* Handle errors as intended in sc_pkcs15emu_openpgp_add_data()
If a data object can be read, but it cannot be added to the PKCS#15
framework, return from this function with an error; do not continue
reading other data objects. Otherwise, do not return an error from
this function when a data object cannot be read or is empty.
Improve existing comments for clarity.
* Address other compiler warnings when using --disable-optimization
Certain variables that are not initialized when they are declared
prevent the build from completing, when --disable-optimization is
passed to ./configure.
1. In epass2003_set_security_env, remove unused code, add condition
check of ec and rsa
2. Line 1709 - add return check of hash_data
3. In epass2003_decipher API, the old sign using apdu.le = 256, now add
condition check of rsa
4. Line 2731-2734 - After login successful, need get session status,
adjust code, improve condition check of data->cmd.
Remove all the code related to the old GUI and PIN PAD.
This code was initially developed by Zetes and had the ability to
display a dialog to request the PIN to the user. It was also able to
manage some specific proprietary pin pads.
As the Belgian government/fedict has now its own implementation, all
these old crufts can be removed.
https://github.com/OpenSC/OpenSC/issues/1296
Some ActivIdentity CAC/PIV cards lose the login state when selecting
the PIV AID SC_CARD_TYPE_PIV_II_CAC and CI_PIV_AID_LOSE_STATE were added
so piv_card_reader_lock_obtained will try and do a SELECT PIV AID.
card->type is reset to its original value if piv_match_card_continued
fails to match a card as PIV.
pkcs15-piv.c now uses sc_card_ctl which checks card->ops->card_ctl for NULL.
closes https://github.com/OpenSC/OpenSC/pull/1307
fixes https://github.com/OpenSC/OpenSC/issues/1297
We can't check for `tag == SC_ASN1_TAG_EOC` directly, because this
would also be true for a tag of 0x80 (with `class ==
SC_ASN1_CLASS_CONSTRUCTED`). So what we do is we check for the output
buffer to be NULL!
fixes https://github.com/OpenSC/OpenSC/issues/1273
1. Buffer underrun in epass2003_decipher().
2. The parameter `data' in update_secret_key() must be constant.
(Discovered by Clang 4.0.0 on OpenBSD 6.2.)
Fixes#1286. The behaviour of pkcs11-tool will follow the standard -
send DER. If EC_POINT_NO_ASN1_OCTET_STRING is defined then it will
write plain bytes.
ATR and differences between 3.4/3.5 are based on
https://github.com/CardContact/sc-hsm-embedded
Actually, 3.5 is untested, but 3.4 is almost identical, so we hope that
for 3.5 everything is fine.
In order to satisfy some concerns over the use of <card>_match_card
and <card>_init, this modification will do that at the cost of additional
overhead of repeating some card commands.
Hopefully this commit will not be needed.
On branch piv-aid-discovery
Changes to be committed:
modified: card-piv.c
As requested and as the alternative solution see:
https://github.com/OpenSC/OpenSC/pull/1256#issuecomment-365319444
In order to not pass a card lock and the card->drv_data from piv_match_card
piv_match_card is split in 2 parts.
the piv_match_card_continued is called from piv_init. piv_init may
now return with SC_ERROR_INVALID_CARD to single to sc_connect_card to look
for additional drivers.
Cosmetic change to indicate neo_version is really a Yubico version.
Change wording on the comments when setting card_issues.
On branch piv-aid-discovery
Changes to be committed:
modified: src/libopensc/card-piv.c