Fix various spelling errors, mostly in comments but also in texts displayed.
Errors found & interactively fixed using 'codespell', with additional manual
checks after the fixes.
- when listing the slots, we don't have a hotplug slot anymore with
slot->reader == NULL. Instead, we're now using this state for any left
over slots when a reader is removed. So we don't need to include this in
the slot list
- when listing the slots, we need to remember which slots the
application has seen already, to not shrink the list of slots (which is
allowed in PKCS#11 v2.2, but NSS can't handle this)
Macro DEBUG_VSS and routine _debug_virtual_slots were added.
DEBUG_VSS(slot, "printf like format string" [,args...]) will print the virtual_slots
to the opensc-debug.log showing were it was called from.
If slot is not NULL and found in the table it will be highlighted
with an "*".
In gdb: call _debug_virtual_slots(slot) can be used along with
another window to tail opensc-debug.log
On branch PKCS11-SLOTS-2
Date: Fri Feb 21 08:19:37 2020 -0600
Changes to be committed:
modified: src/pkcs11/sc-pkcs11.h
modified: src/pkcs11/slot.c
OpenSC PKCS11 now retains slots even when the reader is removed.
It can do this because existing OpenSC reader handling in ctx.c,
reader-pcsc.c and PC/SC allow OpenSC to do this.
This simplifies the code, and allow a reader to be reinserted
and use the existing slot. This matching is actually done
in reader-pcsc.c because PC/SC returns the unique ids based on
the OS reader names. This is then used as the manufacturerID
By not deleting slots the slot list can only increase which is a
restriction of Firefox. It does not fix all the Firefox issues, but
it does not go into a loop, when all the readers are removed.
The defaults in opensc.conf for max-virtual-readers and slots-per-card
allow for 4 different readers used during one session.
On branch PKCS11-SLOTS-3
Changes to be committed:
modified: sc-pkcs11.h
modified: slot.c
* Previously, it was dependent on ATR blocks, but it did
not allow enrolling various types of cards without knowning
their ATR in advance.
* Improved documnetation for this option in configuration files
Resolves: #1265
tools/pkcs15-tool.c:
Dead assignment: Value stored to 'c' is never read
tools/pkcs11-tool.c:
Dead assignment: Value stored to 'n' is never read
Dead assignment: Value stored to 'rv' is never read
libopensc/card-cac.c:
Dead assignemnt: Value stored to 'tl_head_len' is never read
Dead increment: Value stored to 'outp' is never read
common/libpkcs11.c:
Memory leak in case of C_UnloadModule() fails
libopensc/pkcs15-pubkey.c:
Potential memory leaks
pkcs11/mechanism.c:
Potential memory leak
pkcs11/framework-pkcs15.c:
Potential memory leaks
Dereference of null pointer
Dead assignments
tools/sc-hsm-tool.c:
Function call argument is an uninitialized value
Dead assignment: Value stored to 'r' is never read
libopensc/card-openpgp.c:
Dead assignment: ignoring the errors in case of sc_pkcs15_encode_pubkey() failed
libopensc/pkcs15-cac.c:
Dead assignments: ignoring return values
libopensc/pkcs15-coolkey.c:
Dead assignments: ignoring return values
libopensc/card-sc-hsm.c:
Dereference of undefined pointer value: Properly check the file allocation
pkcs11/slot.c:
Dead assignment
pkcs15init/pkcs15-cflex.c:
Dereference of null pointer
Uninitialized argument values
Since "Add GCC format checking attributes to log functions" commit GCC
warns us about problems with format strings and their arguments provided
to OpenSC message logging functions.
This commit fixes all cases where GCC warned about incorrect format on
64-bit Linux, 32-bit and 64-bit mingw builds (with SM and OpenSSL enabled).
Well, almost all since on mingw GCC does not recognize "ll" size specifier
(present at least since Visual Studio 2005, also in mingw own CRT) so these
(few) warnings about it remain.
In most cases format size specifier for size_t type was missing (usually
size was left at default int level, with is different on 64-bit x86).
Some formats had too few / too many arguments.
In some cases pointers were printed as integers.
Some long variables were missing "l" prefix (especially with regard to %x
format).
Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
As defined in BSI TR-03119 to issue SCardTransmit (with Uses
Pseudo-APDU) instead of SCardControl (with FEATURE_VERIFY_PIN_DIRECT).
It allows using a very basic PC/SC reader driver without special support
for PIN verification or modification (such as the default CCID driver on
Windows).
Also gets IFD vendor information via escape commands.
PC/SC's Get Uid command is now only triggered if enable_escape = true;
was set by the user to allow disabling wrapped commands on broken
readers (see https://github.com/OpenSC/OpenSC/issues/810)
... as required by PKCS#11 2.30, if the application doesn't call
`C_GetSlotList` with `NULL`.
Fixes ghost tokens in Firefox when detaching a reader that contained a
card.
Fixes https://github.com/OpenSC/OpenSC/issues/629
Simplify create tokens rules, no need to manipulate applications in
'pkcs11' configuration part,
applications can be enabled/disabled on the 'pkcs15' one.
Fix the possibility to expose only 'sign' PIN
This is name change only fix.
The variable name "card" was being used to refer to a struct sc_card or a struct sc_pkcs11_card
in some files including sc_pkcs11.h. In other files the variable name "p11card" is used for struct sc_pkcs11_card.
This creates hard to read code, such as: slot->card->card.
All definitations of sc_pkcs11_card *card now use p11card as the variable name.
Fix#471
b94c163 - invalid, non-tested
11881a6 -- src/libopensc/card-iasecc.c -- return from select has to be ignored,
3a92bf7 -- src/pkcs11/slot.c -- SEGFAULT issue #3733a92bf7 -- src/tools/piv-tool.c -- confirmed by author
6759c04 -- src/pkcs15init/pkcs15-lib.c -- file instantiation error has to be ignored
In card detection procedure bind all present applications
and create tokens for them.
Treatement of the different 'create-slots' configuration cases,
joining the objects from different applications into one slot
are previewed for the next commits.
- simplify some of framework handles: remove from it's prototype the arguments that can be derived from the other arguments;
for exemple: foo(slot, slot->card) --> foo(slot)
- add the 'application' argument to the bind, unbind and similar handles;
- preview more then one framework data attached to the pkcs11card object.
- placehold for the future 'derive' and 'can_do' handles.
Peter Marschall
Frank Morgner
Doug Engert
Jakub Jelen
Maciej S. Szmigiero
Frank Morgner
Viktor Tarasov
Martin Paljak
vtarasov
martin