martin
04942bb4f6
* Correctly return CKR_PIN_INCORRECT if PIN is out of range.
...
* By Alon Bar-Lev from svn diff -r 3397:3398 https://www.opensc-project.org/svn/opensc/branches/alonbl/pkcs11-login-rv
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3400 c6295689-39f2-0310-b995-f0e70906c6a9
2008-02-29 10:18:51 +00:00
ludovic.rousseau
bf9d6beaac
new patch for ruToken support
...
Thanks to Andrew V. Stepanov
http://www.opensc-project.org/pipermail/opensc-devel/2007-December/010631.html
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3310 c6295689-39f2-0310-b995-f0e70906c6a9
2008-01-03 08:59:14 +00:00
ludovic.rousseau
0ecc294ed8
add support of ruToken
...
Thanks to Andrew V. Stepanov for the patch
http://www.opensc-project.org/pipermail/opensc-devel/2007-December/010617.html
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3304 c6295689-39f2-0310-b995-f0e70906c6a9
2007-12-17 13:39:20 +00:00
aj
177ff402f3
fix typo, found by Gürer Özen.
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3259 c6295689-39f2-0310-b995-f0e70906c6a9
2007-08-28 20:34:42 +00:00
aj
4f0329cd18
silence more gcc/sparse warnings.
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3180 c6295689-39f2-0310-b995-f0e70906c6a9
2007-06-21 12:01:39 +00:00
aj
4cc1a50a49
Alessandro Premoli:
...
add support for reading, writing and deleting private (require cache_pins) and
public data objects in PKCS11. updated the pkcs11-tool and fixed a few
bugs in the code. Tested on an aladdin etoken.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3176 c6295689-39f2-0310-b995-f0e70906c6a9
2007-06-21 09:37:18 +00:00
aj
a4cd33e77f
Douglas E. Engert:
...
Looking at framework-pkcs11.c, it looks like there is a bug in the handling of
auth_count, if there is more then one pin, and one of the pins is a
SC_PKCS15_PIN_FLAG_SO_PIN.
The for loop at line 767 will add a slot for each non SO_PIN or UNBLOCKING_PIN.
But at line 812, the auth_count is still set to the number of pins, even though
the SO_PIN did not cause a new slot to be allocated and thus the test of
hide_empty_tokens will not be used.
With the attached patch, I can get the expected behavior when hide_empty_tokens
= yes in the opensc.conf from pkcs11-tool -L, pkcs11-tool -O and pkcs11-tool -O
-l
There is only 1 slot allocated, the pkcs11-tool -O shows all the public
objects, and pkcs11-tool -O -l (after PIN) shows all the objects, and Heimdal
PKINIT still runs.
I still think that if two or more slots need to be allocated for multiple auth
pins, then all the public objects should be added to each. I have an additional
mod for this too.
Since the cards I am working with only have 1 pin, the attached mods works for
me. Note it looks like the pkcs15-openpgp.c might also be affected by this
change as it defines two pins an auth pin and a SO_PIN, much like the PIV card
does.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3175 c6295689-39f2-0310-b995-f0e70906c6a9
2007-06-21 07:11:21 +00:00
aj
f065546ccd
The framework-pkcs15 will filed the modulus in a certificate and copy it to a
...
pubkey or from apubkey to a privkey object. But it does not copy the
modulus_len.
This patch will look at pub_info->modulus_len and prv_info->modulus_len and
copy the modulus_len while copying the modulus. This will be used with the
pkcs15-piv code when it creates pub and priv objects, as it has no way other
then from the certificates to know the modulus_len.
By Douglas E. Engert.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3171 c6295689-39f2-0310-b995-f0e70906c6a9
2007-05-25 20:06:59 +00:00
martin
d0a0103c70
Build a pkcs11 module with only one pin exposed to overcome issues described in #132 . Closes #132
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3145 c6295689-39f2-0310-b995-f0e70906c6a9
2007-03-29 10:25:16 +00:00
nils
a2f622a215
implement support for SHA2 (still experimental)
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3115 c6295689-39f2-0310-b995-f0e70906c6a9
2007-02-02 22:15:14 +00:00
aj
5db87927d4
convert to utf-8.
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3086 c6295689-39f2-0310-b995-f0e70906c6a9
2006-12-19 21:33:15 +00:00
nils
a946dc98bf
set CKF_USER_PIN_INITIALIZED only if we really have a pin object
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3033 c6295689-39f2-0310-b995-f0e70906c6a9
2006-09-27 22:10:12 +00:00
aj
f9dd89e53b
sprintf bad. maybe even potential exploitable?
...
bug found by ville skytta using pscan.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2964 c6295689-39f2-0310-b995-f0e70906c6a9
2006-05-23 20:53:15 +00:00
aj
0f64e9d3f1
make objects on piv card public.
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2957 c6295689-39f2-0310-b995-f0e70906c6a9
2006-05-20 16:06:42 +00:00
nils
bfe05f31dc
check for existing public key before creating one from the certificate; patch supplied by Albert Solana <asb@c3po.es>
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2953 c6295689-39f2-0310-b995-f0e70906c6a9
2006-05-15 18:48:30 +00:00
aj
45007b3da7
compile fixes for win32.
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2949 c6295689-39f2-0310-b995-f0e70906c6a9
2006-05-12 20:01:26 +00:00
nils
b28f8ed9c4
improve buffer length check
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2943 c6295689-39f2-0310-b995-f0e70906c6a9
2006-05-09 21:35:07 +00:00
aj
449a1841b1
free(data)
...
(allocated by sc_pkcs15_read_data_object, no reference kept anywhere).
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2930 c6295689-39f2-0310-b995-f0e70906c6a9
2006-05-01 10:20:22 +00:00
aj
beb55b8104
not sure it is a good idea to ignore the return value.
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2898 c6295689-39f2-0310-b995-f0e70906c6a9
2006-04-26 10:00:23 +00:00
nils
b791b1d6bc
check the private flag of public key objects; patch supplied by Albert Solana <asb@c3po.es>
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2879 c6295689-39f2-0310-b995-f0e70906c6a9
2006-03-24 10:55:33 +00:00
nils
1f65fbe10e
a unblocking pin could be used for authentication as well
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2844 c6295689-39f2-0310-b995-f0e70906c6a9
2006-02-14 22:46:54 +00:00
nils
55631edf3b
support private certificates; patch supplied by Douglas E. Engert <deengert@anl.gov>
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2836 c6295689-39f2-0310-b995-f0e70906c6a9
2006-02-09 20:05:20 +00:00
nils
346486ee70
fix problem with uninitialized pointer; this patch resolves opensc ticket #61
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2698 c6295689-39f2-0310-b995-f0e70906c6a9
2005-12-04 23:23:25 +00:00
sth
8f230f5c1d
Do an sc_lock() before an sc_pkcs15init_bind(). Reason: in sc_pkcs15init_bind() an sc_lock() and sc_unlock() is done; and when the lock_login config option is set to false, the sc_unlock() will call logout() which for some cards means a SELECT(3F00) -> unwanted change of the current EF/DF causing errors
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2629 c6295689-39f2-0310-b995-f0e70906c6a9
2005-10-01 18:51:34 +00:00
nils
6abeaf1f1c
add a new function
...
void sc_mem_clear(void *ptr, size_t len);
to clear a memory buffer. If OpenSSL is used this function
is a wrapper for OPENSSL_cleanse, otherwise memset is currenlty used.
Use this function to clear memory buffers with sensitive content.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2601 c6295689-39f2-0310-b995-f0e70906c6a9
2005-09-17 10:44:45 +00:00
nils
d37315ec35
cleanup key usage handling, cleanup
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2550 c6295689-39f2-0310-b995-f0e70906c6a9
2005-09-07 09:32:52 +00:00
martin
924a118501
Don't cache pins that protect a userconsent slot.
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2502 c6295689-39f2-0310-b995-f0e70906c6a9
2005-08-21 18:39:43 +00:00
nils
f59a51397c
apply Stef's patch which puts all public objects in first slot if only one pin is present (and hide_empty_tokens is true)
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2448 c6295689-39f2-0310-b995-f0e70906c6a9
2005-07-24 14:06:02 +00:00
aj
c26dde1a82
fix compiling without openssl.
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2447 c6295689-39f2-0310-b995-f0e70906c6a9
2005-07-21 21:05:40 +00:00
nils
e09bdac57b
don't use software prng
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2436 c6295689-39f2-0310-b995-f0e70906c6a9
2005-07-18 20:20:22 +00:00
martin
3d0f17bc95
Annoying typo
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2365 c6295689-39f2-0310-b995-f0e70906c6a9
2005-06-27 13:52:08 +00:00
sth
fa333542db
Don't used cashed PINs for a UserConsent key!
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2342 c6295689-39f2-0310-b995-f0e70906c6a9
2005-05-11 14:00:03 +00:00
bert
eb4717ea17
API fixup: use defined type instead of struct for exposed structs (part 2)
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2233 c6295689-39f2-0310-b995-f0e70906c6a9
2005-03-09 00:04:44 +00:00
aet
df5e357694
- Whitespace cleanup from me and Martin Paljak
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2181 c6295689-39f2-0310-b995-f0e70906c6a9
2005-02-11 20:09:34 +00:00
nils
54f8794267
indent fixes and cleanup by Martin Paljak
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2126 c6295689-39f2-0310-b995-f0e70906c6a9
2005-02-03 22:44:19 +00:00
nils
c95726c782
bugfix: reselect application directory when lock_login=false
...
is set (at the moment only for pkcs15_prkey_sign and
pkcs15_prkey_decrypt), see:
http://www.opensc.org/pipermail/opensc-devel/2005-January/005345.html
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2120 c6295689-39f2-0310-b995-f0e70906c6a9
2005-02-01 19:02:15 +00:00
nils
cb5d576267
some indent fixes from Martin Paljak plus some additional changes from me
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2083 c6295689-39f2-0310-b995-f0e70906c6a9
2005-01-19 18:15:43 +00:00
nils
3931ee708d
cleanup ...
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2041 c6295689-39f2-0310-b995-f0e70906c6a9
2004-12-22 10:17:00 +00:00
nils
01f549da22
fix public key reference
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2026 c6295689-39f2-0310-b995-f0e70906c6a9
2004-12-20 19:44:38 +00:00
nils
8673508a43
fix memory leak, cleanup: use object specific release method
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2024 c6295689-39f2-0310-b995-f0e70906c6a9
2004-12-18 14:14:57 +00:00
nils
56a37d6c48
use object specific release method (if existing)
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2000 c6295689-39f2-0310-b995-f0e70906c6a9
2004-12-12 19:13:17 +00:00
nils
bfd5b49436
pkcs15-init etc. support for pkcs15 data objects
...
patch supplied by Victor Tarasov <vtarasov@idealx.com>
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1877 c6295689-39f2-0310-b995-f0e70906c6a9
2004-07-26 18:47:23 +00:00
okir
393de85ac1
- Don't crash if card->serial_number is NULL
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1749 c6295689-39f2-0310-b995-f0e70906c6a9
2004-02-02 10:24:31 +00:00
aet
85d6bc7922
- Warning fixes
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1731 c6295689-39f2-0310-b995-f0e70906c6a9
2004-01-08 15:23:11 +00:00
sth
9779f07467
Fix: no keycaching if USE_PKCS15_INIT is not #defined
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1730 c6295689-39f2-0310-b995-f0e70906c6a9
2004-01-08 14:16:02 +00:00
sth
844ec9bc23
If the maximum allowed number of virtual slots per card is reached, then silently discard all objects that haven't been added yet instead of returning an error
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1717 c6295689-39f2-0310-b995-f0e70906c6a9
2004-01-08 09:47:23 +00:00
sth
7daafeb5da
Update to the new keycache functions for caching the user and SO PINs
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1716 c6295689-39f2-0310-b995-f0e70906c6a9
2004-01-08 08:32:46 +00:00
okir
f6aa07d991
- Another fix from Remo wrt keygen_args.pubkey_label
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1705 c6295689-39f2-0310-b995-f0e70906c6a9
2003-12-30 08:20:52 +00:00
aet
d6713aff9a
- Minor naming convention harmonisation for pc/sc and ct-api
...
related things
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1669 c6295689-39f2-0310-b995-f0e70906c6a9
2003-12-10 14:52:58 +00:00
okir
cfdd62bd49
- When generating a key in pkcs15init, allow the caller to specify a
...
public key label (Remo Inverardi)
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1663 c6295689-39f2-0310-b995-f0e70906c6a9
2003-12-08 12:02:28 +00:00