Quoting from PKCS#11:
The CKA_ALWAYS_AUTHENTICATE attribute can be used to force re-authentication (i.e. force the user to provide a PIN) for each use of a private key. “Use” in this case means a cryptographic operation such as sign or decrypt. This attribute may only be set to CK_TRUE when CKA_PRIVATE is also CK_TRUE.
Re-authentication occurs by calling C_Login with userType set to CKU_CONTEXT_SPECIFIC immediately after a cryptographic operation using the key has been initiated (e.g. after C_SignInit).
Closes https://github.com/OpenSC/OpenSC/pull/1066
Calculating intrinsic key would probably be not wise, because
it would leak out information about the secret key. Try to
generate globally unique IDs just by using a random one.
- fixes decoding of SecretKeyAttributes
- adds support for algorithmReferences
- adds support for algIndependentKeys (PKCS#15 Generic keys)
- implements encoding of SKDF
- don't use private data on card matching
- instead, return 1 for every known ATR and only select the applet if the ATR is unknown.
- card initialization always selects the applet.
Advantage: decouples memeory management in matching from initializing the card.
Disadvantage: Applet is selected twice in case of an unknown ATR (once for matching and a second time for initializing the card).
Fixes https://github.com/OpenSC/OpenSC/issues/1042
- eac: allow CA without EF.CardSecurity
- sc-hsm: implemented CA based on document PKI
- sc-hsm: adds receive limit for SoC card
- introduces dedicated card type for SoC card
- md: integrate card's PIN pad capabilities
- installer: added SC-HSM SoC card to registry
- pkcs15-tool: Added support for PIN entry on card
- change/unblock PIN: add support for PIN entry on card
- added OpenPACE to macOS build
- travis-ci: install gengetopt/help2man via brew
- sc-hsm: Cache EF.C_DevAut
- sc-hsm: Prevent unnecessary applet selection and state resets
- sc-hsm: added support for session pin
- sc-hsm: avoid multiple AID selection
- sc-hsm: Use the information from match_card for all subsequent selections of the applet
- sc-hsm: cache optional files as empty files (Decoding the files will reveal that they were not existing prior caching. This avoids selecting the file though we have already tried to cache the file before.)
- use dedicated directory for CVC trust anchors
- appveyor: added OpenPACE to windows build
regression of 45a7ea9737075b5901fe7a5d65ed898733140315:
due to the change in the linkage, the symbols should be found in
opensc.dll instead of the static support libraries.
Add code to support OpenSSL initialization correctly when using OpenSSL-1.1
Tested with OpenSSL-1.1.0c and OpenSSL-1.1.0e.
Changes to be committed:
modified: src/tools/piv-tool.c
Communication defined by ISO/IEC 14443 is identical to T=1, so make
sure we connect in the right mode to the card so that the constructed
APDUs can be handled by the card.
CKA_SPKI is a vendor defined attribute to be used internally
as input to to OpenSSL d2i_PUBKEY
On branch verify-pubkey-as-spki-2
Changes to be committed:
modified: framework-pkcs15.c
modified: mechanism.c
modified: openssl.c
modified: pkcs11-opensc.h
OpenSC opennssl.c in sc_pkcs11_verify_data assumes that it can
retieve the CKA_VALUE for a public key object, and expect it to
be usable as RSA.
But internally sc_pkcs15_pubkey can have a "raw" or "spki"
version of the public key as defined by PKCS#15. Card drivers
or pkcs15-<card> routines may store either the "raw" or "spki"
versions. A get attribute request for CKA_VALUE for a public key
will return either the raw, spki or will derived rsa verison of the
pubkey.
This commit will test if the CKA_VALUE is a spki and use d2i_PUBKEY
which takes a spki version and returns an EVP_KEY. If it not an spki
the current method, d21_PublicKey(EVP_PKEY_RSA,...) is used which
only works for RSA.
The problem was found while testing pkcs11-tool -t -l where
the verify tests would fail with a CKR_GENERAL_ERROR because
the card driver stored the public key as a spki.
On branch verify-pubkey-as-spki-2
Changes to be committed:
modified: src/pkcs11/openssl.c
Date: Fri Apr 07 07:50:00 2017 -0600
- pcsc driver takes over all the functionality
- no dedicated reader driver config values for cardmod, use application
specific blocks to define a different behavior for the pcsc reader if
needed
- removes legacy code; requiring at least libpcsclite 1.6.5
Fixes https://github.com/OpenSC/OpenSC/issues/892
Keygen should write public keys with explicit CKA_PRIVATE=false by default (possibility to modify by --private switch)
Related to 4df35b92 discussing writing separate objects years ago.
* Set security context for CardOS 5.3 with p1=0x41 (as Coolkey does)
* Do not emulate signatures in CardOS 5.3
Remove the bogus SC_ALGORITHM_NEED_USAGE which prevents using the
actual implementation in cardos_compute_signature().
It might be bogus also in previous version, but I don't have a way
to verify against these cards.
* Do not advertise RSA-X-509 mechanism for CardOS 5.3 (card strips padding)
For testing RSA-X-509, we are generating random bytes for signing. It
may happen that the modulus is smaller than the random number
generated, which triggers an error in the card. With this change, we
are setting the most significant byte to 0x00 to assure the random
number is smaller than the modulus.
card-cac.c
* CLANG_WARNING: The left operand of '<' is a garbage value
card-coolkey.c
* CLANG_WARNING: overwriting variable
* CPPCHECK_WARNING: memory leak / overwrite variable
* CLANG_WARNING: null pointer dereference
* UNUSED_VALUE: unused return value
card-gids.c
* CLANG_WARNING: Branch condition evaluates to a garbage value
* SIZEOF_MISMATCH: suspicious_sizeof
card-myeid.c
* RESOURCE_LEAK: Variable "buf" going out of scope leaks the storage it points to.
* CLANG_WARNING: overwriting variable
* (rewrite not to confuse coverity)
pkcs15-cac.c
* RESOURCE_LEAK: Variable "cert_out" going out of scope leaks the storage it points to.
pkcs15-coolkey.c
* UNUSED_VALUE: unused return value
pkcs15-piv.c
* RESOURCE_LEAK: Variable "cert_out" going out of scope leaks the storage it points to.
pkcs15-sc-hsm.c
* DEADCODE
pkcs11/framework-pkcs15.c
* RESOURCE_LEAK: Variable "p15_cert" going out of scope leaks the storage it points to.
pkcs15init/pkcs15-lib.c
* CLANG_WARNING: Assigned value is garbage or undefined
pkcs15init/pkcs15-myeid.c
* UNREACHABLE: Probably wrong placement of code block
tests/p15dump.c
* IDENTICAL_BRANCHES
pkcs15-init.c
* CLANG_WARNING: Potential leak of memory pointed to by 'args.der_encoded.value'
pkcs15-tool.c
* RESOURCE_LEAK: Variable "cert" going out of scope leaks the storage it points to.
* MISSING_BREAK: The above case falls through to this one.
sc-hsm-tool.c
* CLANG_WARNING: Potential leak of memory pointed to by 'sp'
westcos-tool.c
* FORWARD_NULL: Passing null pointer "pin" to "unlock_pin", which dereferences it.
* (rewrite not to confuse coverity)
card-cac.c
* Avoid malloc with 0 argument
gids-tool.c
* FORWARD_NULL -- copy&paste error
scconf.c
* CLANG_WARNING: Call to 'malloc' has an allocation size of 0 bytes
closes#982
According to minidriver specs CardReadFile() method output parameters are
optional so don't return SCARD_E_INVALID_PARAMETER when they are NULL.
Also, use this opportunity to walk through this function helpers to make
sure they correctly return error status.
Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
According to minidriver specs CardGetChallenge() method parameters
are purely for output and do not have a meaning of requested challenge
length, so remove a misleading log line.
There is also no need to have a special case for pcbChallengeData being
NULL since in this case the function would have exited early anyway with
SCARD_E_INVALID_PARAMETER (also, it was just dereferenced in the previous
code line).
Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
Since last commit GCC warns us about problems with format strings and their
arguments in minidriver, so let's fix these warnings just as we did in rest
of the OpenSC code.
Most of these warnings were about DWORDs being printed as ints, there were
also some format directives and size_t size specifiers missing and various
misc format / parameter disagreements.
Attempt was made to keep log strings as-is, only the most obvious typos
were fixed.
Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
Commit "Add GCC format checking attributes to log functions" added format
and parameter checking to OpenSC log functions.
Minidriver, however, logs most of its output via a dedicated log function,
so this function needs such attributes, too.
Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
Mingw currently links to msvcrt.dll as C runtime.
This library is documented by Microsoft as off-limits to applications and
its feature set vary between Windows versions.
Due to this, presence of particular printf() format string directives
depends on which Windows version the code is run.
This is, naturally, bad, so mingw developers introduced ability to replace
formatted output functions with built-in equivalents with defined feature
set by setting "__USE_MINGW_ANSI_STDIO" macro to 1.
There are, however, no built-in equivalents for "_s" suffixed functions.
Fortunately, they are used only a few times in minidriver so let's simply
replace them with equivalent code using standard functions.
This also allows skipping "MINGW_HAS_SECURE_API" macro definition so any
future uses will be caught by compiler.
Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
Looks like Travis CI build server found a few cases of log function format
string not being a string literal (now that log functions have necessary
attributes to check for such things).
Some instances clearly aren't a real problem, but to be future-proof and to
avoid compiler warnings let's fix all of them (that I was able to find in
code).
Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
Since "Add GCC format checking attributes to log functions" commit GCC
warns us about problems with format strings and their arguments provided
to OpenSC message logging functions.
This commit fixes all cases where GCC warned about incorrect format on
64-bit Linux, 32-bit and 64-bit mingw builds (with SM and OpenSSL enabled).
Well, almost all since on mingw GCC does not recognize "ll" size specifier
(present at least since Visual Studio 2005, also in mingw own CRT) so these
(few) warnings about it remain.
In most cases format size specifier for size_t type was missing (usually
size was left at default int level, with is different on 64-bit x86).
Some formats had too few / too many arguments.
In some cases pointers were printed as integers.
Some long variables were missing "l" prefix (especially with regard to %x
format).
Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
GCC can check format and parameter correctness in printf()-like functions
for us so let's add necessary attributes to our log functions to emit a
warning where their way of being called is likely in need to be inspected
for correctness.
Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
Minidriver currently has basic support for unblocking card PIN by providing
PUK as an administrator password to CardUnblockPin() function.
However, this doesn't work for example when trying to unblock PIN via
system smartcard PIN unblock screen accessible after pressing Ctrl+Alt+Del
as it wants to use challenge / response authentication.
MS Smart Card Minidriver specification (version 7.07) explicitly says that
challenge / response is the only authentication mode that Windows uses to
authenticate an administrator.
Unfortunately, this way of unblocking PIN seems to not be widely supported
by cards.
However, we can simply treat the provided response to challenge as PUK.
Because (at least) Ctrl+Alt+Del PIN unblock screen accepts only hex string,
every PUK digit X has to be input as '3X' (without quotes) there.
Also the response string is not hidden behind asterisks on this screen as
it should been.
Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
Minidriver contained a hack since commit 7ef766b785 in 2010 to print to
debug file directly under mingw (instead of using normal OpenSC logging
system), as there was problem with "%S" format specifier then.
However, on recent mingw versions "%S" format works fine so let's remove
this hack.
Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
Some of existing code prints pointer differences, but without taking into
account that printf length modifier required for this differs between
systems.
Add SC_FORMAT_LEN_PTRDIFF_T macro for this, just as we have for size_t
variables.
Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
Add "--reset" parameter with optional argument to opensc-tool which
resets a card in reader. Both cold or warm resets are possible
(cold is default).
Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
C_OpenSession() creates a long int session handle from address of allocated
session struct, however it has to be taken into consideration that on Win64
long int is still 32-bit, so the address is going to be truncated and
because of that not guaranteed to be unique.
Add session handle uniqueness check to catch when there is already a
session with the same handle present.
This also fixes a warning when building on 64-bit mingw.
Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
This commit fixes most of warnings shown by GCC on 64-bit Linux, 32-bit and
64-bit mingw builds (with SM and OpenSSL enabled).
These warnings were mostly caused by missing casts.
In minidriver there was also a bit of unused variables and dead code.
Remaining warnings on mingw are mostly caused by GCC not recognizing on
this platform "ll" size specifier (present at least since
Visual Studio 2005, also in mingw own CRT) and "z" size specifier (this one
will be fixed in next commits).
There is also a warning about pointer truncation on Win64 when making
PKCS#11 object handle from pointer to this object.
This is a legitimate warning, since it could result in the same handles
being generated from different pointers and so from different objects.
Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
Currently, minidriver build is broken on mingw. Let's make it work again.
For this, include adapted cardmod-mingw-compat.h with few function argument
decorations from Alon Bar-Lev's old build repository to make mingw build
almost self-contained - still requires cardmod.h from CNG, however.
Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
OpenSC used SUSv3 "z" printf length modifier for printing size_t variables,
however this modifier is not available on Windows ("I" must be used
instead), at least for now.
Introduce SC_FORMAT_LEN_SIZE_T define for that purpose and convert existing
code to use it when printing size_t variables.
This define can't go into libopensc/internal.h since tools use it, too.
Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
sc_pkcs15_unblock_pin() in libopensc/pkcs15-pin.c wants to associate PIN
to be unblocked with its PUK to check, for example, whether provided PUK
conforms to its policy.
When this function is not able to find a relevant PUK is uses policy for
PIN to be unblocked instead to check provided PUK which causes problems if
PIN and PUK policies differ.
Set PIN-PUK association for cards where it was unset and where this
association was either obvious, described in code or specs or provided
by the community.
Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
* pkcs11-tool: Add feature to get random data.
Getting random data is an essential part of the PKCS11 API.
This patch provides a new command line parameter to get
random data from the pkcs11-tool.
Tested with a Yubikey (PIV applet) and the following command line:
$ pkcs11-tool --slot=0 --generate-random=128 | hexdump -C
00000000 0c 35 85 2e 85 68 ab ce e8 56 b3 f6 f3 33 e6 37 |.5...h...V...3.7|
00000010 12 10 eb fd 8a 1e 75 b7 3f 4d fa 61 8f ab d8 bf |......u.?M.a....|
00000020 f7 2c 7d ba 07 a5 45 6e a7 85 1c 47 3b 46 01 2c |.,}...En...G;F.,|
00000030 79 18 6e 51 4d c4 ae 20 37 37 1d 7b 7e b0 d5 18 |y.nQM.. 77.{~...|
00000040 ef a4 3c 09 91 68 db dd 2a a8 fc b9 34 06 2a ee |..<..h..*...4.*.|
00000050 5a 86 55 54 11 1f ef 4e 07 73 79 27 0a e4 58 cf |Z.UT...N.sy'..X.|
00000060 f4 bd bc 2f ad 27 b1 a7 a4 fa c7 1a 7b 31 de a3 |.../.'......{1..|
00000070 e8 dc 85 28 18 82 00 45 3c f8 eb 48 a4 20 e4 3b |...(...E<..H. .;|
00000080
Signed-off-by: Christoph Müllner <christophm30@gmail.com>
* pkcs11-tool: Add documenation for --generate-random.
Signed-off-by: Christoph Müllner <christophm30@gmail.com>
As defined in BSI TR-03119 to issue SCardTransmit (with Uses
Pseudo-APDU) instead of SCardControl (with FEATURE_VERIFY_PIN_DIRECT).
It allows using a very basic PC/SC reader driver without special support
for PIN verification or modification (such as the default CCID driver on
Windows).
Also gets IFD vendor information via escape commands.
PC/SC's Get Uid command is now only triggered if enable_escape = true;
was set by the user to allow disabling wrapped commands on broken
readers (see https://github.com/OpenSC/OpenSC/issues/810)
(Imported libcardnpa from https://github.com/frankmorgner/vsmartcard)
- Added generic SM implementation of ISO/IEC 7816-8
- Added implementation of extended access control as defined by
- BSI TR-03110
- ICAO Doc 9303
- ISO/IEC 7501
- Added tool for German ID card (and other EAC tokens)
- renamed folder libsm to sm
The old code only support encrypted communication for ePass2003 USB PKI
Token, now add plaintext communication support, the code now can using
ePass2003 USB PKI Token and ePass2003 PKI applet with java card.
The last mask code has issue, cannot show the OEM ID and SN, not modify
it. the rule made by Feitian only.
* Includes adding support for parsing extensions from a certificate.
* Move lebytes2ushort() to related functions in internals.h
* Adds Simple TLV related functions
The test_signature routine reuses data array and fails to reset data[0] = 0
when creating a PKCS hash to be pased to OpenSSL.
Date: Mon Feb 13 11:48:00 2017 -0600
On branch pkcs11-tool-pkcs
Changes to be committed:
modified: tools/pkcs11-tool.c
* pteid: remove OID setting for data objects as they are not defined for this token
Signed-off-by: Nuno Goncalves <nunojpg@gmail.com>
* pteid: order data objects code list by address and rename new objects
The ICAO MRTD specification defines the Security Object Document
abreviation as SOd and not SOD. This is a breaking change since
the labels are case sensitive, but this object was not yet available
on the last stable release.
Trace is also not a acronym or abreviation, so it should be defined with
normal casing. Also a breaking change and also acceptable because it is
unstable code only.
Signed-off-by: Nuno Goncalves <nunojpg@gmail.com>
_validate_pin was not being called at all during a PIN verification.
After this tools report correctly when the PIN length is invalid, even on pkcs11 layer.
Signed-off-by: Nuno Goncalves <nunojpg@gmail.com>
Authentication might not be required (from pkcs11 side) when
pin cache is used. This can't happen if a pinpad is used.
We were already checking for CKA_ALWAYS_AUTHENTICATE (user_consent),
now also check for CKF_PROTECTED_AUTHENTICATION_PATH (pinpad).
Also encapsulate logic in a function and provide additional checks for
redundant authentication attempts.
Signed-off-by: Nuno Goncalves <nunojpg@gmail.com>
* Use cm_ctx instead of a custom cwa struct. Get rid of sc_reset.
* Use ifd.sn and icc.sn from sm_cwa_session struct too
* Minor typo with sizeof
closes https://github.com/OpenSC/OpenSC/issues/930
* pkcs15-init,pkcs15-tool: reword --no-prompt to --use-pinpad (close#944)
Wording was confusing for a novice user. Old option is mantained as an alias,
but will print to stderr a deprecation warning.
Deprecation related code is all marked with deprecated word to easy future removal.
Signed-off-by: Nuno Goncalves <nunojpg@gmail.com>
* pkcs15-init,pkcs15-tool: document --use-pinpad
Signed-off-by: Nuno Goncalves <nunojpg@gmail.com>
... as required by PKCS#11 2.30, if the application doesn't call
`C_GetSlotList` with `NULL`.
Fixes ghost tokens in Firefox when detaching a reader that contained a
card.
Fixes https://github.com/OpenSC/OpenSC/issues/629
This brings --read-data-object behavior in line with
--read-certificate, which only print the object to
stdout if no output file is given.
Signed-off-by: Nuno Goncalves <nunojpg@gmail.com>
Issue #824
In Windows, file handles (including 'stderr', 'stdout') can not be shared
between DLL-s, and so, the log handle (File *), defined in one module, cannot
be reused in another.
That is the situation when, for example, the SM is processed
in external, dynamically loadable module as it currently implemented for
IAS/ECC card.
That's for the configuration option 're-open of log file on each message' was
introduced.
This 're-open' logic has not been tested in the particular case of opensc-*
tools used with verbose log into 'stderr' -- in dynamically loaded module the
'stderr' handle, defined in the 'main' module, was not recognized as 'stderr'
and there was an attempt to close it.
closes#910
* Add configure-time dependency on pcsclite (required version from comments in reader-pcsc.c)
* The functionality is already supported in PCSC-Lite
* For older PCSC-Lite versions still return CKR_FUNCTION_NOT_SUPPORTED
# closes#899
if no extensions are found, val was uninitialized.
If multiple extensions, val was not freed for non interestinf extensions.
COmments dind not have valid OID values.
On branch piv-keyusage
Changes to be committed:
modified: pkcs15-cert.c
# VTA: closes#905
This mod is for non federal issued PIV cards. It will set PKCS#11 key attributes
based on the keyUsage extension from the coresponding certificates.
This mod applies to a PIV or PIV-like card without a CHUID or without a FASC-N
or a FASC-N that startes with 9999. A federal issued PIV card will have a CHUID
object with FASC-N that does not have the agency code 9999.
If the certificate does not have keyUsage,the current defaults will be used.
This avoids backword compatability issues with cards in the field.
To take advantage of this mod, make sure certificates have keyUsage extension.
This mod applies to all keys on the card including retiered keys.
The NIST 800-73 standards specify the key usage for each key and different keys
have different PIN requirements. This mod is designed to be used with PIV-like
cards or devices.
On branch piv-keyusage
Changes to be committed:
modified: src/libopensc/pkcs15-piv.c
# squashed by VTA with:
Remove use of llu in integer literal
llu in literals is not supported in all compilers.
let the compiler expand the literal befor doing the & opetation
PKCS#11 v2.20 in not clear on the format of the public key of the other party
pased during ECDH key derivation. Some implementations (OpenSC) pass just the value
of the public key (RAW), while others (SoftHSM) pass an ASN.1 DER encoded OCTET_STRING.
PKCS$11 v2.40 points out this problem and says implementations must support the
RAW format and may also support the DER format.
To allow pkcs11-tool.c to work with ECDH derivation and using the current libSoftHSM2.so
a new parameter was added to pkcs11-tool, --derive-pass-der.
Also added to teh template fot the new key were:
CKA_SENSITIVE = false
CKA_EXTRACTABLE = true
CKA_VALUE_LEN = size of key to be derived.
OpenSC currently only support derivation of ECDH session keys, (CKA_TOKEN = false)
The derived key must be CK_KEY_TYPE = CKK_GENERIC_SECRET
Additional changes could be made to support AES or DES3 keys.
It is not clear if there is a need to support CKA_TOKEN = true which says the
derived key must be on the hardware token. For ECDH, these keys are short lived.
On branch pkcs11-tool-simple-ecdh
Changes to be committed:
modified: src/tools/pkcs11-tool.c
This implementation reads most of the data from the pkcs15 structure on card, so the objects list are greatly reduced.
This improves several pending issues:
* drop support for IAS card type
In accordance to [1] IAS card type is no longer issued since version
004.003.11 (2010-06-15) and as a legal requirement all documents have
been destroyed or declared lost.
[1] https://www.cartaodecidadao.pt/documentos/DOC_01-DCM-15_V3_CC_Controlo_Versao_2016-01-20.pdf
* fix pteid_cert_ids
The Signature and Authentication Sub CA certificates ids were wrong.
* add objects and fix flags
Add Root CA certificate.
Add data objects SOD and TRACe
Data object 'Citizen Notepad' doesn't require login to be read. Remove flags.
* Support PIN max tries and tries left report
* Properly report cards with 2048b keys.
Suggested-by: João Poupino <joao.poupino@gmail.com>
Suggested-by: André Guerreiro <andre.guerreiro@caixamagica.pt>
Signed-off-by: Nuno Goncalves <nunojpg@gmail.com>
-- closes#806
GemsafeV1 is compatible with iso7816 pin commands, including
SC_PIN_CMD_GET_INFO so it doesn't need to customize it.
Acked-by: João Poupino <joao.poupino@gmail.com>
Tested-by: Lukas Wunner <lukas@wunner.de>
Signed-off-by: Nuno Goncalves <nunojpg@gmail.com>
Remove restrictions in prkey_fixup_rsa:
/* Not thread safe, but much better than a memory leak */
/* TODO put on stack, or allocate and clear and then free */
Compute dmp1, dmp1 and/or iqmp if not in sc_pkcs15_prkey_rsa
Remove the GETBN macro that was causing problems.
Changes to be committed:
modified: src/pkcs15init/pkcs15-lib.c
-- closes#894
Author: Robert Relyea <rrelyea@redhat.com>
Coolkey driver improvements:
* Remove hardcoded list and use SimCList
* Whitespace cleanup
* Remove bogus if
* drop inline keywords
* proper path to include sys/types.h
* full name of ushort type
* condition to use compression
* proper include path
* Resolve template name conflict in Tokend
Clean up the copyright headers
-- rebased into one commit by VTA
-- closes#896
pkcs15-tool.c:1201:5: warning: no previous prototype for ‘unlink_cb’ [-Wmissing-prototypes]
int unlink_cb(const char *fpath, const struct stat *sb, int typeflag, struct FTW *ftwbuf)
^~~~~~~~~
OpenSSL header files are used indirectly by the binaries.
Fix the compilation error:
CC base64.o
In file included from base64.c:6:
In file included from ../../src/libopensc/asn1.h:29:
In file included from ../../src/libopensc/pkcs15.h:29:
In file included from ../../src/libopensc/aux-data.h:31:
In file included from ../../src/libopensc/internal.h:44:
../../src/libopensc/sc-ossl-compat.h:30:10: fatal error: 'openssl/opensslv.h'
file not found
^
1 error generated.
1. Solved multiple epss2003
2. check expats point to prevent memory leak
3. Add new ATR for entersafe PKI card
4. declare all variables at the beginning of block
5. Solved Incorrect PIN raise wrong CKR error, no token flags change
Closes https://github.com/OpenSC/OpenSC/pull/879
This commit is based on input from https://github.com/lbschenkel
LibreSSL is based on OpenSSL 1.0.1. API.
Changes to be committed:
modified: libopensc/sc-ossl-compat.h
modified: tools/pkcs11-tool.c
modified: tools/pkcs15-init.c
modified: tools/sc-hsm-tool.c
OpenSSL-1.1.0 was released 8/25/2016
OpenSSL-1.1.0a was released 9/22/2016
https://www.openssl.org/news/openssl-1.1.0-notes.html
Changes to allow the OpenSC code base to work with OpenSSL versions from
0.9.7 to 1.1.0 with few changes.
This is an update and rebased version of my prep-openssl-1.1.0-pre6 branch.
No attempt was made to back port any OpenSSL features. These changes
just allow an updated OpenSC code base to use what is in the various OpenSSL
releases.
A new header libopensc/sc-ossl-compat.h contains extra defines
to reduce the need for so many #if OPENSSL_VERSION_NUMBER statements
in the source code.
The OpenSC source can now use the OpenSSL 1.1 API. The libopensc/sc-ossl-compat.h
has defines for the new API for use with older versions of OpenSSL.
sc-ossl-compat.h is included by libopensc/internal.h so all OpenSC
library routines can take advantage of it. For the tools, which do not use
libopensc/internal.h, libopensc/sc-ossl-compat.h is included by the tools.
The OpenSC source has been modified to use OpenSSL functions to access
hidden structures, such X509, BIGNUM, EVP_CIPHER_CTX, and use XXX_new
functions to allocate structures which must use pointer such as
BIGNUM and EVP_CIPHER_CTX.
For backward compatability sc-ossl-compat.h now defines inline routines
to emulate the RSA and DSA access routines in OpenSSL-1.1.0. Thus
the same OpenSC source code can be used with openSSL versions from
0.9.7 to 1.1.0.
Inline routines were chosen, because using macros does not work on all platforms.
Having OpenSC versions of these routines in libopensc would be a posibility,
but they are only used for older version of OpenSSL, and could be removed in
the future.
Changes to be committed:
modified: src/libopensc/card-entersafe.c
modified: src/libopensc/card-epass2003.c
modified: src/libopensc/card-gids.c
modified: src/libopensc/card-gpk.c
modified: src/libopensc/card-oberthur.c
modified: src/libopensc/card-piv.c
modified: src/libopensc/card-westcos.c
modified: src/libopensc/cwa-dnie.c
modified: src/libopensc/cwa14890.c
modified: src/libopensc/internal.h
modified: src/libopensc/p15card-helper.c
modified: src/libopensc/pkcs15-itacns.c
modified: src/libopensc/pkcs15-prkey.c
modified: src/libopensc/pkcs15-pubkey.c
new file: src/libopensc/sc-ossl-compat.h
modified: src/pkcs11/openssl.c
modified: src/pkcs15init/pkcs15-lib.c
modified: src/pkcs15init/pkcs15-oberthur-awp.c
modified: src/pkcs15init/pkcs15-oberthur.c
modified: src/pkcs15init/pkcs15-oberthur.h
modified: src/pkcs15init/pkcs15-westcos.c
modified: src/tools/cryptoflex-tool.c
modified: src/tools/gids-tool.c
modified: src/tools/netkey-tool.c
modified: src/tools/piv-tool.c
modified: src/tools/pkcs11-tool.c
modified: src/tools/pkcs15-init.c
modified: src/tools/sc-hsm-tool.c
modified: src/tools/westcos-tool.c
Commit 2f10de4f5c ("use sc_pkcs15_get_pin_info in C_GetTokenInfo")
introduced dependency of logged in state returned for session
by C_GetTokenInfo() on logged_in field of that session slot PIN.
This field is updated by sending pin_cmd of type SC_PIN_CMD_GET_INFO to
card.
However, not all cards support such pin_cmd type (in fact, majority of
them don't). In this case logged_in field is usually left zero-initialized
which means SC_PIN_STATE_LOGGED_OUT.
With such logged_in field value C_GetTokenInfo() always returns
CKS_R{O,W}_PUBLIC_SESSION, instead of CKS_R{O,W}_USER_FUNCTIONS when
logged in.
At least Firefox (and probably other NSS-based software, too) is confused
by such value and keeps repeating PIN prompts a few times until it
ultimately considers that logging in to this slot has failed.
Fix this by initializing PIN logged_in field to SC_PIN_STATE_UNKNOWN for
cards that do not support SC_PIN_CMD_GET_INFO pin_cmd.
Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
"CHANGE REFERENCE DATA" (PIN change) and "RESET RETRY COUNTER"
(PIN unblock) commands in OpenPGP card have various limitations.
These also depend on whether the card is version 1.x or 2.x.
Provide helpful debug messages for user in case he is trying to do
a PIN command in a way that isn't supported by the card.
Also, take into account that version 2.x cards don't support references to
PW1-mode 2 (82) in these commands - change them to PW1 (81).
Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
According to descriptions of commands "PSO: COMPUTE DIGITAL SIGNATURE",
"PSO: DECIPHER" and "INTERNAL AUTHENTICATE" in OpenPGP card spec (versions
1.1 and 2.1.1) the card adds / strips and checks PKCS#1 padding
automatically.
There is no documented way to perform raw RSA operations on this card so
SC_ALGORITHM_RSA_RAW flag shouldn't be set.
Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
_get_auth_object_by_name() in pkcs11/framework-pkcs15.c needs user PIN
to be the first one and then next one can be signature PIN, but OpenPGP
card had it reversed.
Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
The code attempted to handle extensions assuming extensions were ordered. The
only extension it handled was crl's, but the handling was wrong and I didn't
find any actual use of the crl code. I've changed it to cache all the extensions
and then provided accessors functions to read a specific extension. I needed this
to read the key Usage, but the extension fetching code can work with any extension
(though the caller will need to parse the result. I also added code that parses DN
and returns a specifically requested DN component. I needed this to get the Common
Name for the certificate Subject. This gives the token a 'unique' name rather than
some generic name (like CAC-I or CAC-II). Both of these can be used to enhance the
piv support as well.
rebased by VTA
Closes#852
When sc_lock obtains a reader lock this function is called
If the card was reset the PIV AID is seletcted and logged_in is reset.
This is need for some PIV cards where the default AID is not the PIV AID
and some other process has reset the card.
closes#842
Add card_reader_lock_obtained function to sc_card_operations
During sc_lock, if card->reader->ops->lock is called, card->ops->card_reader_lock_obtained will be called.
If PCSC is being used as the reader driver, this occures just after pcsc_lock has done a SCardBeginTransaction
and our process has exclusive control over the card. The card driver can then determine if the state of the
card has changed, and take action to get the card into an acceptable state.
If card->reader->ops->lock returns SC_ERROR_CARD_RESET, indicating some other process has interefered
with the state of the card. was_reset=1 is passed to card->ops->card_reader_lock_obtained.
Some examples of actions that could be done by the card driver is to select the AID and reset logged_in.
Currently the card driver is not notified. So no default card_reader_lock_obtained is defined in iso7816.c
After card reset detected, run SM open under new transaction
Before trying to reestablish SM session or onte code that may
need to use a transaction, get the transaction that will be
used by the caller od sc_lock.
closes#837
PIN cache is not updated when PIN is verified using the PIN value from cache.
That's the case of validating PIN in 'revalidate' context.
Few source format fixes included
closes#805
A sleep(1) is added after SCARD_W_CARD_RESET as done in other parts of reader-pcsc.c
Extra debugging messages are output.
SCard routines return "LONG" which may be different then "long" on some systems
were "LONG" is 32 bits and "long" is 64 bits.
Make sure printf format of 0x%08lx has a matching "long" input variable.
This closes#816
Not all PIV cards follow the NIST 800-73-3 standard. This commit is designed to address some
of the issues. OpenSC developers don't have access to all the different versions of devices
or access to release notes for the devices to see when a bug was introduced and when it is fixed.
To make OpenSC code changes easier, the code is divided into four sections:
(1) Identify the card/token as best possible by looking at the "Historical bytes" in the ATR.
For the Yubico devices read their version number and log it via sc_debug.
(2) Define the card_issues CI_* defines in card-piv.c. There are 8 of them at the moment.
See below.
(3) based on the card->type and possibly Yubico version set the priv->card_issues flags that
apply to current card or device.
(4) Implement in the code changes needed for each issue.
Other issues can be added. As more info is obtained (3) can be updated using the version
number as needed.
The card issues are:
CI_VERIFY_630X - VERIFY "tries left" returns 630X rather then 63CX
CI_VERIFY_LC0_FAIL - VERIFY Lc=0 never returns 90 00 if PIN not needed. Will also test after
first PIN verify if protected object can be used instead
CI_CANT_USE_GETDATA_FOR_STATE - No object to test verification in place of VERIFY Lc=0
CI_LEAKS_FILE_NOT_FOUND - GET DATA of empty object returns 6A 82 even if PIN not verified
CI_OTHER_AID_LOSE_STATE - Other drivers match routines may reset our security state and lose AID
CI_NFC_EXPOSE_TOO_MUCH - PIN, crypto and objects exposed over NFS in violation of 800-73-3
CI_NO_RSA2048 - does not have RSA 2048
CI_NO_EC384 - does not have EC 384
The piv_card_match and piv_init interactions were cleaned up.
Changes to be committed:
modified: card-piv.c
modified: cards.h
- IAS/ECC has the category indicator byte in EF.ATR, which is a
violation of ISO 7816-4, where it is only allowed in the historical
bytes of ATR. Removing the IAS/ECC specific modification of EF.ATR
allows reading ISO complient EF.ATR again.
- IAS/ECC parsing should still be successfull. We now always try to
check for ISO7816_TAG_II_STATUS_SW ignoring the category indicator
byte
introduced paramter to signal back the login state
- used for the pin command SC_PIN_CMD_GET_INFO
- implemented in accordance to ISO 7816-4; all other implementations
are currently set to an unknown login state
implemented and exporeted sc_pkcs15_get_pin_info
use sc_pkcs15_get_pin_info in C_GetTokenInfo
C_GetSessionInfo: Check whether a logout was done
Closes https://github.com/OpenSC/OpenSC/pull/624
rebased by @viktorTarasov
`sm_incr_ssc` performed an out of bounds write when `ssc` is bigger than
255. The local variable `ii` needs to be decremented instead of
incremented in the `for`-loop.
This was introduced in d30cd83a, wheras The previous implementation did
actually decrement `ii`, see d30cd83ad4
Fixes https://github.com/OpenSC/OpenSC/issues/785
========================================
rebased by VTA -- commits are forged to one,
excluding the following chunk
(reason -- if not explicitely indicated, the mechanism has to be found out using the mechanism flags):
@@ -1713,8 +1713,9 @@ static int gen_keypair(CK_SLOT_ID slot, CK_SESSION_HANDLE session,
int ii;
if (!opt_mechanism_used)
+ opt_mechanism = CKM_EC_KEY_PAIR_GEN;
if (!find_mechanism(slot, CKF_GENERATE_KEY_PAIR, mtypes, mtypes_num, &opt_mechanism))
- util_fatal("Generate EC key mechanism not supported\n");
+ util_warn("Generate EC key mechanism not listed as supported");
for (ii=0; ec_curve_infos[ii].name; ii++) {
if (!strcmp(ec_curve_infos[ii].name, type + 3))
will close PR #747
Based on the paragraph from PKCS#11 MECHANISMS V2.30: 6.3.1 EC Signatures:
If the length of the hash value is larger than the bit length of n, only
the leftmost bits of the hash up to the length of n will be used. Any
truncation is done by the token.
This is affecting NIST PIV Test cards with non-hashed mechanisms.
@mouse07410 has asked for it in
https://github.com/OpenSC/OpenSC/issues/688#issuecomment-219433611
VTA: I do not see the difference (if the other arguments are properly used),
but assume that @mouse07410 has it's own valid reasons
Also included the few coding style touches.
Avoid having problems with sc_hex_to_bin when called from sc_pkcs15_format_id
both for id and auth_id numbers
Changes to be committed:
modified: pkcs15-piv.c
default values of reader's max send/receive sizes correspond to only short APDU supported;
these values can be overwritten by reader itself with the proper value of dwMaxAPDUDataSize from TLV properties,
or with the corresponding options in OpenSC configuration.
resolves issue #735
This is a cleaner fix for #720 which take part of #721 and #730
A driver private struct is used which allow to remove all globals which might changed base on the token in use.
With very long labels it is unable identify which PIN Firefox is asking.
PKCS11 label is 32 char's and it gets truncated.
Current format "LABEL (PIN1)"
New format "PIN1: LABEL"
simclist.h is changed to either accept a predefined inline and/or
predefined restrict macro or tests for known compilers and sets
simclist_inline and simclist_restrict with the approprate keyword
for the compiler being used or defines them as blank.
The logic used is based on code in OpenSSL-1.1 e_os2.h
For example, "configure" could define inline and/or restrict.
But OpenSC is built on other platforms without a config.h and thus
changes to simclist.h are still needed.
simclist.c is changed by replacing inline with simclist_inline
and restrict with simclist_restrict.
The one and only use of inline in card-dnie.c is removed as there
is no need to have the function inline. This avoids any inline issues.
If inline is needed in other OpenSC code or in card-dnie.c,
simclist_inline could be used.
(Another option is to just remove all inline and restrict keywords
from OpenSC code.)
Changes to be committed:
modified: src/common/simclist.c
modified: src/common/simclist.h
modified: src/libopensc/card-dnie.c
3 bytes is the size of SC_ASN1_TAG_MASK used when composing
the asn1 templates with 'struct sc_asn1_entry'.
With this limitation maximal supported ASN.1 tag number is 2^^14-1 .
Fixed 'dead-code' coverity-scan issue.
Close#707
sm-card-iasecc.c: In function ‘sm_iasecc_get_apdu_delete_file’:
sm-card-iasecc.c:188:25: error: cast from pointer to integer of different size [-Werror=pointer-to-int-cast]
unsigned int file_id = (unsigned int)sm_info->cmd_data;
^
iasecc-sm.c:697:22: warning: cast to 'void *' from smaller integer type
'unsigned int' [-Wint-to-void-pointer-cast]
sm_info->cmd_data = (void *)file_id;
^
der-pcsc.c:1101:11: warning: comparison of integers of different signs:
'LONG' (aka 'int') and 'unsigned int' [-Wsign-compare]
if (rv == SCARD_E_NO_SERVICE) {
~~ ^ ~~~~~~~~~~~~~~~~~~
pkcs11-spy.c:259:49: warning: format specifies type 'long' but the argument has
type 'int' [-Wformat]
fprintf(spy_output, "%s.%03ld\n", time_string, tv.tv_usec / 1000);
~~~~~ ^~~~~~~~~~~~~~~~~
%03d
penpgp-tool.c:367:9: warning: comparison of integers of different signs: 'int'
and 'unsigned int' [-Wsign-compare]
if (r != count) {
~ ^ ~~~~~
Remove 3 casts
Add 1 cast
Fix a format problem
opensc-explorer.c:1727:8: warning: comparison of integers of different signs:
'int' and 'size_t' (aka 'unsigned long') [-Wsign-compare]
if(r > len) {
~ ^ ~~~
log.c:94:87: warning: format specifies type 'long' but the argument has type
'int' [-Wformat]
...%03ld ", (unsigned long)pthread_self(), time_string, tv.tv_usec / 1000);
~~~~~ ^~~~~~~~~~~~~~~~~
%03d
Simplify create tokens rules, no need to manipulate applications in
'pkcs11' configuration part,
applications can be enabled/disabled on the 'pkcs15' one.
Fix the possibility to expose only 'sign' PIN
The EPO hands this card out to attorneys and inventors to authenticate
with their online services. The applet on the card seems to be identical
to the one on Swedish eID cards.
Ludovic Rousseau's list identifies the card as Gemalto IDClassic 340.
Gemalto Classic Client identifies the card as GemSAFE V3.
Previously the EPO was using a GemSAFE V1 card, its ATR was added with
81bbddfc24 ("card-gemsafeV1: Add a GemSafe V1 ATR").
Add new PKI Card ATR into OpenSC support, all of these ATR using same
PKI Applet. and the ATR/JAVA CARD is provided by Feitian.
More information, please check www.javacardos.com
Fixes a memory leak in `entersafe_select_fid`
Closes https://github.com/OpenSC/OpenSC/pull/625
Make universal mask for choose input format from PEM or DER.
Input file at PEM may be contain at start:
"-----BEGIN RSA PRIVATE KEY-----"
or
"-----BEGIN PRIVATE KEY-----"
Make universal properties at RSF-files. Additional Miller-Rabin tests
aren't needed for 'Rutoken ECP' and for 'Rutoken ECP 2.0'
fixes https://github.com/OpenSC/OpenSC/issues/648 :
'Incorrect parameters in APDU' at 'Rutoken ECP 2.0' when 'pkcs15-init -G
rsa/1024 ...'
GemSAFE V1 cards support signing 36 bytes of free form data.
When signing a hash, the hash must be prepended by the DigestInfo
header. The PKCS#1 padding is done on the card. The 36 bytes limit
is sufficient for MD5 (16 + 18 bytes for the header), SHA1 and
RIPEMD160 (both use 20 + 15 bytes for the header) and MD5_SHA1
(16 + 20 bytes, no header). The algorithm reference ("cryptographic
mechanism reference" in ISO 7816 parlance) for signing free form data
is 0x12.
GemSAFE V3 cards changed the algorithm reference for signing free
form data to 0x02. In addition, they gained the ability to sign SHA256.
Since SHA256 exceeds the 36 bytes limit (32 + 19 bytes for the header),
it must be sent to the card *without* DigestInfo header. The header
will be prepended by the card and it is instructed to do so by sending
algorithm reference 0x42.
This scheme is also supported for SHA1, the algorithm reference is
0x12 in this case. However using this is not necessary as SHA1 fits
within the 36 bytes limit, including the header.
Supporting SHA256 is straightforward, we just add it to the flags
before adding the RSA algorithms. When sc_pkcs15_compute_signature()
calls sc_get_encoding_flags(), the input will be "iFlags 0x202, card
capabilities 0x8000021A" and the output will be "pad flags 0x0, secure
algorithm flags 0x202". I.e. the hash is neither prepended by the
DigestInfo header nor PKCS#1 padded and the hash algorithm is passed
to gemsafe_set_security_env() which can send the appropriate algorithm
reference 0x42 to the card.
However there's a catch: Once we add SHA256 to the flags, PKCS#11
applications will be unable to use the other hashes like SHA1 or
RIPEMD160. That's because register_mechanisms() checks if the card
supports no hashes, and if so, adds all of them:
if (!(rsa_flags & SC_ALGORITHM_RSA_HASHES)) {
rsa_flags |= SC_ALGORITHM_RSA_HASHES;
}
We cannot add these missing hashes to the flags like we did with SHA256
because like SHA256, they would be sent to the card *without* DigestInfo
header. What we want is to send all hashes *with* DigestInfo header,
*except* for SHA256.
We can achieve that by registering a fake RSA algorithm which includes
the missing hashes in its flags. This fake algorithm is never used
because sc_card_find_rsa_alg() searches the algorithm list in-order
and we register the fake algorithm *after* the real algorithms.
The fake algorithm persuades register_mechanisms() to register the
missing hashes because it ORs the flags of all RSA algorithms together:
num = card->algorithm_count;
while (num--) {
switch (alg_info->algorithm) {
case SC_ALGORITHM_RSA:
rsa_flags |= alg_info->flags;
break;
}
}
So when signing e.g. a RIPEMD160 hash and sc_pkcs15_compute_signature()
calls sc_get_encoding_flags(), the input will be "iFlags 0x102, card
capabilities 0x8000021A" and the output will be "pad flags 0x100, secure
algorithm flags 0x2". This will result in the hash being prepended by
the DigestInfo header, which is what we want.
pkcs15-piv.c was setting the auth_id of the public keys
which would cause some appications to require a login to access
a public key. The public keys are obtained from the certificates
which do not require the PIN to read.
Very early drafts of NIST 800-73 did require the PIN to access the
certificates, and the auth_id was removed in the opensc code for
certificates many years ago, but not from the public keys.
This patch fixes bug found in opensc 0.14.0-2 (Debian 8) that blocks
certificate update and removal on Athena ASEPCOS smartcard with error
Failed to update certificate: Security status not satisfied
OpenSC tries to get the parent's 'DELETE' access before cert removal
and leaves path variable pointing to dir not file to be removed.
Author-Change-Id: IB#1047758
Some cards (e.g., BELPIC) have a hardcoded file length that does not
match the actual file length (e.g., 65535 bytes), and simply return the
data that is actually on the card when asked.
It is useful to still be able to do an ASN.1 decode in that case.
Signed-off-by: Wouter Verhelst <w@uter.be>
- bug fix: re-initialize index to start searching at the right place
- get rid of unnecessary variable
- add some line breaks & comemnts for easier understanding
- get rid of unnecessary variable
- use easily understandable hex representation of APDUs
- auto-calculate APDU length based on hex representation
- restrict scope of some variables
- use sc_log() instead of directly writing to console
- line breaks & comments for easier reading/understanding
- fix typo in log message
- 2 line breaks between functions for easier reading
- function type on separate line
- mark each function as 'ABI' or 'Internal'
- slightly doxygen-ize comments introducing functions
- fix typos in comments
- break over-long comment lines
- break comment lines at sensible places
- consistent calling style for DRVDATA()
- no code change
- get rid of unnecessary variables
- use for-loop to initialize/check/increase run variable in one place
- restrict variables to the necessary scope
- use ternary operator inside a statement instead of if...else...
PIV cards uses get/put data not select file and read_binary.
To allow access via pkcs15 emulation card-piv.c emulates
select_file and read_binary but only when used with the path as
created by the piv emulation.
There are no MF.DIR or ED.DIR files.
opensc-tool and opensc-explorer will not work with this emulation.
Patch removes code that caused problems with opensc-tooland opensc-explorer.
card-piv.c was not selecting the PIV AID correctly from piv_find_aid.
This cause a CAC card that also has the PIV application to fail a VERIFY command
of the pin would use a VERIFY APDU P2 where P2 for PIV is 80, but for CAC was 00.
A CAC card could work if the caller requested the serial number of the card
which did call piv_select_aid. All the OpenSC tools, minidriver and
PKCS#11 do this, but Tokend does not.
This is a partial fix for https://github.com/OpenSC/OpenSC/issues/570.
Tokend in later MacOS versions still has other issues.
A more complete solution is needed for cards with multiple applications.
I do not have a CAC card or MAC to do any testing.
Thanks to https://github.com/mouse07410 who has a CAC card, and a Mac,
and has tested this fix.
Removed cmap_record in sc_pkcs15_prkey_info (not used by any driver nor code)
Remove cardcf specific code (cardcf neutralized by CP_CACHE_MODE_NO_CACHE and it maintened by the Base CSP/KSP, not the minidriver)
Add conversion code for Windows GUID / OpenSC self computed GUID
For ECDSA signatures, there are multiple ways to format the signature:
- R|S (R and S filled with zeroes at the most significant bytes)
- ASN1 sequence of R,S integers (e.g. used by OpenSSL).
It is rare that the filling with zeroes is needed.
But if it is, in the second case, the filling zeroes should not be there
or the verification of the signature by OpenSSL will fail.
in cases where you use pam_pkcs11, HOME might not be set
so paths based on $HOME are not usable, so that the combination
of home and caching does not work. Having the paths configurable
(together with a good setting of access rights)
resolves that problem.
The special value still needs to be handled for commands that are issued
during card initialization. This especially concerns T=0 cards that need
to use iso_get_response.
fixes#533
regression of 85b79a3332
This adds support for the Yubikey NEO. I'm not sure whether it breaks
the specification, or follows some other version of the spec, but in my
testing it returns SW1=0x63, SW2=0x0N for N PIN tries remaining.
Ignoring the top nibble seems a harmless change to the behaviour to
support this device.
This is already supported for a couple of the card drivers, but
since it's a general feature of ISO7816 it should go in iso7816.c,
rather than the current situation where identical code for this is
copy and pasted in each driver.
However, some cards apparently don't support this feature and count
it as a failed PIN attempt, so I've added a flag for now to indicate
whether the card supports this feature. It future, it could be moved
to blacklist cards rather than whitelist them, subject to more testing.
There's a copy-and-paste bug in there, where the CKA_PRIVATE attribute
is being set on the wrong variables! As well as fixing that, we should
explicitly set CKA_PRIVATE to "false" for certificates and public keys,
since the PKCS#11 spec doesn't specify a default and some drivers use
"private" as the default, making it impossible to add a public key/cert
using pkcs11-tool.
If the reader announces extended length support, but the card driver
leaves max_send_size/max_recv_size at `0`, max_send_size/max_recv_size
previously would have been overwritten with the reader's size though the
card might not have set SC_CARD_CAP_APDU_EXT. This commit fixes this
behavior.
Additionally card->max_send_size/max_recv_size is always initialized to
a value different from 0 after the card initialization. This removes the
need to check for this special value in all subsequent calls.
../../src/libopensc/errors.h:73:37: warning: statement with no effect [-Wunused-value]
#define SC_ERROR_INVALID_ARGUMENTS -1300
^
card-masktech.c:181:48: note: in expansion of macro 'SC_ERROR_INVALID_ARGUMENTS'
if (crgram_len > SC_MAX_EXT_APDU_BUFFER_SIZE) SC_ERROR_INVALID_ARGUMENTS;
This is name change only fix.
The variable name "card" was being used to refer to a struct sc_card or a struct sc_pkcs11_card
in some files including sc_pkcs11.h. In other files the variable name "p11card" is used for struct sc_pkcs11_card.
This creates hard to read code, such as: slot->card->card.
All definitations of sc_pkcs11_card *card now use p11card as the variable name.
Fix#471
The PKCS#11 Usage Guide, at least up to v2.40, says that calling
C_Initialize() in the child after fork is "considered to be good
Cryptoki programming practice, since it can prevent the existence of
dangling duplicate resources that were created at the time of the fork()
call."
(It neglects to mention that doing so in the child of a multi-threaded
process is a clear violation of POSIX, mind you. Not to mention being
utterly pointless if all you're going to do in the child is exec something
else anyway.)
Regardless of the sagacity of this recommendation, we need to cope when
it happens. Historically, we've been quite bad at that. Let's add a test
to pkcs11-tool in the hope it'll help...
Fixes#464
card-piv.c tries to read the first 8 bytes of an object to get object size
so it can allocate a buffer. It then reads the whole object. apdu.c has changed
over the years, and apdu.c will keep reading as long as the card returns
status of 61 XX thus apdu.c will read the whole object while discarding
the extra data and returning to the caller only the first part of the data.
This in effect causes a double read of objects.
This patch sets SC_APDU_FLAGS_NO_GET_RESP to tell apdu to stop doing the
extra get-response commands thus avoiding most of the extra overhead.
This in not an optimal patch as it only works with T=1 cards/readers
but the patch is confined to just card-piv.c.
A better patch is in the works.
Fixes#462
* factorize the code from CardAuthenticatePIN into CardAuthenticateEx
* allows authentication with the PINPAD without a UI
minidriver: fix some code analysis warnings
Improve the error code when the user cancel the operation ("The operation was canceled by the user" instead of "invalid parameter")
Signed-off-by: vletoux <vincent.letoux@gmail.com>
Prior to 066132327c71300188aa66180fde2fb3d90c5140, CKM_ECDH1_DERIVE and
CKM_ECDH1_COFACTOR_DERIVE were always registered for cards that support
SC_ALGORITHM_ECDSA_RAW.
The mentioned commit changed this behavior, so that the ECDH mechanisms
are only registered for cards that set the SC_ALGORITHM_ECDH_CDH_RAW
capability flag.
To keep the existing behavior for the cards, they need to set this flag
in the card driver.
Prior to this commit, all hashes registered for RSA or other key types were
registered for ECDSA as well.
register ECDH mechanism only when supported by card
ECDH should only be registered if the card driver sets the
SC_ALGORITHM_ECDH_CDH_RAW flag.
register software PKCS#1 (1.5) padding only when RAW RSA is supported by card
If OpenSC supports PSS/OAEP padding or other padding mechanisms in
future, and there would be a card that enforces hardware PSS/OAEP
padding, the PKCS#1 v1.5 padding mechanism should not be registered.
This patch fixes 3 issues which consecutively have shown up when debugging the original problem:
1 - Newer DNIe report a byte count for public certificates which is the compressed size,
while older DNIe report the uncompressed size. This resulted in short-reading the x509 certificates,
and in an error parsing. Therefore, during initialization we proceed to set path->count for
public certificates to -1. This ensures that the lenght of the certificates for reading
will be set to file-> length, which has the correct size.
2 - pkcs11-tool -t was broken for DNIe (old and new)as it tried to strip pcks11 padding
from the data to sign and OpenSC tried signatures with non-padded data
(as the card had SC_ALGORITHM_RSA_RAW).
The new algoflags (SC_ALGORITHM_RSA_HASH_NONE | SC_ALGORITHM_RSA_PAD_PKCS1) and the
removal of the strip-padding call fix the issue.
3 - The new cards won't allow setting the LE bytes when calculating the TLV, when LE equals
256. This caused an wrong SM object error response (0x69 0x88). Therefore,
we don't send the LE bytes anymore in this case.
The patch has been tested to work on the new problematic card and on another old one.
close#451