giomba
/
opensc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
8,455 Commits 1 Branch 30 Tags 20 MiB
Commit Graph

8455 Commits

Author SHA1 Message Date
Ludovic Rousseau 3168f48503 Fix spelling error in comments 2020-08-29 23:22:34 +02:00
Ludovic Rousseau e1353c0488 Fix spelling error 
Thanks to Debian lintian:
I: opensc-pkcs11: spelling-error-in-binary
usr/lib/x86_64-linux-gnu/libopensc.so.6.0.0 certificat certificate
 2020-08-29 23:19:37 +02:00
Ludovic Rousseau 7fc00a1178 Fix spelling error 
Thanks to Debian lintian:
I: opensc: spelling-error-in-binary usr/bin/netkey-tool conatin contain
I: opensc: spelling-error-in-binary usr/bin/piv-tool conatin contain
 2020-08-29 23:17:02 +02:00
Ludovic Rousseau a70b082a09 Fix spelling error 
Thanks to Debian lintian:
I: opensc: spelling-error-in-binary usr/bin/egk-tool arguement argument
 2020-08-29 23:14:49 +02:00
Peter Marschall 4dbfc77eba opensc-explorer: extend do_asn1() to accept offsets 
Have do_asn1() accept an optional parameter indicating an offset.
If this is given then start ASN.1-decoding the file/record at this offset.
 2020-08-23 22:46:26 +02:00
Peter Marschall 45e7039940 opensc-explorer: extend do_asn1() to decode records 
Have do_asn1() accept an optional parameter indicating a record number.
If this is given and the file is a record-oriented file, then ASN.1-decode
the record requested.
 2020-08-23 22:46:26 +02:00
Peter Marschall d345c65a5d opensc-explorer: extend do_cat() 
Have do_cat() accept an optional second parameter indicating a record number.
If this is given and the file is a record-oriented file, only print the record
requested.
 2020-08-23 22:46:26 +02:00
Zoltan Kelemen f0b157b8e7 Improved comments for PIN cmd structures. 2020-08-19 10:01:58 +02:00
Zoltan Kelemen 11adcfca99 Removed 'acls' from the public interface in 'sc_pin_cmd_pin' since it is not 
supported by most of the card drivers and can therefore not be regarded to be
part of the public interface.

Modified the only remaining card driver that used it (authentic) to store acls
in a private variable.
 2020-08-19 10:01:58 +02:00
Zoltan Kelemen 6e3e81a9f4 Remove unused stored_length field. 2020-08-19 10:01:58 +02:00
Zoltan Kelemen 48d939b057 Removed length_offset since it is not used any more. 2020-08-19 10:01:58 +02:00
Zoltan Kelemen aca0d08e29 Removed the 'crts' field from 'sc_acl_entry' type since: 
- its definition is specific to the IAS-ECC card type
- its presence can not be assumed since it is read from non-mandatory SE type of an SDO
- it is currently not used anywhere in the code
 2020-08-19 10:01:58 +02:00
Peter Marschall 376cc2d910 iso7816: set record_length for any record-oriented EF 2020-08-19 09:58:12 +02:00
Jakub Jelen ad81126c07
Fix link to virt_cacard project 2020-08-05 09:11:35 +02:00
Jakub Jelen cdbcb5b7db coolkey: Fix AddressSanitizer: stack-use-after-scope 
Thanks oss-fuzz

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=23979
 2020-08-04 13:11:55 +02:00
Peter Marschall 8963c35189 pkcs15-sc-hsm: use correct name for EF.CDF 2020-08-03 15:34:22 +02:00
Peter Marschall 07e98b5193 pkcs15-sc-hsm: fix commit c4d7bb1 
Set the trigger for LOG_TEST_RET() to a negative value if obj.data == NULL.
 2020-08-03 15:34:22 +02:00
Frank Morgner 978c912c70 fixed Heap-buffer-overflow READ 
7cf8087351 seemed to be incomplete. Change
the length of the buffer right before it's accessed.

fixes https://oss-fuzz.com/testcase-detail/5734055866531840
 2020-07-30 02:40:02 +02:00
Frank Morgner 6903aebfdd Heap-buffer-overflow WRITE 
fixes https://oss-fuzz.com/testcase-detail/5088104168554496
 2020-07-30 02:27:02 +02:00
Julian Strobl 9ffb9bae63 tcos: add missing encryption certificates 2020-07-30 02:00:15 +02:00
Zoltan Kelemen 2b78374e37 Print error message for the case that a PUK object is not available for a PIN 
during an unblock operation (this is a sign of a card with invalid PKCS #15
info). Without this error message the program just terminates silently, which
is confusing to the user.
 2020-07-22 22:58:57 +02:00
Zoltan Kelemen 6f1df6454a Reject the case that the PIN and PUK padding flags are different, since this 
case can not be handled by the card driver interface. Better to detect and
fail early instead of sending invalid data to the card.
 2020-07-22 22:58:57 +02:00
Zoltan Kelemen 555cb73615 Fix for using the correct info for PIN/PUK (before they were switched). 2020-07-22 22:58:57 +02:00
Zoltan Kelemen e80906d973 Add path selection to sc_pkcs15_get_pin_info to make it work correctly with 
local PINs. This makes the code behave the same way as PIN verification,
change and unblock, before calling the PIN command handler in the card driver.
 2020-07-22 22:58:57 +02:00
Zoltan Kelemen bad74e1ed6 Enabled code for using PUK reference for PIN unblock, when available. 2020-07-22 22:57:23 +02:00
Zoltan Kelemen 998284dd1c Removed unused define. 2020-07-22 22:57:23 +02:00
Zoltan Kelemen ba76bc0239 Improved syntactic readability without any change in functionality. 2020-07-22 22:57:23 +02:00
Zoltan Kelemen c903ddfce1 Fixed bounds checking and enabled the function again. 2020-07-22 22:57:23 +02:00
Zoltan Kelemen 163b69e6a7 Change ADF selection to return FCP for Oberthur cards. No need to simulate 
since it is supported.
 2020-07-22 22:57:23 +02:00
Zoltan Kelemen 3331a7f134 Fix MF selection APDU to use 0x0c in P2 (no data). The previous value of 0x00 
is invalid according to IAS-ECC and resulted in 6A 86 on the Oberthur
cards that we tested with.
 2020-07-22 22:57:23 +02:00
Zoltan Kelemen 471468260e Improved PIN unblock function: 
- Uses PIN padding from merged policy
- Added PIN-pad support
- Use ISO 7816 layer to avoid code duplication
 2020-07-22 22:57:23 +02:00
Zoltan Kelemen 79e81eeef0 Improved PIN change function: 
- Uses PIN padding from merged policy
- Improved PIN-pad logic and merged here from separate function
 2020-07-22 22:57:23 +02:00
Zoltan Kelemen 5ae488c1b9 Improved PIN verification function: 
- Uses PIN padding from merged policy
- Moved PIN-pad logic into this function instead of keeping separate
 2020-07-22 22:57:23 +02:00
Zoltan Kelemen d0b3e90431 Simlified low-level CHV verification function: 
- Removed special PIN-pad case, moving logic into high-level function.
- Use ISO 7816 layer to avoid code duplication.
 2020-07-22 22:57:23 +02:00
Zoltan Kelemen 8c2d629f94 Functions used to control PIN padding and PIN pad use: 
- Use PIN padding information when provided by upper layers
- Enable PIN padding at card level when min/max len set to same, nonzero value
- Allow PIN-pad use to be dynamically selected for each PIN
 2020-07-22 22:57:23 +02:00
Zoltan Kelemen ca911e342c Improved PIN info retrieval, now returning verification status, and attempts 
left even when previously not available (due to card not providing it in the
SDO).
 2020-07-22 22:57:23 +02:00
Zoltan Kelemen 19063932f0 Simplified PIN policy retrieval to only read the data that is actually needed, 
excluding the CRT info from the SE-SDO, which is not guaranteed to be
available in all card types.

Use an explicit PIN policy structure type instead of keeping the info in the
sc_pin_cmd_data, since this type of info is only used privately in the card
driver.
 2020-07-22 22:57:23 +02:00
Zoltan Kelemen 741ee73ec9 Add generic function for PIN status retrieval, for subsequent use (among 
others intended to replace iasecc_pin_is_verified).

Base it on functionality in the ISO 7816 layer to avoid code duplication.
 2020-07-22 22:57:23 +02:00
Zoltan Kelemen 7ed876c816 Added ATR mask for Idemia (Oberthur) IAS-ECC card to recognize Cosmo V8 cards. 2020-07-22 22:57:23 +02:00
Zoltan Kelemen eb3e00a385 Corrected highly misleading, confusing and ambiguous use of PIN length_offset 
field. Now only the PIN offset fields are used. Also added error checking for
invalid values.
 2020-07-22 22:56:09 +02:00
Zoltan Kelemen 80853bda31 Only enable static frame size for PIN padding when padding length is below 
maximum limits. Otherwise resort to adaptive support.
 2020-07-22 22:56:09 +02:00
Zoltan Kelemen afffeccc29 Fixed problems with PIN min/max length handling: 
- The wrong PIN was selected from the sc_pin_cmd_data structure.
- When the PIN max value was zero from the caller (meaning unknown max), the
  reader max value was not used.
 2020-07-22 22:56:09 +02:00
Zoltan Kelemen 1dc359cb61 Fix for issue #1999: 
- Reset context to undefined handle value on error since call may alter
  output parameter.
- Continue to assume -1 as undefined handle value in all PCSC
  implementations, to keep this fix as small and surgical as possible.
 2020-07-22 22:55:30 +02:00
Jakub Jelen b16a5cbee0 pkcs15: Free app info when allocating new and in cleanup 
Thanks oss-fuzz

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=23746
 2020-07-07 16:21:21 +02:00
Jakub Jelen c82aa92687 pkcs15: Clean memory on alocation failure 2020-07-07 16:21:21 +02:00
Jakub Jelen 2d6de2510c pkcs15: Drop bogus checks 2020-07-07 16:21:21 +02:00
Jakub Jelen 4c473fba29 authentic: Clean private data on error 
Thanks oss-fuzz

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=23786
 2020-07-07 16:21:21 +02:00
Jakub Jelen 05dcde508b authentic: Use memmove as the memory can overlap (if path is > 2B) 
Thanks oss-fuzz

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=23787
 2020-07-07 16:21:21 +02:00
Jakub Jelen 5098cfdb40 authentic: Do not leak memory on fail path 
Thanks oss-fuzz

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=23788
 2020-07-07 16:21:21 +02:00
Jakub Jelen 7cf8087351 asepcos: Avoid heap-buffer-overflow 
Thanks oss-fuzz

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=23529
 2020-07-07 16:21:21 +02:00