Jakub Jelen
86fd200462
sc-hsm: Check the operation first
2019-06-17 12:49:11 +02:00
Jakub Jelen
df0bbc110e
pkcs11-spy: Dump EC Derive parameters
2019-06-17 12:49:11 +02:00
Jakub Jelen
10abef9206
pkcs15-sec: Drop unused code (copied from RSA decipher)
2019-06-17 12:49:11 +02:00
Jakub Jelen
272e380898
Set correctly flags for ECDH derive operations
2019-06-17 12:49:11 +02:00
Jakub Jelen
6d751e8b22
opensc.h: Add missing raw ecdh algorithm
2019-06-17 12:49:11 +02:00
Jakub Jelen
293760c0d0
Fix derive operation detection in MyEID and sc-hsm drivers
2019-06-17 12:49:11 +02:00
Andreas Schwier
58fa53ac91
sc-hsm: Add missing secp384r1 curve parameter
2019-06-14 14:29:58 +02:00
Frank Morgner
94388f9538
fixed more clang-tidy warnings
2019-06-05 13:48:51 +02:00
Nuno Goncalves
0322401aae
gemsafeV1: remove redundant match card call to allow for opensc.conf match
...
At the point when gemsafe_match_card is called, the card type is already known,
either because of a previous match at card.c, or because it is forced at opensc.conf.
With this redundant match it's not possible to force selection on opensc.conf.
Signed-off-by: Nuno Goncalves <nunojpg@gmail.com>
2019-06-05 13:43:52 +02:00
Raul Metsma
3a192e2c87
pkcs11-tool: Add extractable option to key import
...
Signed-off-by: Raul Metsma <raul@metsma.ee>
2019-06-03 10:59:58 +02:00
Doug Engert
a2dd500624
Fix pkcs11-tool encryption error Fix #1694
...
Make sure data being encrypted is less then the modulus.
On branch pkcs11-tool-encryption
Changes to be committed:
modified: ../tools/pkcs11-tool.c
2019-05-31 14:16:24 +02:00
Frank Morgner
278960bf88
AppVeyor: push build artifact in PRs as well
2019-05-31 14:15:37 +02:00
Frank Morgner
3a665f6479
allow single character strings with sc_hex_to_bin
...
fixes https://github.com/OpenSC/OpenSC/issues/1684
fixes https://github.com/OpenSC/OpenSC/issues/1669
2019-05-31 14:15:37 +02:00
Nuno Goncalves
e3ff3be4fe
pteid: add new ATRs
...
One ATR have been confirmed on my personal card and also added to the official middleware:
https://svn.gov.pt/projects/ccidadao/changeset/321/middleware-offline/trunk/_src/eidmw/minidriver/makemsi/pteidmdrv.inf
There is another ATR I am adding blind from the official middleware:
https://svn.gov.pt/projects/ccidadao/changeset/321/middleware-offline/trunk/_src/eidmw/minidriver/makemsi/pteidmdrv.inf
Signed-off-by: Nuno Goncalves <nunojpg@gmail.com>
2019-05-31 14:12:12 +02:00
Andreas Schwier
be294d01be
sc-hsm: Add configuration section for 4K
2019-05-31 14:11:49 +02:00
Andreas Schwier
f2a6209c94
Add SmartCard-HSM 4K ATR ( #1681 )
2019-05-31 14:11:49 +02:00
Ludovic Rousseau
7afa74e049
Merge pull request #1693 from LudovicRousseau/fix
...
Add missing ulIvBits field to CK_GCM_PARAMS
2019-05-31 14:00:52 +02:00
Ludovic Rousseau
cc189585c8
pkcs11-spy: display CK_GCM_PARAMS.ulIvBits field
2019-05-29 15:17:15 +02:00
Ludovic Rousseau
0fbd2663e6
Add missing ulIvBits to CK_GCM_PARAMS
...
The PKCS#11 specification text does not document the ulIvBits field.
But the header file defining CK_GCM_PARAMS uses it.
Since the header file is the normative version we need to add it.
See also https://github.com/Pkcs11Interop/Pkcs11Interop/issues/126o
and https://lists.oasis-open.org/archives/pkcs11-comment/201602/msg00001.html
and https://www.oasis-open.org/committees/document.php?document_id=58032&wg_abbrev=pkcs11
2019-05-29 15:17:15 +02:00
Frank Morgner
65a86b8331
travis: fixed PATH on macOS
2019-05-21 19:36:17 +02:00
Frank Morgner
b7b501d0a5
fixed issues reported by clang-analyzer
2019-05-21 19:34:46 +02:00
Frank Morgner
3c83a80b57
fixed printing non primitive tag
...
fixes undefined bitshift
2019-05-21 19:34:46 +02:00
Frank Morgner
1423c6bb90
CI: integrate clang-tidy (disabled)
...
files that have warnings are currently excluded
2019-05-21 19:34:46 +02:00
Raul Metsma
1e59643caa
Remove process_arr unused file argument and fix clang-tidy warnings
...
Signed-off-by: Raul Metsma <raul@metsma.ee>
2019-05-21 19:34:46 +02:00
Jakub Jelen
e501c5ae81
Unbreak build without OpenSSL
2019-05-21 18:44:06 +02:00
Frank Morgner
65d607af66
fixed 325860 Dereference before null check
2019-05-14 14:50:17 +02:00
Frank Morgner
630bcbedd4
fixed 337490 Unchecked return value
2019-05-14 14:50:17 +02:00
Frank Morgner
e275b34269
fixed 339157 Unused value
2019-05-14 14:50:17 +02:00
Martin Paljak
a5f63fed0c
Merge pull request #1635 from OpenSC/esteid-2018
...
EstEID 2018+ driver
2019-05-02 12:54:21 +03:00
Martin Paljak
2829c5870f
Address review comments
...
Change-Id: I9aa97c8a9878dddd3e6f1a2baa877d188b9d7fe5
2019-05-02 11:51:02 +03:00
Martin Paljak
5f5d40521e
Avoid 6282 reply for a successful operation
...
Change-Id: I5d4d3103692fc6db51f13fc5338360289c26af9a
2019-05-02 11:51:02 +03:00
Martin Paljak
fc8e9bf3f3
Address review comments and further reduce LOC
...
and make sure the card is always handled emulated card first
Change-Id: I60174c2793bb882fb73716f62a652d84e028382c
2019-05-02 11:51:02 +03:00
Martin Paljak
b3d4a0d69a
EstEID 2018+ driver
...
This adds support for a minimalistic, small and fast card profile based on IAS-ECC.
Based on information from https://installer.id.ee/media/id2019/TD-ID1-Chip-App.pdf
and proprietary driver snoops.
Thanks to @metsma and @frankmorgner.
Change-Id: I2e4b4914d8a3b991d9a639728695abf4a2362ca0
2019-05-02 11:47:31 +03:00
Andreas Kemnade
c3a9458fa8
egk-tool: fix missed initialisation of card pointer
...
If util_connect_card_ex() fails, sc_disconnect_card() will use a
random pointer leading to segmentation faults.
2019-05-02 10:09:08 +02:00
Andreas Kemnade
209be72979
eGK: fix path for vd/gvd
...
path was wrong, the same as for pd
2019-05-02 10:09:08 +02:00
Andreas Kemnade
9ca836975a
Starcos: added another ATR for 2nd gen. eGK (TK)
2019-05-02 10:09:08 +02:00
Raul Metsma
63fd71c245
Remove unused sc_pkcs15emu_opt_t structure
...
Only usage was removed SC_PKCS15EMU_FLAGS_NO_CHECK flag
Signed-off-by: Raul Metsma <raul@metsma.ee>
2019-05-02 10:08:46 +02:00
Frank Morgner
f0a6a568f4
fixed Local variable hides global variable
2019-05-02 10:08:28 +02:00
Frank Morgner
0bc95cb6a1
added include guards
2019-05-02 10:08:28 +02:00
Frank Morgner
86ba3ea489
fixed Wrong type of arguments to formatting function
2019-05-02 10:08:28 +02:00
Raul Metsma
5123531e62
Fix EstEID 3.4 signing
...
opensc master requires now SC_ALGORITHM_RSA_HASH_NONE
Signed-off-by: Raul Metsma <raul@metsma.ee>
2019-05-02 10:06:19 +02:00
Frank Morgner
7449b00768
pkcs11: avoid double initialization of notify
2019-04-26 23:51:37 +02:00
Frank Morgner
c671083ee3
fixed missing file
2019-04-25 16:46:07 +02:00
Frank Morgner
7df789ec5d
fixed 337490 Unchecked return value
2019-04-25 15:44:11 +02:00
Frank Morgner
8382f243b2
fixed 337891 Out-of-bounds write
2019-04-25 15:44:11 +02:00
Frank Morgner
1a656f2abe
use OpenPACE 1.1.0
2019-04-25 15:44:11 +02:00
Raul Metsma
bbec50bfdb
Remove unused SC_PKCS15EMU_FLAGS_NO_CHECK flag
...
Fixes #1634
Signed-off-by: Raul Metsma <raul@metsma.ee>
2019-04-25 14:53:25 +02:00
Timo Teräs
3688dfe238
MyEID: simplify key component loading
...
Encode the component ID to be key type and component ID. This allows
each combination to be unique and direct mapping to card component
ID type in the code by just taking the low byte. This simplifies
the code, and reduces confusion as there is now only one #define
for each component.
Signed-off-by: Timo Teräs <timo.teras@iki.fi>
2019-04-25 14:53:10 +02:00
Timo Teräs
3f832ca6da
MyEID: implement support for 4K RSA keys (MyEID 4.5+)
...
MyEID starting version 4.5 supports 4K RSA keys. The card also
now supports proper APDU chainging (for sending large APDUs) and
receiving large responses via GET_RESPONSE splitting.
This updates the following:
* detection code properly announces 3K and 4K RSA support
when available
* APDU chaining is used when possible
* use ISO GET_RESPONSE handling for large responses
* max_recv_size is set to 256 which it always was supposed to be
as the old cards respond with that large responses too
* use the 2K signing kludge only on cards that need it
* unwrap and decipher code paths unified to the extent possible
Signed-off-by: Timo Teräs <timo.teras@iki.fi>
2019-04-25 14:53:10 +02:00
Timo Teräs
0e25c1d2a6
MyEID: detect card from ATR historical data instead of full ATR
...
This will simplify the matching code, and match prototype cards.
Signed-off-by: Timo Teräs <timo.teras@iki.fi>
2019-04-25 14:53:10 +02:00