_CreateObject(): Attribute 0x124 = EFE5AD...
... C_CreateObject(): Attribute 0x125 = D4D3F6...
... C_CreateObject(): CKA_EXPONENT_1 = 5815FD...
With this patch, we see:
... C_CreateObject(): CKA_PRIVATE_EXPONENT = 97F798...
... C_CreateObject(): CKA_PRIME_1 = EFE5AD...
... C_CreateObject(): CKA_PRIME_2 = D4D3F6...
... C_CreateObject(): CKA_EXPONENT_1 = 5815FD...
Signed-Off-By: Anthony Foiani <anthony.foiani@gmail.com>
2012-11-20 08:46:27 +01:00
f63135afab
tools: check return value after each call.
...
It seems that this suffered some copy and paste damage at some point.
Change so that we check each return value immediately after the API
call.
Signed-Off-By: Anthony Foiani <anthony.foiani@gmail.com>
2012-11-20 08:46:27 +01:00
fb8e0cc3b2
sc-hsm: Improved checking in sc-hsm-tool
2012-11-20 08:46:27 +01:00
0adec1bddd
sc-hsm: Fixed bug with memory released to early
2012-11-20 08:46:27 +01:00
bbbfae4bf0
sc-hsm: Now saving the internal CSR in place of the certificate and decoding the public key at initialization (RSA only)
2012-11-20 08:46:27 +01:00
6c051f8490
pkcs11: check arguments in get_bignum_bits() procedure
...
t451: segmentation fault when getting public key bits number
2012-11-12 16:46:25 +01:00
bd86063835
t455: check validity of RSA/DSA public key components
...
Segmentation fault happened when reading SSH key with the non-initilized public key components.
2012-11-12 10:13:57 +01:00
68ee0e76e0
t447: return value from init() in reader driver not checked
2012-11-11 22:17:17 +01:00
f7771c9b08
libopensc: check data returned by 'read-public-key'
...
fix error message
2012-11-11 21:47:10 +01:00
Martin Paljak
Viktor Tarasov
Zbigniew Halas
Ondrej Mikle
Andreas Schwier
Frank Thater
mescheryakov1
Toni Sjöblom
mtausig
blumentopf
Anthony Foiani
Ludovic Rousseau