9f318b829f
remove slots of removed readers
2015-04-21 02:00:06 +02:00
02f3997632
added error handling to print_ssh_key
2015-04-21 01:32:37 +02:00
e359b2a310
handle unexpected meltdown of PC/SC service
2015-04-21 01:09:21 +02:00
cbc43eeb88
fixed compiler warning
2015-04-21 01:04:18 +02:00
c8a7c8bc7a
fixed typo
2015-04-21 01:04:18 +02:00
54f285d57a
correctly handle readers that have been removed
2015-04-21 01:04:18 +02:00
c45c90a337
sc_pkcs11_close_all_sessions: close all sessions even if closing one fails
2015-04-20 16:18:11 +02:00
23ca1f101d
pkcs11-tool: Add support for creating EC privkey
...
* This patch allows to create EC private keys. The feature re-use the GOST
parsing function as instanciating an ECDSA key is the same as a GOST key.
2015-04-15 08:58:05 +02:00
a7a903fd81
check ATRs even for forced card driver
...
some card drivers depend on a card type which is initialized by matching the card's ATR
2015-04-15 08:56:22 +02:00
96556dea7b
fix #433 : EC privateD octetstring may need leading zeros
2015-04-12 13:35:27 +02:00
6caa85f238
Issue 395. Avoiding a couple of memory leaks.
2015-04-12 11:35:09 +02:00
6e84ee0ba7
pkcs11-tool: honour unsupported signature mechs
2015-04-12 11:28:25 +02:00
643080baf9
honour key capabilities for decryption/verification
...
fixes #419
2015-04-12 11:28:25 +02:00
d7ab0df51d
export sc_pkcs15_bind_internal
...
allows bootstrapping an external pkcs15 driver
2015-04-12 11:28:25 +02:00
3e2d51e0ba
iasecc: use PIN PAD with variable PIN length
2015-04-11 16:47:13 +02:00
5757d82cc9
libopensc: stored-length member in PIN CMD data
2015-04-11 16:45:17 +02:00
49598b6016
libopensc: invalid OID comparison for EC keys
...
Thanks to Peter Popovec <popovec.peter@gmail.com>
2015-04-09 11:49:05 +02:00
ce962c14f4
fix #425 : guid computation issue
...
Compilation without OpenSSL - guid computation issue
This case is triggered when:
- built without OpenSSL
- called from a minidriver where id.len = 1
- card number is less than 15 bytes
(VTA: codding style slightly touched)
2015-04-08 18:41:51 +02:00
4000e6d5b0
Add missed option debug info
...
Fix misspelled key in --help output (thanks Philip Wendland).
2015-04-08 18:03:46 +02:00
8ea328ff7f
Minor code quality improvements.
...
Basically checks that the memory allocation succeed.
The ctbcs.c change improve the readability
because count = 0 and len > 254 does not add any value.
VTA: added few coding style changes
2015-04-05 13:15:57 +02:00
db860c0d2a
export sc_sm_stop
2015-04-04 22:09:22 +02:00
fa045d44ec
pkcs11-tool: Let the user choose the ECDSA signature format
...
Instead of hard-coding the format depending on whether OpenSC was compiled with
OpenSSL or not, the user should be able to choose the format himself.
The default format now is the normal concatenation of R,S both for CKM_ECDSA
and CKM_ECDSA_SHA1.
2015-04-04 22:01:22 +02:00
f93835add9
Allow log functions to be called with ctx==NULL
...
This change allows functions to be used from places where there is no
sc_context (ctx) available.
2015-04-04 22:01:22 +02:00
95ad11a253
iasecc: special case for 'Gemalto GemPC Pinpad'
...
issue 424
VTA: this pinpad, the only available, do not accept different values
for min and max PIN lengths in P10 block.
2015-04-04 21:41:28 +02:00
c0fac2a4f6
stop SM in case of SM errors
2015-04-02 09:54:41 +02:00
e07c4bcfbb
added sc_sm_stop
...
implementation taken from the ISO SM driver of
https://github.com/frankmorgner/vsmartcard/tree/master/npa
2015-04-02 09:54:41 +02:00
30b24e79c0
fixed memory corruption in encode_file_structure
...
as suggested by Peter Popovec
2015-04-01 09:42:21 +02:00
88ec461bc5
tool: RFC4716 compliant key output
...
Add a comment field to the ssh key output if a label is set on the key. Add RFC4716 compliant key output for the new breed of modern (mobile) SSH clients.
VTA: use short form of log call in iso7816
2015-03-31 19:09:25 +02:00
0790969b97
recognize short EF identifier
2015-03-31 18:48:57 +02:00
4a4d750e73
iasecc: Fix log output is always displayed
...
* iasecc_read_public_key function uses SC_SUCCESS instead of log level
value, hence the log output is always displayed. This uses
SC_LOG_DEBUG_NORMAL instead.
VTA: updated to use short form of LOG macro
2015-03-31 18:47:11 +02:00
117f3a74be
iasecc: Fix key usage when provisioning card
...
* Avoids overriding key_usage when creating objects on the card.
2015-03-31 18:25:54 +02:00
548c2780d3
Add support for ACOS5-64 cards.
...
The ACOS5-64 cards have a different ATR than the original
ACOS5-32 cards. This change simply adds this ATR so that it
will be recognized properly.
2015-03-29 14:09:35 +02:00
5007e9fc9f
md: fix build without OPENSSL_VERSION_NUMBER
...
Fix the WCHAR / CHAR conversion problem in CardAuthenticateEx in case of PinPAD (vs->wzPinContext is UNICODE)
Fix UNICODE compilation problem( MessageBoxA instead of MessageBox)
2015-03-29 13:59:21 +02:00
3b873adad2
win32: allows UNICODE built.
...
UNICODE is set by default by Visual Studio (but can be deactived)
The trick is to force ANSI version by appending a A to the function calls.
2015-03-29 13:54:51 +02:00
c8d206ece1
IsoApplet: Increase indicated version to 00.06
...
Backward compatiblity with 00.05 is kept.
2015-03-29 13:34:58 +02:00
9078856675
IsoApplet: register ECC mechanisms only when ECC is supported by card
...
There are few Java Cards that do not support ECDSA at all.
Starting with IsoApplet version 00.06, the applet returns whether the card
supports ECDSA or not. This commit uses this information to decider whether to
register ECDSA mechanisms or not.
2015-03-29 13:34:58 +02:00
76facf0d73
IsoApplet: add support for GET CHALLENGE
2015-03-29 13:34:58 +02:00
e258cec13e
IsoApplet: Add nistp224, secp192k1 and secp256k1 curves
...
secp*k1 curves are only supported applet version >= 0.6.0 because of an issue
with encoding ECC public keys with small parameters.
2015-03-29 13:34:58 +02:00
ab5ca331b2
IsoApplet: Obtain applet version and card capabilities *after* match_card()
2015-03-29 13:34:58 +02:00
bba6e17aa9
isoApplet: Fix indentation of isoApplet.profile
2015-03-29 13:34:58 +02:00
090aed2fc2
ec: fix length of allocated mem for EC signature
...
discussion in PR #398
2015-03-29 13:08:01 +02:00
4b51b99748
pkcs11-tool: harmonize supported ECC curves
...
pkcs15-pubkey.c holds a struct containing supported ECC curves. The contents of
this struct are being harmonized with pkcs11-tool supported curves.
2015-03-29 12:55:54 +02:00
f3573ede0d
fixed requesting PACE features
2015-03-29 12:42:13 +02:00
b1bdfae200
sc-hsm: revert broken a4c8d671
...
sc-hsm: Fixed minimum value for number of password shares
2015-03-29 12:40:44 +02:00
5149dd3e62
belpic: Support 2K cards
...
Recent BELPIC cards (issued since March 2014) have a validity of 10
years (rather than 5 as before), and therefore also increased the key
size from 1024 bits to 2048 bits.
Key size can be detected by checking the applet version, for which we
have to issue a "GetCardData" command. If the applet is version 0x17 or
higher, keys are 2048 bits.
Use #defines rather than magic numbers
Keeps the code slightly more readable.
While we're at it, refactor slightly so that the code which issues the
GET CARD DATA command doesn't just keep the applet version, but also
makes other things available.
This latter in preparation of setting the serial number.
2015-03-29 12:11:44 +02:00
c019a62309
pkcs11: parameter checking for 'get_mechanism_list'
...
fixes #409
2015-03-29 12:11:08 +02:00
435291f216
iasecc: initial support for Morpho IAS Agent Card
...
* This commit adds initial support for Morpho French Agent card which is an
IAS card. Signature operations are working. Since my test card was
read-only, I was unable to test object management functions.
* Add missing copy of AID in structure
2015-03-29 12:10:55 +02:00
c0c8a89126
mcrd: move driver to the end of detection list
...
the drivers that need to probe the AIDs to recognize its supported card
have to be placed at the end of the list of internal drivers
2015-03-20 18:08:18 +01:00
2fffbce65c
myeid: update EC support for MyEID-v4 card
2015-03-14 17:47:44 +01:00
877fa862d9
isoApplet: prototype of asn1_sig_value_sequence_to_rs() has changed
2015-03-10 09:09:14 +01:00
595be37fee
Merge pull request #305 from philipWendland/master
...
Add support for the IsoApplet Java Card applet
2015-03-07 23:36:25 +01:00
2abe135f97
asn1: re-fix error in EC signature encode helper
...
see comment for 8cf99a9372
2015-03-07 22:40:43 +01:00
1739300657
pkcs15: fix name of EC curve, add new ones
2015-03-05 10:32:54 +01:00
6f6286de99
pkcs11: generate EC key: use allocated EC params
...
For internal use allocate and copy the EC params data from the caller's template,
rather then use them directly as a pointer in internal public key data.
2015-03-04 19:47:13 +01:00
31124ac4f9
pkcs15init: allocate EC parameters
2015-03-04 19:46:21 +01:00
1123768ac3
libopensc: invalid 'free' and 'assign NULL' order
2015-03-04 19:45:23 +01:00
8cf99a9372
asn1: fix error in EC signature encode helper
...
The raw format of EC signature was invalid when 'r' and 's' had different length.
https://github.com/OpenSC/OpenSC/pull/381#issuecomment-77016382
According to PKCS#11 v2.20:
"If r and s have different octet length, the shorter of both must
be padded with leading zero octets such that both have the same octet length."
2015-03-04 19:43:15 +01:00
74aeb8c923
IsoApplet: register supported EC curve *per curve*
2015-02-22 23:08:18 +01:00
58d1f1db3f
Merge pull request #385 from darconeous/patch-2
...
Allow PKCS15 cache to work with PIV cards (if enabled)
2015-02-21 21:51:50 -06:00
85d16fbc57
IsoApplet: use helper function sc_asn1_sig_value_sequence_to_rs() introduced in #381
2015-02-20 23:02:04 +01:00
1aeebdaf1c
IsoApplet: react to changes of _sc_card_add_ec_alg() in fa923831f8
2015-02-20 22:56:23 +01:00
59eeacb74b
IsoApplet: react to removal of sc_pkcs15_ec_parameters in fa923831f8
2015-02-20 22:07:49 +01:00
a9d43af4bf
IsoApplet: use a buffer large enough when generating EC keys larger than 320 bit
2015-02-20 21:55:35 +01:00
da05fa2a47
IsoApplet: try to fix EC parameters when importing private keys from file
2015-02-20 21:55:35 +01:00
44d724b012
IsoApplet: fix more (comment) alignment issues with tabstop=8
2015-02-20 21:55:35 +01:00
5628a06353
IsoApplet: Align comments with spaces instead of tabs
...
Better view with tabstop=8.
2015-02-20 21:55:35 +01:00
43fa99c0f2
IsoApplet: Move the key gen debug info to the right places
2015-02-20 21:55:35 +01:00
0473decae4
IsoApplet: clear memory after prkey import.
...
Private key import via plain APDUs is dangerous and not recommended anyway, but clearing the apdu buffer does not hurt anyone.
2015-02-20 21:55:34 +01:00
73b391731b
IsoApplet: Don't set ECC field length of 512
...
512 is wrong for EC FP (correct would be 521 bit), and neither of those
two are currently supported by OpenSC.
2015-02-20 21:55:34 +01:00
e791948e42
IsoApplet: Simplify the private key import
...
Use the new features of sc_asn1_put_tag introduced in OpenSC/OpenSC#314 .
Additionally, a RSA private key is sent from one large buffer using either extended APDUs or chaining (in compliance to IsoApplet API version 00.05).
2015-02-20 21:55:34 +01:00
6cdf6c08a5
IsoApplet: use AID directly when selecting applet
...
Now that apdu.data is const (see ef94c6b875
2015-02-20 21:55:34 +01:00
09acfd7ec0
IsoApplet: ECDSA signatures - only strip excess zeroes
...
It is required to strip excessive zeroes returned by some Java Cards when removeing the ASN1 structural information for PKCS#11 so that the x/y can be calculated by dividing the signature length by 2. However, the leading zero may only be stripped if it is excessive (outside the field length). Otherwise generated signatures are wrong in rare cases (1 out of 256).
2015-02-20 21:55:33 +01:00
c463f1a7a1
IsoApplet: Do not set RSA hashes
...
See: 189e998486
2015-02-20 21:55:33 +01:00
e3cc851b72
IsoApplet: EC key-gen rework and refactorings
...
Rework the EC key generation mechanism to send the curve parameters to
the card. In earlier versions, the applet had a copy of the curve
parameters and there was a different algorithm reference for every
curve. This is unfeasible when trying to support a larger number of
curves because of size limitations of the applet.
This commit additionally includes some refactorings that should not
change the functionality.
2015-02-20 21:55:33 +01:00
6f9e894ebe
IsoApplet: set lock when doing command chaining
2015-02-20 21:55:33 +01:00
48bd6b0964
Add support for the IsoApplet (Java Card applet)
...
The IsoApplet can be found here:
https://github.com/philipWendland/IsoApplet
Add read/write support for this applet, including RSA and
ECC support.
2015-02-20 21:55:26 +01:00
bff0ea4837
fixed compiler warning
2015-02-20 19:54:40 +01:00
16ea926d29
fixed indentation
2015-02-20 19:54:40 +01:00
236e68b17c
fixed NULL dereference
2015-02-20 19:54:40 +01:00
da07e22c97
use memmove for overlapping memory
2015-02-20 19:54:40 +01:00
ced77ae6c7
cardos: overwrite content of deleted private key
...
when deleting a private key object, overwrite its contents so the key can no longer be used.
(VTA: original commit touched to use LOG macros and add debug logs)
2015-02-20 18:03:37 +01:00
b08671fab5
pkcs15-crypt: option for output format of ECDSA signature
2015-02-20 14:20:28 +01:00
80c496671f
helper functions to change format of ECDSA signature
2015-02-20 14:20:19 +01:00
fa923831f8
introduce EC curve OID into algorithm info data
...
needed to store information about EC curve supported by card.
Primary usage is when importing/generating key to get know if particular curve is supported by card.
2015-02-20 13:49:18 +01:00
d7475c8180
Add brackets in card-piv.c
2015-02-16 10:43:19 -06:00
572218c59c
Fall through comment before break
2015-02-16 10:11:24 -06:00
0ffad3f3bb
Fix for bad caching behavior of PIV PKCS15 emulator.
2015-02-12 16:42:17 -08:00
981a0fbbaf
Fix-up changes caused by Coverity scan
...
piv-tool.c add /* fall through */ to avoif false warning
card-piv.c - clean up if sc_lock fails.
2015-02-11 13:39:59 -06:00
3c1d8ad695
accept no output for 'SELECT' MF and 'SELECT' DF_NAME
...
PR #342
2015-02-07 21:46:44 +01:00
d162143964
Updating to fix failure of ePass2003 USB smart card due to failure to re-authenticate secure messaging when card is reset due to multiple applications using PKCS11 sessions
2015-02-07 21:46:44 +01:00
22fb49b554
PKCS#11: Improve compliance for public keys.
...
* Key usage required when calling C_CreateObject for public key are not used.
This adds the logic to convert from PKCS#11 attributes to PKCS#15 in the
structure that is sent to underlying _store_pubkey functions.
2015-02-07 20:17:12 +01:00
96265e6d08
pkcs15init: superpluous 'ec-params' in init data
...
Pkcs15init data, used to import/generate key objects, includes twice the same EC parameters data:
- explicit 'params' data
- part of sc_pkcs15_pubkey/sc_pkcs15_prkey
Explicit 'ec-params' data is removed.
2015-02-07 20:00:41 +01:00
e374f88b82
pkcs15-pubkey: add EC params in SPKI encoding
2015-02-07 19:55:08 +01:00
9148f21cd1
pkcs15-pubkey: possible NULL dereference, logs
...
... remove obsolete comments, minor coding style corrections
2015-02-07 19:55:08 +01:00
faaa11e091
Prefer serial number from EF(TokenInfo) and cached serials over CARDCTL
...
sc_pkcs15_get_object_guid() should prefer the serial number from
EF(TokenInfo) over card->serialnr because the user may override the
card's serial number with "pkcs15-init -C --serial". The card->serialnr
should be used before calling card CTL with SC_CARDCTL_GET_SERIALNR
because it might contain a cached value.
This change *should* allow cards to be used with the minidriver even if
SC_CARDCTL_GET_SERIALNR is not implemented. For example, a driver might
set card->serialnr at initialization or the user might initialize a
PKCS#15 card with its own "--serial".
See also the discussion at the mailing list:
[Opensc-devel] AT_SIGNATURE and AT_EXCHANGE Problem
2015-02-07 19:48:10 +01:00
08eb700b97
revert or partially revert some of recent commits
...
b94c16311881a63a92bf7#373
3a92bf76759c04
2015-02-07 19:31:17 +01:00
3a92bf7af5
fixed resource leaks
2015-02-05 01:38:41 +01:00
11881a61b8
removed/fixed dead code
2015-02-05 01:38:41 +01:00
a3fc62f79f
fixed NULL dereference (or warning thereof)
2015-02-05 01:38:40 +01:00
8d902d1ed3
fixed out of bounds read/write/access
2015-02-04 09:24:50 +01:00
a4c8d67110
fixed improper use of negative value
2015-02-04 09:03:27 +01:00
761e175212
fixed sc_driver_version check
2015-02-04 08:52:30 +01:00
5cafbe0f4b
fixed undefined shift behaviour
2015-02-04 08:50:19 +01:00
ed9572422f
check return values
2015-02-05 01:37:53 +01:00
47df45f5f2
set le instead of p2 twice
2015-02-05 01:37:53 +01:00
5e3d54186a
removed useless check for non-null array
2015-02-05 01:37:53 +01:00
ac4da89d0d
use memmove for overlapping memory
2015-02-05 01:37:53 +01:00
53e1992cc2
use strerror for failure of gettimeofday
2015-02-05 01:37:53 +01:00
db0cb7557c
Merge pull request #363 from frankmorgner/travis-ci
...
added travis-ci configuration
2015-02-02 23:51:54 +01:00
2f3eaa1dbe
Merge pull request #366 from frankmorgner/coverity
...
Fixes for Problems reported by Coverity Scan
2015-02-02 23:51:10 +01:00
3047fe2c3b
log: implement 'dump OID'
2015-02-02 17:03:33 +01:00
8e9a2361c6
pkcs15-tool: print length of EC public key
...
when this key is read from dedicated EF
2015-02-02 16:55:07 +01:00
6759c04b26
don't ignore errors
2015-01-28 04:45:08 +01:00
2e04fa99c1
fixed pointless array comparisons
2015-01-28 07:39:35 +01:00
bd3cfcf5ef
fixed copy/paste error
2015-01-28 07:26:34 +01:00
b94c16394f
card-asepcos: fixed puk handling
2015-01-28 07:25:46 +01:00
734cb67924
fixed algo ref
2015-01-28 07:23:34 +01:00
3a557ad0dd
fixed parsing pace output data
2015-01-28 07:22:03 +01:00
92ad6eb63c
fixed determining ef type
2015-01-28 07:21:55 +01:00
7fb495ac31
fixed self assignment
2015-01-28 07:10:57 +01:00
ac0424e947
fixed pkcs11spy's version number
2015-01-28 07:09:02 +01:00
b9f1fb333c
fixed bad output data length
2015-01-28 07:07:33 +01:00
08fcfcc8f0
fixed wrong sizeof argument
2015-01-28 07:04:02 +01:00
87b2403673
fixed out of bounds access/write
2015-01-28 07:00:02 +01:00
68d86644fd
fixed use after free
2015-01-28 06:10:16 +01:00
b1b99ce7e5
fixed integer underflow
2015-01-28 06:03:52 +01:00
027e4a0867
fixed out of bounds read
2015-01-28 05:59:41 +01:00
7c497b324f
fixed not null terminated buffer
2015-01-28 05:51:00 +01:00
77752f442d
fixed unused value
2015-01-28 05:47:20 +01:00
fdd38f6e04
fixed copy into fixed size buffer
2015-01-28 04:30:40 +01:00
ea40322a30
added travis-ci configuration
2015-01-27 22:56:11 +01:00
b6a935a261
fixed memory leak
2015-01-24 23:12:47 +01:00
00330b2c79
fixed resource leak
2015-01-24 22:16:22 +01:00
6641cbf455
fixed potential string overflow
2015-01-24 20:17:26 +01:00
3f64d3a805
fixed bad memory allocation
2015-01-24 20:11:16 +01:00
9a4b58800b
fixed Printf arg type mismatch
2015-01-24 20:00:03 +01:00
fca3a37097
fixed truncated stdio return value
2015-01-24 19:47:01 +01:00
8df9896204
pass big parameter by reference
...
reported by coverity scan
2015-01-24 19:25:11 +01:00
1b53b59ed3
fixed potential use after free
...
reported by coverity scan
2015-01-24 19:22:39 +01:00
7a34c204c1
fixed dereference before null check
...
silence warnings reported by coverity-scan
2015-01-22 20:29:33 +01:00
762d466b23
Add display of Elliptic Curve flags
2015-01-20 23:15:41 -08:00
7a455f64c7
Support of additional type, mechanisms and attributes
2015-01-20 23:15:31 -08:00
3dadd3fba1
Add some missing PKCS#11 values
2015-01-20 23:15:22 -08:00
17c1cffb3d
Fix typo on CKF_EC_UNCOMPRESS
2015-01-20 23:14:50 -08:00
c3a0bbc715
Update email and year
2015-01-20 23:14:36 -08:00
f143d7b73e
Merge pull request #346 from frankmorgner/pkcs11provider
...
use OpenSC as default PKCS#11 provider
2015-01-20 23:43:48 +01:00
9543cdb121
Handle case where input data is already padded.
2015-01-20 16:52:30 +01:00
87cc05c03f
Receive signature to temporary buffer, will be copied to output buffer later.
2015-01-20 16:49:11 +01:00
19bbfc76f5
Added initial support for STARCOS 3.4 (German D-Trust cards).
...
Code inspired by experimental STARCOS 3 driver by Martin Vogt:
http://article.gmane.org/gmane.comp.encryption.opensc.devel/9846
Supports `opensc-explorer`, `pkcs15-tool` and `pkcs15-crypt` (signing with PKCS#1 padding).
Cards available from `https://www.bundesdruckerei.de/en/768-d-trust-signature-cards `.
2015-01-19 18:04:12 +01:00
91ddcfb514
PKCS15: remove redundant code for access_flags.
...
* With commit facaf59
2015-01-16 10:03:13 +01:00
ed87ea38b9
PKCS#11: Fetch real value of CKA_LOCAL for pubkey
...
* Fetch value from pub_info structure for CKA_LOCAL attribute.
2015-01-14 17:38:08 +01:00
d727acb47a
PKCS#11: Remove inconsistent attributes
...
* Improve compliance related to PKCS#11 attribute fetching.
2015-01-14 17:22:43 +01:00
4915eaa56b
Improve PKCS#11 compliance. Issue #335
...
* This simple patch allows for values of PKCS#11 attributes to be fetched
from the underlying card.
2015-01-05 14:00:22 +01:00
bbedd4ef00
IAS-ECC: improve PKCS#11 compliance Issue #336
...
* Ensure CKA_ALWAYS_SENSITIVE and CKA_NEVER_EXTRACTABLE are only set when
generating the key on board, not reason to set them when importing a private
key.
2015-01-05 13:59:37 +01:00
32d8173b4c
IAS-ECC: Improve detection Gemalto cards(Issue #343 )
...
* Improve IAS-ECC card detection using the ATRMask.
Previous commit was revert since work was not done in topic branch.
2014-12-29 16:09:06 +01:00
7e7a44acff
sc_asn1_put_tag - support larger tags
...
Enhance sc_asn1_put_tag to support larger tag names and larger tags.
Prior to this, sc_asn1_put_tag did only support tags with a length of at most 127 bytes and tag names of one byte.
2014-12-29 15:37:45 +01:00
3961275d8c
Allow user to overwrite SO-PIN when using PIN-PAD reader
2014-12-29 13:39:37 +01:00
facaf5969b
Improve PKCS#11 compliance. Issue #335
...
* Add default behavior for cards using the PKCS#15 emulation layer.
Hence, this patch provide a default value for access_flags compatible with
current OpenSC's behavior while allowing compatible cards to fetch the real
value from the card (IAS-ECC and AuthentIC).
2014-12-29 13:11:23 +01:00
291e9dab9e
use OpenSC as default PKCS#11 provider
...
closes #229
2014-12-19 22:27:34 +01:00
aa7886f36d
pkcs15-init: fix memory corruption
2014-12-19 16:52:14 +01:00
4167455362
Merge pull request #321 from resoli/master
...
Implementation of card_ctl function with SC_CARDCTL_GET_SERIALNR
2014-12-19 11:47:26 +01:00
a7bf05ecc4
Merge pull request #337 from frankmorgner/7816
...
7816
2014-12-19 11:37:48 +01:00
4d5997dfba
fixed selection of muscle applet for some JCREs
...
Previously, partial DF name selection was used, which is not mandatory
to implement for a JCRE. We now use the full DF name which must always
be implemented.
Note that the MUSCLE applet is deprecated and should not be used.
fixes #135
2014-12-12 22:40:20 +01:00
45fe96579f
added support for sc_path_t with only aid set
2014-12-12 21:45:53 +01:00
73715e37d9
fixed compiler warnings
...
fixed warnings introduced with b18c86e646
2014-12-12 21:45:53 +01:00
e137396d56
workaround for compiler warnings
2014-12-12 21:45:53 +01:00
e1fbdc030b
iso7816: make select agnosting to sc_path_t's aid
2014-12-12 21:45:52 +01:00
69b27179eb
use path only if it is actually present
2014-12-12 21:45:52 +01:00
c71a453ff1
openpgp-tool: Fix wrong operator
...
Used "!=" instead of "|="
2014-12-11 12:51:15 +08:00
238b9e344a
Revert "Added ATR for ItalianCNS - Prov. BZ"
2014-12-10 11:07:56 +01:00
99b5cb53e1
OpenPGP: Remove unused variables and fix type cast.
2014-12-10 04:01:06 +08:00
7f08983240
Merge branch 'master' into gnuk
...
Conflicts:
src/tools/openpgp-tool.c
2014-12-09 02:40:33 +08:00
ec2eb86bec
don't reimplement output of status words
...
Closes #326
2014-12-07 23:54:32 +01:00
9cbec38cfa
Fix bug in verbose flag handling.
...
Using the verbose flag was causing cardos-tool to return as if an error
had occured.
2014-12-07 23:54:09 +01:00
1408e25e4b
Removal of cache, fixing a compiler warning and removing recursive functions.
2014-12-07 23:34:15 +01:00
fce847bf25
Merge pull request #318 from sschutte/master
...
Added ATR for ItalianCNS - Prov. BZ
2014-12-06 23:32:31 +01:00
a2ba4d3bae
Merge pull request #319 from CardContact/add-sec-k-curves
...
sc-hsm: Add support for Koblitz curves secp192k1 and secp256k1 (Bitcoin)
2014-12-06 23:22:43 +01:00
b18c86e646
Merge pull request #320 from frankmorgner/tools-pin
...
Optimize util_get_pin from #289
2014-12-06 23:21:39 +01:00
8188b8acac
Merge pull request #322 from frankmorgner/iso-ext
...
adjust send/receive size accoriding to card capabilities
2014-12-06 23:16:21 +01:00
cd01a73caf
C_Digest does not check if buffer too small before update. Issue #327
...
C_Digest will now query for the buffer size using sc_pkcs15_md_final
before calling sc_pkcs15_md_update. This avoids doing a double update
when the user passes in a buffer to small, then gets the buffer and calls
C_Digest again.
2014-12-02 11:15:24 +01:00
0c0b2145ac
Translate French to English.
2014-11-26 19:00:38 +01:00
3f442c5608
adjust send/receive size accoriding to card capabilities
2014-11-17 21:16:13 +01:00
8d21cea7fc
hardcode->defines for DO's
2014-11-11 16:16:15 +01:00
901c7952c1
Replace hardcode.
2014-11-09 15:58:40 +07:00
4dbfba3102
Use correct bit when writing PIV certificate object with gzipped certificate
...
NIST 800-73 clarified the CertInfo flag for gzipped certificate is 0x01
piv-tool was writting 0x80.
OpenSC card-piv.c continues to accept both.
2014-11-07 19:49:36 -06:00
867176b0f7
itacns_get_serialnr(): check sc_read_binary() returned data length (only).
2014-11-07 12:49:44 +01:00
7fea6eb8ba
itacns_get_serialnr(): check sc_read_binary() returned data length.
2014-11-07 12:48:43 +01:00
56684d857c
itacns_get_serialnr(): check sc_read_binary() returned data length.
2014-11-07 12:35:21 +01:00
f83f8d28df
itacns_get_serialnr(): relaxed checking on sc_select_file returned length, added debug log.
2014-11-07 11:42:16 +01:00
255c0335a1
Indenting fix and stronger limit on serial number length.
2014-11-06 16:17:51 +01:00
0e06427754
Implementation of card_ctl function with SC_CARDCTL_GET_SERIALNR
...
Implementation of card_ctl function with SC_CARDCTL_GET_SERIALNR
2014-11-05 22:57:25 +01:00
d00d7b3498
Merge pull request #276 from asmw/fix_return
...
openpgp-tool: Return EXIT_SUCCESS if no error occurs
2014-11-05 10:57:26 +01:00
ea55c19439
Merge pull request #195 from rainermetsvahi/master
...
Add AzeDIT 3.5 card support
2014-11-05 10:56:01 +01:00
cb7f40a40d
Merge pull request #260 from frankmorgner/iso-ext
...
iso7816: allow extended length APDUs
2014-11-05 10:40:11 +01:00
ef94c6b875
Merge pull request #311 from frankmorgner/const-data
...
changed sc_apdu_t.data back to const unsigned char *
2014-11-05 10:39:05 +01:00
8672291a73
Merge pull request #312 from frankmorgner/fix-p15
...
fixed type of pkcs15init_initialize
2014-11-05 10:38:42 +01:00
aa45685e0b
fixed documentation of dnie-tool
2014-11-04 22:23:01 +01:00
4459e146c4
use util_get_pin in tools
2014-11-04 22:07:07 +01:00
e63f40c2d3
tools: Add util_get_pin helper function
...
Using this helper PINs can be passed via the command line, stdin and an
environment variable.
For now only used in the openpgp tool.
closes #289
2014-11-04 21:54:41 +01:00
d014056f1d
sc-hsm: Add support for Koblitz curves secp192k1 and secp256k1 (Bitcoin)
2014-11-04 17:11:34 +01:00
Frank Morgner
Thomas Calderon
Viktor Tarasov
German Blanco
vletoux
Dirk-Willem van Gulik
Philip Wendland
Robert Quattlebaum
Andreas Schwier
Wouter Verhelst
Hannu Honkanen
Doug Engert
Pedro Martelletto
Martin Campbell
Mathias Brossard
Joachim Bauch
Nguyễn Hồng Quân
Etienne Cordonnier
george
resoli
emRoberto Resoli/em
Sumedha Widyadharma