giomba
/
opensc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
8,258 Commits 1 Branch 30 Tags 20 MiB
Commit Graph

365 Commits

Author SHA1 Message Date
Peter Marschall 16c889cf7d spelling fixes 
Fix various spelling errors, mostly in comments but also in texts displayed.

Errors found & interactively fixed using 'codespell', with additional manual
checks after the fixes.
 2020-08-30 10:35:14 +02:00
Doug Engert f5fe292ae1 pkcs11-tool - use valid data for decription tests 
In tests, make sute test data is either padded, or "zero" padded
so size if data <=  modlen - 11. The smallest pad in 11 bytes,
00 | NN | PS | 00. PS is at least 8 bytes.
"zero" padding has N = 00, PS >= 8 byte of 00.

 On branch cardos-5.3
 Changes to be committed:
	modified:   tools/pkcs11-tool.c
 2020-05-09 23:59:51 +02:00
Vladimir Panteleev bb47c1a5d0 pkcs11-tool: Fix mismatched --help text 
The addition of --usage-wrap did not add a corresponding help string,
which caused all help text for the options below it to be shifted by one.
 2020-04-23 14:54:46 +02:00
Lars Silvén 8257e0186d The PKCS#11 specifies that the PIN parameter(s) in C_Login and C_SetPIN 
always should be used, even if a PIN pad reader is used. PIN must only
be fetched from the PIN pad reader if the corresponding parameter is
null.
Before this commit PIN was always fetch from the reader if the PIN could
be fetched from the reader.
The 'pkcs11-tool has also been updated. Before parameters was never
taken from the command line if a PID pad reader was used. Now PINs from
the command line is always used but if not existing the PIN is fetched
from the reader if a reader with a PIN pad is used, otherwise the user
is prompted for PIN(s) from the CLI.
 2020-04-08 09:54:07 +02:00
Jakub Jelen 5721961be2 pkcs11-tool: Properly report invalid signatures 
Comparison is always false because rv <= 0.

Thanks lgtm
 2020-03-04 21:27:56 +01:00
Jakub Jelen 0a610319bd pkcs11-tool: Fix wrong printf arguments 
This argument should be of type 'unsigned int' but is of type 'unsigned long'

Thanks lgtm
 2020-03-04 21:27:56 +01:00
Frank Morgner 0cd19b59e1 pkcs11-tool: add --usage-wrap (disabled by default) 
fixes https://github.com/OpenSC/OpenSC/issues/1913
 2020-02-01 22:29:35 +01:00
Frank Morgner 45a77ab88d
Merge pull request #1772 from Jakuje/idprime 
Add support for Gemalto IDPrime smart cards
 2020-01-31 15:49:29 +01:00
Frank Morgner ee1c8073c2 pkcs11-tool: allow tests with keys that don't require PIN 
... such as the 9e key of a PIV card.
 2020-01-17 16:04:39 +01:00
Jakub Jelen 40c41cee0c pkcs11-tool: Make the SHA256 default for OAEP decryption 
It is already default in all the other functions and it really makes sense since
the SHA1 is being obsoleted
 2020-01-07 13:29:53 +01:00
Priit Laes 0b4b7fbaf0 openssl: Drop all compatibility checks for <=openssl-1.0.0 2020-01-06 15:47:07 +01:00
Julian Strobl e9aa163fe5 pkcs11-tool: fix output of test_decrypt 
Before the output looked like this, if a public key was not found:
```
  testing key 1 (IDKey2)
    RSA-X-509: OK
    RSA-PKCS: OK
  testing key 2 (IDKey3)
couldn't find the corresponding pubkey for validation
couldn't find the corresponding pubkey for validation
    RSA-X-509:     RSA-PKCS:   testing key 3 (IDKey4)
couldn't find the corresponding pubkey for validation
couldn't find the corresponding pubkey for validation
```

Now:
```
  testing key 1 (IDKey2)
    RSA-X-509: OK
    RSA-PKCS: OK
  testing key 2 (IDKey3) -- can't find corresponding public key, skipping
  testing key 3 (IDKey4) -- can't find corresponding public key, skipping
```
 2019-12-28 18:15:55 +01:00
Julian Strobl 81940e123b pkcs11-tool: align output for test_signature 
Before it was a bit confusing, e.g.:
```
  testing key 1 (2048 bits, label=IDKey2) with 1 signature mechanism
    RSA-X-509: OK
couldn't find the corresponding pubkey
  testing key 2 (0 bits, label=IDKey3) with 1 signature mechanism -- can't be used to sign/verify, skipping: can't obtain modulus
```

The error message in line 3 is for IDKey3 and not for IDKey2.

With this patch the output is aligned with `test_verify`:
```
  testing key 1 (IDKey2) with 1 mechanism
    RSA-X-509: OK
  testing key 2 (IDKey3) with 1 mechanism -- can't find corresponding public key, skipping
```
 2019-12-28 18:15:55 +01:00
Frank Morgner 07cff0e168 fixed 341844 Incorrect deallocator used 2019-11-05 21:49:30 +01:00
Frank Morgner 53ff7182fb
pkcs11-tool: disable wrap/unwrap test (#1808) 
... until https://github.com/OpenSC/OpenSC/issues/1796 is resolved
 2019-10-01 11:52:33 +02:00
Frank Morgner e2491a7d7f
pkcs11-tool: fixed displaying secret key attributes (#1807) 
fixes https://github.com/OpenSC/OpenSC/issues/1805
 2019-10-01 11:51:55 +02:00
Frank Morgner 25bc8fc167 fix https://github.com/OpenSC/OpenSC/issues/1786 
Thanks to Alexandre Gonzalo
 2019-09-16 13:06:38 +02:00
Raul Metsma 3a192e2c87 pkcs11-tool: Add extractable option to key import 
Signed-off-by: Raul Metsma <raul@metsma.ee>
 2019-06-03 10:59:58 +02:00
Doug Engert a2dd500624 Fix pkcs11-tool encryption error Fix #1694 
Make sure data being encrypted is less then the modulus.

 On branch pkcs11-tool-encryption
 Changes to be committed:
	modified:   ../tools/pkcs11-tool.c
 2019-05-31 14:16:24 +02:00
Jakub Jelen e501c5ae81 Unbreak build without OpenSSL 2019-05-21 18:44:06 +02:00
Frank Morgner e275b34269 fixed 339157 Unused value 2019-05-14 14:50:17 +02:00
Frank Morgner 86ba3ea489 fixed Wrong type of arguments to formatting function 2019-05-02 10:08:28 +02:00
Frank Morgner 8382f243b2 fixed 337891 Out-of-bounds write 2019-04-25 15:44:11 +02:00
Frank Morgner bfa94dc90d
Merge pull request #1600 from AlexandreGonzalo/trustonic_pkcs11 2019-04-25 14:51:54 +02:00
alegon01 e21cb5712c Fix in encrypt_decrypt(), initialize the mgf 2019-04-24 14:03:35 +02:00
Dmitriy Fortinskiy 8cf1e6f769 pkcs11-tool: List supported GOST mechanisms 2019-04-17 16:42:12 +02:00
Dmitriy Fortinskiy a5382d32fd pkcs11-tool: Show GOSTR3410-2012 keys 2019-04-17 16:42:12 +02:00
Dmitriy Fortinskiy 0e12b1dc71 pkcs11-tool: Generate GOSTR3410-2012 keys 2019-04-17 16:42:12 +02:00
Dmitriy Fortinskiy 4614beb87e pkcs11-tool: Add keys access flags 2019-04-17 16:40:41 +02:00
Raul Metsma 91a1dd9af4 Option to delete object by index 
Signed-off-by: Raul Metsma <raul@metsma.ee>
 2019-04-17 14:38:40 +02:00
Raul Metsma 3935d501bf Implement Secret Key write object 
Signed-off-by: Raul Metsma <raul@metsma.ee>
 2019-04-17 14:37:49 +02:00
Frank Morgner fe95520e3e explicitly import libpkcs11.h 2019-04-08 11:16:13 +02:00
Jakub Jelen fc4d600634 pkcs11-tool: Allow to set CKA_ALLOWED_MECHANISMS when creating an objects 
Also list them in the attributes listing
 2019-04-08 11:15:19 +02:00
alegon01 f631b5f733 Fix in encrypt_decrypt(), check for (in_len <= sizeof orig_data) 2019-04-05 10:39:52 +02:00
alegon01 4913feadb8 Fix in encrypt_decrypt(), check for (in_len <= sizeof orig_data) 2019-04-05 10:38:12 +02:00
alegon01 31831c300b Remove the call to OPENSSL_init_crypto() which is not needed. I have a segmentation fault when the process exits. 2019-03-12 08:52:06 +01:00
alegon01 728d099a53 FIX typo OpenSSL vs OpenSsl. 2019-03-06 11:35:11 +01:00
alegon01 b327b76134 FIX use pseudo_randomize() for a proper initialization of orig_data in encrypt_decrypt(). 2019-03-06 10:26:05 +01:00
Frank Morgner ba185954c5 fixed 333709 Unchecked return value 2019-03-06 00:42:38 +01:00
alegon01 7271fe610b Add support for the OpenSsl signature format for the signature verification. 2019-02-18 16:03:41 +01:00
alegon01 9ae507c5f8 Fix indentation. 2019-02-12 14:09:26 +01:00
alegon01 b63a868e68 Fix build when EVP_PKEY_CTX_set_rsa_oaep_md is not defined. 2019-02-12 10:42:39 +01:00
alegon01 973625773b Fix encrypt_decrypt() for CKM_RSA_PKCS_OAEP. It is working fine now with OpenSsl 1.1.1a. 2019-02-07 10:42:48 +01:00
alegon01 084624f340 Fix CKM_RSA_PKCS in encrypt_decrypt(). 2019-02-05 12:03:51 +01:00
alegon01 9aa413bd7e Fix CKM_RSA_X_509 encrypt_decrypt(). Improve the code for CKM_RSA_PKCS and CKM_RSA_PKCS_OAEP. For these alogs, only CKM_SHA_1 is supported. 2019-02-05 11:35:42 +01:00
alegon01 d25fbe3cec Remove 2 useless comments in encrypt_decrypt(). 2019-02-05 11:24:33 +01:00
alegon01 3d09823df0 Fix build when OPENSSL_NO_RIPEMD and OPENSSL_NO_CAST are defined. Fix formatting. 2019-02-04 14:26:02 +01:00
alegon01 f030aa2c25 Add support for CKM_RSA_X_509 in encrypt_decrypt() and decrypt_data(). 2019-02-04 14:23:13 +01:00
alegon01 9b7605ff3c Add support for CKM_RSA_PKCS_OAEP in encrypt_decrypt(). Only set the OAEP params for CKM_RSA_PKCS_OAEP, I had an issue with a variable not initialized. 2019-02-01 15:27:55 +01:00
alegon01 cf617da4bd Before calling encrypt_decrypt() make sure that the mechanism is for RSA and supports decryption, otherwise skip it. 2019-02-01 11:37:47 +01:00