Jakub Jelen
5d5c391793
opensc-tool: Support for new (X)EdDSA keys
2021-03-01 15:42:29 +01:00
Jakub Jelen
5178e74e1b
pkcs11-tool: Support for new (X)EdDSA keys
2021-03-01 15:42:29 +01:00
Jakub Jelen
2fb688683e
pkcs15-tool: Support for new (X)EdDSA keys
2021-03-01 15:42:29 +01:00
Jakub Jelen
b351bf5ea4
openpgp: Initial support for (X)EdDSA keys
2021-03-01 15:42:29 +01:00
Jakub Jelen
caae75758c
Add internal support for (X)EdDSA keys
2021-03-01 15:42:26 +01:00
Jakub Jelen
80f80317d1
pkcs11: Add new SHA3 identifiers
2021-03-01 14:35:51 +01:00
Jakub Jelen
095c28e372
pkcs11: Add new (X)EDDSA identifiers
2021-03-01 14:35:51 +01:00
Jakub Jelen
0455a5665e
winscard: Add missing constant define
2021-03-01 14:35:51 +01:00
Jakub Jelen
c78fa164c9
openpgp-tool: Fix typos OpenGPG -> OpenPGP
2021-03-01 14:35:51 +01:00
Jakub Jelen
a30bf95eed
openpgp: Fix typo in the card name
2021-03-01 14:35:51 +01:00
Jakub Jelen
a5a6757d10
pkcs11-tool: Add CKA_KEY_TYPE attribute for keygen as recommeneded in specification
2021-03-01 14:35:50 +01:00
Jakub Jelen
e82f875047
pkcs11-spy: Systematize output of C_GetMechanismInfo
2021-03-01 14:35:50 +01:00
Jakub Jelen
86e01d7c47
pkcs11: Prefer CKA_EC_PARAMS over deprecated CKA_ECDSA_PARAMS by listing it first in the list
2021-03-01 14:35:50 +01:00
Jakub Jelen
f726d4f201
Improve logging mostly in opengpg
2021-03-01 14:35:50 +01:00
Frank Morgner
5b42a62ec0
use macos' ${Caches} by default
2021-03-01 11:49:14 +01:00
Frank Morgner
fe6864c5f3
fixed 354852 Invalid type in argument to printf format specifier
2021-02-25 23:34:57 +01:00
Frank Morgner
c2670b0787
fixed 13755 Resource leak
...
... as reported by coverity scan.
p11cards are freed by emptying the virtual slots. virtual slots are
creatd with the framework's create_tokens. Hence, we need to free
p11card if no tokens were created.
2021-02-25 23:34:57 +01:00
Frank Morgner
881dca94ef
avoid memory leak when creating pkcs#15 files
2021-02-25 23:34:57 +01:00
Frank Morgner
d353a46d04
tcos: fixed memcpy with 0 or less bytes
2021-02-25 23:34:57 +01:00
Peter Popovec
6738d456ac
ECDSA verify
...
Added support for raw ECDSA verify.
2021-02-25 18:37:18 +01:00
Frank Morgner
999874fb1c
fixed potential memory issue
...
closes https://github.com/OpenSC/OpenSC/pull/2230
2021-02-25 18:36:39 +01:00
Luka Logar
c80375eb4c
Minidriver RSA-PSS signing not working
...
I am using a somewhat modified version of IsoApplet. Up till now it worked fine. However recently I stumbled upon a web site that
forces a client cert auth with RSA-PSS. And (at least on windows, using minidriver) it didn't work. It looks to me, that it's a bug
in the PSS support code in minidriver, as I cannot find any place where a MGF1 padding scheme is specified. And since none is specified
signing fails. This patch fixes this. It assumes, that the same hash is used for hashing and padding.
2021-02-25 18:35:57 +01:00
Frank Morgner
a322c95d35
mac: disable binary verification
...
fixes https://github.com/OpenSC/OpenSC/issues/2194
2021-02-25 18:35:10 +01:00
Jakub Jelen
5f7c91e54f
pkcs15-isoApplet: Avoid uninitialized reads
...
Thanks coverity
CID 365817
2021-02-25 09:08:52 +01:00
Jakub Jelen
46cfe89b3c
pkcs15-iasecc: Avoid memory leak
...
Thanks coverity
CID 365818
2021-02-25 09:08:52 +01:00
Jakub Jelen
a567ab9dca
p11test: Fix possible resource leak
...
Thanks coverity
CID 365819
2021-02-25 09:08:52 +01:00
Jakub Jelen
cee431a3ce
pkcs15-iasecc: Check return value as in other cases
...
Thanks coverity
CID 365820
2021-02-25 09:08:52 +01:00
Jakub Jelen
ffed34663d
sm-global-platform: Fix possible memory leak
...
Thanks coverity
CID 365821
2021-02-25 09:08:52 +01:00
Jakub Jelen
3b556ef618
sm-cwa14890: Fix resource leak
...
CID 365822
Thanks oss-fuzz
2021-02-25 09:08:52 +01:00
Jakub Jelen
1dbe4b5a5b
isoApplet: Prevent reading uninitialized values
...
CID 365823
Thanks coverity
2021-02-25 09:08:52 +01:00
Jakub Jelen
2f232f217b
pkcs11-tool: Avoid double free and check allocation
...
366349 Double free
Thanks coverity
2021-02-25 09:08:52 +01:00
Jakub Jelen
ae1cf0be90
iasecc: Prevent stack buffer overflow when empty ACL is returned
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=30800
2021-02-25 09:08:52 +01:00
Jakub Jelen
1252aca9f1
cardos: Correctly calculate the left bytes to avoid buffer overrun
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=29912
2021-02-25 09:08:52 +01:00
Jakub Jelen
17d8980cde
oberthur: Avoid two buffer overflows
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=30112
2021-02-25 09:08:52 +01:00
Jakub Jelen
9c91a4327e
oberthur: Free another read data on failure paths
2021-02-25 09:08:52 +01:00
Jakub Jelen
7ba89daae6
apdu: Do not insert delay while fuzzing
...
This was timeout after 60 seconds. After skipping this call, we
get down to 1 s for the same input
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=27423
2021-02-25 09:08:52 +01:00
Jakub Jelen
251c4f6b76
oberthur: Avoid memory leaks
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=29998
2021-02-25 09:08:52 +01:00
alt3r 3go
3044557299
openpgp: fix DO deletion
...
This fixes a problem reported in Nitrokey forum at
https://support.nitrokey.com/t/veracrypt-encryption-with-nitrokey-error/2872
as inability to save the VeraCrypt's keyfile onto the token
after deleting an existing one, unless the PKCS11 is reinitialized.
Reason: commit cbc53b9
"OpenPGP: Support write certificate for Gnuk"
introduced a condition on getting the blob handle, which is surplus
(the pgp_find_blob() function actually does that) and prevents
the blob refresh upon deletion, breaking the logic introduced
earlier in commit 9e04ae4
and causing the higher-level effect reported.
While at it, corrected comments to actually reflect the flow logic.
Tested on Fedora 33 using the repro steps from the forum and Nitrokey Pro.
Signed-off-by: alt3r 3go <alt3r.3go@protonmail.com>
2021-02-16 13:07:19 +01:00
ihsinme
6372adeb20
Update card-oberthur.c
2021-02-11 12:32:19 +01:00
ihsinme
0a3d7a28a7
Update card-epass2003.c
2021-02-11 12:32:19 +01:00
Zhang Xiaohui
49788678fe
Small memory leak fix
2021-02-10 09:26:37 +01:00
Zhang Xiaohui
1c4a01d766
Small memory leak fix
2021-02-10 09:26:11 +01:00
Vincent JARDIN
66e5600b27
IASECC: log AID selection
...
Record the selection of the AID for better debugging
2021-02-05 12:09:20 +01:00
Jakub Jelen
8a6026abf5
Avoid memory leak from profile objects
2021-02-05 00:22:43 +01:00
Jakub Jelen
da247384e7
pkcs11: Do not advertize VERIFY flag on the EC derive mechanisms
...
Amends 285db1ef
2021-02-05 00:22:43 +01:00
Jakub Jelen
176b20f339
pkcs11-tool: Display additional EC mechanism flags
2021-02-05 00:22:43 +01:00
Jakub Jelen
cb074c5fa0
pkcs11: Add new mechanism flags from EC curves from current PKCS #11 3.0
2021-02-05 00:22:43 +01:00
Jakub Jelen
5633129bd8
p11test: Add CKM_ECDSA_SHA224
2021-02-05 00:22:43 +01:00
Jakub Jelen
0d693f63cb
pkcs11-spy: Fix behavior of PKCS#11 3.0 applications when proxying PKCS#11 2.x module
...
Fixes #2204
2021-01-26 13:52:23 +01:00
Doug Engert
b5ddaf6e02
Add tests of pkcs11-tool --test-threads
...
These should run when a PR is submitted.
Changes to be committed:
modified: tests/Makefile.am
new file: tests/test-pkcs11-tool-test-threads.sh
2021-01-26 12:50:39 +01:00