- turns out, you can shrink a buffer with realloc on some implementations
- realloc is never called with 0 (which would free the data)
- length checking is done in zlib, we just do the allocation
closes https://github.com/OpenSC/OpenSC/issues/1905
- remove command line option '--card-driver';
- instead force driver 'dnie' and fail if card is not a DNIe card
- overhaul option parsing
- remove unused variable 'long_optind'
- bail out with usage message on all unknown/unhandled args
- correctly terminate option parsing (no infinite loop)
- slight refactoring
- avoid magic constant '0x0f'
- make variable 'tries_left' more local
- move dependent code into if block
- remove command line option '--card-driver';
- instead force driver 'cardos' and fail if card is not a CardOS card
- overhaul option parsing
- remove unused variable 'long_optind'
- bail out with usage message on all unknown/unhandled args
- correctly terminate option parsing (no infinite loop)
- remove command line option '--card-driver';
- instead force driver 'PIV-II' and fail if card is not a PIV card
- overhaul option parsing
- remove unused variable 'long_optind'
- make work option '--reader' ( "r:" was missing in the optstring!!!)
- bail out with usage message on all unknown/unhandled args
- correctly terminate option parsing (no infinite loop)
Rename option '--driver' to '--card-driver' for increased consistency.
In addition, extend it the same way opensc-explorer was extended. I.e.
treat the question mark given as argument to option '--card-driver'
special: list all available drivers instead of stupidly bailing out.
In contrast to opensc-tool and opensc-explorer, which are card-agnostic,
I am not sure whether the option '--card-driver' makes sense on this
card-specific tool.
Extend cardos-tool the same way opensc-explorer was extended. I.e.
treat the question mark given as argument to option '--card-driver'
special: list all available drivers instead of stupidly bailing out.
In contrast to opensc-tool and opensc-explorer, which are card-agnostic,
I am not sure whether the option '--card-driver' makes sense on this
card-specific tool.
Extend piv-tool the same way opensc-explorer was extended. I.e.
treat the question mark given as argument to option '--card-driver'
special: list all available drivers instead of stupidly bailing out.
In contrast to opensc-tool and opensc-explorer, which are card-agnostic,
I am not sure whether the option '--card-driver' makes sense on this
card-specific tool.
Extend opensc-tool the same way opensc-explorer was extended. I.e.
treat the question mark given as argument to option '--card-driver'
special: list all available drivers instead of stupidly bailing out.
Make opensc-explorer a bit more user friendly by treating the question mark
given as argument to option '--card-driver' special: list all available
drivers instead of stupidly bailing out.
The corpus is generated using a local build with
#define APDU_LOG_FILE "apdulog"
and by running:
./src/tools/pkcs11-tool -L --module ./src/pkcs11/.libs/opensc-pkcs11.s
cb50689bf49ccb45a2af690848517305dcf1e429 -- my Yubikey
830e1bf4c7f0c539e9686bc1517d6f87907d4bf8 -- PIV Test Card 14
9ad3fc3cb11967be927bad9263d326783c450e37 -- CAC card
b2b75c07a2c427c15ecd40ce47a9814279745b7d -- old CAC card
7cf8e9b31dcee040ee438441aca2aecb523ed5e9 -- CardOS 5.x
741a0aae7b5b08c0ad2822ede5b3364302b28b31 -- CAC Alt token
de913ba454f894cfc38a16dd122ad673d32ac480 -- coolkey
./configure --enable-code-coverage --disable-optimization
make check
make code-coverage-capture
lcov --summary OpenSC-*-coverage.info
This does not work well with Windows so on windows it should be disabled (WIP)
The card is largely ISO 7816 compliant, but does not provide any
simple way of listing the content which is supported by current
PKCS#15 implementation therefore the PKCS#15 emulator had to be
used.
The certificates are compressed in a similar way as in DNIE
cards which complicates reading from the card and which I think
could be moved to the shared ISO (or some other file since I saw
that code already many times).
The card supports wide range of algorithms including
RSA-PSS and RSA-OAEP padding schemes in-card. On the other hand,
it does not allow raw RSA and SHA1 hashes on card anymore.
The card is manufactured by Gemalto so it has strict ATR which
can be used for detection.
Fixes
error: misleading indentation; statement is not part of the previous 'if' [-Werror,-Wmisleading-indentation]
if(cipher)
^
../../../git/src/libopensc/card-entersafe.c:369:2: note: previous statement is here
if(sbuf)
^
Before the output looked like this, if a public key was not found:
```
testing key 1 (IDKey2)
RSA-X-509: OK
RSA-PKCS: OK
testing key 2 (IDKey3)
couldn't find the corresponding pubkey for validation
couldn't find the corresponding pubkey for validation
RSA-X-509: RSA-PKCS: testing key 3 (IDKey4)
couldn't find the corresponding pubkey for validation
couldn't find the corresponding pubkey for validation
```
Now:
```
testing key 1 (IDKey2)
RSA-X-509: OK
RSA-PKCS: OK
testing key 2 (IDKey3) -- can't find corresponding public key, skipping
testing key 3 (IDKey4) -- can't find corresponding public key, skipping
```
Before it was a bit confusing, e.g.:
```
testing key 1 (2048 bits, label=IDKey2) with 1 signature mechanism
RSA-X-509: OK
couldn't find the corresponding pubkey
testing key 2 (0 bits, label=IDKey3) with 1 signature mechanism -- can't be used to sign/verify, skipping: can't obtain modulus
```
The error message in line 3 is for IDKey3 and not for IDKey2.
With this patch the output is aligned with `test_verify`:
```
testing key 1 (IDKey2) with 1 mechanism
RSA-X-509: OK
testing key 2 (IDKey3) with 1 mechanism -- can't find corresponding public key, skipping
```
GIDS decipher APDU fails with status '65 00' or '67 00' if
"Padding Indication" byte is present. Debug logs of Microsoft
certutil -v -scinfo using Microsoft drivers show that for a
decipher, the "Padding Indication" is not present. It maybe
needed if Secure Messaging is added later.
Extended APDU is turned off as this may not be supported on
some cards. Chaining is used used instead, it works on all cards.
RAW RSA is turned off, it is supported.
Tested with pkcs11-tool on Windows 10 with a TPM 2.0 module.
On branch gids-decipher
Changes to be committed:
modified: src/libopensc/card-gids.c
Date: Tue Dec 3 18:08:32 2019 -0600
interactive rebase in progress; onto 01678e87
Last commands done (3 commands done):
squash c968d0dd GIDS No Padding Indication Byte
squash 0fa940fc Take 3
No commands remaining.
You are currently rebasing branch 'gids-decipher' on '01678e87'.
* Explicitly copies the mechanism parameters during a PKCS#11 `C_VerifyInit`
and `C_DecryptInit` operation.
* Resolves issues where the calling application deallocates the `pParameter`
pointer in the `CK_MECHANISM` struct between calls to `C_VerifyInit` and
`C_Verify`, or between `C_DecryptInit` and `C_Decrypt`.
* These mech parameters are used in RSASSA-PSS and RSAES-OAEP, for example.
* This commit copies the same fix that was applied to `sc_pkcs11_sign_init` in
commit e5707b545e for supporting RSASSA-PSS.
When the application (NSS) does not use WaitForSlotEvent and just
opportunistically tries to detect card and reader removals with
C_GetSlotInfo() and C_GetSessionInfo(), we might get errors in
various plcaes, in the sc_lock() function, when we try to transfer
other messages or when we ask for the reader status.
This is generally too late to call any disconnect functions because no
PC/SC handles are valid anymore. The reader state from PCSC
is searched by name so we can be pretty sure it is very similar
reader (with same name as the old one) and I hope we can reuse the
reader structure and just call the pcsc_connect() on that as we do
with invalid handles.
Otherwise we detect this issue in the refresh_attributes() (called
from C_GetSlotInfo()), where we can report the slot change in the
expected manner.
Fixes#1822
The error was
fuzz_pkcs15_reader.c: In function ‘fuzz_get_chunk’:
fuzz_pkcs15_reader.c:66:19: error: cast from pointer to integer of different size [-Werror=pointer-to-int-cast]
66 | *chunk_size = (uint16_t) data->Data;
| ^
cc1: all warnings being treated as errors
The negative integers were parsed uterly wrong, resulting in undefined
shift overflows as reported by oss-fuzz.
The current implementation takes negated values (properly masked) and
calculates two's complement in the end, which results in correct values
and correct data handling.
https://oss-fuzz.com/testcase-detail/5125815506829312
Reported by clang analyzer:
src/libopensc/asn1.c:2115:14: warning: The right operand of '<' is a garbage value [clang-analyzer-core.UndefinedBinaryOperatorResult]
if (halflen < r_len || halflen < s_len) {
* pkcs11-register: Fixed detection of already registered OpenSC
Anny configuration of onepin-opensc-pkcs11.so and opensc-pkcs11.so
should be enough to skip registering the default module again.
* Use onepin module for generic NSS DB
fixes https://github.com/OpenSC/OpenSC/issues/1818
May have the disadvantage that some other programs that use NSS don't
see the signature keys. However, we currently only know for sure that
Chromium is using the generic NSS DB.
The corresponding GET DATA command only returns the serial,
nothing else.
Tested with CardOS 5.0 and 5.3 cards. The serial number
is the same as shown with other tools
Changed four places where "<" should be "<=" so Le will be set correctly
Previous for 65K (extended) or 256 (short) Le is left set to 0.
This then caused Le to be to be not added to APDU as Le==0
Code later converts actual Le in APDU to be set to 0 to mean 256 or 65K.
SC_APDU_CASE_*_EXT are changed to SC_APDU_CASE_* so sc_detect_apdu_cse
to set the cse based on card capabilities as well as data chaining.
This commit is not well tested and neds review.
On branch fix-1731
Changes to be committed:
modified: src/libopensc/card.c
buf_len is a CK_ULONG (unsigned long). But if the attribute is sensitive
or is not extractable or is invalid for the object then the library set
the buffer length value to (CK_LONG)-1.
It is more friendly to see "-1" instead of "18446744073709551615" (on
64-bits CPU)
opensc-tool: for options --version, --list-readers, -D, etc. we do not
need to connect card/reader. This removes unnecessary error messages
if card is not present in card reader or if reader is not available.
util.c: use symbolic error codes, pass error codes to caller without change.
CID 344928 (#1 of 1): Sizeof not portable (SIZEOF_MISMATCH)
suspicious_sizeof: Passing argument object_handles of type CK_OBJECT_HANDLE_PTR and argument objects_length * 8UL /* sizeof (CK_OBJECT_HANDLE_PTR) */ to function realloc is suspicious. In this case, sizeof (CK_OBJECT_HANDLE_PTR) is equal to sizeof (CK_OBJECT_HANDLE), but this is not a portable assumption.
CID undefined (#1 of 1): Unchecked return value (CHECKED_RETURN)
10. check_return: Calling RSA_set0_key without checking return value (as is done elsewhere 7 out of 8 times).
* The fail_msg() in cmocka has a way not to fail, which confuses coverity. Adding explicit retunr/exit should address this issue
* Reformat some code in p11test
Option -r is used in other opensc tools to specify card reader. pkcs15-tool
uses -r to specify cerfificate. This fix intorduces warning message if -r
is used, and for future versions of pkcs15-tool -r is used to specify
reader.
sc-ossl-compat.h will check if OpenSSL has been built with or without some
deprecated defines. OpenSSL will provide defines for some of these if
built to still support depreacted routines but not if built with
"no-depracted". .
This commit will define some of the needed defines if ther are not
defined by OpenSSL. Thus if a distro builds OpenSSL with "no-depracted"
it can still be used.
On branch fix-1755
Changes to be committed:
modified: src/libopensc/sc-ossl-compat.h
Frank Morgner
Peter Marschall
Jakub Jelen
alex-nitrokey
carblue
Priit Laes
Julian Strobl
Khem Raj
Benjamin DELPY
Jakub Jelen
dojo
Doug Engert
Raul Metsma
AdriaoNeves
Andreas Schwier
Oskar Wiksten
Peter Popovec
pkubaj
Nuno Goncalves
Andreas Kemnade
Ludovic Rousseau