select_object_path: Fixed misplaced return and wrong return code. This bug is the cause why a profile
must include a template even for fully emulated cards.
sc_pkcs15init_store_certificate: Added a call to the emulation layer when the private key
description requires an update after storing a certificate. Should not break existing code.
sc_pkcs15init_delete_object: Now calling the emulation layer before the frameworks tries to delete
files itself. An emulation that deletes object explicitly and leaves the deletion of some objects
to the framework will now need to completely handle deleting objects (by calling the methods of the
framework).
sc_pkcs15init_update_certificate: Missing call to the emulation layer added.
According to ch.4.2 of MyEID reference manual v1.7.6 the only possible value of P2 of 'SELECT' APDU is '00'.
For this reason, when caller do not request to return 'sc_file' data,
use the non-null dummy 'sc_file' pointer in the call of iso->select_file,
and thus avoid the P2 different from '00'.
Also log calls are replaced by its short forms,
and resolved the 'trailing spaces' issues.
The card contains only 1 certificate, which can be used for encrypting.
But this certificate is bound with authentication key, so when decrypting,
the authentication key will be presented to check.
This commit allows to bypass the check in driver. However, it is not enough.
The users have to import the same key to "Encryption key" to help the card find
right key to work.
OpenPGP: Add log and comments.
OpenPGP: Pretend to select dummy files.
Some files are needed by pkcs15init, but not exist in OpenPGP card.
We pretend to know these dummy files to make pkcs15init successful.
Compilation error on windows:
when declaring array use explicit size, add pkcs15-openpgp.obj in Makefile.mak
OpenPGP-pkcs15int: Add more debug log.
OpenPGP-pkcs15init: Add more checks in key generation.
Check for key ID. Set default key.
Check for result of key generation from driver.
Example command:
pkcs15-init --delete-objects privkey,pubkey --id 3 --store-private-key quan-key.pem --auth-id 3 --verify-pin --extractable --id 3
pkcs15init-OpenPGP: Some parts in openpgp.profile are not used.
We need this function to use OpenPGP's specific action flow instead pkcs15init's default.
This will help to avoid redundant steps which may make the overall process fail.
Application path can contain non-zero length path value and AID.
In this case select AID as DF_NAME only if length of path value is zero.
Segfault: dereferencing NULL pointer, thanks to Magosányi Árpád
- Create/delete the PKCS#15 'DATA' objects destinated to supply support of minidriver. For a while only 'Gemalto' style of such support is implemented.
- Declare epass2003 pkcs15init operations.
- include into OpenSC configuration the SM related sections
call sc_profile_finish() with application info data as an argument;
in delete-by-path procedure, when getting authorization to delete file, make distinction between 'DELETE' and 'DELETE-SELF';
call card specific 'store' handler updating PrKDF and PubKDF files;
deduce the private key pkcs#15 attributes (like subject) from the friend certificate;
ignore SM authentication type when getting authorisation for operation;
copy GUID from the object create data to the pkcs#15 object attributes.
The on-card support of minidriver could need some MD specific pkcs#15 (DATA) objects.
There is no standard for these objects.
New option will allow to choose one of the possible implementations.
Add new argument 'application-info',
that will allow to select the on-card application to by binded with.
pkcs11: use sc_pkcs15init_bind with 'AID' argument
Prototype of sc_pkcs15init_bind() has been changed to add argument with
AID of the on-card application to be binded with.
* Print out warning when mlock fails, and continue.
* The warning required a ctx to be passed in, so that means
changing a few function signatures.
https://www.opensc-project.org/opensc/ticket/389
can be loaded at ADMINISTRATION life cycle phase to change
the behavior of the VERIFY command in regard to return codes.
When that package is loaded, the return code of the VERIFY
will be ISO7816-4 compliant (63Cx with x being the value of
the remaining retry counter when required verification has failed).
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5565 c6295689-39f2-0310-b995-f0e70906c6a9
can be loaded at ADMINISTRATION life cycle phase to change
the behavior of the VERIFY command in regard to return codes.
When that package is loaded, the PIN can be created with this
"verifyRC" flag in cardos.profile if the return code must be
ISO7816-4 compliant (63Cx with x being the value of the remaining
retry counter when required verification has failed).
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5558 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-wrap.c can be removed. Clarified/changed the meaning of "insecure" flag to pkcs15-init tool,
which will be needed to explicitly enforce the creation of a key which does not require a PIN.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5510 c6295689-39f2-0310-b995-f0e70906c6a9
Obertbur's card do not returns FCP for selected application DF.
Newly introduced option will supply the missing ACL when creating new objects or files.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5395 c6295689-39f2-0310-b995-f0e70906c6a9
EC parameters can be presented in a three forms: namedCurve, OID and implicit data.
This new data type will facilitate manipulation of ec-parameters in the OpenSC tools and library.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5386 c6295689-39f2-0310-b995-f0e70906c6a9
There is no need to carry around that attribute, because it's easy to look up the 'file' as needed. This is done by issuing a single sc_select_file command in sc_pkcs15init_update_any_df (pkcs15-lib.c).
The parameter 'file' of sc_pkcs15_add_df (pkcs15.c) became useless too and was removed in turn.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5316 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-lib.c: In function 'prkey_fixup_rsa':
pkcs15-lib.c:1936: warning: declaration of 'ctx' shadows a previous local
pkcs15-lib.c:1911: warning: shadowed declaration is here
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5253 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-lib.c: In function 'sc_pkcs15init_store_private_key':
pkcs15-lib.c:1339: warning: declaration of ‘ctx’ shadows a previous local
pkcs15-lib.c:1278: warning: shadowed declaration is here
The ctx variable was already declared with the correct value.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5252 c6295689-39f2-0310-b995-f0e70906c6a9
profile.c: In function 'sc_profile_get_pin_id_by_reference':
profile.c:785: warning: declaration of ‘pin_info’ shadows a global declaration
profile.c:217: warning: shadowed declaration is here
Avoid using a typedef with a "common" name
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5250 c6295689-39f2-0310-b995-f0e70906c6a9
* shift libpkcs11 from src/pkcs11 to src/common as it is not used to implement the OpenSC PKCS#11 module
* invent a "libscdl" mini library that implements either libltdl based dynamic loading or uses native interfaces
* drop hard requirement for libltl to build OpenSC
* native Windows build does not need libltdl any more
* specify CNGSDK include dir to find cardmod.h. CNGSDK only registers with a handful of compilers
Deals with #323
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5201 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-oberthur-awp.c:143:3: warning: Value stored to 'desc' is never read
desc = "Oberthur AWP container list";
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
pkcs15-oberthur-awp.c:138:3: warning: Value stored to 'desc' is never read
desc = "Oberthur AWP private object list";
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
pkcs15-oberthur-awp.c:133:3: warning: Value stored to 'desc' is never read
desc = "Oberthur AWP public object list";
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
pkcs15-oberthur-awp.c:128:3: warning: Value stored to 'desc' is never read
desc = "Oberthur AWP token info";
^ ~~~~~~~~~~~~~~~~~~~~~~~~~
pkcs15-oberthur-awp.c:122:3: warning: Value stored to 'desc' is never read
desc = "Oberthur AWP private data object info";
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
pkcs15-oberthur-awp.c:117:3: warning: Value stored to 'desc' is never read
desc = "Oberthur AWP data object info";
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
pkcs15-oberthur-awp.c:112:3: warning: Value stored to 'desc' is never read
desc = "Oberthur AWP public key info";
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
pkcs15-oberthur-awp.c:106:3: warning: Value stored to 'desc' is never read
desc = "Oberthur AWP private key info";
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
pkcs15-oberthur-awp.c💯3: warning: Value stored to 'desc' is never read
desc = "Oberthur AWP certificate info";
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
pkcs15-oberthur-awp.c:338:2: warning: Value stored to 'rec_offs' is never read
rec_offs = 0;
^ ~
pkcs15-oberthur-awp.c:1369:2: warning: Value stored to 'offs' is never read
offs += len;
^ ~~~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5150 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-oberthur.c:457:4: warning: Value stored to 'type' is never read
type = SC_PKCS15INIT_USER_PIN;
^ ~~~~~~~~~~~~~~~~~~~~~~
pkcs15-oberthur.c:452:4: warning: Value stored to 'type' is never read
type = SC_PKCS15INIT_USER_PUK;
^ ~~~~~~~~~~~~~~~~~~~~~~
pkcs15-oberthur.c:445:4: warning: Value stored to 'type' is never read
type = SC_PKCS15INIT_SO_PIN;
^ ~~~~~~~~~~~~~~~~~~~~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5149 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-myeid.c:251:4: warning: Value stored to 'type' is never read
type = SC_PKCS15INIT_USER_PIN;
^ ~~~~~~~~~~~~~~~~~~~~~~
pkcs15-myeid.c:244:4: warning: Value stored to 'type' is never read
type = SC_PKCS15INIT_SO_PIN;
^ ~~~~~~~~~~~~~~~~~~~~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5148 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-muscle.c:101:3: warning: Value stored to 'type' is never read
type = SC_PKCS15INIT_USER_PIN;
^ ~~~~~~~~~~~~~~~~~~~~~~
pkcs15-muscle.c:99:3: warning: Value stored to 'type' is never read
type = SC_PKCS15INIT_SO_PIN;
^ ~~~~~~~~~~~~~~~~~~~~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5147 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-incrypto34.c:133:7: warning: Although the value stored to 'r' is used in
the enclosing expression, the value is never actually read from 'r'
...r = sc_pkcs15init_authenticate(profile, p15card, file, SC_AC_OP_DELETE)...
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5146 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-starcos.c:158:3: warning: Value stored to 'p' is never read
*p++ = ipf_file->size & 0xff;
^~~
pkcs15-starcos.c:128:3: warning: Value stored to 'p' is never read
*p++ = 0x00; /* SM ISF: no */
^~~
pkcs15-starcos.c:239:3: warning: Value stored to 'p' is never read
*p++ = ipf_file->size & 0xff;
^~~
pkcs15-starcos.c:206:3: warning: Value stored to 'p' is never read
*p++ = 0x00; /* SM ISF: no */
^~~
pkcs15-starcos.c:636:4: warning: Value stored to 'p' is never read
*p++ = 0x00;
^~~
pkcs15-starcos.c:613:4: warning: Value stored to 'p' is never read
*p++ = (u8) kinfo->key_reference; /* CHA byte */
^~~
pkcs15-starcos.c:699:3: warning: Value stored to 'p' is never read
*p++ = (u8) kinfo->key_reference; /* CHA */
^~~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5145 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-jcop.c:118:17: warning: Value stored to 'type' is never read
type = SC_PKCS15INIT_USER_PIN;
^ ~~~~~~~~~~~~~~~~~~~~~~
pkcs15-jcop.c:112:17: warning: Value stored to 'type' is never read
type = SC_PKCS15INIT_SO_PIN;
^ ~~~~~~~~~~~~~~~~~~~~
pkcs15-jcop.c:171:9: warning: Value stored to 'pub_len' is never read
pub_len = 2 + mod_len + exp_len;
^ ~~~~~~~~~~~~~~~~~~~~~
pkcs15-jcop.c:284:6: warning: Value stored to 'bytes' is never read
bytes = mod_len / 2;
^ ~~~~~~~~~~~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5144 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-gpk.c:213:3: warning: Value stored to 'type' is never read
type = SC_PKCS15INIT_USER_PIN;
^ ~~~~~~~~~~~~~~~~~~~~~~
pkcs15-gpk.c:207:3: warning: Value stored to 'type' is never read
type = SC_PKCS15INIT_SO_PIN;
^ ~~~~~~~~~~~~~~~~~~~~
pkcs15-gpk.c:853:3: warning: Value stored to 'pe' is never read
pe++;
^~~~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5142 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-lib.c:727:4: warning: Value stored to 'pin_type' is never read
pin_type = SC_PKCS15INIT_USER_PIN;
^ ~~~~~~~~~~~~~~~~~~~~~~
pkcs15-lib.c:1011:3: warning: Value stored to 'pin_type' is never read
pin_type = SC_PKCS15INIT_SO_PIN;
^ ~~~~~~~~~~~~~~~~~~~~
pkcs15-lib.c:1009:3: warning: Value stored to 'pin_type' is never read
pin_type = SC_PKCS15INIT_USER_PUK;
^ ~~~~~~~~~~~~~~~~~~~~~~
pkcs15-lib.c:1505:2: warning: Value stored to 'usage' is never read
usage = SC_PKCS15_PRKEY_USAGE_SIGN;
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~
pkcs15-lib.c:1507:3: warning: Value stored to 'usage' is never read
usage = sc_pkcs15init_map_usage(args->x509_usage, 0);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
pkcs15-lib.c:2560:3: warning: Value stored to 'file' is never read
file = df->file;
^ ~~~~~~~~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5141 c6295689-39f2-0310-b995-f0e70906c6a9
The initializations are already done a few lines below
pkcs15-lib.c:1938:11: warning: Value stored to 'ctx' during its initialization
is never read
BN_CTX *ctx = BN_CTX_new();
^ ~~~~~~~~~~~~
pkcs15-lib.c:1937:11: warning: Value stored to 'aux' during its initialization
is never read
BIGNUM *aux = BN_new();
^ ~~~~~~~~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5140 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-authentic.c:97:1: warning: no previous prototype for function
'authentic_reference_to_pkcs15_id' [-Wmissing-prototypes]
authentic_reference_to_pkcs15_id (unsigned int ref, struct sc_pkcs15_id *id)
^
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5130 c6295689-39f2-0310-b995-f0e70906c6a9
to take into account the non-zero 'aid' member in the 'path' parameter
or in the path of the file's instance
also take into account the non-zero 'aid' when getting 'file-id'
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5099 c6295689-39f2-0310-b995-f0e70906c6a9
to get profile instance of the parent of some file presented by it's profile name.
;accept hexadecimal values presented in 'xAB' form;
;coding style issues;
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5098 c6295689-39f2-0310-b995-f0e70906c6a9
'profile-extention' profile parameter used to load from the separate file
the AID dependent profile part.
'exclusive-aid' profile parameter used to introduce the AID for the DF
that do not have file-id and that can be selected only by 'DF-NAME' selection.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5097 c6295689-39f2-0310-b995-f0e70906c6a9
Each application of the multi-application PKCS#15 card has it's own associated pkcs15init profile file.
Profile of the multi-application card contains an association between the ID of the on-card application
and associated profile name.
When sc_profile_finish() is called
- sc_card is connected,
- information on the preset on-card applications is available;
- AID of the applicaition to be binded is known.
thus allowing to sc_profile_finish() to load the final part of the profile.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5096 c6295689-39f2-0310-b995-f0e70906c6a9
the first usage is to update the public key PKCS#15 object attributes
and to encode it's direct value.
(support of the Oberthur's AuthentIC V3.2 card)
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5001 c6295689-39f2-0310-b995-f0e70906c6a9
From http://en.wikipedia.org/wiki/Malloc#Casting_and_type_safety
" Casting and type safety
malloc returns a void pointer (void *), which indicates that it is a
pointer to a region of unknown data type. One may "cast" (see type
conversion) this pointer to a specific type, as in
int *ptr = (int*)malloc(10 * sizeof (int));
When using C, this is considered bad practice; it is redundant under the
C standard. Moreover, putting in a cast may mask failure to include the
header stdlib.h, in which the prototype for malloc is found. In the
absence of a prototype for malloc, the C compiler will assume that
malloc returns an int, and will issue a warning in a context such as the
above, provided the error is not masked by a cast. On certain
architectures and data models (such as LP64 on 64 bit systems, where
long and pointers are 64 bit and int is 32 bit), this error can actually
result in undefined behavior, as the implicitly declared malloc returns
a 32 bit value whereas the actually defined function returns a 64 bit
value. Depending on calling conventions and memory layout, this may
result in stack smashing.
The returned pointer need not be explicitly cast to a more specific
pointer type, since ANSI C defines an implicit conversion between the
void pointer type and other pointers to objects. An explicit cast of
malloc's return value is sometimes performed because malloc originally
returned a char *, but this cast is unnecessary in standard C
code.[4][5] Omitting the cast, however, creates an incompatibility with
C++, which does require it.
The lack of a specific pointer type returned from malloc is type-unsafe
behaviour: malloc allocates based on byte count but not on type. This
distinguishes it from the C++ new operator that returns a pointer whose
type relies on the operand. (see C Type Safety). "
See also
http://www.opensc-project.org/pipermail/opensc-devel/2010-August/014586.html
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4636 c6295689-39f2-0310-b995-f0e70906c6a9
Noted by Ludovic.
In sc_pkcs15init_update_file() procedure the file selection errors other then SC_ERROR_FILE_NOT_FOUND were not treated.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4271 c6295689-39f2-0310-b995-f0e70906c6a9
Some cards do not include security attributes into the FCI returned by 'SELECT' command.
For such cards, when updating certificate, to authenticate 'UPDATE' operation use the
'sc_file' with default ACLs instantiated from the card profile.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4265 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-oberthur-awp.c: In function ‘awp_encode_data_info’:
pkcs15-oberthur-awp.c:1211: warning: implicit declaration of function ‘sc_asn1_encode_object_id’
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4205 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-oberthur-awp.c: In function ‘awp_new_container_entry’:
pkcs15-oberthur-awp.c:241: warning: declaration of ‘rand’ shadows a global declaration
/usr/include/stdlib.h:176: warning: shadowed declaration is here
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4204 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-oberthur.c: In function ‘cosm_write_tokeninfo’:
pkcs15-oberthur.c💯 warning: comparison between signed and unsigned
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4203 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-myeid.c: In function ‘myeid_generate_key’:
pkcs15-myeid.c:687: warning: comparison between signed and unsigned
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4202 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-myeid.c: In function ‘myeid_new_file’:
pkcs15-myeid.c:321: warning: assignment discards qualifiers from pointer target type
pkcs15-myeid.c:323: warning: assignment discards qualifiers from pointer target type
pkcs15-myeid.c:325: warning: assignment discards qualifiers from pointer target type
pkcs15-myeid.c:327: warning: assignment discards qualifiers from pointer target type
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4201 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-entersafe.c:200: warning: initialization discards qualifiers from pointer target type
pkcs15-entersafe.c:201: warning: initialization discards qualifiers from pointer target type
pkcs15-entersafe.c:202: warning: initialization discards qualifiers from pointer target type
pkcs15-entersafe.c:203: warning: initialization discards qualifiers from pointer target type
pkcs15-entersafe.c:204: warning: initialization discards qualifiers from pointer target type
pkcs15-entersafe.c:205: warning: initialization discards qualifiers from pointer target type
pkcs15-entersafe.c:206: warning: initialization discards qualifiers from pointer target type
pkcs15-entersafe.c:207: warning: initialization discards qualifiers from pointer target type
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4200 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-setcos.c: In function ‘setcos_new_file’:
pkcs15-setcos.c:263: warning: assignment discards qualifiers from pointer target type
pkcs15-setcos.c:265: warning: assignment discards qualifiers from pointer target type
pkcs15-setcos.c:267: warning: assignment discards qualifiers from pointer target type
pkcs15-setcos.c:269: warning: assignment discards qualifiers from pointer target type
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4197 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-lib.c: In function ‘get_template_name_from_object’:
pkcs15-lib.c:2152: warning: return discards qualifiers from pointer target type
pkcs15-lib.c:2154: warning: return discards qualifiers from pointer target type
pkcs15-lib.c:2156: warning: return discards qualifiers from pointer target type
pkcs15-lib.c:2159: warning: return discards qualifiers from pointer target type
pkcs15-lib.c:2161: warning: return discards qualifiers from pointer target type
pkcs15-lib.c: In function ‘get_pin_ident_name’:
pkcs15-lib.c:2815: warning: return discards qualifiers from pointer target type
pkcs15-lib.c:2817: warning: return discards qualifiers from pointer target type
pkcs15-lib.c:2819: warning: return discards qualifiers from pointer target type
pkcs15-lib.c:2823: warning: return discards qualifiers from pointer target type
pkcs15-lib.c:2825: warning: return discards qualifiers from pointer target type
pkcs15-lib.c:2827: warning: return discards qualifiers from pointer target type
pkcs15-lib.c:2829: warning: return discards qualifiers from pointer target type
pkcs15-lib.c:2832: warning: return discards qualifiers from pointer target type
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4196 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-oberthur.c: In function ‘cosm_write_tokeninfo’:
pkcs15-oberthur.c:94: warning: format not a string literal and no format arguments
pkcs15-oberthur.c:96: warning: format not a string literal and no format arguments
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4160 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-oberthur.c:61: warning: redundant redeclaration of ‘cosm_delete_file’
pkcs15-oberthur.h:93: warning: previous declaration of ‘cosm_delete_file’ was here
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4159 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-westcos.c:41: warning: redundant redeclaration of ‘sc_check_sw’
../../src/libopensc/opensc.h:674: warning: previous declaration of
‘sc_check_sw’ was here
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4158 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-lib.c:799: warning: no previous prototype for ‘sc_pkcs15init_store_puk’
pkcs15-lib.c:2814: warning: no previous prototype for ‘get_pin_ident_name’
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4152 c6295689-39f2-0310-b995-f0e70906c6a9
Now the native Oberthur card format is supported for emulation of pkcs15 and pkcs15init.
It means that card personalized with OpenSC and the obejcts created with OpenSC
will be usable with the native Oberthur's middleware
and vice-versa.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4137 c6295689-39f2-0310-b995-f0e70906c6a9
Set 'TOKEN INITIALIZED' after an application has been added,
set 'USER PIN INITIALIZED' and 'LOGIN REQUIRED' after User PIN object has been created.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4130 c6295689-39f2-0310-b995-f0e70906c6a9
Four method are added to the 'sc_pkcs15init_operations':
emu_update_dir -- create or not the DIR file;
emu_update_any_df -- update the non-pkcs15 descriptors that are equivalents to pkcs15 xDF files;
emu_update_tokeninfo -- update analog of tokenInfo;
emu_write_info -- to not create OPENSC-INFO file;
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4128 c6295689-39f2-0310-b995-f0e70906c6a9
; do not pad PIN in pkcs15init. It's already done in libopensc/pkcs15-pin;
; the 'do_verify_pin()', 'sc_pkcs15init_verify_key()' and 'do_get_and_verify_secret()' are replaced by unique 'sc_pkcs15init_verify_secret()'; edit debug messages;
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4123 c6295689-39f2-0310-b995-f0e70906c6a9
* reduce to a few, supported functions.
* change all functions to take the debug level as parameter.
* use symbolic names for the debug levels.
* fix tools to pass "verbose"/"opt_debug" as ctx->debug.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4118 c6295689-39f2-0310-b995-f0e70906c6a9
This bug concerned the card drivers for which the file ACLs cannot be obtained from the FCI of the selected file.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4114 c6295689-39f2-0310-b995-f0e70906c6a9
Some non-pkcs15 cards protect the reading of the private objects attributes.
For the emulated pkcs15 cards, the 'init' emu-handler was the only place where pkcs15 objects could be loaded.
This handler is called before the card is binded, and so, for an application there was no 'normal' way to verify PIN and load the objects with protected attributes.
Actually it's possible to complete list of the pkcs15 objects after the emulated pkcs15 card has been binded.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4096 c6295689-39f2-0310-b995-f0e70906c6a9
In the 'flex' card profile the ACLs of the public objects are set to 'NONE'.
As the pkcs15init core currently implemented, the AuthID attribute is not used for the public objects.
Without AuthID the destination 'pin-domain' DF cannot be determined in a simple and sure manner.
That's why 'pin-domain' works only for private key, private data
and the public objects are placed into the application DF.
; take 'flex' CHV files settings from the card profile;
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4085 c6295689-39f2-0310-b995-f0e70906c6a9
When binding profile and p15card (in sc_pkcs15init_set_p15card()), add to the profile EF list the named DF for the path of the all existing AUTH.
; variables name and coding style issues;
; debug messages;
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4084 c6295689-39f2-0310-b995-f0e70906c6a9
; new, athena dedicated, PIN pkcs15 flag 'TRANSPORT_KEY':
in the Athena initialization procedure the 'trasport' SOPIN object is used. This object references to the pre-existing global SOPIN and is different from the final SOPIN of the card. This object should be ignored when fixing up the ACLs of the newly created file;
; the pkcs15 refereces of the new private keys are derived from the file-id;
; remove duplicated code;
; some log messages in pkcs15-lib.c;
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4077 c6295689-39f2-0310-b995-f0e70906c6a9
This patch is not largely tested and it will be followed (hope in a few hours) with another one
that will replace the using of the static pincache
with the pincache as the content of the AUTH pkcs15 object.
In the intervention into the card specific part I tried to respect its creator's coding style.
Sorry, if it's not always the case.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4057 c6295689-39f2-0310-b995-f0e70906c6a9
Profile option 'protect-certifcates' was activated by default for all the cards,
was mentioned and commented out only in 'flex' profile,
and finaly is not working 'by design' of pkcs15-lib.c
So, no need to keep this option, untill the valid arguments to restore it back.
Anyway, the access to certificates is controlled by the file's ACLs defined in profile.
;in profile use the 'define' macros to define the pin encoding type;
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4050 c6295689-39f2-0310-b995-f0e70906c6a9
; in 'sc_pkcs15_pin_info' structure add 'auth_method' member to keep the PIN authentication method: CHV, AUT or SM;
; in pkcs15init profile add function to search PIN template by auth method and reference;
; in 'sc_pkcs15_remove_object' return silently if object to delete is NULL;
; in 'sc_pkcs15_object' structure add 'usage_counter' member;
; new 'sc_pkcs15_find_pin_by_type_and_reference' procedure to search PIN pkcs15 object by auth method and reference;
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4048 c6295689-39f2-0310-b995-f0e70906c6a9
The implementation was based on the previous MSC build, each tool had its own
description in version resource.
This change sets a single version resource to all files, and produces much
simpler build.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3980 c6295689-39f2-0310-b995-f0e70906c6a9
Migrated without testing, but normally should work -- the pkcs15init part of MyEID and SetCOS are sufficiently close.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3975 c6295689-39f2-0310-b995-f0e70906c6a9
When creating application DF ('PKCS15-AppDF'), User PIN is not yet created, and AC type 'SC_AC_SYMBOLIC' cannot be resolved.
So, in the card profile, the macro '$PIN' cannot be used to define the ACLs of the application DF.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3967 c6295689-39f2-0310-b995-f0e70906c6a9
;when putting SOPIN into the global cache, use the path from the object info;
;sc_pkcs15init_create_pin() can be called to create PUK object;
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3964 c6295689-39f2-0310-b995-f0e70906c6a9
no more 'init_app'.
- Oberthur unblock style is the only one (local SOPIN is used as PUK);
- user PIN and PUK should be everywhere defined as local;
- SOPIN is always global.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3950 c6295689-39f2-0310-b995-f0e70906c6a9
When creating PIN, if 'puk_id' is defined in 'struct sc_pkcs15init_pinargs',
the pkcs15 PinObject for PUK will be created.
For a moment, PinObject is not created for SO PUK.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3949 c6295689-39f2-0310-b995-f0e70906c6a9
- for 'global' PINs path in not encoded into the AODF;
- when selecting pin_reference, start from value defined in profile.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3946 c6295689-39f2-0310-b995-f0e70906c6a9
To use New API with the cards that do not have 'key-domain' in their profile,
when setting object data path,
the object template has to be also looked for outside the 'key-domain'.
;migrate Oberthur to the New API;
;use macros SC_CALLED, SC_TEST_.., SC_RETURN in pkcs15-lib.c
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3940 c6295689-39f2-0310-b995-f0e70906c6a9
at the profile level the difference between EF and BSO is:
- BSO path is always the path of the host DF and do not indexated when template is instanciated;
- EF path is always ending with file-id that is always indexated when template is instanciated.
New non-static 'sc_profile_get_file_instance' procedure to instanciate non-template entries.
In profile.c get_uint() accepts hexadecimals.
In CardOS profile (I venture to) increase the xDF sizes
and change ACL to permit the key re-importing.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3919 c6295689-39f2-0310-b995-f0e70906c6a9
;use macros SC_CALLED, SC_RETURN and SC_TEST_RET;
;change debug level in debug macros;
For a new pkcs15 object of a given type the file index is chosen as a first value in the range from 'file-id' to 'max-id',
excluding the values that are already assigned to the file indexes of the existing pkcs15 objects of the same type.
'file-id' is defined in the template ('key-domain') of the card profile ;
'max-id' is 'file-id' + hard coded value 0xFE .
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3916 c6295689-39f2-0310-b995-f0e70906c6a9