giomba
/
opensc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
7,575 Commits 1 Branch 30 Tags 20 MiB
Commit Graph

6388 Commits

Author SHA1 Message Date
Frank Morgner 7df789ec5d fixed 337490 Unchecked return value 2019-04-25 15:44:11 +02:00
Frank Morgner 8382f243b2 fixed 337891 Out-of-bounds write 2019-04-25 15:44:11 +02:00
Raul Metsma bbec50bfdb Remove unused SC_PKCS15EMU_FLAGS_NO_CHECK flag 
Fixes #1634

Signed-off-by: Raul Metsma <raul@metsma.ee>
 2019-04-25 14:53:25 +02:00
Timo Teräs 3688dfe238 MyEID: simplify key component loading 
Encode the component ID to be key type and component ID. This allows
each combination to be unique and direct mapping to card component
ID type in the code by just taking the low byte. This simplifies
the code, and reduces confusion as there is now only one #define
for each component.

Signed-off-by: Timo Teräs <timo.teras@iki.fi>
 2019-04-25 14:53:10 +02:00
Timo Teräs 3f832ca6da MyEID: implement support for 4K RSA keys (MyEID 4.5+) 
MyEID starting version 4.5 supports 4K RSA keys. The card also
now supports proper APDU chainging (for sending large APDUs) and
receiving large responses via GET_RESPONSE splitting.

This updates the following:
* detection code properly announces 3K and 4K RSA support
  when available
* APDU chaining is used when possible
* use ISO GET_RESPONSE handling for large responses
* max_recv_size is set to 256 which it always was supposed to be
  as the old cards respond with that large responses too
* use the 2K signing kludge only on cards that need it
* unwrap and decipher code paths unified to the extent possible

Signed-off-by: Timo Teräs <timo.teras@iki.fi>
 2019-04-25 14:53:10 +02:00
Timo Teräs 0e25c1d2a6 MyEID: detect card from ATR historical data instead of full ATR 
This will simplify the matching code, and match prototype cards.

Signed-off-by: Timo Teräs <timo.teras@iki.fi>
 2019-04-25 14:53:10 +02:00
Ludovic Rousseau ffaaf1c0d3 pkcs11-spy: parse CKM_AES_GCM for C_EncryptInit() 2019-04-25 14:52:20 +02:00
Ludovic Rousseau 69727c79ad pkcs11.h: add CK_GCM_PARAMS structure 2019-04-25 14:52:20 +02:00
Ludovic Rousseau 98ec27e768 pkcs11-spy: log pParameter buffer for C_EncryptInit & C_DecryptInit 2019-04-25 14:52:20 +02:00
Frank Morgner bfa94dc90d
Merge pull request #1600 from AlexandreGonzalo/trustonic_pkcs11 2019-04-25 14:51:54 +02:00
alegon01 e21cb5712c Fix in encrypt_decrypt(), initialize the mgf 2019-04-24 14:03:35 +02:00
Jakub Jelen 13429baed0 cac: Avoid signed/unsigned casting reported by coverity 
src/libopensc/card-cac.c:1707: negative_returns: "val_len" is passed to a parameter that cannot be negative.
 2019-04-23 14:49:45 +02:00
Dmitriy Fortinskiy 8cf1e6f769 pkcs11-tool: List supported GOST mechanisms 2019-04-17 16:42:12 +02:00
Dmitriy Fortinskiy a5382d32fd pkcs11-tool: Show GOSTR3410-2012 keys 2019-04-17 16:42:12 +02:00
Dmitriy Fortinskiy 0e12b1dc71 pkcs11-tool: Generate GOSTR3410-2012 keys 2019-04-17 16:42:12 +02:00
Dmitriy Fortinskiy 4614beb87e pkcs11-tool: Add keys access flags 2019-04-17 16:40:41 +02:00
Dmitriy Fortinskiy aff2059ec1 card-rtecp: Fix SELECT FILE 2019-04-17 16:38:49 +02:00
Dmitriy Fortinskiy fe4dae4d31 card-rtecp: Add Rutoken ECP SC ATR 2019-04-17 16:38:49 +02:00
Raul Metsma 91a1dd9af4 Option to delete object by index 
Signed-off-by: Raul Metsma <raul@metsma.ee>
 2019-04-17 14:38:40 +02:00
Raul Metsma 3935d501bf Implement Secret Key write object 
Signed-off-by: Raul Metsma <raul@metsma.ee>
 2019-04-17 14:37:49 +02:00
Frank Morgner 066c30bb4e opensc-notify: add to autostart 2019-04-08 11:16:13 +02:00
Frank Morgner 159821497c egk-tool: fixed verbose logging 2019-04-08 11:16:13 +02:00
Frank Morgner fe95520e3e explicitly import libpkcs11.h 2019-04-08 11:16:13 +02:00
Frank Morgner 6f9b58af72 added pkcs11-register 2019-04-08 11:16:13 +02:00
Jakub Jelen fc4d600634 pkcs11-tool: Allow to set CKA_ALLOWED_MECHANISMS when creating an objects 
Also list them in the attributes listing
 2019-04-08 11:15:19 +02:00
alegon01 f631b5f733 Fix in encrypt_decrypt(), check for (in_len <= sizeof orig_data) 2019-04-05 10:39:52 +02:00
alegon01 4913feadb8 Fix in encrypt_decrypt(), check for (in_len <= sizeof orig_data) 2019-04-05 10:38:12 +02:00
Frank Morgner fd20ffe608
optimize bin/hex low parsing level functions (#1646) 
* optimize sc_hex_to_bin

* optimize sc_bin_to_hex

* added documentation

closes https://github.com/OpenSC/OpenSC/pull/1643

thanks to carblue <ka6613-496@online.de>
 2019-04-04 12:52:08 +02:00
Frank Morgner 0abe9d11c7 pkcs11: (de-) initialize notifications on load 
fixes https://github.com/OpenSC/OpenSC/issues/1507
fixes https://github.com/OpenSC/pkcs11-helper/issues/16
 2019-04-04 11:04:50 +02:00
Raul Metsma 9ba8f56037 Change u8 *data to const because sc_apdu unsigned char *data is const 
Name sc_format_apdu parameters for IDE help hints

Signed-off-by: Raul Metsma <raul@metsma.ee>
 2019-04-03 22:15:54 +02:00
Raul Metsma 4ba086bfd4 Use strdup and fix all casts 
Signed-off-by: Raul Metsma <raul@metsma.ee>
 2019-04-01 12:53:33 +02:00
Martin Paljak ea74308512 iso7816_read_binary: do not assume that 6282 is returned with data 
Instead of a double check_sw call in case there is no data, assume
that a SW is properly sent by the card and do not expose
SC_ERROR_FILE_END_REACHED outside of the function
(like sc_pkcs15_read_file)

This is to facilitate Estonian eID 2018+ that instead of properly returning
6282 with trunkated data, 9000 is returned and next READ BINARY returns
6b00 (invalid p1/p2). The change should be generally harmless for well-behaving
cards.

Change-Id: I7511ab4841d3bcdf8d6f4a37a9315ea4ac569b10
 2019-04-01 12:51:00 +02:00
Peter Popovec f070c99b65 opensc-tool: do not use card driver to read ATR 
If card driver fails to connect to card, 'opensc-tool -a' may fail to print
ATR even if ATR is available from card reader.  Before use of card driver,
do only card reader connect, then print ATR.  Only if it is neccesary, use
card driver for the rest of opensc-tool functions.
 2019-03-25 14:34:26 +01:00
Frank Morgner b389b19ca5
Merge pull request #1633 from metsma/esteid 
Only EstEID 3.5 has EC 384 keys
 2019-03-25 14:31:02 +01:00
Frank Morgner 2f4df1b93e tools: unified handling of gengetopt 2019-03-25 14:30:09 +01:00
Frank Morgner fc9277b778 use compat_getopt_long if getopt_long is not available 
uses the autoconf way for replacing getopt.h

fixes https://github.com/OpenSC/OpenSC/issues/1527
 2019-03-25 14:30:09 +01:00
Raul Metsma 7ae54f490d Remove dead code (#1638) 2019-03-25 14:28:53 +01:00
Frank Morgner 8dea0a9028 fix overlapping memcpy 
Fixes https://github.com/OpenSC/OpenSC/issues/1631
 2019-03-18 23:33:24 +01:00
Frank Morgner 6aa5410e73 goid-tool: live with short length APDUs 2019-03-18 13:59:11 +01:00
Raul Metsma 4d2254a092 Only EstEID 3.5 has EC 384 keys 
Signed-off-by: Raul Metsma <raul@metsma.ee>
 2019-03-13 23:01:07 +02:00
Frank Morgner 2e87e4cfed fixed issues from review 2019-03-13 21:22:19 +01:00
Frank Morgner b7ec7f95b1 pkcs11: fixed token label 2019-03-13 21:22:19 +01:00
Frank Morgner 0079d836f3 pkcs11: truncate oversized labels with '...' 2019-03-13 21:22:19 +01:00
Raul Metsma 1e6d3df201 Remove un-lincenced header file 
Signed-off-by: Raul Metsma <raul@metsma.ee>
 2019-03-13 21:19:26 +01:00
Frank Morgner 71b85d15e4 opensc.conf: Configure handling of private_certificate 
possible choices: ignore, protect, declassify

fixes https://github.com/OpenSC/OpenSC/issues/1430
 2019-03-13 21:18:57 +01:00
Frank Morgner 1e0743b29f removed untested use of SC_SEC_OPERATION_AUTHENTICATE 
fixes https://github.com/OpenSC/OpenSC/issues/1271
 2019-03-13 21:17:54 +01:00
Frank Morgner 106b3a28b1 acos5: removed incomplete driver 
fixes https://github.com/OpenSC/OpenSC/issues/1204
 2019-03-13 21:17:54 +01:00
Frank Morgner 9fa1722f73 sc_bin_to_hex returns a Nul terminated string 2019-03-13 21:17:00 +01:00
Frank Morgner eb8f28db20 fixed error handling 2019-03-13 21:17:00 +01:00
Frank Morgner d4f1decd15 Make sure card's strings are Nul terminated 
Avoids out of bounds reads when using internal operations with the given string
 2019-03-13 21:17:00 +01:00