Obertbur's card do not returns FCP for selected application DF.
Newly introduced option will supply the missing ACL when creating new objects or files.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5395 c6295689-39f2-0310-b995-f0e70906c6a9
EC parameters can be presented in a three forms: namedCurve, OID and implicit data.
This new data type will facilitate manipulation of ec-parameters in the OpenSC tools and library.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5386 c6295689-39f2-0310-b995-f0e70906c6a9
There is no need to carry around that attribute, because it's easy to look up the 'file' as needed. This is done by issuing a single sc_select_file command in sc_pkcs15init_update_any_df (pkcs15-lib.c).
The parameter 'file' of sc_pkcs15_add_df (pkcs15.c) became useless too and was removed in turn.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5316 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-lib.c: In function 'prkey_fixup_rsa':
pkcs15-lib.c:1936: warning: declaration of 'ctx' shadows a previous local
pkcs15-lib.c:1911: warning: shadowed declaration is here
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5253 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-lib.c: In function 'sc_pkcs15init_store_private_key':
pkcs15-lib.c:1339: warning: declaration of ‘ctx’ shadows a previous local
pkcs15-lib.c:1278: warning: shadowed declaration is here
The ctx variable was already declared with the correct value.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5252 c6295689-39f2-0310-b995-f0e70906c6a9
profile.c: In function 'sc_profile_get_pin_id_by_reference':
profile.c:785: warning: declaration of ‘pin_info’ shadows a global declaration
profile.c:217: warning: shadowed declaration is here
Avoid using a typedef with a "common" name
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5250 c6295689-39f2-0310-b995-f0e70906c6a9
* shift libpkcs11 from src/pkcs11 to src/common as it is not used to implement the OpenSC PKCS#11 module
* invent a "libscdl" mini library that implements either libltdl based dynamic loading or uses native interfaces
* drop hard requirement for libltl to build OpenSC
* native Windows build does not need libltdl any more
* specify CNGSDK include dir to find cardmod.h. CNGSDK only registers with a handful of compilers
Deals with #323
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5201 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-oberthur-awp.c:143:3: warning: Value stored to 'desc' is never read
desc = "Oberthur AWP container list";
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
pkcs15-oberthur-awp.c:138:3: warning: Value stored to 'desc' is never read
desc = "Oberthur AWP private object list";
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
pkcs15-oberthur-awp.c:133:3: warning: Value stored to 'desc' is never read
desc = "Oberthur AWP public object list";
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
pkcs15-oberthur-awp.c:128:3: warning: Value stored to 'desc' is never read
desc = "Oberthur AWP token info";
^ ~~~~~~~~~~~~~~~~~~~~~~~~~
pkcs15-oberthur-awp.c:122:3: warning: Value stored to 'desc' is never read
desc = "Oberthur AWP private data object info";
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
pkcs15-oberthur-awp.c:117:3: warning: Value stored to 'desc' is never read
desc = "Oberthur AWP data object info";
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
pkcs15-oberthur-awp.c:112:3: warning: Value stored to 'desc' is never read
desc = "Oberthur AWP public key info";
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
pkcs15-oberthur-awp.c:106:3: warning: Value stored to 'desc' is never read
desc = "Oberthur AWP private key info";
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
pkcs15-oberthur-awp.c💯3: warning: Value stored to 'desc' is never read
desc = "Oberthur AWP certificate info";
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
pkcs15-oberthur-awp.c:338:2: warning: Value stored to 'rec_offs' is never read
rec_offs = 0;
^ ~
pkcs15-oberthur-awp.c:1369:2: warning: Value stored to 'offs' is never read
offs += len;
^ ~~~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5150 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-oberthur.c:457:4: warning: Value stored to 'type' is never read
type = SC_PKCS15INIT_USER_PIN;
^ ~~~~~~~~~~~~~~~~~~~~~~
pkcs15-oberthur.c:452:4: warning: Value stored to 'type' is never read
type = SC_PKCS15INIT_USER_PUK;
^ ~~~~~~~~~~~~~~~~~~~~~~
pkcs15-oberthur.c:445:4: warning: Value stored to 'type' is never read
type = SC_PKCS15INIT_SO_PIN;
^ ~~~~~~~~~~~~~~~~~~~~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5149 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-myeid.c:251:4: warning: Value stored to 'type' is never read
type = SC_PKCS15INIT_USER_PIN;
^ ~~~~~~~~~~~~~~~~~~~~~~
pkcs15-myeid.c:244:4: warning: Value stored to 'type' is never read
type = SC_PKCS15INIT_SO_PIN;
^ ~~~~~~~~~~~~~~~~~~~~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5148 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-muscle.c:101:3: warning: Value stored to 'type' is never read
type = SC_PKCS15INIT_USER_PIN;
^ ~~~~~~~~~~~~~~~~~~~~~~
pkcs15-muscle.c:99:3: warning: Value stored to 'type' is never read
type = SC_PKCS15INIT_SO_PIN;
^ ~~~~~~~~~~~~~~~~~~~~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5147 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-incrypto34.c:133:7: warning: Although the value stored to 'r' is used in
the enclosing expression, the value is never actually read from 'r'
...r = sc_pkcs15init_authenticate(profile, p15card, file, SC_AC_OP_DELETE)...
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5146 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-starcos.c:158:3: warning: Value stored to 'p' is never read
*p++ = ipf_file->size & 0xff;
^~~
pkcs15-starcos.c:128:3: warning: Value stored to 'p' is never read
*p++ = 0x00; /* SM ISF: no */
^~~
pkcs15-starcos.c:239:3: warning: Value stored to 'p' is never read
*p++ = ipf_file->size & 0xff;
^~~
pkcs15-starcos.c:206:3: warning: Value stored to 'p' is never read
*p++ = 0x00; /* SM ISF: no */
^~~
pkcs15-starcos.c:636:4: warning: Value stored to 'p' is never read
*p++ = 0x00;
^~~
pkcs15-starcos.c:613:4: warning: Value stored to 'p' is never read
*p++ = (u8) kinfo->key_reference; /* CHA byte */
^~~
pkcs15-starcos.c:699:3: warning: Value stored to 'p' is never read
*p++ = (u8) kinfo->key_reference; /* CHA */
^~~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5145 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-jcop.c:118:17: warning: Value stored to 'type' is never read
type = SC_PKCS15INIT_USER_PIN;
^ ~~~~~~~~~~~~~~~~~~~~~~
pkcs15-jcop.c:112:17: warning: Value stored to 'type' is never read
type = SC_PKCS15INIT_SO_PIN;
^ ~~~~~~~~~~~~~~~~~~~~
pkcs15-jcop.c:171:9: warning: Value stored to 'pub_len' is never read
pub_len = 2 + mod_len + exp_len;
^ ~~~~~~~~~~~~~~~~~~~~~
pkcs15-jcop.c:284:6: warning: Value stored to 'bytes' is never read
bytes = mod_len / 2;
^ ~~~~~~~~~~~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5144 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-gpk.c:213:3: warning: Value stored to 'type' is never read
type = SC_PKCS15INIT_USER_PIN;
^ ~~~~~~~~~~~~~~~~~~~~~~
pkcs15-gpk.c:207:3: warning: Value stored to 'type' is never read
type = SC_PKCS15INIT_SO_PIN;
^ ~~~~~~~~~~~~~~~~~~~~
pkcs15-gpk.c:853:3: warning: Value stored to 'pe' is never read
pe++;
^~~~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5142 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-lib.c:727:4: warning: Value stored to 'pin_type' is never read
pin_type = SC_PKCS15INIT_USER_PIN;
^ ~~~~~~~~~~~~~~~~~~~~~~
pkcs15-lib.c:1011:3: warning: Value stored to 'pin_type' is never read
pin_type = SC_PKCS15INIT_SO_PIN;
^ ~~~~~~~~~~~~~~~~~~~~
pkcs15-lib.c:1009:3: warning: Value stored to 'pin_type' is never read
pin_type = SC_PKCS15INIT_USER_PUK;
^ ~~~~~~~~~~~~~~~~~~~~~~
pkcs15-lib.c:1505:2: warning: Value stored to 'usage' is never read
usage = SC_PKCS15_PRKEY_USAGE_SIGN;
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~
pkcs15-lib.c:1507:3: warning: Value stored to 'usage' is never read
usage = sc_pkcs15init_map_usage(args->x509_usage, 0);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
pkcs15-lib.c:2560:3: warning: Value stored to 'file' is never read
file = df->file;
^ ~~~~~~~~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5141 c6295689-39f2-0310-b995-f0e70906c6a9
The initializations are already done a few lines below
pkcs15-lib.c:1938:11: warning: Value stored to 'ctx' during its initialization
is never read
BN_CTX *ctx = BN_CTX_new();
^ ~~~~~~~~~~~~
pkcs15-lib.c:1937:11: warning: Value stored to 'aux' during its initialization
is never read
BIGNUM *aux = BN_new();
^ ~~~~~~~~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5140 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-authentic.c:97:1: warning: no previous prototype for function
'authentic_reference_to_pkcs15_id' [-Wmissing-prototypes]
authentic_reference_to_pkcs15_id (unsigned int ref, struct sc_pkcs15_id *id)
^
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5130 c6295689-39f2-0310-b995-f0e70906c6a9
to take into account the non-zero 'aid' member in the 'path' parameter
or in the path of the file's instance
also take into account the non-zero 'aid' when getting 'file-id'
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5099 c6295689-39f2-0310-b995-f0e70906c6a9
to get profile instance of the parent of some file presented by it's profile name.
;accept hexadecimal values presented in 'xAB' form;
;coding style issues;
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5098 c6295689-39f2-0310-b995-f0e70906c6a9
'profile-extention' profile parameter used to load from the separate file
the AID dependent profile part.
'exclusive-aid' profile parameter used to introduce the AID for the DF
that do not have file-id and that can be selected only by 'DF-NAME' selection.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5097 c6295689-39f2-0310-b995-f0e70906c6a9
Each application of the multi-application PKCS#15 card has it's own associated pkcs15init profile file.
Profile of the multi-application card contains an association between the ID of the on-card application
and associated profile name.
When sc_profile_finish() is called
- sc_card is connected,
- information on the preset on-card applications is available;
- AID of the applicaition to be binded is known.
thus allowing to sc_profile_finish() to load the final part of the profile.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5096 c6295689-39f2-0310-b995-f0e70906c6a9
the first usage is to update the public key PKCS#15 object attributes
and to encode it's direct value.
(support of the Oberthur's AuthentIC V3.2 card)
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5001 c6295689-39f2-0310-b995-f0e70906c6a9
From http://en.wikipedia.org/wiki/Malloc#Casting_and_type_safety
" Casting and type safety
malloc returns a void pointer (void *), which indicates that it is a
pointer to a region of unknown data type. One may "cast" (see type
conversion) this pointer to a specific type, as in
int *ptr = (int*)malloc(10 * sizeof (int));
When using C, this is considered bad practice; it is redundant under the
C standard. Moreover, putting in a cast may mask failure to include the
header stdlib.h, in which the prototype for malloc is found. In the
absence of a prototype for malloc, the C compiler will assume that
malloc returns an int, and will issue a warning in a context such as the
above, provided the error is not masked by a cast. On certain
architectures and data models (such as LP64 on 64 bit systems, where
long and pointers are 64 bit and int is 32 bit), this error can actually
result in undefined behavior, as the implicitly declared malloc returns
a 32 bit value whereas the actually defined function returns a 64 bit
value. Depending on calling conventions and memory layout, this may
result in stack smashing.
The returned pointer need not be explicitly cast to a more specific
pointer type, since ANSI C defines an implicit conversion between the
void pointer type and other pointers to objects. An explicit cast of
malloc's return value is sometimes performed because malloc originally
returned a char *, but this cast is unnecessary in standard C
code.[4][5] Omitting the cast, however, creates an incompatibility with
C++, which does require it.
The lack of a specific pointer type returned from malloc is type-unsafe
behaviour: malloc allocates based on byte count but not on type. This
distinguishes it from the C++ new operator that returns a pointer whose
type relies on the operand. (see C Type Safety). "
See also
http://www.opensc-project.org/pipermail/opensc-devel/2010-August/014586.html
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4636 c6295689-39f2-0310-b995-f0e70906c6a9
Noted by Ludovic.
In sc_pkcs15init_update_file() procedure the file selection errors other then SC_ERROR_FILE_NOT_FOUND were not treated.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4271 c6295689-39f2-0310-b995-f0e70906c6a9
Some cards do not include security attributes into the FCI returned by 'SELECT' command.
For such cards, when updating certificate, to authenticate 'UPDATE' operation use the
'sc_file' with default ACLs instantiated from the card profile.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4265 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-oberthur-awp.c: In function ‘awp_encode_data_info’:
pkcs15-oberthur-awp.c:1211: warning: implicit declaration of function ‘sc_asn1_encode_object_id’
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4205 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-oberthur-awp.c: In function ‘awp_new_container_entry’:
pkcs15-oberthur-awp.c:241: warning: declaration of ‘rand’ shadows a global declaration
/usr/include/stdlib.h:176: warning: shadowed declaration is here
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4204 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-oberthur.c: In function ‘cosm_write_tokeninfo’:
pkcs15-oberthur.c💯 warning: comparison between signed and unsigned
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4203 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-myeid.c: In function ‘myeid_generate_key’:
pkcs15-myeid.c:687: warning: comparison between signed and unsigned
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4202 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-myeid.c: In function ‘myeid_new_file’:
pkcs15-myeid.c:321: warning: assignment discards qualifiers from pointer target type
pkcs15-myeid.c:323: warning: assignment discards qualifiers from pointer target type
pkcs15-myeid.c:325: warning: assignment discards qualifiers from pointer target type
pkcs15-myeid.c:327: warning: assignment discards qualifiers from pointer target type
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4201 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-entersafe.c:200: warning: initialization discards qualifiers from pointer target type
pkcs15-entersafe.c:201: warning: initialization discards qualifiers from pointer target type
pkcs15-entersafe.c:202: warning: initialization discards qualifiers from pointer target type
pkcs15-entersafe.c:203: warning: initialization discards qualifiers from pointer target type
pkcs15-entersafe.c:204: warning: initialization discards qualifiers from pointer target type
pkcs15-entersafe.c:205: warning: initialization discards qualifiers from pointer target type
pkcs15-entersafe.c:206: warning: initialization discards qualifiers from pointer target type
pkcs15-entersafe.c:207: warning: initialization discards qualifiers from pointer target type
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4200 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-setcos.c: In function ‘setcos_new_file’:
pkcs15-setcos.c:263: warning: assignment discards qualifiers from pointer target type
pkcs15-setcos.c:265: warning: assignment discards qualifiers from pointer target type
pkcs15-setcos.c:267: warning: assignment discards qualifiers from pointer target type
pkcs15-setcos.c:269: warning: assignment discards qualifiers from pointer target type
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4197 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-lib.c: In function ‘get_template_name_from_object’:
pkcs15-lib.c:2152: warning: return discards qualifiers from pointer target type
pkcs15-lib.c:2154: warning: return discards qualifiers from pointer target type
pkcs15-lib.c:2156: warning: return discards qualifiers from pointer target type
pkcs15-lib.c:2159: warning: return discards qualifiers from pointer target type
pkcs15-lib.c:2161: warning: return discards qualifiers from pointer target type
pkcs15-lib.c: In function ‘get_pin_ident_name’:
pkcs15-lib.c:2815: warning: return discards qualifiers from pointer target type
pkcs15-lib.c:2817: warning: return discards qualifiers from pointer target type
pkcs15-lib.c:2819: warning: return discards qualifiers from pointer target type
pkcs15-lib.c:2823: warning: return discards qualifiers from pointer target type
pkcs15-lib.c:2825: warning: return discards qualifiers from pointer target type
pkcs15-lib.c:2827: warning: return discards qualifiers from pointer target type
pkcs15-lib.c:2829: warning: return discards qualifiers from pointer target type
pkcs15-lib.c:2832: warning: return discards qualifiers from pointer target type
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4196 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-oberthur.c: In function ‘cosm_write_tokeninfo’:
pkcs15-oberthur.c:94: warning: format not a string literal and no format arguments
pkcs15-oberthur.c:96: warning: format not a string literal and no format arguments
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4160 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-oberthur.c:61: warning: redundant redeclaration of ‘cosm_delete_file’
pkcs15-oberthur.h:93: warning: previous declaration of ‘cosm_delete_file’ was here
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4159 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-westcos.c:41: warning: redundant redeclaration of ‘sc_check_sw’
../../src/libopensc/opensc.h:674: warning: previous declaration of
‘sc_check_sw’ was here
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4158 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-lib.c:799: warning: no previous prototype for ‘sc_pkcs15init_store_puk’
pkcs15-lib.c:2814: warning: no previous prototype for ‘get_pin_ident_name’
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4152 c6295689-39f2-0310-b995-f0e70906c6a9
Now the native Oberthur card format is supported for emulation of pkcs15 and pkcs15init.
It means that card personalized with OpenSC and the obejcts created with OpenSC
will be usable with the native Oberthur's middleware
and vice-versa.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4137 c6295689-39f2-0310-b995-f0e70906c6a9
Set 'TOKEN INITIALIZED' after an application has been added,
set 'USER PIN INITIALIZED' and 'LOGIN REQUIRED' after User PIN object has been created.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4130 c6295689-39f2-0310-b995-f0e70906c6a9
Four method are added to the 'sc_pkcs15init_operations':
emu_update_dir -- create or not the DIR file;
emu_update_any_df -- update the non-pkcs15 descriptors that are equivalents to pkcs15 xDF files;
emu_update_tokeninfo -- update analog of tokenInfo;
emu_write_info -- to not create OPENSC-INFO file;
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4128 c6295689-39f2-0310-b995-f0e70906c6a9
; do not pad PIN in pkcs15init. It's already done in libopensc/pkcs15-pin;
; the 'do_verify_pin()', 'sc_pkcs15init_verify_key()' and 'do_get_and_verify_secret()' are replaced by unique 'sc_pkcs15init_verify_secret()'; edit debug messages;
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4123 c6295689-39f2-0310-b995-f0e70906c6a9
* reduce to a few, supported functions.
* change all functions to take the debug level as parameter.
* use symbolic names for the debug levels.
* fix tools to pass "verbose"/"opt_debug" as ctx->debug.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4118 c6295689-39f2-0310-b995-f0e70906c6a9
This bug concerned the card drivers for which the file ACLs cannot be obtained from the FCI of the selected file.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4114 c6295689-39f2-0310-b995-f0e70906c6a9
Some non-pkcs15 cards protect the reading of the private objects attributes.
For the emulated pkcs15 cards, the 'init' emu-handler was the only place where pkcs15 objects could be loaded.
This handler is called before the card is binded, and so, for an application there was no 'normal' way to verify PIN and load the objects with protected attributes.
Actually it's possible to complete list of the pkcs15 objects after the emulated pkcs15 card has been binded.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4096 c6295689-39f2-0310-b995-f0e70906c6a9
In the 'flex' card profile the ACLs of the public objects are set to 'NONE'.
As the pkcs15init core currently implemented, the AuthID attribute is not used for the public objects.
Without AuthID the destination 'pin-domain' DF cannot be determined in a simple and sure manner.
That's why 'pin-domain' works only for private key, private data
and the public objects are placed into the application DF.
; take 'flex' CHV files settings from the card profile;
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4085 c6295689-39f2-0310-b995-f0e70906c6a9
When binding profile and p15card (in sc_pkcs15init_set_p15card()), add to the profile EF list the named DF for the path of the all existing AUTH.
; variables name and coding style issues;
; debug messages;
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4084 c6295689-39f2-0310-b995-f0e70906c6a9
; new, athena dedicated, PIN pkcs15 flag 'TRANSPORT_KEY':
in the Athena initialization procedure the 'trasport' SOPIN object is used. This object references to the pre-existing global SOPIN and is different from the final SOPIN of the card. This object should be ignored when fixing up the ACLs of the newly created file;
; the pkcs15 refereces of the new private keys are derived from the file-id;
; remove duplicated code;
; some log messages in pkcs15-lib.c;
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4077 c6295689-39f2-0310-b995-f0e70906c6a9
This patch is not largely tested and it will be followed (hope in a few hours) with another one
that will replace the using of the static pincache
with the pincache as the content of the AUTH pkcs15 object.
In the intervention into the card specific part I tried to respect its creator's coding style.
Sorry, if it's not always the case.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4057 c6295689-39f2-0310-b995-f0e70906c6a9
Profile option 'protect-certifcates' was activated by default for all the cards,
was mentioned and commented out only in 'flex' profile,
and finaly is not working 'by design' of pkcs15-lib.c
So, no need to keep this option, untill the valid arguments to restore it back.
Anyway, the access to certificates is controlled by the file's ACLs defined in profile.
;in profile use the 'define' macros to define the pin encoding type;
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4050 c6295689-39f2-0310-b995-f0e70906c6a9
; in 'sc_pkcs15_pin_info' structure add 'auth_method' member to keep the PIN authentication method: CHV, AUT or SM;
; in pkcs15init profile add function to search PIN template by auth method and reference;
; in 'sc_pkcs15_remove_object' return silently if object to delete is NULL;
; in 'sc_pkcs15_object' structure add 'usage_counter' member;
; new 'sc_pkcs15_find_pin_by_type_and_reference' procedure to search PIN pkcs15 object by auth method and reference;
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4048 c6295689-39f2-0310-b995-f0e70906c6a9
The implementation was based on the previous MSC build, each tool had its own
description in version resource.
This change sets a single version resource to all files, and produces much
simpler build.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3980 c6295689-39f2-0310-b995-f0e70906c6a9
Migrated without testing, but normally should work -- the pkcs15init part of MyEID and SetCOS are sufficiently close.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3975 c6295689-39f2-0310-b995-f0e70906c6a9
When creating application DF ('PKCS15-AppDF'), User PIN is not yet created, and AC type 'SC_AC_SYMBOLIC' cannot be resolved.
So, in the card profile, the macro '$PIN' cannot be used to define the ACLs of the application DF.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3967 c6295689-39f2-0310-b995-f0e70906c6a9
;when putting SOPIN into the global cache, use the path from the object info;
;sc_pkcs15init_create_pin() can be called to create PUK object;
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3964 c6295689-39f2-0310-b995-f0e70906c6a9
no more 'init_app'.
- Oberthur unblock style is the only one (local SOPIN is used as PUK);
- user PIN and PUK should be everywhere defined as local;
- SOPIN is always global.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3950 c6295689-39f2-0310-b995-f0e70906c6a9
When creating PIN, if 'puk_id' is defined in 'struct sc_pkcs15init_pinargs',
the pkcs15 PinObject for PUK will be created.
For a moment, PinObject is not created for SO PUK.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3949 c6295689-39f2-0310-b995-f0e70906c6a9
- for 'global' PINs path in not encoded into the AODF;
- when selecting pin_reference, start from value defined in profile.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3946 c6295689-39f2-0310-b995-f0e70906c6a9
To use New API with the cards that do not have 'key-domain' in their profile,
when setting object data path,
the object template has to be also looked for outside the 'key-domain'.
;migrate Oberthur to the New API;
;use macros SC_CALLED, SC_TEST_.., SC_RETURN in pkcs15-lib.c
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3940 c6295689-39f2-0310-b995-f0e70906c6a9
at the profile level the difference between EF and BSO is:
- BSO path is always the path of the host DF and do not indexated when template is instanciated;
- EF path is always ending with file-id that is always indexated when template is instanciated.
New non-static 'sc_profile_get_file_instance' procedure to instanciate non-template entries.
In profile.c get_uint() accepts hexadecimals.
In CardOS profile (I venture to) increase the xDF sizes
and change ACL to permit the key re-importing.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3919 c6295689-39f2-0310-b995-f0e70906c6a9
;use macros SC_CALLED, SC_RETURN and SC_TEST_RET;
;change debug level in debug macros;
For a new pkcs15 object of a given type the file index is chosen as a first value in the range from 'file-id' to 'max-id',
excluding the values that are already assigned to the file indexes of the existing pkcs15 objects of the same type.
'file-id' is defined in the template ('key-domain') of the card profile ;
'max-id' is 'file-id' + hard coded value 0xFE .
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3916 c6295689-39f2-0310-b995-f0e70906c6a9
Working now with GOST R 34.10:
$ pkcs15-init --store-private-key key --key-usage sign,decrypt --auth-id 2 --id 1 --pin "12345678"
$ pkcs15-init --store-certificate my_cert --id 1 --pin "12345678"
But have problem: no CKA_GOSTR3410_PARAMS by retrieve pub_key from certificate, if pub_key object was removed (see parse_x509_cert, asn1_decode_gostr3410_params)
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3859 c6295689-39f2-0310-b995-f0e70906c6a9
the old code was undefined, but ok (variables where never used
again in the "goto error" case). but the new code should
be clearer on this.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3658 c6295689-39f2-0310-b995-f0e70906c6a9
ACL settings, and check C_CreateObject parameter CKA_PRIVATE aka
pkcs15_create_data args.auth_id variable, aka sc_pkcs15init_new_object
object->flags & SC_PKCS15_CO_FLAG_PRIVATE to decide if "data" or "privdata"
profile needs to be used.
Tested with cryptoflex 32k and opensc-explorer, now I no longer can
"get" the data object file stored with "--private".
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3605 c6295689-39f2-0310-b995-f0e70906c6a9
Nowhere in pkcs15init/pkcs15-cardos.c is the user pin ever
requested or presented to the card.
Since the update acl for the key object uses the user pin, the GENERATE
KEY operation fails when it isn't logged in.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3537 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-cardos.c:547:5: warning: "SET_SM_BYTES" is not defined
pkcs15-cardos.c:585:5: warning: "SET_SM_BYTES" is not defined
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3517 c6295689-39f2-0310-b995-f0e70906c6a9
files to build on Windows.
I got rutoken to compile, and took out the #ifdef's I had in last week.
The rutoken programmer declared some variables in the middle of a block
rather then having all the declare statements at the beginning of a block
as is normally done in C. The Microsoft compile treats this as an error.
(Actual many errors.)
The makedef.pl is no longer needed, as the exports files can be used.
Note that in the original Makefile.mak files only opensc.def and
pkcs15init.def were created.
winconfig.h has a number of changes. As discussed last week this could
be created by autoconf. I also noted that the Active State Perl that
was required for the makedef.pl has a psed command that could be used
like sed to update winconfig.h. I did not attempt to do this.
win32/Make.rules.mak - Use ENABLE_OPENSSL and ENABLE_ZLIB
src/tools/Makefile.mak - add the rutoken.tool.exe
src/tools/eidenv.c - use PACKAGE_VERSION
src/pkcs11/Makefile.mak - reorder the objest to match the list in the
Makefile.am. Makes it easier to read.
src/include/winconfig.h - The windows version of the config.h
Changes based on discussions on the list last week.
src/common/Makefile.mak - renamed modules.
src/pkcs15init/Makefile.mak - reordered, and added back the rutoken modules
replaced the use of makdef.pl to sue the exports file.
src/scconf/Makefile.mak - reordered objects.
src/libopensc/card-rutoken.c -
error. Moved the declares to the beginning of blocks.
src/libopensc/Makefile.mak - reorder names, and add rutoken.
Use the libopensc.exports file.
src/libopensc/pkcs15-prkey-rutoken.c - more moving of declare statements.
By Douglas E. Engert
http://www.opensc-project.org/pipermail/opensc-devel/2008-April/011011.html
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3464 c6295689-39f2-0310-b995-f0e70906c6a9
1. Build system now supports MinGW (Windows) compilation using msys and cross compilation.
2. Ability to explicitly disable and enable dependencies of the package.
3. openct, pcsc and nsplugins features are disabled by default.
4. Modified pcsc driver to use pcsc dynamically, no compile time dependency is required.
5. --enable-pcsc-lite configuration option renamed to --enable-pcsc.
6. Install opensc.conf file (as opensc.conf.new if opensc.conf exists).
7. Add--enable-doc configuration option, allow installing documentation into target.
8. Add --disable-man configuration option, allow msys mingw32 users to
build from svn without extra dependencies.
9. Add export files to each library in order to export only required symbols.
Windows native build may use these files instead of scanning objects' symbols.
10. Add opensc-tool --info to display some general information about the build.
11. Create compatibility library to be linked against library instread of recompiling the
same source files in different places.
12. Add different win32 version resource to each class of outputs.
13. Make xsl-stylesheets location selectable.
14. Some win32 fixups.
15. Some warning fixups.
16. Many other autoconf/automake cleanups.
Alon Bar-Lev
svn diff -r 3315:3399 https://www.opensc-project.org/svn/opensc/branches/alonbl/mingw
_M .
D configure.in
_M src
_M src/openssh
M src/openssh/Makefile.am
_M src/tools
M src/tools/rutoken-tool.c
M src/tools/opensc-tool.c
M src/tools/cardos-info.c
M src/tools/pkcs15-crypt.c
M src/tools/pkcs15-init.c
M src/tools/piv-tool.c
M src/tools/netkey-tool.c
M src/tools/eidenv.c
M src/tools/cryptoflex-tool.c
M src/tools/util.c
M src/tools/pkcs11-tool.c
M src/tools/pkcs15-tool.c
M src/tools/util.h
M src/tools/opensc-explorer.c
M src/tools/Makefile.am
_M src/pkcs11
M src/pkcs11/pkcs11-global.c
M src/pkcs11/framework-pkcs15.c
M src/pkcs11/mechanism.c
M src/pkcs11/pkcs11-display.c
M src/pkcs11/pkcs11-object.c
A src/pkcs11/opensc-pkcs11.exports
M src/pkcs11/sc-pkcs11.h
M src/pkcs11/pkcs11-spy.c
M src/pkcs11/openssl.c
M src/pkcs11/Makefile.am
A src/pkcs11/pkcs11-spy.exports
_M src/tests
_M src/tests/regression
M src/tests/regression/Makefile.am
M src/tests/sc-test.c
M src/tests/pintest.c
M src/tests/Makefile.am
_M src/include
_M src/include/opensc
M src/include/opensc/Makefile.am
A src/include/opensc/svnignore
M src/include/Makefile.am
_M src/signer
_M src/signer/npinclude
M src/signer/npinclude/Makefile.am
M src/signer/Makefile.am
A src/signer/signer.exports
_M src/common
A src/common/compat_dummy.c
D src/common/getopt.txt
D src/common/strlcpy.c
D src/common/LICENSE
A src/common/compat_getopt.txt
A src/common/compat_strlcpy.c
A src/common/LICENSE.compat_getopt
A src/common/compat_getopt.c
D src/common/strlcpy.h
D src/common/ChangeLog
D src/common/getpass.c
D src/common/my_getopt.c
A src/common/compat_strlcpy.h
A src/common/compat_getpass.c
A src/common/compat_getopt.h
A src/common/ChangeLog.compat_getopt
D src/common/README.strlcpy
D src/common/my_getopt.h
A src/common/compat_getpass.h
A src/common/README.compat_strlcpy
D src/common/strlcpy.3
A src/common/README.compat_getopt
D src/common/getopt.3
D src/common/README.my_getopt
A src/common/compat_strlcpy.3
A src/common/compat_getopt.3
M src/common/Makefile.am
M src/Makefile.am
_M src/pkcs15init
M src/pkcs15init/pkcs15-oberthur.c
M src/pkcs15init/profile.c
M src/pkcs15init/pkcs15-lib.c
M src/pkcs15init/pkcs15-rutoken.c
A src/pkcs15init/pkcs15init.exports
M src/pkcs15init/pkcs15-gpk.c
M src/pkcs15init/Makefile.am
_M src/scconf
M src/scconf/Makefile.am
M src/scconf/parse.c
A src/scconf/scconf.exports
_M src/libopensc
M src/libopensc/card-rutoken.c
M src/libopensc/compression.c
M src/libopensc/sc.c
M src/libopensc/card-piv.c
M src/libopensc/pkcs15-openpgp.c
M src/libopensc/pkcs15-postecert.c
M src/libopensc/pkcs15-tcos.c
M src/libopensc/opensc-config.in
M src/libopensc/reader-pcsc.c
A src/libopensc/internal-winscard.h
M src/libopensc/ctx.c
A src/libopensc/libopensc.exports
M src/libopensc/pkcs15-piv.c
M src/libopensc/pkcs15-infocamere.c
M src/libopensc/internal.h
M src/libopensc/pkcs15-actalis.c
M src/libopensc/pkcs15-starcert.c
M src/libopensc/card-oberthur.c
M src/libopensc/pkcs15-atrust-acos.c
M src/libopensc/p15card-helper.c
D src/libopensc/part10.h
M src/libopensc/ui.c
M src/libopensc/card-gpk.c
M src/libopensc/pkcs15-wrap.c
M src/libopensc/pkcs15-gemsafeGPK.c
M src/libopensc/log.c
M src/libopensc/pkcs15-esteid.c
M src/libopensc/pkcs15-prkey-rutoken.c
M src/libopensc/log.h
M src/libopensc/Makefile.am
M src/libopensc/reader-openct.c
_M aclocal
M aclocal/Makefile.am
_M win32
M win32/Makefile.am
A win32/versioninfo.rc.in
A win32/ltrc.inc
A configure.ac
_M doc
_M doc/tools
M doc/tools/pkcs15-profile.xml
D doc/changelog.sh
D doc/export-wiki.xsl
_M doc/api
_M doc/api/file
M doc/api/man.xsl
_M doc/api/asn1
_M doc/api/apps
_M doc/api/init
_M doc/api/types
_M doc/api/card
M doc/api/html.xsl
_M doc/api/misc
_M doc/api/util
M doc/Makefile.am
D doc/export-wiki.sh
AM doc/nonpersistent
A doc/nonpersistent/export-wiki.xsl
A doc/nonpersistent/Makefile.am
A doc/nonpersistent/export-wiki.sh
A doc/nonpersistent/svn2cl.xsl
D doc/generate-man.sh
D doc/svn2cl.xsl
M Makefile.am
A svnignore
_M etc
M etc/opensc.conf.in
M etc/Makefile.am
D man
_M solaris
M solaris/Makefile
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3405 c6295689-39f2-0310-b995-f0e70906c6a9
static is a good hint to the compiler for that - the function isn't used
outside of this file.
"static inline" is not valid, visual studio doesn't compile that.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3209 c6295689-39f2-0310-b995-f0e70906c6a9
add support for reading, writing and deleting private (require cache_pins) and
public data objects in PKCS11. updated the pkcs11-tool and fixed a few
bugs in the code. Tested on an aladdin etoken.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3176 c6295689-39f2-0310-b995-f0e70906c6a9
NUL-byte
- use sizeof(field) instead of SC_PKCS15_MAX_LABEL_SIZE-1 or equivalent as
the 3rd argument of strlcpy()
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2993 c6295689-39f2-0310-b995-f0e70906c6a9
- add two new structures: sc_thread_context_t which let
the user specify the mutex functions to use and
sc_context_param_t to specify parameters for the sc_context_t
creation (including mutex functions) using sc_create_context()
- add new function sc_context_create()
- remove timestamp code from libopensc
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2829 c6295689-39f2-0310-b995-f0e70906c6a9
vtarasov
andre
martin
ludovic.rousseau
viktor.tarasov
s
jps
aj
alonbl
nils
sth