giomba
/
opensc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
7,353 Commits 1 Branch 30 Tags 20 MiB
Commit Graph

3335 Commits

Author SHA1 Message Date
Frank Morgner a899a46b09 replaced SC_TEST_RET with LOG_TEST_RET 2018-12-06 09:26:42 +01:00
Frank Morgner 907c9479e2 replace sc_debug_hex with sc_log_hex 2018-12-06 09:26:42 +01:00
Frank Morgner e3dda8894e log errors in verbose 2018-12-06 09:26:42 +01:00
Frank Morgner 00a150f74c replaced SC_FUNC_RETURN with LOG_FUNC_RETURN 2018-12-06 09:26:42 +01:00
Frank Morgner 24b50a4277 replace sc_debug with sc_log 2018-12-06 09:26:42 +01:00
Frank Morgner cf55cdc637 replace SC_FUNC_CALLED with LOG_FUNC_CALLED 2018-12-06 09:26:42 +01:00
Frank Morgner b01ca2dcc9
added support for colors (#1534) 
because everyone loves colors
 2018-11-25 22:08:36 +01:00
Jakub Jelen fd2343f4a2 cac: Dump the data model number, which is useful for the capabilities detection 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
 2018-11-25 22:07:33 +01:00
Shahin Hajikhorasani 0fca7df33a Update reader-pcsc.c (#1537) 
Error handling extended in case of changing the card reader
 2018-11-25 22:05:35 +01:00
Frank Morgner ad83c2c5a9 use proper debug level for card matching 2018-11-20 12:48:58 +01:00
Hannu Honkanen aa8f666f46 Removed unnecessary spaces from framework-pkc15.c as requested. 
pkcs15: added explicit comparison when checking return value of sc_compare_oid() to make the logic more obvious.
 2018-11-20 11:52:54 +01:00
Hannu Honkanen 7f91b6e07f MyEID: add AES algorithms to tokenInfo as supported during init. It is better to do it already in init, because adding them in C_UnwrapKey operations would require SO-PIN which is inconvenient. 
pkcs15: added function to get a specific supported algorithm, checking also OID.
This is needed because for AES there are different OIDs for each key length.
 2018-11-20 11:52:54 +01:00
Steve Ross abdbb9d8c0 Enable CoolKey driver to handle 2048-bit keys. 
For a problem description, see <https://github.com/OpenSC/OpenSC/issues/1524>.
In a nutshell, for a card with the CoolKey applet and 2048-bit keys,
the command
	pkcs11-tool --test --login
fails to complete all of its tests.

This commit consists of a patch from @dengert.

To avoid triggering an error when the data exceeds 255 bytes, this commit
limits the amount of the payload sent to the CoolKey applet on the card based
on the maximum amount of data that the card can receive, and overhead bytes
(namely, a header and nonce) that accompany the payload.

With this change, the command
	pkcs11-tool --test --login
succeeds.
 2018-11-19 12:42:17 +01:00
Frank Morgner ee3fdc6938 fixed missing function stub 2018-11-13 15:50:17 +01:00
Frank Morgner 2cb6f9c94f fixed compilation without OpenSSL 
closes https://github.com/OpenSC/OpenSC/pull/1518
 2018-11-13 15:50:17 +01:00
Frank Morgner 027ccad439 allow specifying the size of OpenSSL secure memory 
... and set it for builds where we're linking OpenSSL statically (i.e.
Windows and macOS)

fixes https://github.com/OpenSC/OpenSC/issues/1515
 2018-11-13 15:50:17 +01:00
Andreas Kemnade eddea6f3c2 fix logic of send/recv sizes in config files 
- they are not set if
  SCardControl(card_handle, CM_IOCTL_GET_FEATURE_REQUEST, ...
  fails
- regarding max_send_size the logic is inverted
 2018-11-09 08:56:53 +01:00
Frank Morgner 1e7bb83659 CID 324485 (#1 of 2): Integer overflowed argument (INTEGER_OVERFLOW) 2018-11-06 15:53:17 +01:00
Frank Morgner 609095a4f4 CID 325860 (#1 of 1): Dereference before null check (REVERSE_INULL) 2018-11-06 15:53:17 +01:00
Frank Morgner 22c8204a2f Merge remote-tracking branch 'upstream/pr/1393' 
closes https://github.com/OpenSC/OpenSC/pull/1393
 2018-11-06 10:51:24 +01:00
Frank Morgner 13c7574510 PIV: less debugging 
- debugging pointers is useless in static log file
- removed double debugging of APDUs
 2018-11-06 01:42:41 +01:00
Jakub Jelen eaed345a76 Add missing header file to the tarball 2018-11-05 09:15:20 +01:00
Jakub Jelen 9342f8ad0a padding: Fix error checking in RSA-PSS 2018-11-05 09:15:20 +01:00
Jakub Jelen 7cced08a88 coolkey: Check return values from list initialization (coverity) 
>>>     CID 324484:  Error handling issues  (CHECKED_RETURN)
>>>     Calling "list_init" without checking return value (as is done elsewhere 8 out of 9 times).
 2018-11-05 09:15:20 +01:00
Jakub Jelen f276f7f8f4 coverity: Add allocation check 
*** CID 323588:  Uninitialized variables  (UNINIT)
/src/libopensc/sc.c: 873 in sc_mem_secure_alloc()
 2018-11-05 09:15:20 +01:00
Hannu Honkanen 351e0d2bd6 Merge remote-tracking branch 'upstream/master' into wrapping-rebased and resolve conflicts 2018-11-02 13:42:41 +02:00
Frank Morgner c70888f9ab allow compilation with --disable-shared 2018-11-01 00:17:22 +01:00
Frank Morgner 5c7b7bb0b1 fixed minor XCode documentation warnings 2018-11-01 00:17:22 +01:00
Hannu Honkanen f88419bc63 Removed pointless curly brackets 2018-10-31 10:36:50 +02:00
Hannu Honkanen 7bb53423a1 Code cleanup and minor corrections according to review. pkcs15-lib: Extractable keys are now marked as native. Check return value of check_key_compatibility in more explicit way to avoid misunderstandings. 2018-10-31 10:36:41 +02:00
Hannu Honkanen 90ec7123ba Corrections and code cleanup as requested in review. Changed value to void* in sc_sec_env_param_t, because param_type defines type of the value. Fixed handling of secret key length in framework-pkcs15 and pkcs15-lib: CKA_VALUE_LEN from PKCS#11 is in bytes, PKCS#15 objects need key length in bits. Rebased on top of upstream/master and resolved merge conflicts. 2018-10-31 10:27:03 +02:00
Hannu Honkanen ec297b618f sc_pkcs15_wrap: Fixed checking target key type. (checked partly from wrapping key) 2018-10-31 10:27:03 +02:00
Hannu Honkanen e636b64377 Fixed: Return OK by PKCS#11 convention if NULL out buffer is provided, when caller wants to query required buffer size. 2018-10-31 10:27:03 +02:00
Hannu Honkanen f2c041d290 card-myeid: Removed NULL out buffer assertion to allow caller to query required buffer size. 
mechanism.c: Bug fix to sc_pkcs11_wrap. Wrong operation was stopped in end of the function.
 2018-10-31 10:27:03 +02:00
Hannu Honkanen 287a63c704 Fixes to key wrapping and unwrapping code: Set IV correctly in symmetric unwrap. Correctly distinguish symmetric and asymmetric operation when building APDUs. Check CKA_TOKEN from the pkcs15 object in framework_pkcs15. Updated some comments. 2018-10-31 10:27:03 +02:00
Hannu Honkanen 861d8b308b Fixed myeid_unwrap with symmetric keys: set correct p2 and no padding indicator byte. 2018-10-31 10:27:03 +02:00
Hannu Honkanen eba75ead20 framework-pkcs15: set CKA_EXTRACTABLE into pkcs#15 secret key object's access flags when set. pkcs15-sec: Return needed buffer size correctly when an insufficient buffer is provided. 2018-10-31 10:27:03 +02:00
Hannu Honkanen c891ad2aad Fixed version check for key wrapping functionality. Return needed buffer size in myeid_wrap_key, if no buffer or too small buffer is provided. 2018-10-31 10:27:03 +02:00
Lars Silvén 6b8c284d3e Fixing pointer conversion that is invalid on some architectures. 2018-10-31 10:27:03 +02:00
Hannu Honkanen 550d4eb030 Small fixes to key wrapping and unwrapping. Handle target file ref using sc_sec_env_param type. Transmit initialization vector in symmetric key operations from PKCS#11 layer (mechanism param) to the card driver level, allow setting it in sc_set_security_env. 2018-10-31 10:27:03 +02:00
Hannu Honkanen 7454133272 Added flags to distinguish AES ECB and CBC modes. Added SC_ALGORIHM_UNDEFINED definition to be used with CKK_GENERIC_SECRET type keys. Added sc_sec_env_param type, which can be used to define additional parameters when settings security environment. This is now used for setting IV in symmetric crypto and target EF in key wrapping/unwrapping. 2018-10-31 10:24:19 +02:00
Hannu Honkanen a2156da044 Fix encoding of SC_ASN1_CHOICE entry "parameters" in c_asn1_algorithm_info. Format only the selected entry of the choice. 2018-10-31 10:24:19 +02:00
Hannu Honkanen ae5675ca22 Fixed MSE for unwrap operation. Fixed wrong P1 when formatting APDU in myeid_unwrap_key. 2018-10-31 10:24:19 +02:00
Hannu Honkanen aa814fd8e8 Implemented C_Wrap into PKCS#11 interface. Added support for wrapping and unwrapping with secret keys into framework-pkcs15.c and all the way to the card driver level. 2018-10-31 10:24:19 +02:00
Hannu Honkanen a9ee85452e Resolved a merge conflict. Included both changes manually. 2018-10-31 10:24:19 +02:00
Hannu Honkanen c217b254fc MyEID: Initial implementation of key wrapping and unwrapping operations, and the related additions to myeid_set_security_env. 2018-10-31 10:24:19 +02:00
Hannu Honkanen 1c09fa8a22 Handle AES algorithm. Doesn't set any flags, but check for AES is needed to avoid SC_ERROR_NOT_SUPPORTED. 2018-10-31 10:24:19 +02:00
Hannu Honkanen 7fc6c52f81 Set native=1 as default when decoding. Check supported algorithms and set PKCS#11 key type, if key supports AES. 2018-10-31 10:22:16 +02:00
Hannu Honkanen a10480d50e Continued implementation of unwrap: Creation of a target key object on card to receive an unwrapped key. Setting target key path in sc_security_env_t. 2018-10-31 10:22:16 +02:00
Hannu Honkanen 5f51d5d315 Added implementation of C_UnwrapKey all the way from PKCS#11 interface to the card driver level. 
Not yet complete, but can be run with CKA_TOKEN=FALSE set in the target object. Currently unwrapping emulated
with a decrypt operation in card-myeid.c. To be improved.
 2018-10-31 10:22:16 +02:00