Not yet complete, but can be run with CKA_TOKEN=FALSE set in the target object. Currently unwrapping emulated
with a decrypt operation in card-myeid.c. To be improved.
A card driver may declare support for computing the padding on the card,
or else the padding will be applied locally in padding.c. All five
PKCS11 PSS mechanisms are supported, for signature and verification.
There are a few limits on what we choose to support, in particular I
don't see a need for arbitrary combinations of MGF hash, data hash, and
salt length, so I've restricted it (for the user's benefit) to the only
cases that really matter, where salt_len = hash_len and the same hash is
used for the MGF and data hashing.
------------------------------------------------------------------------
Reworked and extended in 2018 by Jakub Jelen <jjelen@redhat.com> against
current OpenSC master, to actually work with existing PIV cards:
* extended of missing mechanisms (SHA224, possibility to select MGF1)
* compatibility with OpenSSL 1.1+
* Removed the ANSI padding
* Formatting cleanup, error checking
Based on the original work from
https://github.com/NWilson/OpenSC/commit/42f3199e66
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
* Previously, it was dependent on ATR blocks, but it did
not allow enrolling various types of cards without knowning
their ATR in advance.
* Improved documnetation for this option in configuration files
Resolves: #1265
It was used to make pkcs11-tool work with vendor defined PKCS#11
modules. If this behavior is still desired, pass the define
ZERO_CKAID_FOR_CA_CERTS during the build
Framework-pkcs15.c will now set pin_info->auth_method to SC_AC_CONTEXT_SPECIFIC
iso7816.c iso7816_build_pin_apdu treats this the same as SC_AC_CHV
card-piv.c piv_pin_cmd sets priv->xcontext_specific=1 and calls sc_lock before
the verify command. If the verify fails sc_unlock is called.
Later after the next card command returns, if priv->context_specific==1 piv_check_sw
will call sc_unlock as the application may not have requested the crypto but
some other command.
Some additional calls to sc_lock and sc_unlock have been added to make sure
PIV internal command sequences including the crypto command ('87') and any get
responses are always protected by a lock.
This guarantees the card is locked for verify and the next command
which should be the crypto operation. The PIV card also inforces this restriction
on the card.
This is based on suggestions in:
://github.com/OpenSC/OpenSC/pull/1256#issuecomment-361975751
On branch piv-aid-discovery
Changes to be committed:
modified: src/libopensc/card-piv.c
modified: src/libopensc/iso7816.c
modified: src/libopensc/types.h
modified: src/pkcs11/framework-pkcs15.c
* Avoid GCC 7 warnings with -Werror
-Werror=implicit-fallthrough=
libopensc/card-incrypto34.c
not sure if this is a bug or intention
libopensc/card-rutoken.c
most probably intention
libopensc/card-westcos.c
remove bogus if so the compile is not confused
I will fill a separate bug to gcc probably
pkcs15init/pkcs15-iasecc.c
Simplify the log and avoid compiler confusion
sm/sm-common.c
explicit fallthrough
tools/pkcs11-tool.c
use explicit fallthrough comment
tools/pkcs15-init.c
The fallthrough is obvious here
-Werror=format-truncation=
libopensc/pkcs15-itacns.c
use explicit string lengths
pkcs11/framework-pkcs15.c
calculate the truncation
tests/pintest.c
avoid sprintf
tools/pkcs15-crypt.c
avoid sprintf
tools/pkcs15-init.c
calculate the truncation
Many cards need multiple PINs to work correctly since different on-card
keys are secured by different PINs (this is true for for example OpenPGP
card).
Smart Card Minidriver API has supported such cards since version 6.02
(Vista+).
Use the same method as PKCS#11 driver does to discover user and sign PINs,
for consistency.
However, if there is a default container on card we'll make sure that its
PIN is an user PIN and if there is no default container we'll mark the one
with the user PIN as default.
All other PINs securing containers on card are added as next PINs, up to
MD_MAX_PINS.
Use this opportunity to also fix two cases where a pointer-to-DWORD
variable was passed as pointer-to-size_t parameter to
md_dialog_perform_pin_operation() - they are of different size on Win64.
Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
tools/pkcs15-tool.c:
Dead assignment: Value stored to 'c' is never read
tools/pkcs11-tool.c:
Dead assignment: Value stored to 'n' is never read
Dead assignment: Value stored to 'rv' is never read
libopensc/card-cac.c:
Dead assignemnt: Value stored to 'tl_head_len' is never read
Dead increment: Value stored to 'outp' is never read
common/libpkcs11.c:
Memory leak in case of C_UnloadModule() fails
libopensc/pkcs15-pubkey.c:
Potential memory leaks
pkcs11/mechanism.c:
Potential memory leak
pkcs11/framework-pkcs15.c:
Potential memory leaks
Dereference of null pointer
Dead assignments
tools/sc-hsm-tool.c:
Function call argument is an uninitialized value
Dead assignment: Value stored to 'r' is never read
libopensc/card-openpgp.c:
Dead assignment: ignoring the errors in case of sc_pkcs15_encode_pubkey() failed
libopensc/pkcs15-cac.c:
Dead assignments: ignoring return values
libopensc/pkcs15-coolkey.c:
Dead assignments: ignoring return values
libopensc/card-sc-hsm.c:
Dereference of undefined pointer value: Properly check the file allocation
pkcs11/slot.c:
Dead assignment
pkcs15init/pkcs15-cflex.c:
Dereference of null pointer
Uninitialized argument values
- eac: allow CA without EF.CardSecurity
- sc-hsm: implemented CA based on document PKI
- sc-hsm: adds receive limit for SoC card
- introduces dedicated card type for SoC card
- md: integrate card's PIN pad capabilities
- installer: added SC-HSM SoC card to registry
- pkcs15-tool: Added support for PIN entry on card
- change/unblock PIN: add support for PIN entry on card
- added OpenPACE to macOS build
- travis-ci: install gengetopt/help2man via brew
- sc-hsm: Cache EF.C_DevAut
- sc-hsm: Prevent unnecessary applet selection and state resets
- sc-hsm: added support for session pin
- sc-hsm: avoid multiple AID selection
- sc-hsm: Use the information from match_card for all subsequent selections of the applet
- sc-hsm: cache optional files as empty files (Decoding the files will reveal that they were not existing prior caching. This avoids selecting the file though we have already tried to cache the file before.)
- use dedicated directory for CVC trust anchors
- appveyor: added OpenPACE to windows build
CKA_SPKI is a vendor defined attribute to be used internally
as input to to OpenSSL d2i_PUBKEY
On branch verify-pubkey-as-spki-2
Changes to be committed:
modified: framework-pkcs15.c
modified: mechanism.c
modified: openssl.c
modified: pkcs11-opensc.h
card-cac.c
* CLANG_WARNING: The left operand of '<' is a garbage value
card-coolkey.c
* CLANG_WARNING: overwriting variable
* CPPCHECK_WARNING: memory leak / overwrite variable
* CLANG_WARNING: null pointer dereference
* UNUSED_VALUE: unused return value
card-gids.c
* CLANG_WARNING: Branch condition evaluates to a garbage value
* SIZEOF_MISMATCH: suspicious_sizeof
card-myeid.c
* RESOURCE_LEAK: Variable "buf" going out of scope leaks the storage it points to.
* CLANG_WARNING: overwriting variable
* (rewrite not to confuse coverity)
pkcs15-cac.c
* RESOURCE_LEAK: Variable "cert_out" going out of scope leaks the storage it points to.
pkcs15-coolkey.c
* UNUSED_VALUE: unused return value
pkcs15-piv.c
* RESOURCE_LEAK: Variable "cert_out" going out of scope leaks the storage it points to.
pkcs15-sc-hsm.c
* DEADCODE
pkcs11/framework-pkcs15.c
* RESOURCE_LEAK: Variable "p15_cert" going out of scope leaks the storage it points to.
pkcs15init/pkcs15-lib.c
* CLANG_WARNING: Assigned value is garbage or undefined
pkcs15init/pkcs15-myeid.c
* UNREACHABLE: Probably wrong placement of code block
tests/p15dump.c
* IDENTICAL_BRANCHES
pkcs15-init.c
* CLANG_WARNING: Potential leak of memory pointed to by 'args.der_encoded.value'
pkcs15-tool.c
* RESOURCE_LEAK: Variable "cert" going out of scope leaks the storage it points to.
* MISSING_BREAK: The above case falls through to this one.
sc-hsm-tool.c
* CLANG_WARNING: Potential leak of memory pointed to by 'sp'
westcos-tool.c
* FORWARD_NULL: Passing null pointer "pin" to "unlock_pin", which dereferences it.
* (rewrite not to confuse coverity)
card-cac.c
* Avoid malloc with 0 argument
gids-tool.c
* FORWARD_NULL -- copy&paste error
scconf.c
* CLANG_WARNING: Call to 'malloc' has an allocation size of 0 bytes
closes#982
Since "Add GCC format checking attributes to log functions" commit GCC
warns us about problems with format strings and their arguments provided
to OpenSC message logging functions.
This commit fixes all cases where GCC warned about incorrect format on
64-bit Linux, 32-bit and 64-bit mingw builds (with SM and OpenSSL enabled).
Well, almost all since on mingw GCC does not recognize "ll" size specifier
(present at least since Visual Studio 2005, also in mingw own CRT) so these
(few) warnings about it remain.
In most cases format size specifier for size_t type was missing (usually
size was left at default int level, with is different on 64-bit x86).
Some formats had too few / too many arguments.
In some cases pointers were printed as integers.
Some long variables were missing "l" prefix (especially with regard to %x
format).
Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
This commit fixes most of warnings shown by GCC on 64-bit Linux, 32-bit and
64-bit mingw builds (with SM and OpenSSL enabled).
These warnings were mostly caused by missing casts.
In minidriver there was also a bit of unused variables and dead code.
Remaining warnings on mingw are mostly caused by GCC not recognizing on
this platform "ll" size specifier (present at least since
Visual Studio 2005, also in mingw own CRT) and "z" size specifier (this one
will be fixed in next commits).
There is also a warning about pointer truncation on Win64 when making
PKCS#11 object handle from pointer to this object.
This is a legitimate warning, since it could result in the same handles
being generated from different pointers and so from different objects.
Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
... as required by PKCS#11 2.30, if the application doesn't call
`C_GetSlotList` with `NULL`.
Fixes ghost tokens in Firefox when detaching a reader that contained a
card.
Fixes https://github.com/OpenSC/OpenSC/issues/629
introduced paramter to signal back the login state
- used for the pin command SC_PIN_CMD_GET_INFO
- implemented in accordance to ISO 7816-4; all other implementations
are currently set to an unknown login state
implemented and exporeted sc_pkcs15_get_pin_info
use sc_pkcs15_get_pin_info in C_GetTokenInfo
C_GetSessionInfo: Check whether a logout was done
Closes https://github.com/OpenSC/OpenSC/pull/624
rebased by @viktorTarasov
With very long labels it is unable identify which PIN Firefox is asking.
PKCS11 label is 32 char's and it gets truncated.
Current format "LABEL (PIN1)"
New format "PIN1: LABEL"
Simplify create tokens rules, no need to manipulate applications in
'pkcs11' configuration part,
applications can be enabled/disabled on the 'pkcs15' one.
Fix the possibility to expose only 'sign' PIN
This is name change only fix.
The variable name "card" was being used to refer to a struct sc_card or a struct sc_pkcs11_card
in some files including sc_pkcs11.h. In other files the variable name "p11card" is used for struct sc_pkcs11_card.
This creates hard to read code, such as: slot->card->card.
All definitations of sc_pkcs11_card *card now use p11card as the variable name.
Fix#471
Prior to this commit, all hashes registered for RSA or other key types were
registered for ECDSA as well.
register ECDH mechanism only when supported by card
ECDH should only be registered if the card driver sets the
SC_ALGORITHM_ECDH_CDH_RAW flag.
register software PKCS#1 (1.5) padding only when RAW RSA is supported by card
If OpenSC supports PSS/OAEP padding or other padding mechanisms in
future, and there would be a card that enforces hardware PSS/OAEP
padding, the PKCS#1 v1.5 padding mechanism should not be registered.
For internal use allocate and copy the EC params data from the caller's template,
rather then use them directly as a pointer in internal public key data.
needed to store information about EC curve supported by card.
Primary usage is when importing/generating key to get know if particular curve is supported by card.
* Key usage required when calling C_CreateObject for public key are not used.
This adds the logic to convert from PKCS#11 attributes to PKCS#15 in the
structure that is sent to underlying _store_pubkey functions.
Pkcs15init data, used to import/generate key objects, includes twice the same EC parameters data:
- explicit 'params' data
- part of sc_pkcs15_pubkey/sc_pkcs15_prkey
Explicit 'ec-params' data is removed.
Code to test for an auth_id for certs and pubkeys was removed.
See: PKCS#15 section 4.1.3 Access methods
This is conseritive change and all objects could be treaded the same.
The framework-pkcs15.c did not add hashes correctly if the card did not support RSA RAW.
This change fixes that and only adds hashes if the card did not specify a list of hashes.
It also will not add hashes done in software if ENABLE_OPENSSL is not specified.
Some error conditions are also tested for EC mechanisms.
See bug report #241 for more information.
framework-pkcs15: Duplicate public key related to private key rather than referencing the framework object
Referencing the related public key is required to return PKCS#11 attributes for a private key only available
in the public key object (i.e. CKA_MODULUS). This patch adds a copy of the public key to the private key object rather than
referencing the public key object in the framework. This prevents SEGV when the public key framework object
is deleted with C_DestroyObject, but the reference from the public key remains intact.
The bug leads to all kind of stability problems when keys are created and deleted in the same session.
The patch is in particular important if OpenSC is used with EJBCA or any other application using the
SUN PKCS#11 provider: When generating key pairs, then the public key object is eventually garbage collected
which removes the related object in the PKCS#11 module. Because there is no fixed time for this operation,
corruption occurs at random.
In a next step, the remaining related_xxx fields in sc_pkcs11_object should be revised and possibly removed.
framework: Added more error checking
card-asepcos: removed dead code
card-authentic: removed dead code
card-belpic: removed dead code
card-epass2003: removed dead code
card-flex: removed dead code
card-gpk: removed dead code
card-oberthur: removed dead code
card-piv: removed dead code
card-setcos: removed dead code
ctbcs: removed dead code
cwa14890: removed dead code
muscle: removed dead code
pkcs15-atrust-acos: removed dead code
pkcs15-gemsafeV1: removed dead code
pkcs15-skey: removed dead code
reader-ctapi: removed dead code
framework-pkcs15: removed dead code
pkcs11-object: removed dead code
pkcs15-asepcos: removed dead code
pkcs15-cardos: removed dead code
pkcs15-jcop: removed dead code
pkcs15-lib: removed dead code
pkcs15-oberthur: removed dead code
parse: removed dead code
sclex: removed dead code
sm-card-authentic: removed dead code
sm-card-iasecc: removed dead code
sm-cwa14890: removed dead code
sm-global-platform: removed dead code
sc-test: removed dead code
pkcs11-tool: removed dead code
pkcs15-tool: removed dead code
pkcs15: in pubkey-info data
* introduced new 'direct' 'raw' and 'spki' members
* removed 'encoded der data' member
* in 'read-public-key' try firstly SPKI direct value
pkcs11:
'direct' data used when getting CKA_VALUE attribute of public key
pkcs15init:
* initialize 'raw' and 'spki' direct public key value
In pkcs15-verify the value of PIN is not more validated for conformity with PIN policy,
value is only checked for maximal allowed length.
So that, no more need of 'ignore-pin-length' configuration option - now it's default behavior of common framework.
When doing C_Login default behavior is to ignore the applied PINs with lengths less
then value of PKCS#15 PIN attribure 'min-length'. Such a PINs are not
really verified by card.
With 'ignore-pin-length' option in 'true' all applied PINs are verified by card.
to prepare future enhancements and in the sake of uniformity
in 'struct sc_pkcs11_framework_ops'
the 'struct sc_pkcs11_card' argument of 'init_token' handler is changed for 'struct sc_pkcs11_slot'
coding style issues
The original ECC code in OpenSC stored the ecpointQ as a DER encoded OCTET STRING.
Shortly before 0.13.0, code changes where made to store the ecpointQ as raw data
without the DER encoding.
Only some of the code was changed to support this but not all, and the comments
that said the ecpointQ was in DER where not changed either.
Some card drivers continued to work, using the original code in all place,
while some cards failed, as they where using a mixture of original code and
0.13.0 code.
This commit fixes these problems.
The ecpointQ is stored in raw format
A new structure type sc_pkcs15_u8 is defined.
The ecpointQ are changed to use the struct sc_pkcs15_u8. This was done to avoid
the confusion of using struct sc_pkcs15_der to hold non-DER encoded data.
(There may be other uses for this too...)
Comments are change is many places.
sc_pkcs15_decode_pubkey_ec was fixed to store the raw ecpointQ correctly.
sc_pkcs15_pubkey_from_spki was change to get the sc_ec_params from the alg_id
and fix up u.ec.params. Unfortunately the OpenSC code has two places EC parameters
are stored. They can get out of sync, or there may still be code
that looks in the wrng oplace. o(TODO get it to only only place.)
The u.ec.params.field_length is now set in a number of places, as this is need
in many of the PKCS#11 routines.
framework-pkcs15.c will now correctly return the DER encode ecpointQ,
for the CKA_EC_POINT attribute using pubkey->data which has the DER encoding
for the ecpointQ.
framework-pkcs15.c will look for the EC parameters in either the u.ec.params.der,
or in the alg_id->params. (TODO get it to only only place.)
pkcs15-myeid.c has some comments, as it looks like the code is storing a TLV
rather then a DER encoding of the ecpointQ. With the wrong encoding PKCS#11 will
return the wrong attribute for CKA_ECDSA_PARAMS.
pkcs15-piv.c is changed so emulation of a pubkey taken from a certificate will
work correctly.
In a supplement to f5d53ab01783b0c37802e35f063fdbe5814bdbc7.
Subject and Issuer, returned by pkcs#15 framework, are already encoded as ASN1 sequence.
No need to wrap them in a second ASN1 sequence frame.
Lars Silvén
Hannu Honkanen
Jakub Jelen
Nicholas Wilson
konstantinpersidskiy
Frank Morgner
Priit Laes
asc
Leif Erik Wagner
Peter Marschall
Doug Engert
edgarholleis
Jakub Jelen
Maciej S. Szmigiero
Timo Teräs
konstantinpersidskiy
Nuno Goncalves
carblue
Raul Metsma
Ludovic Rousseau
Viktor Tarasov
LE TOUX Vincent
Uri Blumenthal
Frank Morgner
Philip Wendland
Thomas Calderon
Mathias Brossard
Emanuele Pucciarelli
Henrik Andersson
Doug Engert
Martin Paljak