giomba
/
opensc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
3,013 Commits 1 Branch 30 Tags 20 MiB
Commit Graph

153 Commits

Author SHA1 Message Date
martin 04942bb4f6 * Correctly return CKR_PIN_INCORRECT if PIN is out of range. 
* By Alon Bar-Lev from svn diff -r 3397:3398 https://www.opensc-project.org/svn/opensc/branches/alonbl/pkcs11-login-rv



git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3400 c6295689-39f2-0310-b995-f0e70906c6a9
 2008-02-29 10:18:51 +00:00
ludovic.rousseau bf9d6beaac new patch for ruToken support 
Thanks to Andrew V. Stepanov
http://www.opensc-project.org/pipermail/opensc-devel/2007-December/010631.html


git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3310 c6295689-39f2-0310-b995-f0e70906c6a9
 2008-01-03 08:59:14 +00:00
ludovic.rousseau 0ecc294ed8 add support of ruToken 
Thanks to Andrew V. Stepanov for the patch
http://www.opensc-project.org/pipermail/opensc-devel/2007-December/010617.html


git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3304 c6295689-39f2-0310-b995-f0e70906c6a9
 2007-12-17 13:39:20 +00:00
aj 177ff402f3 fix typo, found by Gürer Özen. 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3259 c6295689-39f2-0310-b995-f0e70906c6a9
 2007-08-28 20:34:42 +00:00
aj 4f0329cd18 silence more gcc/sparse warnings. 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3180 c6295689-39f2-0310-b995-f0e70906c6a9
 2007-06-21 12:01:39 +00:00
aj 4cc1a50a49 Alessandro Premoli: 
add support for reading, writing and deleting private (require cache_pins) and
public data objects in PKCS11. updated the pkcs11-tool and fixed a few
bugs in the code. Tested on an aladdin etoken.


git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3176 c6295689-39f2-0310-b995-f0e70906c6a9
 2007-06-21 09:37:18 +00:00
aj a4cd33e77f Douglas E. Engert: 
Looking at framework-pkcs11.c, it looks like there is a bug in the handling of
auth_count, if there is more then one pin, and one of the pins is a
SC_PKCS15_PIN_FLAG_SO_PIN. 

The for loop at line 767 will add a slot for each non SO_PIN or UNBLOCKING_PIN.
But at line 812, the auth_count is still set to the number of pins, even though
the SO_PIN did not cause a new slot to be allocated and thus the test of
hide_empty_tokens will not be used. 

With the attached patch, I can get the expected behavior when hide_empty_tokens
= yes in the opensc.conf from pkcs11-tool -L, pkcs11-tool -O and pkcs11-tool -O
-l 

There is only 1 slot allocated, the pkcs11-tool -O shows all the public
objects, and pkcs11-tool -O -l (after PIN) shows all the objects, and Heimdal
PKINIT still runs. 

I still think that if two or more slots need to be allocated for multiple auth
pins, then all the public objects should be added to each. I have an additional
mod for this too. 

Since the cards I am working with only have 1 pin, the attached mods works for
me. Note it looks like the pkcs15-openpgp.c might also be affected by this
change as it defines two pins an auth pin and a SO_PIN, much like the PIV card
does.


git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3175 c6295689-39f2-0310-b995-f0e70906c6a9
 2007-06-21 07:11:21 +00:00
aj f065546ccd The framework-pkcs15 will filed the modulus in a certificate and copy it to a 
pubkey or from apubkey to a privkey object. But it does not copy the
modulus_len. 

This patch will look at pub_info->modulus_len and prv_info->modulus_len and
copy the modulus_len while copying the modulus.  This will be used with the
pkcs15-piv code when it creates pub and priv objects, as it has no way other
then from the certificates to know the modulus_len.

By  Douglas E. Engert.


git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3171 c6295689-39f2-0310-b995-f0e70906c6a9
 2007-05-25 20:06:59 +00:00
martin d0a0103c70 Build a pkcs11 module with only one pin exposed to overcome issues described in #132. Closes #132 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3145 c6295689-39f2-0310-b995-f0e70906c6a9
 2007-03-29 10:25:16 +00:00
nils a2f622a215 implement support for SHA2 (still experimental) 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3115 c6295689-39f2-0310-b995-f0e70906c6a9
 2007-02-02 22:15:14 +00:00
aj 5db87927d4 convert to utf-8. 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3086 c6295689-39f2-0310-b995-f0e70906c6a9
 2006-12-19 21:33:15 +00:00
nils a946dc98bf set CKF_USER_PIN_INITIALIZED only if we really have a pin object 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3033 c6295689-39f2-0310-b995-f0e70906c6a9
 2006-09-27 22:10:12 +00:00
aj f9dd89e53b sprintf bad. maybe even potential exploitable? 
bug found by ville skytta using pscan.


git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2964 c6295689-39f2-0310-b995-f0e70906c6a9
 2006-05-23 20:53:15 +00:00
aj 0f64e9d3f1 make objects on piv card public. 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2957 c6295689-39f2-0310-b995-f0e70906c6a9
 2006-05-20 16:06:42 +00:00
nils bfe05f31dc check for existing public key before creating one from the certificate; patch supplied by Albert Solana <asb@c3po.es> 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2953 c6295689-39f2-0310-b995-f0e70906c6a9
 2006-05-15 18:48:30 +00:00
aj 45007b3da7 compile fixes for win32. 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2949 c6295689-39f2-0310-b995-f0e70906c6a9
 2006-05-12 20:01:26 +00:00
nils b28f8ed9c4 improve buffer length check 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2943 c6295689-39f2-0310-b995-f0e70906c6a9
 2006-05-09 21:35:07 +00:00
aj 449a1841b1 free(data) 
(allocated by sc_pkcs15_read_data_object, no reference kept anywhere).


git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2930 c6295689-39f2-0310-b995-f0e70906c6a9
 2006-05-01 10:20:22 +00:00
aj beb55b8104 not sure it is a good idea to ignore the return value. 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2898 c6295689-39f2-0310-b995-f0e70906c6a9
 2006-04-26 10:00:23 +00:00
nils b791b1d6bc check the private flag of public key objects; patch supplied by Albert Solana <asb@c3po.es> 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2879 c6295689-39f2-0310-b995-f0e70906c6a9
 2006-03-24 10:55:33 +00:00
nils 1f65fbe10e a unblocking pin could be used for authentication as well 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2844 c6295689-39f2-0310-b995-f0e70906c6a9
 2006-02-14 22:46:54 +00:00
nils 55631edf3b support private certificates; patch supplied by Douglas E. Engert <deengert@anl.gov> 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2836 c6295689-39f2-0310-b995-f0e70906c6a9
 2006-02-09 20:05:20 +00:00
nils 346486ee70 fix problem with uninitialized pointer; this patch resolves opensc ticket #61 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2698 c6295689-39f2-0310-b995-f0e70906c6a9
 2005-12-04 23:23:25 +00:00
sth 8f230f5c1d Do an sc_lock() before an sc_pkcs15init_bind(). Reason: in sc_pkcs15init_bind() an sc_lock() and sc_unlock() is done; and when the lock_login config option is set to false, the sc_unlock() will call logout() which for some cards means a SELECT(3F00) -> unwanted change of the current EF/DF causing errors 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2629 c6295689-39f2-0310-b995-f0e70906c6a9
 2005-10-01 18:51:34 +00:00
nils 6abeaf1f1c add a new function 
void sc_mem_clear(void *ptr, size_t len);
to clear a memory buffer. If OpenSSL is used this function
is a wrapper for OPENSSL_cleanse, otherwise memset is currenlty used.

Use this function to clear memory buffers with sensitive content.


git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2601 c6295689-39f2-0310-b995-f0e70906c6a9
 2005-09-17 10:44:45 +00:00
nils d37315ec35 cleanup key usage handling, cleanup 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2550 c6295689-39f2-0310-b995-f0e70906c6a9
 2005-09-07 09:32:52 +00:00
martin 924a118501 Don't cache pins that protect a userconsent slot. 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2502 c6295689-39f2-0310-b995-f0e70906c6a9
 2005-08-21 18:39:43 +00:00
nils f59a51397c apply Stef's patch which puts all public objects in first slot if only one pin is present (and hide_empty_tokens is true) 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2448 c6295689-39f2-0310-b995-f0e70906c6a9
 2005-07-24 14:06:02 +00:00
aj c26dde1a82 fix compiling without openssl. 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2447 c6295689-39f2-0310-b995-f0e70906c6a9
 2005-07-21 21:05:40 +00:00
nils e09bdac57b don't use software prng 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2436 c6295689-39f2-0310-b995-f0e70906c6a9
 2005-07-18 20:20:22 +00:00
martin 3d0f17bc95 Annoying typo 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2365 c6295689-39f2-0310-b995-f0e70906c6a9
 2005-06-27 13:52:08 +00:00
sth fa333542db Don't used cashed PINs for a UserConsent key! 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2342 c6295689-39f2-0310-b995-f0e70906c6a9
 2005-05-11 14:00:03 +00:00
bert eb4717ea17 API fixup: use defined type instead of struct for exposed structs (part 2) 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2233 c6295689-39f2-0310-b995-f0e70906c6a9
 2005-03-09 00:04:44 +00:00
aet df5e357694 - Whitespace cleanup from me and Martin Paljak 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2181 c6295689-39f2-0310-b995-f0e70906c6a9
 2005-02-11 20:09:34 +00:00
nils 54f8794267 indent fixes and cleanup by Martin Paljak 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2126 c6295689-39f2-0310-b995-f0e70906c6a9
 2005-02-03 22:44:19 +00:00
nils c95726c782 bugfix: reselect application directory when lock_login=false 
is set (at the moment only for pkcs15_prkey_sign and
pkcs15_prkey_decrypt), see:
http://www.opensc.org/pipermail/opensc-devel/2005-January/005345.html


git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2120 c6295689-39f2-0310-b995-f0e70906c6a9
 2005-02-01 19:02:15 +00:00
nils cb5d576267 some indent fixes from Martin Paljak plus some additional changes from me 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2083 c6295689-39f2-0310-b995-f0e70906c6a9
 2005-01-19 18:15:43 +00:00
nils 3931ee708d cleanup ... 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2041 c6295689-39f2-0310-b995-f0e70906c6a9
 2004-12-22 10:17:00 +00:00
nils 01f549da22 fix public key reference 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2026 c6295689-39f2-0310-b995-f0e70906c6a9
 2004-12-20 19:44:38 +00:00
nils 8673508a43 fix memory leak, cleanup: use object specific release method 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2024 c6295689-39f2-0310-b995-f0e70906c6a9
 2004-12-18 14:14:57 +00:00
nils 56a37d6c48 use object specific release method (if existing) 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2000 c6295689-39f2-0310-b995-f0e70906c6a9
 2004-12-12 19:13:17 +00:00
nils bfd5b49436 pkcs15-init etc. support for pkcs15 data objects 
patch supplied by Victor Tarasov <vtarasov@idealx.com>


git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1877 c6295689-39f2-0310-b995-f0e70906c6a9
 2004-07-26 18:47:23 +00:00
okir 393de85ac1 - Don't crash if card->serial_number is NULL 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1749 c6295689-39f2-0310-b995-f0e70906c6a9
 2004-02-02 10:24:31 +00:00
aet 85d6bc7922 - Warning fixes 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1731 c6295689-39f2-0310-b995-f0e70906c6a9
 2004-01-08 15:23:11 +00:00
sth 9779f07467 Fix: no keycaching if USE_PKCS15_INIT is not #defined 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1730 c6295689-39f2-0310-b995-f0e70906c6a9
 2004-01-08 14:16:02 +00:00
sth 844ec9bc23 If the maximum allowed number of virtual slots per card is reached, then silently discard all objects that haven't been added yet instead of returning an error 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1717 c6295689-39f2-0310-b995-f0e70906c6a9
 2004-01-08 09:47:23 +00:00
sth 7daafeb5da Update to the new keycache functions for caching the user and SO PINs 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1716 c6295689-39f2-0310-b995-f0e70906c6a9
 2004-01-08 08:32:46 +00:00
okir f6aa07d991 - Another fix from Remo wrt keygen_args.pubkey_label 
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1705 c6295689-39f2-0310-b995-f0e70906c6a9
 2003-12-30 08:20:52 +00:00
aet d6713aff9a - Minor naming convention harmonisation for pc/sc and ct-api 
related things


git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1669 c6295689-39f2-0310-b995-f0e70906c6a9
 2003-12-10 14:52:58 +00:00
okir cfdd62bd49 - When generating a key in pkcs15init, allow the caller to specify a 
public key label (Remo Inverardi)


git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1663 c6295689-39f2-0310-b995-f0e70906c6a9
 2003-12-08 12:02:28 +00:00