Frank Morgner
754a409191
added build-package-from-ci until proper dmg creation is realized in CI
2019-12-02 12:31:53 +01:00
Frank Morgner
433377f76e
macos: use start_selected instead of selected
...
otherwise the user's choice would be overwritten when the user clicks
some other installation option.
also, use the domain tag to install to the local drive only
2019-12-02 12:29:32 +01:00
Frank Morgner
118929df93
macos: use generic location for NotificationProxy
...
to be installed with OpenSC core and to be used from
the tools, tokend and CTK
2019-12-02 08:22:34 +01:00
Frank Morgner
a581cbfc2d
mac: group CTK token seperately in installer
2019-12-01 00:16:47 +01:00
Jakub Jelen
ef61a95b31
coolkey: Make sure the matching objects have same lengths
...
This ensures that we do not go behind the allocated buffer if
we get wrong data.
Thanks to oss-fuzz:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19031
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19032
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19038
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19039
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19040
2019-11-29 22:48:00 +01:00
Jakub Jelen
aa6d3e1d36
coolkey: Fix the comparator return value
2019-11-29 22:48:00 +01:00
Jakub Jelen
249e928176
gp: Correctly check for the CPLC data length
2019-11-29 22:47:26 +01:00
Jakub Jelen
4f3d87d03c
coolkey: Split the CPLC related structures and function to the generic GP file
2019-11-29 22:47:26 +01:00
Jakub Jelen
326955a147
reader-pcsc: Preserve the CARD_PRESENT flag to make sure the card is detected after reader reinsertion
2019-11-28 11:18:25 +01:00
Jakub Jelen
4bd8cda966
pkcs11-session: When we notice logout in lower layers, while pkcs11 thinks we are logged in, invalidate all sessions in given slot
2019-11-28 11:18:25 +01:00
Jakub Jelen
e0e1f10bd3
pkcs11/slot: Fix indentation
2019-11-28 11:18:25 +01:00
Oskar Wiksten
79a51e0d18
pkcs11: Support for RSA PSS padding in verify
...
* Explicitly copies the mechanism parameters during a PKCS#11 `C_VerifyInit`
and `C_DecryptInit` operation.
* Resolves issues where the calling application deallocates the `pParameter`
pointer in the `CK_MECHANISM` struct between calls to `C_VerifyInit` and
`C_Verify`, or between `C_DecryptInit` and `C_Decrypt`.
* These mech parameters are used in RSASSA-PSS and RSAES-OAEP, for example.
* This commit copies the same fix that was applied to `sc_pkcs11_sign_init` in
commit e5707b545e
for supporting RSASSA-PSS.
2019-11-28 11:17:12 +01:00
AdriaoNeves
ce71b171e2
Add support for 4K RSA keys in GemsafeV1
2019-11-23 22:13:28 +01:00
carblue
6d98f8c8d8
card-myeid.c: issue #1219
2019-11-23 21:38:14 +01:00
carblue
d4823541b7
pkcs15-init: Fix issue #1219
2019-11-23 21:38:14 +01:00
Jakub Jelen
2d02de4233
coolkey: Do not return uninitialized data if card does not return CPLP data
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18990
2019-11-18 14:02:07 +01:00
Frank Morgner
bec794fbee
fixed memory leak
...
https://crbug.com/oss-fuzz/18953
2019-11-18 14:01:50 +01:00
Jakub Jelen
c4dcac5de7
pkcs15-prkey: Free allocated data on all error exit paths
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18790
2019-11-14 19:36:01 +01:00
Jakub Jelen
6d6d158f13
pkcs15-cert: Free data on all error exit paths
...
https://oss-fuzz.com/testcase-detail/5645063405436928
2019-11-14 19:36:01 +01:00
Jakub Jelen
5645fe2d16
muscle: Check length first before calling memcmp()
2019-11-14 19:36:01 +01:00
Jakub Jelen
1594b1167d
muscle: Initialize variables and check return codes
2019-11-14 19:36:01 +01:00
Jakub Jelen
7360c4bf0c
muscle: Avoid access uninitialized memory
2019-11-14 19:36:01 +01:00
Jakub Jelen
2c68c0662c
coolkey: Avoid success from init if there are no reasonable data raturned
...
Thanks to oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18918
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18915
2019-11-14 19:36:01 +01:00
Jakub Jelen
75847f4e93
Make ef_dir variable local
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18821
2019-11-13 15:48:40 +01:00
Jakub Jelen
f11c286bc6
coolkey: Refactor the object listing to avoid invalid memory access
...
Probably resolves some bad memory access from oss-fuzz such as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18907
2019-11-13 15:48:33 +01:00
Jakub Jelen
07d3d8e0df
compression: Free allocated data and return error if nothing was uncompressed
...
Also harmonizes the return codes from decompress*() functions
Fixes oss-fuzz issue
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18771
2019-11-13 15:48:25 +01:00
Frank Morgner
5557f34f5e
Revert "pkcs15-pubkey: Avoid memory leaks"
...
This reverts commit 0977b5496a
.
2019-11-12 11:57:43 +01:00
Jakub Jelen
b79db82ae7
openpgp: Workaround non-compliant Yubikey 5 OpenPGP applets
...
Fixes #1850
2019-11-12 03:38:09 +01:00
Jakub Jelen
0977b5496a
pkcs15-pubkey: Avoid memory leaks
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18758
2019-11-11 22:02:53 +01:00
Jakub Jelen
cc917b541f
asn1: Avoid calling malloc with 0 argument
...
Caused problems reported by oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18758
2019-11-11 22:02:41 +01:00
Jakub Jelen
cd51430ba7
asn1: Avoid malloc(0) also from BIT STRING and GENERALIZED TIME structures
2019-11-11 22:02:30 +01:00
Jakub Jelen
e50bc29bd9
card-setcos.c: Avoid unsigned integer underflow
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18798
2019-11-11 22:02:18 +01:00
Jakub Jelen
c173563ad2
coolkey: Accept only SW=90 00 as success to prevent interpretting invalid values
2019-11-11 22:02:08 +01:00
Jakub Jelen
ef3e223917
coolkey: Do not interpret empty answers as success
...
Thanks to oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18868
2019-11-11 22:01:56 +01:00
Peter Popovec
e6a24b71ab
MyEID: fix max_recv_size
...
MyEID 3.3.3 is not working with hardcoded max_recv_size=256 in
card-myeid.c. Use max_recv_size=255 if card major version < 40
Fixes #1852
2019-11-11 21:01:51 +01:00
Frank Morgner
a8de0070fd
fixed Null-dereference READ
...
https://oss-fuzz.com/testcase-detail/5644373382922240
Thanks to OSS-Fuzz
2019-11-06 23:38:37 +01:00
Frank Morgner
1a069ca71e
fixed Global-buffer-overflow READ 1
...
https://oss-fuzz.com/testcase-detail/5685978287308800
Thanks to OSS-Fuzz
2019-11-06 23:08:43 +01:00
Frank Morgner
8fea658fe9
fixed 121888 Time of check time of use
2019-11-05 21:49:30 +01:00
Frank Morgner
3a5a90450e
fixed 333715 Dereference after null check
2019-11-05 21:49:30 +01:00
Frank Morgner
7007b4a889
fixed 127766 Out-of-bounds read
2019-11-05 21:49:30 +01:00
Frank Morgner
8d7092c0cb
13598 Unchecked return value
2019-11-05 21:49:30 +01:00
Frank Morgner
192994fa13
fixed 13608 Unchecked return value
2019-11-05 21:49:30 +01:00
Frank Morgner
804cb68057
removed 339153 Logically dead code
2019-11-05 21:49:30 +01:00
Frank Morgner
8d3dfb2f6d
ignore for 339158 Dereference before null check
2019-11-05 21:49:30 +01:00
Frank Morgner
07cff0e168
fixed 341844 Incorrect deallocator used
2019-11-05 21:49:30 +01:00
Frank Morgner
8b6ba40a8e
fixed 341853 Resource leak
2019-11-05 21:49:30 +01:00
Frank Morgner
fa35be5859
fixed 347857 Resource leak
2019-11-05 21:49:30 +01:00
Frank Morgner
2a2662fb3d
fixed 348981 Resource leak
2019-11-05 21:49:30 +01:00
Frank Morgner
7a1e42e135
fixed compiler warning
...
fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18701
2019-11-05 10:58:32 +01:00
Frank Morgner
c3f23b836e
fixed UNKNOWN READ
...
Reported by OSS-Fuzz
https://oss-fuzz.com/testcase-detail/5681169970757632
2019-11-03 04:45:28 +01:00