The maximum length for sending and receiving data can now be found in DO
7F66. For now, we just use the default values for short/extended length
capabiliites.
PKI-Applets may not be active if the card has been reset or unpowered.
The SELECT command used to activate the applet, is identical to the one
used during card matching or initialization.
partially implements https://github.com/OpenSC/OpenSC/issues/1215
Refactored OpenPGP code so that future versions of the card will be
accessed using the logic for OpenPGP V2. We hope that backward
compatibility of the standard will keep the new versions functional.
tools/pkcs15-tool.c:
Dead assignment: Value stored to 'c' is never read
tools/pkcs11-tool.c:
Dead assignment: Value stored to 'n' is never read
Dead assignment: Value stored to 'rv' is never read
libopensc/card-cac.c:
Dead assignemnt: Value stored to 'tl_head_len' is never read
Dead increment: Value stored to 'outp' is never read
common/libpkcs11.c:
Memory leak in case of C_UnloadModule() fails
libopensc/pkcs15-pubkey.c:
Potential memory leaks
pkcs11/mechanism.c:
Potential memory leak
pkcs11/framework-pkcs15.c:
Potential memory leaks
Dereference of null pointer
Dead assignments
tools/sc-hsm-tool.c:
Function call argument is an uninitialized value
Dead assignment: Value stored to 'r' is never read
libopensc/card-openpgp.c:
Dead assignment: ignoring the errors in case of sc_pkcs15_encode_pubkey() failed
libopensc/pkcs15-cac.c:
Dead assignments: ignoring return values
libopensc/pkcs15-coolkey.c:
Dead assignments: ignoring return values
libopensc/card-sc-hsm.c:
Dereference of undefined pointer value: Properly check the file allocation
pkcs11/slot.c:
Dead assignment
pkcs15init/pkcs15-cflex.c:
Dereference of null pointer
Uninitialized argument values
Since "Add GCC format checking attributes to log functions" commit GCC
warns us about problems with format strings and their arguments provided
to OpenSC message logging functions.
This commit fixes all cases where GCC warned about incorrect format on
64-bit Linux, 32-bit and 64-bit mingw builds (with SM and OpenSSL enabled).
Well, almost all since on mingw GCC does not recognize "ll" size specifier
(present at least since Visual Studio 2005, also in mingw own CRT) so these
(few) warnings about it remain.
In most cases format size specifier for size_t type was missing (usually
size was left at default int level, with is different on 64-bit x86).
Some formats had too few / too many arguments.
In some cases pointers were printed as integers.
Some long variables were missing "l" prefix (especially with regard to %x
format).
Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
"CHANGE REFERENCE DATA" (PIN change) and "RESET RETRY COUNTER"
(PIN unblock) commands in OpenPGP card have various limitations.
These also depend on whether the card is version 1.x or 2.x.
Provide helpful debug messages for user in case he is trying to do
a PIN command in a way that isn't supported by the card.
Also, take into account that version 2.x cards don't support references to
PW1-mode 2 (82) in these commands - change them to PW1 (81).
Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
According to descriptions of commands "PSO: COMPUTE DIGITAL SIGNATURE",
"PSO: DECIPHER" and "INTERNAL AUTHENTICATE" in OpenPGP card spec (versions
1.1 and 2.1.1) the card adds / strips and checks PKCS#1 padding
automatically.
There is no documented way to perform raw RSA operations on this card so
SC_ALGORITHM_RSA_RAW flag shouldn't be set.
Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
- bug fix: re-initialize index to start searching at the right place
- get rid of unnecessary variable
- add some line breaks & comemnts for easier understanding
- get rid of unnecessary variable
- use easily understandable hex representation of APDUs
- auto-calculate APDU length based on hex representation
- restrict scope of some variables
- use sc_log() instead of directly writing to console
- line breaks & comments for easier reading/understanding
- fix typo in log message
- 2 line breaks between functions for easier reading
- function type on separate line
- mark each function as 'ABI' or 'Internal'
- slightly doxygen-ize comments introducing functions
- fix typos in comments
- break over-long comment lines
- break comment lines at sensible places
- consistent calling style for DRVDATA()
- no code change
- get rid of unnecessary variables
- use for-loop to initialize/check/increase run variable in one place
- restrict variables to the necessary scope
- use ternary operator inside a statement instead of if...else...
Basically checks that the memory allocation succeed.
The ctbcs.c change improve the readability
because count = 0 and len > 254 does not add any value.
VTA: added few coding style changes
In old implementation, the DOs which their access is restricted by
PIN (like DOs 0101 -> 0104) were excluded from the fake filesystem,
leading to that we cannot read their data later, even if we verified PIN.
If tlvblock is not stored then the value is lost and the allocated
mempry is leaked.
Coverity: Resource leak (RESOURCE_LEAK)
Calling allocation function "pgp_build_tlv" on "tlvblock".
The card contains only 1 certificate, which can be used for encrypting.
But this certificate is bound with authentication key, so when decrypting,
the authentication key will be presented to check.
This commit allows to bypass the check in driver. However, it is not enough.
The users have to import the same key to "Encryption key" to help the card find
right key to work.
OpenPGP: Add log and comments.
OpenPGP: Pretend to select dummy files.
Some files are needed by pkcs15init, but not exist in OpenPGP card.
We pretend to know these dummy files to make pkcs15init successful.
Compilation error on windows:
when declaring array use explicit size, add pkcs15-openpgp.obj in Makefile.mak
OpenPGP: Some indentations need to be tab-size-independent.
OpenPGP: Check for null data when storing fingerprints.
OpenPGP: Allow to provide creation time to store (when gen/import key).
Old: Only store current time.
New: Can provide time to store, not only calculate current time.
OpenPGP: Correct setting content of pubkey blobs after key generation.
cardctl: Add definitions to support key import in OpenPGP.
OpenPGP: Add support for key import at driver level.
Correct the way to parse response data.
Updated wrong blob for pubkey info <~~ Fix.
OpenPGP: Store creation time after generating keys.
OpenPGP: Put_data: Handle the case that DO exists but its blob does not.
When checking DO before writing, relying on blobs only will miss the case that DO exists but its blob does not, when DO is non-readable.
OpenPGP: Set algorithm attributes before generating key.
OpenPGP: Add dependency of OpenSSL.
OpenPGP: Calculate and store fingerprint.
Calculate and store fingerprint after generating key.
OpenPGP: Update blob of pubkey info.
Update blob holding pubkey info after generating key.
OpenPGP: Add step to update card algorithms.
Update card algorithms after generating key. However, this step is not implemented yet, because of suspection about wrong data (see code comment).
* use LOG_FUNC_CALLED() .. LOG_FUNC_RETURN for "symmetric" logging
* don't zero-fill the DO's contents but empty it
* get rid of unnecessary variables
* select parent DF after deletion (required by to ISO 7816-9)
* don't try to delete MF
Fail on idx > 0 in order to avoid the requirement to read from the DO.
The DO may be read-protected, and this might either fail or produce
wrong results.
* use LOG_FUNC_CALLED() .. LOG_FUNC_RETURN for "symmetric" logging
* update comment
* check that blob->data is defined
* fix writing new data to the correct offset
* use calloc() instead of malloc() & memset()
* align pgp_ops function pointer list
* make sure variables of type u8 do only get passed fitting data
* use LOG_FUNC_CALLED() .. LOG_FUNC_RETURN for "symmetric" logging
* leave most of the spcial casing in ADPU handling to sc_adpu_transmit()
* use SC_ADPU_CASE_1 for empty buffer (avoids special casing Lc=0)
* clean up log strings & comments
Replace the "one-trick-pony" pgp_do_iswritable() with a more generic
function returning the blob matching the passed tag.
This way we can get rid of the one-line function pgp_blob_iswritable() too.
comparisons like these can be done in the caller.
Set pin references to 0x01 - 0x03 instead of 0x81 - 0x83.
The PINs are referenced as PIN1- PIN3 (resp. PW1 - PW3) in the OpenPGP
card specification.
Technically the APDUs to verify/change the PINs contain the values OR-ed
with 0x80, but this is just a technical detail of the implementation
which the emulated file system can hide in pgp_pin_cmd().
Pros & Cons:
+ consistent PIN naming
+ no trouble entering the correct PIN names in opensc-explorer et.al.
("verify CHV1" is way better than "verify CHV129")
- manually entering the correct APDU for VERIFY is a bit more complex.
(who does this anyway, when there are better functions)
While at it, change if .. elsif ... cascade to switch statement.
* parse more extened capabilities & features into a private enum
* for v2.0 cards, always parse the "historical bytes" DO
reason: ATR may be static and thus cannot reflect the state
Remove links pointing to the blob to be deleted from other blobs in the
blob tree structure, so that removing a subordinate blob does not hurt
its parent or siblings.
Signed-off-by: Peter Marschall <peter@adpm.de>
* get file as parameter & fail if it is NULL
* allow parent to be NULL
* do not rely on DO info to be passed as parameter,
search it yourself using the global DO info list for the card.
* infer file type automatically from DO info matching the file ID.
Signed-off-by: Peter Marschall <peter@adpm.de>
DO FF is a "catch-all" DO that returns all the infos contained in the other
DOs in one hierarchy.
It is hence duplicate and not necessary.
Signed-off-by: Peter Marschall <peter@adpm.de>
Also include forgotten DO C3 in keylength calculation.
It contains the parameters for the authentication key.
Signed-off-by: Peter Marschall <peter@adpm.de>
card-openpgp.c:584: warning: comparison between signed and unsigned
card-openpgp.c: In function ‘pgp_card_ctl’:
card-openpgp.c:1036: warning: unused variable ‘priv’
card-openpgp.c: In function ‘pgp_init’:
card-openpgp.c:272: warning: ‘child’ may be used uninitialized in this function
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5504 c6295689-39f2-0310-b995-f0e70906c6a9
Use ushort2bebytes instead of calculating the mapping to IDs ourselves.
Signed-off-by: Peter Marschall <peter@adpm.de>
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5497 c6295689-39f2-0310-b995-f0e70906c6a9
Instead of jumping out of the loop when the correct child is found,
and checking afterwards again if we found the correct object,
do everything directly in the loop and return from there.
Signed-off-by: Peter Marschall <peter@adpm.de>
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5496 c6295689-39f2-0310-b995-f0e70906c6a9
Extend pgp_get_card_features() to get card's flags & supported algorithms
from the card:
* get algorith values from "algorithm attributes" DOs 0x00c1 - 0x00c3
Signed-off-by: Peter Marschall <peter@adpm.de>
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5495 c6295689-39f2-0310-b995-f0e70906c6a9
Extend pgp_get_card_features() with these features:
* get SC_CARD_CAP_RNG capability from "extended capabilities" DO 0x00c0
* for OpenPGP 2.0 cards get max_send_size / max_recv_size values
from "extended capabilities" DI 0x00c0
* get max_pin_len from "CHV status bytes" DO 0x00c4
Signed-off-by: Peter Marschall <peter@adpm.de>
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5494 c6295689-39f2-0310-b995-f0e70906c6a9
Add a new function pgp_get_card_features() to get the card's capabilities,
algorithms, features, ... instead of doing it all in pgp_init():
* get SC_CARD_CAP_APDU_EXT capability from ATR
* for openPGP 2.0 cards, if not found in ATR,
get SC_CARD_CAP_APDU_EXT capability from "historical bytes" DO 0x5f52
Signed-off-by: Peter Marschall <peter@adpm.de>
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5493 c6295689-39f2-0310-b995-f0e70906c6a9
In pgp_read_blob(), check if the pointer to the function we want to call
is defined.
Signed-off-by: Peter Marschall <peter@adpm.de>
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5492 c6295689-39f2-0310-b995-f0e70906c6a9
Have separate copies of pgp_objects[] data elements specific to the card's
version, and extend these structures with additional information:
* Some spec changes cannot be compatibly expressed in one common
simple data structure without making it too complex.
* depending on specification version, only deal with those DOs
that are legal within that version
* add information or read & write access conditions
* add information for non-toplevel and/or write-only DOs
* use symbolic names for constants
Signed-off-by: Peter Marschall <peter@adpm.de>
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5491 c6295689-39f2-0310-b995-f0e70906c6a9
Re-structure pgp_finish() for easier reading.
While at it, check for priv != NULL before free()ing it.
Signed-off-by: Peter Marschall <peter@adpm.de>
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5486 c6295689-39f2-0310-b995-f0e70906c6a9
Instrument functions used in the card operations table pgp_ops[]
with log macros to ease debugging.
Signed-off-by: Peter Marschall <peter@adpm.de>
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5485 c6295689-39f2-0310-b995-f0e70906c6a9
Write a short comment at the beginning of each function,
shortly sketching what the function does.
Signed-off-by: Peter Marschall <peter@adpm.de>
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5484 c6295689-39f2-0310-b995-f0e70906c6a9
The element size in struct do_info is never used. Get rid of it.
Signed-off-by: Peter Marschall <peter@adpm.de>
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5483 c6295689-39f2-0310-b995-f0e70906c6a9
Implement card_ctl(), crrently restricted only to SC_CARDCTL_GET_SERIALNR.
The card's serial number is copied from the respective bytes in the AID.
Signed-off-by: Peter Marschall <peter@adpm.de>
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5482 c6295689-39f2-0310-b995-f0e70906c6a9
free() the memory already reserved when the file identifying the OpenPGP
application fails & reset the pointers in the card strcuture back to NULL.
Signed-off-by: Peter Marschall <peter@adpm.de>
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5481 c6295689-39f2-0310-b995-f0e70906c6a9
Depending on the card's capabilities and the necessity (requested response
size > 256) allow extended APDUs in all functions talking to the card.
Signed-off-by: Peter Marschall <peter@adpm.de>
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5480 c6295689-39f2-0310-b995-f0e70906c6a9
adapt pgp_get_pubkey() and pgp_read_blob() to make use of the information
about the "extended Lc/Le" capabilities.
This allows reading OpenPGP Card v2.0 keys!
Signed-off-by: Peter Marschall <peter@adpm.de>
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5479 c6295689-39f2-0310-b995-f0e70906c6a9
According to OpenPGP card specs 1.1 & 2.0 historical bytes in the ATR
indicate capabilities:
* bit 0x40 of the 3rd byte of the compact-TLV entry with TL 0x73 tells
whether the card supports extended Lc/Le fields in APDUs.
Signed-off-by: Peter Marschall <peter@adpm.de>
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5478 c6295689-39f2-0310-b995-f0e70906c6a9
Detect and react on out of memory errors in pgp_new_blob() and its callers.
Signed-off-by: Peter Marschall <peter@adpm.de>
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5477 c6295689-39f2-0310-b995-f0e70906c6a9
* NULL-ify freed data pointer
* avoid unnecessary malloc() calls
* cope with malloc() errors
* do not rely on blob->file for be set
Signed-off-by: Peter Marschall <peter@adpm.de>
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5474 c6295689-39f2-0310-b995-f0e70906c6a9
* pgp_iterate_blobs(): walk through the blob tree
* pgp_free_blob(): free a blob
Signed-off-by: Peter Marschall <peter@adpm.de>
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5472 c6295689-39f2-0310-b995-f0e70906c6a9
Leverage the fact that OpenPGP cards use TLV encoding according to
ASN.1 BER-encoding rules and use sc_asn1_read_tag() as the workhorse
within pgp_enumerate_blob().
There's one peculiarity though:
OpenPGP cards expect 'cla' to be merged into 'tag'.
This is done manually after calling sc_asn1_read_tag().
Signed-off-by: Peter Marschall <peter@adpm.de>
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5471 c6295689-39f2-0310-b995-f0e70906c6a9
Added:
* 00c4: new top-level DO in 2.0
can also be found inside constructed DOs 006E/0073 in 2.0 & 1.1
* 0101: new optional top-level DO starting in 1.1
for private use
max 254 bytes;
access: read - always; write - verify CHV2
* 0102: new optional top-level DO starting in 1.1
for private use
max 254 bytes;
access: read - always; write - verify CHV3
* 5f52: new top-level DO in 2.0
can also be found inside constructed DOs 006E in 2.0
* 7f21: new optional top-level DO in 2.0
use: card holder certificate (e.g. X.509) for the AUT key in the card
Removed:
* 0073: never a top-level DO, but part of top-level constructed DO 006E
Changed:
* 005e: not a constructed DO, but a simple/primitive DO
Note:
Trying to read non-existent top-level DOs or top-level DOs that weren't defined
in a spec version later than the current card's version does not hurt.
They are returned as empty.
Signed-off-by: Peter Marschall <peter@adpm.de>
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5468 c6295689-39f2-0310-b995-f0e70906c6a9
* Correct naming: openpgp not opengpg
* Set the card name from ATR table
* Add card type enums
* Currently OpenPGP is read-only.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5072 c6295689-39f2-0310-b995-f0e70906c6a9
From http://en.wikipedia.org/wiki/Malloc#Casting_and_type_safety
" Casting and type safety
malloc returns a void pointer (void *), which indicates that it is a
pointer to a region of unknown data type. One may "cast" (see type
conversion) this pointer to a specific type, as in
int *ptr = (int*)malloc(10 * sizeof (int));
When using C, this is considered bad practice; it is redundant under the
C standard. Moreover, putting in a cast may mask failure to include the
header stdlib.h, in which the prototype for malloc is found. In the
absence of a prototype for malloc, the C compiler will assume that
malloc returns an int, and will issue a warning in a context such as the
above, provided the error is not masked by a cast. On certain
architectures and data models (such as LP64 on 64 bit systems, where
long and pointers are 64 bit and int is 32 bit), this error can actually
result in undefined behavior, as the implicitly declared malloc returns
a 32 bit value whereas the actually defined function returns a 64 bit
value. Depending on calling conventions and memory layout, this may
result in stack smashing.
The returned pointer need not be explicitly cast to a more specific
pointer type, since ANSI C defines an implicit conversion between the
void pointer type and other pointers to objects. An explicit cast of
malloc's return value is sometimes performed because malloc originally
returned a char *, but this cast is unnecessary in standard C
code.[4][5] Omitting the cast, however, creates an incompatibility with
C++, which does require it.
The lack of a specific pointer type returned from malloc is type-unsafe
behaviour: malloc allocates based on byte count but not on type. This
distinguishes it from the C++ new operator that returns a pointer whose
type relies on the operand. (see C Type Safety). "
See also
http://www.opensc-project.org/pipermail/opensc-devel/2010-August/014586.html
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4636 c6295689-39f2-0310-b995-f0e70906c6a9
* reduce to a few, supported functions.
* change all functions to take the debug level as parameter.
* use symbolic names for the debug levels.
* fix tools to pass "verbose"/"opt_debug" as ctx->debug.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4118 c6295689-39f2-0310-b995-f0e70906c6a9