Frank Morgner
7c1feb1b8a
pkcs15-oberthur.c: fixed accessing label in sc_pkcs15_object_t
2015-10-04 17:33:14 +02:00
Frank Morgner
fa3f4d632c
pkcs15-lib.c: fixed accessing label in sc_pkcs15_object_t
2015-10-04 17:33:14 +02:00
Frank Morgner
1046d951ba
framework-pkcs15.c: fixed accessing label in sc_pkcs15_object_t
2015-10-04 17:33:14 +02:00
Frank Morgner
c56fe19b31
minidriver.c: fixed accessing label in sc_pkcs15_object_t
2015-10-04 17:33:14 +02:00
Frank Morgner
64417c271e
fixed out of bounds access
2015-10-04 13:19:29 +02:00
Frank Morgner
78018a2b49
fixed string operation on fixed size array
2015-10-04 13:07:39 +02:00
Frank Morgner
d33517a58b
fixed missing comma
2015-10-04 12:55:25 +02:00
Frank Morgner
9e500e0b9a
fixed bad typecast
2015-10-04 12:52:49 +02:00
Frank Morgner
50e81d1de0
added missing break
2015-10-04 12:45:25 +02:00
vletoux
3edf32ca9c
fix: when exporting immediatly an ECC key when the ECC key just has been created
...
This test case is triggered when requesting a ECC certificate from ADCS:
NCryptCreatePersistedKey followed by NCryptExportKey
2015-10-03 19:41:34 +02:00
vletoux
c3f2cb142f
fix "use guid as label"
...
Allow to use as pkcs15 label the windows container name (max: 39 characters)
2015-10-03 18:59:52 +02:00
vletoux
b667645797
fix compilation warning
2015-10-03 18:56:19 +02:00
Frank Morgner
ac65af0669
Fixes unreleased locks with pcsc-lite
...
This is a bug in PCSC-Lite propably won't be fixed, see
https://alioth.debian.org/tracker/index.php?func=detail&aid=315083&group_id=30105&atid=410088
Fixes https://github.com/OpenSC/OpenSC/issues/480
Closes https://github.com/OpenSC/OpenSC/pull/487
2015-10-03 12:55:15 +02:00
Frank Morgner
5e242c5fb2
Merge pull request #560 from CardContact/fix_sc_pkcs15init_finalize_profile
...
Removed error check to support card with PKCS#15 emulation but no mat…
2015-10-02 15:18:14 +02:00
Frank Morgner
a15363198c
Merge pull request #569 from mdealencar/patch-2
...
fix: change SC_TERMINATE (undefined) to SC_CTX_FLAG_TERMINATE
2015-10-02 15:16:42 +02:00
Frank Morgner
4f4643ee3e
Merge pull request #452 from frankmorgner/memory-leaks
...
Fix some memory leaks
2015-10-02 15:13:34 +02:00
Frank Morgner
e0a4e0bfec
Merge pull request #532 from frankmorgner/sloppy
...
implemented sloppy initialization for C_GetSlotInfo
2015-10-02 15:13:07 +02:00
Frank Morgner
f851197129
Merge pull request #565 from frankmorgner/sm-openssl
...
Build a lightweight version of OpenSC
2015-10-02 15:12:41 +02:00
mdealencar
34d6c10fa0
fix: change SC_TERMINATE (undefined) to SC_CTX_FLAG_TERMINATE
...
This file was not compiling because SC_TERMINATE is not defined anywhere. It seems like the intended expression is what I propose.
2015-10-01 08:38:23 -03:00
Frank Morgner
f252277fab
Add configuration for sloppy PKCS#11 initialization
2015-10-01 12:44:41 +02:00
Frank Morgner
3307dd6f45
implemented sloppy initialization for C_GetSlotInfo
...
Makes things work for Java and closes #523
2015-10-01 12:44:41 +02:00
vletoux
a9897f9956
First implementation of CardDeleteContainer
...
Container now can be created, deleted, in short, a read write card
2015-09-30 22:52:37 +02:00
vletoux
67740fb955
quality improvement of CardDeriveKey
2015-09-30 22:49:41 +02:00
vletoux
9a590d64e4
do not reset the authentication state before each operation
2015-09-30 22:47:16 +02:00
Frank Morgner
c5cf4f69a2
Merge pull request #559 from philipWendland/ecc-sig-format
...
ECDSA helper functions: strip zeroes when converting from R,S to sequence
2015-09-30 08:14:25 +02:00
Frank Morgner
fb705b6a2d
Merge pull request #563 from CardContact/fix_reselect_applet_for_pin_verification
...
Fix reselect applet for pin verification
2015-09-29 20:09:00 +02:00
vletoux
c00f9830ba
force recompilation on integration plateforms
2015-09-25 22:56:26 +02:00
vletoux
701d45e89d
fix delay load library import
2015-09-25 22:30:11 +02:00
vletoux
6cbeea3942
First ECC support for the minidriver
2015-09-25 22:22:29 +02:00
Andreas Schwier
83a28a1bc3
pkcs15: Observe path.aid for PIN operation
2015-09-25 11:56:32 +02:00
Andreas Schwier
7fd4edf7b6
Allow cards without EF.DIR using default application
...
Removed error check to support card with PKCS#15 emulation but no matching card app
2015-09-25 11:43:01 +02:00
Frank Morgner
7120a9b549
Merge pull request #554 from frankmorgner/fixes
...
Some more fixes for problems reported by Coverity scan
2015-09-25 11:13:17 +02:00
Frank Morgner
30c90448fb
Adds missing Advapi32.lib to opensc_a.lib
2015-09-25 10:58:53 +02:00
Andreas Schwier
d8d47bb06f
sc-hsm: Bind PIN object to applet aid to ensure SELECT before PIN verification
2015-09-23 15:38:57 +02:00
Andreas Schwier
c41153aa13
pkcs15: Select application defined by path.aid for PIN verification
2015-09-23 15:36:56 +02:00
Frank Morgner
e14e028453
Properly describe OpenSSL dependencies in .mak files
2015-09-23 08:23:28 +02:00
Frank Morgner
ffd85adae7
Decouples SM from OpenSSL
2015-09-24 14:46:30 +02:00
Frank Morgner
4814863d18
Merge pull request #551 from frankmorgner/507
...
Fix OpenPGP driver to work correctly with YubiKey NEO
2015-09-21 13:23:18 +02:00
Philip Wendland
328176d28b
ECDSA helper functions: strip zeroes when converting from R,S to sequence
...
For ECDSA signatures, there are multiple ways to format the signature:
- R|S (R and S filled with zeroes at the most significant bytes)
- ASN1 sequence of R,S integers (e.g. used by OpenSSL).
It is rare that the filling with zeroes is needed.
But if it is, in the second case, the filling zeroes should not be there
or the verification of the signature by OpenSSL will fail.
2015-09-20 22:34:39 +02:00
Philip Wendland
09fb1e71a9
IsoApplet: add PIN to pincache upon creation
2015-09-18 17:02:45 +02:00
Philip Wendland
6bffeb7a36
IsoApplet: fix dead code
2015-09-18 17:02:45 +02:00
Doug Engert
24a3999386
Fix indentation for readability
2015-09-17 19:03:44 -05:00
Frank Morgner
c399bc94ec
piv-tool: fixed resource leak
2015-09-17 22:32:07 +02:00
Frank Morgner
2dca6ced06
pkcs15-oberthur: fixed resource leak
2015-09-17 22:32:07 +02:00
Frank Morgner
4e280b4741
pkcs15-lib: fixed resource leak
2015-09-17 22:32:07 +02:00
Frank Morgner
5854aff155
pkcs15-epass2003: fixed resource leak
2015-09-17 22:32:06 +02:00
Frank Morgner
4fd359406e
iasecc-sdo: fixed resource leak
2015-09-17 22:32:06 +02:00
Frank Morgner
1308fd0618
cwa14890: fixed resource leak
2015-09-17 22:32:06 +02:00
Frank Morgner
7fe4819a02
card-tcos: fixed resource leak
2015-09-17 22:32:06 +02:00
Frank Morgner
1e2a42dae5
Fixes warning about unused variables
2015-09-17 22:24:33 +02:00
Frank Morgner
fe31aceacb
Fixes signature of iasecc_read_public_key
2015-09-17 22:24:33 +02:00
Frank Morgner
be073396be
Fixes warnings about unused variables/functions
2015-09-17 22:24:33 +02:00
Frank Morgner
0fe282414f
Fixed warning about unused function
2015-09-17 22:24:33 +02:00
Frank Morgner
5902587889
Removed dead code
2015-09-17 22:24:33 +02:00
Frank Morgner
c22ffd95bf
Fixed warning about unused variable
2015-09-17 22:24:33 +02:00
Frank Morgner
6c01750ba8
Removes dead code
2015-09-17 22:24:33 +02:00
Frank Morgner
e4bce1ca61
Fixes dependency on uninitialized data
2015-09-17 22:24:33 +02:00
Frank Morgner
07038225a7
Fixes out of bounds read
2015-09-17 22:24:33 +02:00
Frank Morgner
69320f9d54
Checks for out of bounds write
2015-09-17 22:24:33 +02:00
Frank Morgner
f08985086a
Fixes potential buffer overrun
2015-09-17 22:24:33 +02:00
Frank Morgner
69de207c21
Fixes bad type cast
2015-09-17 22:24:33 +02:00
Frank Morgner
59254d9d88
Checks on errors for ftell and fseek
2015-09-17 22:24:33 +02:00
Frank Morgner
b5de72fe13
fix potention NULL deref
2015-09-17 22:24:33 +02:00
Frank Morgner
63a9ad79b6
Assumes that p15card->card are set
...
The check for NULL was bogus anyway
2015-09-17 22:24:33 +02:00
Frank Morgner
8a225eb42b
Avoids potential NULL pointer deref
2015-09-17 22:24:33 +02:00
Frank Morgner
30d4f52718
Checks untrusted input
2015-09-17 22:24:33 +02:00
Frank Morgner
ba3890f8e0
Checks result of calloc
2015-09-17 22:24:33 +02:00
Frank Morgner
de58f51012
msc: check the length of input
2015-09-17 22:24:33 +02:00
Frank Morgner
d20290d2b3
openpgp: match application, not ATR
...
fixes #391
closes #507
2015-09-16 09:48:23 +02:00
Robert Ou
b28c48afe0
Fix OpenPGP driver to work correctly with YubiKey NEO
2015-09-16 09:48:23 +02:00
Frank Morgner
8aba7b9598
added missing files to WiX installer
...
fixes https://github.com/OpenSC/OpenSC/issues/488
2015-09-16 04:18:12 +02:00
Frank Morgner
cc6d7677da
Merge pull request #550 from frankmorgner/appveyor
...
adjust Make.rules.mak to work with AppVeyor
2015-09-14 18:35:54 +02:00
Frank Morgner
bf654540c5
Merge pull request #545 from frankmorgner/duplicate
...
avoid registering pkcs11 mechanisms multiple times
2015-09-14 12:41:37 +02:00
Frank Morgner
fb9dfc5b71
fixed warnings about possible data loss
2015-09-14 10:52:31 +02:00
Nguyễn Hồng Quân
76b6b483c7
Merge branch 'master' into gnuk
2015-09-13 22:09:59 +08:00
Frank Morgner
a906c6d7b8
Merge pull request #530 from NWilson/yubikey-neo-pin
...
Yubikey NEO pin functions support
2015-09-12 18:51:10 +02:00
Frank Morgner
5944915e0e
Merge pull request #549 from frankmorgner/547
...
fixed bad string comparison
2015-09-11 12:47:04 +02:00
Frank Morgner
0f2b9a4a4e
Merge pull request #543 from frankmorgner/appveyor
...
Use AppVeyor as good as we can
2015-09-10 16:40:58 +02:00
Frank Morgner
819a6686c9
use _WIN32 instead of WIN32
2015-09-10 15:23:18 +02:00
Frank Morgner
17c0ffc17e
Merge pull request #520 from frankmorgner/vendor-product
...
added call back for getting vendor/product id
2015-09-10 09:41:07 +02:00
Frank Morgner
6e3f94b3c9
fixed bad string comparison
...
fixes #547
2015-09-10 08:31:30 +02:00
Frank Morgner
d551f9a8e0
avoid registering pkcs11 mechanisms multiple times
...
fixes #349
2015-09-07 09:53:02 +02:00
Frank Morgner
b0c1e1fc89
Merge pull request #540 from nioncode/readDataObjectRawOption
...
add '--raw' option to pkcs15-tools '--read-data-object'
2015-09-04 15:31:16 +02:00
Nicolas Schneider
f44e229865
update help message to clarify that --raw only affects stdout behavior
2015-09-04 13:04:24 +02:00
Andreas Schwier
72e25db360
sc-hsm: Add status info support for SmartCard-HSM V2.0
2015-09-03 21:49:24 +02:00
Nicolas Schneider
68796edf36
add '--raw' option to output 8 bit data instead of its hex representation
2015-09-03 15:09:23 +02:00
Frank Morgner
b2508b6c59
removed workaround for HP USB Smart Card Keyboard
...
Has been fixed by the CCID driver
https://lists.alioth.debian.org/pipermail/pcsclite-cvs-commit/2011-March/005218.html
2015-09-02 10:49:12 +02:00
Frank Morgner
cf2a9cbbb0
added call back for getting vendor/product id
...
implementation taken from
83142d4cae
2015-09-02 10:47:29 +02:00
Frank Morgner
29b85b43c0
Merge pull request #483 from adminmt/master
...
Update ATR and ATR mask for MaskTech smartcards
2015-09-02 10:41:06 +02:00
Andreas Kemnade
9456db90fc
handle record-based files correctly when doing file caching
...
implementation copied from `sc_pkcs15_read_file`
closes #372
2015-09-02 10:35:18 +02:00
Andreas Kemnade
c9efb2f643
make file cache dir configurable
...
in cases where you use pam_pkcs11, HOME might not be set
so paths based on $HOME are not usable, so that the combination
of home and caching does not work. Having the paths configurable
(together with a good setting of access rights)
resolves that problem.
2015-09-02 10:34:35 +02:00
Nguyễn Hồng Quân
a64bbc55aa
[OpenPGP] Fix building without OpenSSL.
2015-08-31 22:24:16 +08:00
Nguyễn Hồng Quân
70890a8f61
Merge branch 'master' into gnuk
...
Conflicts:
src/libopensc/card-openpgp.c
src/tools/openpgp-tool.c
2015-08-31 21:55:14 +08:00
Frank Morgner
3f43bc46ef
Merge pull request #534 from frankmorgner/card-sizes
...
reactivate handling of `0` for max_recv/send_size
2015-08-31 13:31:19 +02:00
Martin Paljak
8da31d271e
Fix for #183 : export more symbols
...
- also export C_Initialize and C_Finalize to please vmware-view
- have a single pkcs11.exports file for both pkcs11-spy and opensc-pkcs11
2015-08-30 18:58:00 +03:00
Frank Morgner
fc02cb1093
added documentation for sc_get_max_recv/send_size
2015-08-26 22:02:35 +02:00
Frank Morgner
2d9802308f
reactivate handling of 0
for max_recv/send_size
...
The special value still needs to be handled for commands that are issued
during card initialization. This especially concerns T=0 cards that need
to use iso_get_response.
fixes #533
regression of 85b79a3332
2015-08-26 02:55:35 +02:00
Nicholas Wilson
2897e6fb5c
Leniently interpret the ISO7816 return codes in card-piv.c
...
This adds support for the Yubikey NEO. I'm not sure whether it breaks
the specification, or follows some other version of the spec, but in my
testing it returns SW1=0x63, SW2=0x0N for N PIN tries remaining.
Ignoring the top nibble seems a harmless change to the behaviour to
support this device.
2015-08-25 15:53:32 +01:00
Nicholas Wilson
5a11d0e2fd
Add support for C_GetTokenInfo pin status flags for ISO7816 cards
...
This is already supported for a couple of the card drivers, but
since it's a general feature of ISO7816 it should go in iso7816.c,
rather than the current situation where identical code for this is
copy and pasted in each driver.
However, some cards apparently don't support this feature and count
it as a failed PIN attempt, so I've added a flag for now to indicate
whether the card supports this feature. It future, it could be moved
to blacklist cards rather than whitelist them, subject to more testing.
2015-08-25 15:53:27 +01:00
adminmt
56c376489f
ATR update card-masktech.c, customactions.cpp
...
changed atqb + mask of MaskTech smart card (a) and (c)
removed MaskTech smart card (d)
added atr mask to MaskTech smart card (a) and (b)
2015-08-24 12:51:54 +02:00
Nicholas Wilson
4df35b922c
pkcs11: Fix to CKA_PRIVATE handling pcks11-tool
...
There's a copy-and-paste bug in there, where the CKA_PRIVATE attribute
is being set on the wrong variables! As well as fixing that, we should
explicitly set CKA_PRIVATE to "false" for certificates and public keys,
since the PKCS#11 spec doesn't specify a default and some drivers use
"private" as the default, making it impossible to add a public key/cert
using pkcs11-tool.
2015-08-23 12:41:38 +02:00
Viktor Tarasov
ff2d88a724
libopensc: uncomplete changes in c48afdbf
breaks windows builds
2015-08-16 20:18:29 +02:00
Martin Paljak
9cae888dd8
Merge pull request #522 from HenryJacques/login_pin_fix
...
really set the --login option when using --pin
2015-08-12 16:49:17 +03:00
Frank Morgner
2e21163273
cardos: probe for transceive length
2015-08-11 23:08:41 +02:00
Frank Morgner
85b79a3332
don't always overwrite max_send_size/max_recv_size
...
If the reader announces extended length support, but the card driver
leaves max_send_size/max_recv_size at `0`, max_send_size/max_recv_size
previously would have been overwritten with the reader's size though the
card might not have set SC_CARD_CAP_APDU_EXT. This commit fixes this
behavior.
Additionally card->max_send_size/max_recv_size is always initialized to
a value different from 0 after the card initialization. This removes the
need to check for this special value in all subsequent calls.
2015-08-11 23:08:41 +02:00
HenryJacques
c14be48ed9
really set the --login option when using --pin
...
Until now, if -p was used without -l, we didn't authenticate to the token (see man pkcs11-tool)
2015-08-11 18:03:31 +02:00
Nguyễn Hồng Quân
6409202c2f
[OpenPGP] Fix warnings about type conversion.
2015-08-08 14:17:12 +08:00
Andreas Schwier
d6774aae40
Fixed wrong APDU case declaration detected after PR #500
2015-08-04 17:51:46 +02:00
Frank Morgner
5e352ea477
Merge pull request #504 from frankmorgner/find_tags
...
Find tags with GET DATA
2015-08-04 10:32:23 +02:00
Frank Morgner
d7d64ee8d4
Merge pull request #494 from frankmorgner/fork
...
After a fork do not release resources shared with parent
2015-08-04 10:32:01 +02:00
Frank Morgner
e95707362f
Merge pull request #357 from fancycode/startcos34_dtrust
...
Added initial support for STARCOS 3.4 (German D-Trust cards).
2015-07-31 15:40:30 +02:00
Frank Morgner
c48afdbfcb
Merge pull request #500 from frankmorgner/reader_max_data_size
...
honour PC/SC pt 10 dwMaxAPDUDataSize
2015-07-31 15:35:32 +02:00
Frank Morgner
6bedd70ea3
Merge pull request #499 from frankmorgner/asn1
...
asn1: fixed parsing "end of content"
2015-07-31 15:35:19 +02:00
Frank Morgner
d7496cc3b4
Merge pull request #498 from frankmorgner/pkcs11
...
fixed segfault for uninitialized IsoApplet
2015-07-31 15:35:08 +02:00
Frank Morgner
24d91acf69
opensc-explorer: added command find_tags
2015-07-30 11:29:14 +02:00
Martin Paljak
c6c8c6cdb0
Fix dead code:
...
../../src/libopensc/errors.h:73:37: warning: statement with no effect [-Wunused-value]
#define SC_ERROR_INVALID_ARGUMENTS -1300
^
card-masktech.c:181:48: note: in expansion of macro 'SC_ERROR_INVALID_ARGUMENTS'
if (crgram_len > SC_MAX_EXT_APDU_BUFFER_SIZE) SC_ERROR_INVALID_ARGUMENTS;
2015-07-30 10:12:04 +03:00
Frank Morgner
f71ef838e9
implemented get_data for iso7816
...
mostly copied over from CardOS implementation
2015-07-30 08:18:07 +02:00
Frank Morgner
c92e3b4f98
honour PC/SC pt 10 dwMaxAPDUDataSize
...
closes #306
2015-07-28 09:49:44 +02:00
Frank Morgner
b44c98e4d8
asn1: fixed parsing "end of content"
...
fixes #190
2015-07-28 09:10:54 +02:00
Frank Morgner
b3dc5ea32a
fixed segfault for uninitialized IsoApplet
...
fixes #400
2015-07-27 18:43:51 +02:00
Frank Morgner
6cfd71c387
avoid double detecting card on uninitialized reader
...
initialize_reader already calls detect_card
2015-07-27 16:15:33 +02:00
Andreas Jellinghaus
9fed9591ca
Fix regression test crypt0007: it deals with 1024 bit keys (not 1048).
...
Signed-off-by: Andreas Jellinghaus <andreas@ionisiert.de>
2015-07-26 21:35:29 +02:00
Andreas Jellinghaus
4dfbf24a3e
Fix regression test suite: rename parameters to new names.
...
Signed-off-by: Andreas Jellinghaus <andreas@ionisiert.de>
2015-07-26 21:34:51 +02:00
Frank Morgner
28de49b34c
Merge pull request #448 from sschutte/patch-1
...
Create minidriver-italian-cns.reg
2015-07-23 13:11:39 +02:00
Frank Morgner
ee68165b1d
Merge pull request #474 from germanblanco/memory_allocation_5
...
Fixing part of the memory allocation problems in DNIe module. Issue #472
2015-07-23 13:10:14 +02:00
Frank Morgner
142323af10
Merge pull request #476 from germanblanco/dnie_ui_depends_on_ssl
...
Empty user-interface.c if there is no SSL support. Related with issue #362
2015-07-23 13:08:46 +02:00
Frank Morgner
7cec500e54
added flags to sc_context_t
...
- is initialized in sc_context_create with parm->flags
- removes members paranoid_memory and enable_default_driver
2015-07-22 17:30:21 +02:00
Frank Morgner
edc839e072
restrict access to card handles after fork
...
fixes #333
closes #493
2015-07-22 16:46:04 +02:00
German Blanco
317cc302db
making the size of e_tx in cwa-dnie.c dynamic
2015-07-10 12:38:22 +02:00
Nguyễn Hồng Quân
d0e3d1be3d
Fix tab & spaces
2015-07-04 00:21:38 +08:00
Hubitronic
5898eab373
Update card-muscle.c
...
re-enable opensc.conf flexibility again
2015-06-18 16:28:11 +02:00
German Blanco
030f4d1559
Empty user-interface.c if there is no SSL support.
2015-06-01 08:21:25 +02:00
German Blanco
0d14f3ffee
Correct initializing of a variable in card-dnie and revert buffer size change in cwa-dnie.
2015-06-01 07:46:59 +02:00
German Blanco
76517b7d43
Fixing part of the memory allocation problems in DNIe module.
2015-05-26 21:44:13 +02:00
Doug Engert
b48fa70308
sc_pkcs11_card improvements
...
This is name change only fix.
The variable name "card" was being used to refer to a struct sc_card or a struct sc_pkcs11_card
in some files including sc_pkcs11.h. In other files the variable name "p11card" is used for struct sc_pkcs11_card.
This creates hard to read code, such as: slot->card->card.
All definitations of sc_pkcs11_card *card now use p11card as the variable name.
Fix #471
2015-05-24 11:41:29 +02:00
David Woodhouse
8c94662e96
Add --test-fork option to pkcs11-tool
...
The PKCS#11 Usage Guide, at least up to v2.40, says that calling
C_Initialize() in the child after fork is "considered to be good
Cryptoki programming practice, since it can prevent the existence of
dangling duplicate resources that were created at the time of the fork()
call."
(It neglects to mention that doing so in the child of a multi-threaded
process is a clear violation of POSIX, mind you. Not to mention being
utterly pointless if all you're going to do in the child is exec something
else anyway.)
Regardless of the sagacity of this recommendation, we need to cope when
it happens. Historically, we've been quite bad at that. Let's add a test
to pkcs11-tool in the hope it'll help...
Fixes #464
2015-05-16 12:18:54 +02:00
vletoux
01b395e636
card-masktech.c: add 2 more ATR
...
Fixes #465
2015-05-16 12:09:08 +02:00
drew thomas
5be35fb3f4
muscle: change TyfoneAT historical bytes to 'Tyfone 242R2'
...
Fixes #467
2015-05-16 11:59:58 +02:00
Andreas Kemnade
a09ca246a7
libopensc: initialize value returned by sc_select_file
...
several places in the code expect sc_select_file to set *file_out to NULL
in case of failure. Adjust the function to behave like this.
Fixes #460
2015-05-13 10:19:38 +02:00
Andreas Kemnade
6a6ef61d1a
some more error checks in minidriver in regards to card ejects
2015-05-13 10:11:05 +02:00
vletoux
492ffe0fd7
iso7816.c: allow file length stored in more than 2 bytes
...
as indicated in iso7816-4 chapter 7.4.3 table 10
Fixes #459
2015-05-13 10:01:29 +02:00
drew thomas
8b62221abc
muscle: add ATR of Tyfone mSD card
...
Add Tyfone Connected Smart Card ATR to list for MUSCLE support.
SC_CARD_TYPE_MUSCLE_JCOP242_NO_APDU_EXT
Fixes #463
2015-05-13 09:50:21 +02:00
Doug Engert
c7af08c68a
PIV - read just length of object to get size
...
card-piv.c tries to read the first 8 bytes of an object to get object size
so it can allocate a buffer. It then reads the whole object. apdu.c has changed
over the years, and apdu.c will keep reading as long as the card returns
status of 61 XX thus apdu.c will read the whole object while discarding
the extra data and returning to the caller only the first part of the data.
This in effect causes a double read of objects.
This patch sets SC_APDU_FLAGS_NO_GET_RESP to tell apdu to stop doing the
extra get-response commands thus avoiding most of the extra overhead.
This in not an optimal patch as it only works with T=1 cards/readers
but the patch is confined to just card-piv.c.
A better patch is in the works.
Fixes #462
2015-05-13 09:24:46 +02:00
Viktor Tarasov
72b5d8fe9a
md: use 'store-or-update' store certificate mode
2015-05-10 15:04:44 +02:00
vletoux
8ec000e80d
minidriver: change the icon of the pinpad dialog
2015-05-10 15:04:44 +02:00
vletoux
ac82a96ccc
minidriver: add my name in the author list
...
setup: change the url to match the new one
2015-05-10 15:04:44 +02:00
vletoux
aede9b164b
minidriver: fix compilation warnings on x64 (size_t <> DWORD)
2015-05-10 15:04:44 +02:00
vletoux
33cf161941
minidriver: pinpad authentication is now working for smart card logon !!! (still needs 5 pinpad entries)
...
minidriver: minor fixes
2015-05-10 15:04:41 +02:00
vletoux
6127fe6b77
minidriver: change the UI (remplace a messagebox by a nice dialog) ; add a translation function for errors
2015-05-10 15:04:41 +02:00
vletoux
7d225e28f7
minidriver: add support for the special msroot file which contains the root certificates stored on the card.
2015-05-10 15:04:41 +02:00
vletoux
6b58b1db01
minidriver: merge CardUnblockPin and CardChangeAuthenticator into CardChangeAuthenticatorEx
2015-05-10 15:04:41 +02:00
vletoux
a671cf8fe2
CardAuthenticateEx: test for remaining attempts before ...
2015-05-10 15:04:41 +02:00
vletoux
659da4f538
minidriver: CardSignData - better parameter checking
2015-05-10 15:04:41 +02:00
vletoux
f3c9525137
fix attempt remaining regression if the card is blocked
2015-05-10 15:04:40 +02:00
vletoux
d96e53b102
minidriver: better error code if CARD_PIN_SILENT_CONTEXT is set
2015-05-10 15:04:40 +02:00
vletoux
ad47d4d043
minidriver:
...
* factorize the code from CardAuthenticatePIN into CardAuthenticateEx
* allows authentication with the PINPAD without a UI
minidriver: fix some code analysis warnings
2015-05-10 15:04:36 +02:00
vletoux
8062eac145
minidriver: fix CardQueryCapabilities and CardGetProperty fKeyGen flag. A read only card cannot generate keys
2015-05-10 15:04:36 +02:00
vletoux
f331b35c4e
minidriver: make the parameter check be aware of pinpad capabilities
2015-05-10 15:04:36 +02:00
vletoux
a5593afc78
minidriver: better parameter checking with CardQueryKeySizes and CardGetContainerProperty
2015-05-10 15:04:36 +02:00
vletoux
1e78e16e65
fix memory leak in minidriver: the virtual filesystem is never freed and in some case when an error occurs
2015-05-10 15:04:35 +02:00
vletoux
8036388f29
minidriver PINPAD: fix a regression issue (the parameter - message - can be set to null)
...
Improve the error code when the user cancel the operation ("The operation was canceled by the user" instead of "invalid parameter")
Signed-off-by: vletoux <vincent.letoux@gmail.com>
2015-05-10 15:04:35 +02:00
vletoux
cb38657d47
CardSignData: add support for missing hash algorithm
2015-05-10 15:04:35 +02:00
vletoux
c5efcae029
CardRSADecrypt: better parameter checking
...
CardRSADecrypt & CardSignData: better OpenSC -> minidriver error code translation
2015-05-10 15:04:28 +02:00
vletoux
9544844d83
CardSignData: better error message if the card do not support the signing operation with the algorithm
...
(replace the return code from internal error to unsupported)
2015-05-10 14:35:42 +02:00
vletoux
54f462368b
Fix CardSignData "invalid signature" bug when called from CryptSignHash(CRYPT_NOHASHOID)
2015-05-10 14:35:42 +02:00
vletoux
6aaf9d462c
fix a problem: CardDeauthenticate(ex) do nothing, but the base CSP think that the user is deauthenticate from the card.
...
The user is still authenticated !
2015-05-10 14:35:41 +02:00
vletoux
b7f000d6b8
add parameter checking for CardSignData
2015-05-10 14:35:41 +02:00
vletoux
2667394f22
better parameter checks for CardGetProperty and CardSetProperty
...
Added value for secure key injection (to reject it properly because it is not implemented)
2015-05-10 14:35:41 +02:00
vletoux
6a2e9aa3b6
Merge branch 'upstream/master'
...
Conflicts:
src/libopensc/card-openpgp.c
src/libopensc/pkcs15-gemsafeV1.c
src/pkcs11/mechanism.c
2015-05-10 14:35:41 +02:00
Viktor Tarasov
e0aec3764a
pkcs15init: 'store-or-update' certificate option
2015-05-10 14:35:41 +02:00
Viktor Tarasov
3cf56d8fb7
pkcs15init: fix non-unique-ID control
2015-05-10 14:35:41 +02:00
vletoux
f154cdcaa4
pkcs15-pin: sc_pkcs15_unblock_pin: avoid to ask the PUK twice
2015-05-08 22:37:04 +02:00
Viktor Tarasov
3e0356b170
register CKM_ECDSA and CKM_ECDSA_SHA1 depending on card capabilities
...
fix #429
2015-05-08 20:45:56 +02:00
Philip Wendland
254320e34c
myeid: seperate ECC from RSA flags
...
Should keep the existing behavior, but improve readability.
2015-05-08 20:45:37 +02:00
Philip Wendland
4142456c74
PIV, sc-hsm, myeid: register ECDH card capabilites
...
Prior to 066132327c71300188aa66180fde2fb3d90c5140, CKM_ECDH1_DERIVE and
CKM_ECDH1_COFACTOR_DERIVE were always registered for cards that support
SC_ALGORITHM_ECDSA_RAW.
The mentioned commit changed this behavior, so that the ECDH mechanisms
are only registered for cards that set the SC_ALGORITHM_ECDH_CDH_RAW
capability flag.
To keep the existing behavior for the cards, they need to set this flag
in the card driver.
2015-05-08 20:45:37 +02:00
Philip Wendland
78e434da93
register EC mechanisms with flags independent of RSA flags
...
Prior to this commit, all hashes registered for RSA or other key types were
registered for ECDSA as well.
register ECDH mechanism only when supported by card
ECDH should only be registered if the card driver sets the
SC_ALGORITHM_ECDH_CDH_RAW flag.
register software PKCS#1 (1.5) padding only when RAW RSA is supported by card
If OpenSC supports PSS/OAEP padding or other padding mechanisms in
future, and there would be a card that enforces hardware PSS/OAEP
padding, the PKCS#1 v1.5 padding mechanism should not be registered.
2015-05-08 20:45:27 +02:00
Philip Wendland
37b6f0bbdf
IsoApplet: fix EC mechanism ext_flag
2015-05-08 20:19:36 +02:00
Hector Sanjuan
fd3d07a884
Issue #451 : Newer DNIe not working with OpenSC.
...
This patch fixes 3 issues which consecutively have shown up when debugging the original problem:
1 - Newer DNIe report a byte count for public certificates which is the compressed size,
while older DNIe report the uncompressed size. This resulted in short-reading the x509 certificates,
and in an error parsing. Therefore, during initialization we proceed to set path->count for
public certificates to -1. This ensures that the lenght of the certificates for reading
will be set to file-> length, which has the correct size.
2 - pkcs11-tool -t was broken for DNIe (old and new)as it tried to strip pcks11 padding
from the data to sign and OpenSC tried signatures with non-padded data
(as the card had SC_ALGORITHM_RSA_RAW).
The new algoflags (SC_ALGORITHM_RSA_HASH_NONE | SC_ALGORITHM_RSA_PAD_PKCS1) and the
removal of the strip-padding call fix the issue.
3 - The new cards won't allow setting the LE bytes when calculating the TLV, when LE equals
256. This caused an wrong SM object error response (0x69 0x88). Therefore,
we don't send the LE bytes anymore in this case.
The patch has been tested to work on the new problematic card and on another old one.
close #451
2015-05-08 09:17:01 +02:00
Frank Morgner
ef4edb74ba
fixed invalid free
...
We duplicate mechanisms based on OpenSSL so that they can be freed along
all the card's algorithms created via sc_pkcs11_new_fw_mechanism. Fixes
regression from eaf548aa3dab80a9bbf51da8291e7db978e3a2ad
2015-05-08 09:11:55 +02:00
Frank Morgner
e338b7c1ab
framework-pkcs15: fixed memory leak when encoding pubkey
2015-05-08 09:11:55 +02:00
Frank Morgner
e84951a5bf
fix resource leaks in while registering PKCS#11 mechanisms
...
introduces a free_mech_data for sc_pkcs11_mechanism_type_t to clear the
mechanisms private memory
2015-05-08 09:11:55 +02:00
Frank Morgner
2c32575e89
pkcs11-tool: fixed resource leak
2015-05-08 09:11:55 +02:00
Frank Morgner
ecc9b9dac9
openssl: fixed resource leak
2015-05-08 09:11:55 +02:00
Frank Morgner
8838388ceb
pkcs15-infocamere: fixed resource leak
2015-05-08 09:11:55 +02:00
Frank Morgner
bbb803ff2e
sc-hsm-tool: fixed resource leak
2015-05-08 09:11:54 +02:00
Frank Morgner
d96f25c147
pkcs15-tool: fixed resource leak
2015-05-08 09:11:54 +02:00
Frank Morgner
1f16f24052
pkcs15-init: fixed resource leak
2015-05-08 09:11:54 +02:00
Frank Morgner
a83da8a947
pkcs15-crypt: fixed resource leak
2015-05-08 09:11:54 +02:00
Frank Morgner
c65caed7f4
openpgp-tool: fixed resource leak
...
VTA: slightly touched, original commit f0ddbf4
2015-05-08 09:11:54 +02:00
Frank Morgner
b0a708b0bb
pintest: fixed resource leak
2015-05-08 09:11:54 +02:00
Frank Morgner
efbd4068af
sm-cwa14890: fixed resource leak
2015-05-08 09:11:54 +02:00
Frank Morgner
01e573b987
profile: fixed resource leak
2015-05-08 09:11:54 +02:00
Frank Morgner
6cb99be821
pkcs15-setcos: fixed resource leak
2015-05-08 09:11:54 +02:00
Frank Morgner
44253c63d0
pkcs15-rtecp: fixed resource leak
2015-05-08 09:11:54 +02:00
Viktor Tarasov
d636338eaf
pkcs15-oberthur: fix memory leakage
2015-05-08 09:11:54 +02:00
Viktor Tarasov
ac84d282b1
myeid: fixed resource leak
...
pkcs15-myeid: fix memory leakage
myeid: fix memory leakage
2015-05-08 09:11:40 +02:00
Viktor Tarasov
475ce71453
iasecc: fixed resource leak
...
pkcs15-iasecc: fix memory leakage
iasecc: fix memory leakage
2015-05-08 09:11:20 +02:00
Frank Morgner
68becc8fc4
pkcs15-gpk: fixed resource leak
2015-05-08 09:11:19 +02:00
Frank Morgner
d4fd135e20
pkcs15-cflex: fixed resource leak
2015-05-08 09:11:19 +02:00
Frank Morgner
4af4308d19
authentic: fixed resource leak
...
pkcs15-authentic: fixed resource leak
card-authentic: fixed resource leak
2015-05-08 09:10:48 +02:00