giomba
/
opensc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
8,451 Commits 1 Branch 30 Tags 20 MiB
Commit Graph

8451 Commits

Author SHA1 Message Date
Jakub Jelen 5d5c391793 opensc-tool: Support for new (X)EdDSA keys 2021-03-01 15:42:29 +01:00
Jakub Jelen 5178e74e1b pkcs11-tool: Support for new (X)EdDSA keys 2021-03-01 15:42:29 +01:00
Jakub Jelen 2fb688683e pkcs15-tool: Support for new (X)EdDSA keys 2021-03-01 15:42:29 +01:00
Jakub Jelen b351bf5ea4 openpgp: Initial support for (X)EdDSA keys 2021-03-01 15:42:29 +01:00
Jakub Jelen caae75758c Add internal support for (X)EdDSA keys 2021-03-01 15:42:26 +01:00
Jakub Jelen 80f80317d1 pkcs11: Add new SHA3 identifiers 2021-03-01 14:35:51 +01:00
Jakub Jelen 095c28e372 pkcs11: Add new (X)EDDSA identifiers 2021-03-01 14:35:51 +01:00
Jakub Jelen 0455a5665e winscard: Add missing constant define 2021-03-01 14:35:51 +01:00
Jakub Jelen c78fa164c9 openpgp-tool: Fix typos OpenGPG -> OpenPGP 2021-03-01 14:35:51 +01:00
Jakub Jelen a30bf95eed openpgp: Fix typo in the card name 2021-03-01 14:35:51 +01:00
Jakub Jelen a5a6757d10 pkcs11-tool: Add CKA_KEY_TYPE attribute for keygen as recommeneded in specification 2021-03-01 14:35:50 +01:00
Jakub Jelen e82f875047 pkcs11-spy: Systematize output of C_GetMechanismInfo 2021-03-01 14:35:50 +01:00
Jakub Jelen 86e01d7c47 pkcs11: Prefer CKA_EC_PARAMS over deprecated CKA_ECDSA_PARAMS by listing it first in the list 2021-03-01 14:35:50 +01:00
Jakub Jelen f726d4f201 Improve logging mostly in opengpg 2021-03-01 14:35:50 +01:00
Frank Morgner 5b42a62ec0 use macos' ${Caches} by default 2021-03-01 11:49:14 +01:00
Frank Morgner fe6864c5f3 fixed 354852 Invalid type in argument to printf format specifier 2021-02-25 23:34:57 +01:00
Frank Morgner c2670b0787 fixed 13755 Resource leak 
... as reported by coverity scan.

p11cards are freed by emptying the virtual slots. virtual slots are
creatd with the framework's create_tokens. Hence, we need to free
p11card if no tokens were created.
 2021-02-25 23:34:57 +01:00
Frank Morgner 881dca94ef avoid memory leak when creating pkcs#15 files 2021-02-25 23:34:57 +01:00
Frank Morgner d353a46d04 tcos: fixed memcpy with 0 or less bytes 2021-02-25 23:34:57 +01:00
Peter Popovec 6738d456ac ECDSA verify 
Added support for raw ECDSA verify.
 2021-02-25 18:37:18 +01:00
Frank Morgner 999874fb1c fixed potential memory issue 
closes https://github.com/OpenSC/OpenSC/pull/2230
 2021-02-25 18:36:39 +01:00
Luka Logar c80375eb4c Minidriver RSA-PSS signing not working 
I am using a somewhat modified version of IsoApplet. Up till now it worked fine. However recently I stumbled upon a web site that
forces a client cert auth with RSA-PSS. And (at least on windows, using minidriver) it didn't work. It looks to me, that it's a bug
in the PSS support code in minidriver, as I cannot find any place where a MGF1 padding scheme is specified. And since none is specified
signing fails. This patch fixes this. It assumes, that the same hash is used for hashing and padding.
 2021-02-25 18:35:57 +01:00
Frank Morgner a322c95d35 mac: disable binary verification 
fixes https://github.com/OpenSC/OpenSC/issues/2194
 2021-02-25 18:35:10 +01:00
Jakub Jelen 5f7c91e54f pkcs15-isoApplet: Avoid uninitialized reads 
Thanks coverity

CID 365817
 2021-02-25 09:08:52 +01:00
Jakub Jelen 46cfe89b3c pkcs15-iasecc: Avoid memory leak 
Thanks coverity

CID 365818
 2021-02-25 09:08:52 +01:00
Jakub Jelen a567ab9dca p11test: Fix possible resource leak 
Thanks coverity

CID 365819
 2021-02-25 09:08:52 +01:00
Jakub Jelen cee431a3ce pkcs15-iasecc: Check return value as in other cases 
Thanks coverity

CID 365820
 2021-02-25 09:08:52 +01:00
Jakub Jelen ffed34663d sm-global-platform: Fix possible memory leak 
Thanks coverity

CID 365821
 2021-02-25 09:08:52 +01:00
Jakub Jelen 3b556ef618 sm-cwa14890: Fix resource leak 
CID 365822

Thanks oss-fuzz
 2021-02-25 09:08:52 +01:00
Jakub Jelen 1dbe4b5a5b isoApplet: Prevent reading uninitialized values 
CID 365823

Thanks coverity
 2021-02-25 09:08:52 +01:00
Jakub Jelen 2f232f217b pkcs11-tool: Avoid double free and check allocation 
366349 Double free

Thanks coverity
 2021-02-25 09:08:52 +01:00
Jakub Jelen ae1cf0be90 iasecc: Prevent stack buffer overflow when empty ACL is returned 
Thanks oss-fuzz

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=30800
 2021-02-25 09:08:52 +01:00
Jakub Jelen 1252aca9f1 cardos: Correctly calculate the left bytes to avoid buffer overrun 
Thanks oss-fuzz

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=29912
 2021-02-25 09:08:52 +01:00
Jakub Jelen 17d8980cde oberthur: Avoid two buffer overflows 
Thanks oss-fuzz

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=30112
 2021-02-25 09:08:52 +01:00
Jakub Jelen 9c91a4327e oberthur: Free another read data on failure paths 2021-02-25 09:08:52 +01:00
Jakub Jelen 7ba89daae6 apdu: Do not insert delay while fuzzing 
This was timeout after 60 seconds. After skipping this call, we
get down to 1 s for the same input

Thanks oss-fuzz

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=27423
 2021-02-25 09:08:52 +01:00
Jakub Jelen 251c4f6b76 oberthur: Avoid memory leaks 
Thanks oss-fuzz

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=29998
 2021-02-25 09:08:52 +01:00
alt3r 3go 3044557299 openpgp: fix DO deletion 
This fixes a problem reported in Nitrokey forum at

https://support.nitrokey.com/t/veracrypt-encryption-with-nitrokey-error/2872

as inability to save the VeraCrypt's keyfile onto the token
after deleting an existing one, unless the PKCS11 is reinitialized.

Reason: commit cbc53b9 "OpenPGP: Support write certificate for Gnuk"
introduced a condition on getting the blob handle, which is surplus
(the pgp_find_blob() function actually does that) and prevents
the blob refresh upon deletion, breaking the logic introduced
earlier in commit 9e04ae4 and causing the higher-level effect reported.

While at it, corrected comments to actually reflect the flow logic.

Tested on Fedora 33 using the repro steps from the forum and Nitrokey Pro.

Signed-off-by: alt3r 3go <alt3r.3go@protonmail.com>
 2021-02-16 13:07:19 +01:00
ihsinme 6372adeb20 Update card-oberthur.c 2021-02-11 12:32:19 +01:00
ihsinme 0a3d7a28a7 Update card-epass2003.c 2021-02-11 12:32:19 +01:00
Zhang Xiaohui 49788678fe Small memory leak fix 2021-02-10 09:26:37 +01:00
Zhang Xiaohui 1c4a01d766 Small memory leak fix 2021-02-10 09:26:11 +01:00
Vincent JARDIN 66e5600b27 IASECC: log AID selection 
Record the selection of the AID for better debugging
 2021-02-05 12:09:20 +01:00
Jakub Jelen 8a6026abf5 Avoid memory leak from profile objects 2021-02-05 00:22:43 +01:00
Jakub Jelen da247384e7 pkcs11: Do not advertize VERIFY flag on the EC derive mechanisms 
Amends 285db1ef
 2021-02-05 00:22:43 +01:00
Jakub Jelen 176b20f339 pkcs11-tool: Display additional EC mechanism flags 2021-02-05 00:22:43 +01:00
Jakub Jelen cb074c5fa0 pkcs11: Add new mechanism flags from EC curves from current PKCS #11 3.0 2021-02-05 00:22:43 +01:00
Jakub Jelen 5633129bd8 p11test: Add CKM_ECDSA_SHA224 2021-02-05 00:22:43 +01:00
Jakub Jelen 0d693f63cb pkcs11-spy: Fix behavior of PKCS#11 3.0 applications when proxying PKCS#11 2.x module 
Fixes #2204
 2021-01-26 13:52:23 +01:00
Doug Engert b5ddaf6e02 Add tests of pkcs11-tool --test-threads 
These should run when a PR is submitted.

 Changes to be committed:
	modified:   tests/Makefile.am
	new file:   tests/test-pkcs11-tool-test-threads.sh
 2021-01-26 12:50:39 +01:00