17d9d8450c
Enabled extended APDU support for StarCOS 3x cards
2019-12-05 16:48:11 +01:00
a450b3427e
Fix path unifying of StarCOS 3.5 cards
2019-12-05 16:48:11 +01:00
9f2c112ecb
Add new ATR for StarCOS 3.5
2019-12-05 16:48:11 +01:00
c99d62c04a
Add PIN encoding detection for StarCOS 3x cards
2019-12-05 16:48:11 +01:00
5fa633075d
GIDS Decipher fix for TPM
...
GIDS decipher APDU fails with status '65 00' or '67 00' if
"Padding Indication" byte is present. Debug logs of Microsoft
certutil -v -scinfo using Microsoft drivers show that for a
decipher, the "Padding Indication" is not present. It maybe
needed if Secure Messaging is added later.
Extended APDU is turned off as this may not be supported on
some cards. Chaining is used used instead, it works on all cards.
RAW RSA is turned off, it is supported.
Tested with pkcs11-tool on Windows 10 with a TPM 2.0 module.
On branch gids-decipher
Changes to be committed:
modified: src/libopensc/card-gids.c
Date: Tue Dec 3 18:08:32 2019 -0600
interactive rebase in progress; onto 01678e87
2019-12-05 16:33:27 +01:00
e91853bda8
Simplify code and card detection
...
Signed-off-by: Raul Metsma <raul@metsma.ee>
2019-12-05 10:51:55 +01:00
366adbd546
Fixing invalid signature with 3072 RSA bits in GemsafeV1
2019-12-05 10:46:21 +01:00
dbe932152d
Fixing invalid signature with 3072 RSA bits in GemsafeV1
2019-12-05 10:46:21 +01:00
642a3ee734
cardos: Use more appropriate RSA flags for CardOS 5
...
Fixes #1864
2019-12-05 10:45:34 +01:00
afe255c5b2
Remove never set constants and their handling in cardos driver
2019-12-05 10:45:34 +01:00
2bab09ac03
tcos: Use unique IDs for certificates
2019-12-05 10:43:17 +01:00
88e3c44f22
tcos: Drop undocumented tags from security environment data
2019-12-05 10:43:17 +01:00
bee5c6d639
tcos: Do not advertize non-functional RSA RAW algorithms
2019-12-05 10:43:17 +01:00
424eca8bef
tcos: Remove duplicate lines
2019-12-05 10:43:17 +01:00
4c67bbf383
coolkey: Avoid addressing behind allocated buffers
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19222
2019-12-04 21:47:47 +01:00
c246f6f69a
coolkey: Make sure the object ID is unique when filling list
...
Thanks to oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19208
2019-12-04 21:47:47 +01:00
32b49894c5
sc-hsm: Add ATR for faster token variant
2019-12-04 21:43:47 +01:00
7858f3cd06
sc-hsm: Add support for SmartCard-HSM MicroSD card
2019-12-04 21:43:47 +01:00
78548a9394
mac: don't forget to uninstall OpenSCTokenApp
...
fixes https://github.com/OpenSC/OpenSC/issues/1862
2019-12-04 14:55:23 +01:00
39c1400fac
opensc-notify: fixed name in plist
2019-12-04 14:55:23 +01:00
8ab39bdec7
pkcs11-session: Explicitly reset login_user and release lock
2019-12-04 12:00:07 +01:00
e9957b9a92
include build-package-from-ci in autoconfig/automake
2019-12-02 16:54:32 +01:00
754a409191
added build-package-from-ci until proper dmg creation is realized in CI
2019-12-02 12:31:53 +01:00
433377f76e
macos: use start_selected instead of selected
...
otherwise the user's choice would be overwritten when the user clicks
some other installation option.
also, use the domain tag to install to the local drive only
2019-12-02 12:29:32 +01:00
118929df93
macos: use generic location for NotificationProxy
...
to be installed with OpenSC core and to be used from
the tools, tokend and CTK
2019-12-02 08:22:34 +01:00
a581cbfc2d
mac: group CTK token seperately in installer
2019-12-01 00:16:47 +01:00
ef61a95b31
coolkey: Make sure the matching objects have same lengths
...
This ensures that we do not go behind the allocated buffer if
we get wrong data.
Thanks to oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19031
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19032
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19038
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19039
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19040
2019-11-29 22:48:00 +01:00
aa6d3e1d36
coolkey: Fix the comparator return value
2019-11-29 22:48:00 +01:00
249e928176
gp: Correctly check for the CPLC data length
2019-11-29 22:47:26 +01:00
4f3d87d03c
coolkey: Split the CPLC related structures and function to the generic GP file
2019-11-29 22:47:26 +01:00
326955a147
reader-pcsc: Preserve the CARD_PRESENT flag to make sure the card is detected after reader reinsertion
2019-11-28 11:18:25 +01:00
4bd8cda966
pkcs11-session: When we notice logout in lower layers, while pkcs11 thinks we are logged in, invalidate all sessions in given slot
2019-11-28 11:18:25 +01:00
e0e1f10bd3
pkcs11/slot: Fix indentation
2019-11-28 11:18:25 +01:00
79a51e0d18
pkcs11: Support for RSA PSS padding in verify
...
* Explicitly copies the mechanism parameters during a PKCS#11 `C_VerifyInit`
and `C_DecryptInit` operation.
* Resolves issues where the calling application deallocates the `pParameter`
pointer in the `CK_MECHANISM` struct between calls to `C_VerifyInit` and
`C_Verify`, or between `C_DecryptInit` and `C_Decrypt`.
* These mech parameters are used in RSASSA-PSS and RSAES-OAEP, for example.
* This commit copies the same fix that was applied to `sc_pkcs11_sign_init` in
commit e5707b545e
2019-11-28 11:17:12 +01:00
ce71b171e2
Add support for 4K RSA keys in GemsafeV1
2019-11-23 22:13:28 +01:00
6d98f8c8d8
card-myeid.c: issue #1219
2019-11-23 21:38:14 +01:00
d4823541b7
pkcs15-init: Fix issue #1219
2019-11-23 21:38:14 +01:00
2d02de4233
coolkey: Do not return uninitialized data if card does not return CPLP data
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18990
2019-11-18 14:02:07 +01:00
bec794fbee
fixed memory leak
...
https://crbug.com/oss-fuzz/18953
2019-11-18 14:01:50 +01:00
c4dcac5de7
pkcs15-prkey: Free allocated data on all error exit paths
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18790
2019-11-14 19:36:01 +01:00
6d6d158f13
pkcs15-cert: Free data on all error exit paths
...
https://oss-fuzz.com/testcase-detail/5645063405436928
2019-11-14 19:36:01 +01:00
5645fe2d16
muscle: Check length first before calling memcmp()
2019-11-14 19:36:01 +01:00
1594b1167d
muscle: Initialize variables and check return codes
2019-11-14 19:36:01 +01:00
7360c4bf0c
muscle: Avoid access uninitialized memory
2019-11-14 19:36:01 +01:00
2c68c0662c
coolkey: Avoid success from init if there are no reasonable data raturned
...
Thanks to oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18918
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18915
2019-11-14 19:36:01 +01:00
75847f4e93
Make ef_dir variable local
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18821
2019-11-13 15:48:40 +01:00
f11c286bc6
coolkey: Refactor the object listing to avoid invalid memory access
...
Probably resolves some bad memory access from oss-fuzz such as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18907
2019-11-13 15:48:33 +01:00
07d3d8e0df
compression: Free allocated data and return error if nothing was uncompressed
...
Also harmonizes the return codes from decompress*() functions
Fixes oss-fuzz issue
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18771
2019-11-13 15:48:25 +01:00
5557f34f5e
Revert "pkcs15-pubkey: Avoid memory leaks"
...
This reverts commit 0977b5496a
2019-11-12 11:57:43 +01:00
b79db82ae7
openpgp: Workaround non-compliant Yubikey 5 OpenPGP applets
...
Fixes #1850
2019-11-12 03:38:09 +01:00
dojo
Doug Engert
Raul Metsma
AdriaoNeves
Jakub Jelen
Andreas Schwier
Frank Morgner
Oskar Wiksten
carblue