vtarasov
a067bf35a3
pkcs15: more of the debug messages
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5228 c6295689-39f2-0310-b995-f0e70906c6a9
2011-03-13 18:11:07 +00:00
vtarasov
5ab90b9219
libopensc: avoid using of the not completely initialized 'sc_path' variables
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5106 c6295689-39f2-0310-b995-f0e70906c6a9
2011-01-18 09:48:26 +00:00
vtarasov
fd670f2dce
pkcs15: initialize 'supported algorithms' in SE data by the ones from tokenInfo
...
for some cards to prepare security environment for the PSO operation
card driver may need the value of 'algRef' attribut of tokenInfo.supportedAlgorithm.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5092 c6295689-39f2-0310-b995-f0e70906c6a9
2011-01-14 17:12:04 +00:00
vtarasov
6aaf1a79e3
AuthentIC: cleanup dead code
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5012 c6295689-39f2-0310-b995-f0e70906c6a9
2010-12-31 10:52:15 +00:00
s
d66b3c71d2
fix: implicit depending on the RSA algo_info for GOSTR3410 algo
...
add sc_card_find_gostr3410_alg function
Thanks to Douglas E. Engert
http://www.opensc-project.org/pipermail/opensc-devel/2010-December/015408.html
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4931 c6295689-39f2-0310-b995-f0e70906c6a9
2010-12-09 08:23:14 +00:00
dengert
c2fe4609a9
Modifications to support EC and ECDSA for
...
emulated cards. True PKCS#15 cards with EC
will need additional changes.
Main changes are in framework-pkcs15.c, mechanism.c,
padding.c, pkcs15-algo.c and pkcs15-sec.c
where switch statements for key type, and testing
of flags was modified to make it easier to add
additional key types in the future.
The code was tested using RSA and ECDSA using a PIV card
from pkcs11-tool, OpenSSL and Thunderbird with
modifications to NSS-3.12.7 to get ECDSA to sign e-mail.
Only named curves are supported for ECDSA, ECDH is still
needed. pkcs11-tool has only minimal changes need to work
with the -O option to list EC keys.
One additional line was added to pkcs15-sec.c which
should get GOSTR sign to work.
libp11 and engine do not yet have EC support.
--This line, and those below, will be ignored--
M src/tools/piv-tool.c
M src/tools/pkcs11-tool.c
M src/pkcs11/framework-pkcs15.c
M src/pkcs11/mechanism.c
M src/pkcs11/pkcs11-object.c
M src/libopensc/pkcs15-prkey.c
M src/libopensc/card-piv.c
M src/libopensc/padding.c
M src/libopensc/cardctl.h
M src/libopensc/pkcs15-algo.c
M src/libopensc/libopensc.exports
M src/libopensc/pkcs15-piv.c
M src/libopensc/pkcs15-sec.c
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4904 c6295689-39f2-0310-b995-f0e70906c6a9
2010-12-01 20:08:42 +00:00
viktor.tarasov
741b8c362e
libopensc: supplement to the previous commit
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4684 c6295689-39f2-0310-b995-f0e70906c6a9
2010-09-04 20:19:14 +00:00
martin
1f73d32e40
libopensc: Remove unused internal SC_ERROR_EXTRACTABLE_KEY and correct relevant comments (native != extractable)
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4645 c6295689-39f2-0310-b995-f0e70906c6a9
2010-08-23 10:32:26 +00:00
ludovic.rousseau
b6fb4ff84a
Change in r4269 is not correct since sc_pkcs1_strip_02_padding() returns
...
an int and not a size_t
The new code is also simpler
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4270 c6295689-39f2-0310-b995-f0e70906c6a9
2010-04-28 09:16:27 +00:00
jps
71598ad460
r4208 breaks key unwrap.
...
pkcs11-tool -tl gives an error and mail can not be anymore decrypted (tested with Thunderbird).
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4269 c6295689-39f2-0310-b995-f0e70906c6a9
2010-04-27 13:25:17 +00:00
ludovic.rousseau
e0bf75f69f
Do not cast a pointer to a type of possibly different size.
...
Would fail on PowerPC in 64-bits for example.
pkcs15-sec.c: In function ‘sc_pkcs15_decipher’:
pkcs15-sec.c:136: warning: dereferencing type-punned pointer will break strict-aliasing rules
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4208 c6295689-39f2-0310-b995-f0e70906c6a9
2010-04-02 13:33:27 +00:00
aj
6545b42c02
cleanup of the debug code:
...
* reduce to a few, supported functions.
* change all functions to take the debug level as parameter.
* use symbolic names for the debug levels.
* fix tools to pass "verbose"/"opt_debug" as ctx->debug.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4118 c6295689-39f2-0310-b995-f0e70906c6a9
2010-03-15 12:17:13 +00:00
aj
02768fb5dc
remove "split-key" option and emulat sign for sign,decrypt keys with padding
...
and decrypt() for cardos.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4113 c6295689-39f2-0310-b995-f0e70906c6a9
2010-03-13 22:52:51 +00:00
aj
d22a2483c0
Header file cleanup.
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4081 c6295689-39f2-0310-b995-f0e70906c6a9
2010-03-04 08:14:36 +00:00
martin
95a5ab0654
Re-implement PIN cache on PKCS#15 layer; remove it from PKCS#11. Re-name and log PKCS#15 options to better reflect the purpose.
...
Data objects and PKCS#15 init are left broken currently.
git-svn-id: https://www.opensc-project.org/svnp/opensc/branches/martin/0.12@3784 c6295689-39f2-0310-b995-f0e70906c6a9
2009-10-22 08:59:59 +00:00
martin
d672fde449
Remove sc_error and sc_ctx_suppress_errors_* in favor of sc_debug/fprintf
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/branches/martin/0.12@3721 c6295689-39f2-0310-b995-f0e70906c6a9
2009-09-14 08:46:59 +00:00
aj
c1130f7f93
oops, define tmplen at start of block.
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3227 c6295689-39f2-0310-b995-f0e70906c6a9
2007-07-20 14:38:46 +00:00
aj
14bc32dda2
Sign by using the decrypt function.
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3223 c6295689-39f2-0310-b995-f0e70906c6a9
2007-07-20 12:19:27 +00:00
nils
a2f622a215
implement support for SHA2 (still experimental)
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3115 c6295689-39f2-0310-b995-f0e70906c6a9
2007-02-02 22:15:14 +00:00
aj
b3ad2f9dd2
convert to utf-8.
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3084 c6295689-39f2-0310-b995-f0e70906c6a9
2006-12-19 21:31:17 +00:00
nils
7da8984462
set path type; patch supplied by Thomas Irlet <iksiloev@gmail.com>
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3049 c6295689-39f2-0310-b995-f0e70906c6a9
2006-11-02 13:58:58 +00:00
nils
6abeaf1f1c
add a new function
...
void sc_mem_clear(void *ptr, size_t len);
to clear a memory buffer. If OpenSSL is used this function
is a wrapper for OPENSSL_cleanse, otherwise memset is currenlty used.
Use this function to clear memory buffers with sensitive content.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2601 c6295689-39f2-0310-b995-f0e70906c6a9
2005-09-17 10:44:45 +00:00
sth
6c20b6a6ad
Undo-ing accidential commit of card-belpic.c and pkcs15-sec.c
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2495 c6295689-39f2-0310-b995-f0e70906c6a9
2005-08-18 14:01:54 +00:00
sth
f43d52476e
The lengths of the ASN.1 entries are used outside the if blocks -> declare them outside the blocks
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2494 c6295689-39f2-0310-b995-f0e70906c6a9
2005-08-18 13:55:36 +00:00
bert
2d97002824
API fixup: use defined type instead of struct for exposed structs
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2232 c6295689-39f2-0310-b995-f0e70906c6a9
2005-03-08 20:59:35 +00:00
nils
bd356f61ba
fix indent
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2122 c6295689-39f2-0310-b995-f0e70906c6a9
2005-02-01 19:09:35 +00:00
nils
8a0fc5bdcf
fix indent, patch supplied by Martin Paljak
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2082 c6295689-39f2-0310-b995-f0e70906c6a9
2005-01-19 16:17:32 +00:00
nils
548cf72735
fix compiler warnings
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1942 c6295689-39f2-0310-b995-f0e70906c6a9
2004-10-17 20:40:58 +00:00
nils
0ea8a53c0e
only set the key_reference if present
...
Thanks to Andrej Komelj <akomelj@email.si>
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1785 c6295689-39f2-0310-b995-f0e70906c6a9
2004-05-20 09:36:58 +00:00
sth
9326f5f1c4
Allow file_app in struct sc_pkcs15_card to be NULL (may be the case for pkcs15-emulated cards)
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1754 c6295689-39f2-0310-b995-f0e70906c6a9
2004-03-03 16:25:48 +00:00
aet
7d3fc55736
- Minor build and C++ warning fixes
...
- pkcs15init: Use u8 for pin variable
declarations like libopensc does
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1686 c6295689-39f2-0310-b995-f0e70906c6a9
2003-12-18 21:37:34 +00:00
sth
af462ab212
Removed the exceptional (and incorrect) handling of the signature inputs of 16 and 20 bytes with pkcs11's CKM_RSA_PKCS11 signaturemechanism; and made sc_pkcs15_compute_signature() a bit more powerfull: if a digestinfo+hash input is given but the card only accepts hashes, the digestinfo is removed
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1636 c6295689-39f2-0310-b995-f0e70906c6a9
2003-11-23 16:11:32 +00:00
aet
0077a0876d
Fix various C compiler warnings and C++ errors / name conflicts
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1463 c6295689-39f2-0310-b995-f0e70906c6a9
2003-09-25 09:33:16 +00:00
aet
5616dba08e
- Stop using unflexible automake conditionals when
...
building PC/SC, OpenCT or USBToken support,
use ifdef's directly in source.
- Because of above, add HAVE_PCSCLITE for winconfig.h
- Remove unnecessary includes for log.h, opensc.h and
errors.h in libopensc sources, they're already taken
care by internal.h.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1406 c6295689-39f2-0310-b995-f0e70906c6a9
2003-09-03 09:28:55 +00:00
aet
763fc16704
Rename libopensc specific error/debug to sc_error/sc_debug
...
We should have done this ages ago.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1392 c6295689-39f2-0310-b995-f0e70906c6a9
2003-08-25 14:21:18 +00:00
sth
abc1e8b000
Fix: allways set pag_flags = SC_ALGORITHM_RSA_HASH_NONE if sc_pkcs15_compute_signature() is called with this flag
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1305 c6295689-39f2-0310-b995-f0e70906c6a9
2003-07-27 16:50:08 +00:00
okir
95e2d8b78a
- Change padding functions
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1264 c6295689-39f2-0310-b995-f0e70906c6a9
2003-07-15 10:49:28 +00:00
okir
0cfd6319bf
- New public function sc_add_padding
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1192 c6295689-39f2-0310-b995-f0e70906c6a9
2003-06-11 10:56:04 +00:00
okir
2abc504051
- remove signedness warnings printed by new gcc
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1176 c6295689-39f2-0310-b995-f0e70906c6a9
2003-05-30 08:54:42 +00:00
okir
41a9e6ff2f
- sc_pkcs15_compute_signature(RSA_RAW): zero pad input if shorter than modulus length
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1103 c6295689-39f2-0310-b995-f0e70906c6a9
2003-05-13 20:24:24 +00:00
sth
fecf9f5e15
Allow empty key file paths in compute_signature and decipher
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1071 c6295689-39f2-0310-b995-f0e70906c6a9
2003-04-25 07:51:05 +00:00
sth
870efbf2c0
Added SC_PKCS15_PRKEY_USAGE_NONREPUDIATION as a valid signature usage
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1066 c6295689-39f2-0310-b995-f0e70906c6a9
2003-04-23 08:47:57 +00:00
jey
ed0ffac09b
- fixed add_padding() in the case where padding is request, but input
...
isn't a hash.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1053 c6295689-39f2-0310-b995-f0e70906c6a9
2003-04-21 12:29:03 +00:00
okir
d2075b2c13
- implemented split-key support for CardOS
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1038 c6295689-39f2-0310-b995-f0e70906c6a9
2003-04-17 12:38:08 +00:00
sth
a2b9838bb1
added locking to sc_pkcs15_decipher and sc_pkcs15_compute_signature
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@902 c6295689-39f2-0310-b995-f0e70906c6a9
2003-02-06 14:46:57 +00:00
okir
d37c1ff58c
- fixed pkcs1-ripemd160 signature header
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@791 c6295689-39f2-0310-b995-f0e70906c6a9
2002-12-18 12:15:04 +00:00
okir
5ef34fc7bc
- Added support for SC_ALGORITHM_RSA_HASH_RIPEMD160 in sc_pkcs15_compute_signature
...
- rewrote add_padding
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@781 c6295689-39f2-0310-b995-f0e70906c6a9
2002-12-17 20:15:32 +00:00
aet
1d2c9e4c48
Cleanups for initial win32 port, untested.
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@696 c6295689-39f2-0310-b995-f0e70906c6a9
2002-10-19 14:04:52 +00:00
okir
10c5a041be
- RSA padding header for sha1 was still broken
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@657 c6295689-39f2-0310-b995-f0e70906c6a9
2002-06-17 10:54:10 +00:00
jey
32ec1978d4
- sc_pkcs15_compute_signature() and sc_pkcs15_decipher() now select
...
the whole path specified in a private key object
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@655 c6295689-39f2-0310-b995-f0e70906c6a9
2002-06-16 21:18:05 +00:00