giomba/opensc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
7,065 Commits 1 Branch 30 Tags 20 MiB
b0a20fa7ca
Commit Graph

5946 Commits

Author SHA1 Message Date
Jakub Jelen
155ecc11f3 Adjust the p11test readme after merge 
Resolves: #1415
 2018-07-04 09:46:43 +02:00
Frank Morgner
452e1d3b96 fixed used of uninitialized return value 2018-06-30 01:17:57 +02:00
Frank Morgner
b3e3ab61c0 avoid integer underflow 2018-06-29 17:14:55 +02:00
Frank Morgner
971dac2f78 unignore result 2018-06-29 17:14:55 +02:00
Frank Morgner
6184c1fbab avoid out of bounds read 2018-06-29 17:14:55 +02:00
Frank Morgner
03c5280626 avoid NULL dereference 2018-06-29 17:14:55 +02:00
Frank Morgner
ed0d829eab removed unused check 2018-06-29 17:14:55 +02:00
Frank Morgner
259b7ec41c check return value 2018-06-29 17:14:55 +02:00
Frank Morgner
c026f37677 warn about error in sc_enumerate_apps 2018-06-29 17:14:55 +02:00
Frank Morgner
6819759946 fixed memory leak 2018-06-29 17:14:55 +02:00
Frank Morgner
5f39d7ab74 use correct length of binary ATR 2018-06-29 17:14:55 +02:00
Frank Morgner
0e9565754c avoid uninitialized output after sc_file_dup 2018-06-29 17:14:55 +02:00
Alon Bar-Lev
31cbf83738 build: support >=libressl-2.7 2018-06-28 08:58:07 +02:00
Peter Marschall
0603c3b7fc iso7816: fix typo in previous commit 2018-06-24 10:34:49 +03:00
Peter Marschall
2818e0f703 iso7816: update & extend error codes 
While at it, do some space policing.
 2018-06-24 10:34:49 +03:00
Frank Morgner
1ca1a024df card-npa: fixed memory leak 
fixes https://github.com/OpenSC/OpenSC/issues/1396
 2018-06-22 09:23:00 +02:00
Frank Morgner
d831076974 opensc-notify: use generic icon 
fixes https://github.com/OpenSC/OpenSC/issues/1402
 2018-06-22 08:52:49 +02:00
Peter Popovec
5dcea4440e pkcs15-tool: added support for reading NIST ssh keys 
'pkcs15-tool --read-ssh-key' is now able to read NIST ECC keys from card.
Only 256, 384 and 521 field lengths are supported (same as allowed in
ssh-keygen -t ecdsa). Issue #803 is partialy fixed by this patch.
Openssh PKCS11 interface patches for ECC are now available, please check
https://bugzilla.mindrot.org/show_bug.cgi?id=2474
 2018-06-21 15:26:15 +02:00
Jakub Jelen
1f352d4c6d muscle: Properly clean up the applet memory footprint 2018-06-21 12:48:57 +02:00
Jakub Jelen
5b3da5d462 cac: Missing memory cleanup 2018-06-21 12:48:57 +02:00
Jakub Jelen
2682741293 cac: Avoid segfaults from get_challenge() 2018-06-21 12:48:57 +02:00
Jakub Jelen
f392d7426f Utilize autoconf variables for cmocka usage 2018-06-21 12:48:57 +02:00
Frank Morgner
9c2afad417 fixed copy/paste error 2018-06-20 00:56:01 +02:00
Frank Morgner
8b3f5b7d97 epass2003: fixed logical error 2018-06-19 23:24:36 +02:00
Frank Morgner
9150d92447 fixed out of bounds access 2018-06-19 23:22:00 +02:00
Frank Morgner
d8cdf66d3d fixed memory leak 2018-06-19 23:15:29 +02:00
ytoku
63ed8d7368 gids: file selection via gids_select_file 2018-06-19 08:00:01 +02:00
ytoku
46c0bbd803 gids: use file id instead of path in gids_delete_key_file 2018-06-19 08:00:01 +02:00
ytoku
ab16228e26 gids: fix gids_delete_cert 2018-06-14 14:05:45 +02:00
asc
31941bc3d9 sc-hsm: Ensure that applet returns version information (Fix #1377) 2018-06-11 22:51:45 +02:00
Peter Marschall
7c99adaaa6 PIV: limit scope of some variables 2018-06-11 22:37:42 +02:00
Peter Marschall
f2ba0ad9be PIV: refactor to use sc_compacttlv_find_tag() 2018-06-11 22:37:42 +02:00
Jakub Jelen
40b02b2582 Namespace the function name, update comment 2018-06-11 22:31:44 +02:00
Jakub Jelen
50b5eb3b69 Allow using up to 16 certificates 2018-06-11 22:31:44 +02:00
Jakub Jelen
9dda83e48e cac: Verbose logging, avoid OOB reads 2018-06-11 22:31:44 +02:00
Jakub Jelen
930d457304 Log bad length buffers 2018-06-11 22:31:44 +02:00
Jakub Jelen
298afb072e Properly check length also of the applet entry 2018-06-11 22:31:44 +02:00
Jakub Jelen
f27ee858c2 Carefully check the length of the buffers before accessing them. 
The lengths are static and based on the GCS-IS 2.1 specification
 2018-06-11 22:31:44 +02:00
Jakub Jelen
a73b3d549b Address review comments: 
* Refactor cac_properties_t structure to make its creation more readable
 * Avoid manual allocation in cac_get_acr() and clean up bogus pointers
 * Avoid bogus comments
 * Properly check lengths of retrieved values
 2018-06-11 22:31:44 +02:00
Jakub Jelen
aacac57230 Another note/todo about PINs on uninitialized cards 2018-06-11 22:31:44 +02:00
Jakub Jelen
d24c23ac0c Use applet properties to recognize buffer formats 
Previously, the code handled all the data objects as SimpleTLV,
which caused invalid encoding when we tried to merge TL + V buffers
into single PKCS#15 buffers.

This change is using GET PROPERTIES APDU after applet selection
to explore objects, figure out encoding and check the status of
PKI objects initialization to avoid reading them.
 2018-06-11 22:31:44 +02:00
Jakub Jelen
450cff470a Inspect the Alt tokens through the ACA applet 
The previous solution was just guessing AIDs of the PKI objects
and trying if they answer.

This solution is inspecting card based on the Service Applet Table
(listing all the applets on the card) and using GET PROPERTIES APDU
listing all the available OIDs of the applet.

This was successfully tested with standard CAC card
(with different ACA AID) and uninitialized HID Alt tokens with empty
certificates slots.
 2018-06-11 22:31:44 +02:00
Jakub Jelen
ee7b6f4035 cac: Log unknown tags 2018-06-11 22:31:44 +02:00
Jakub Jelen
cde06a499c Use correct AID and Object ID 2018-06-11 22:31:44 +02:00
Jakub Jelen
2138d5fe32 One more todo based on the testing with a new libcacard 2018-06-11 22:31:44 +02:00
Jakub Jelen
426914674c Unbreak encoding last tag in the data objects 2018-06-11 22:31:44 +02:00
Jakub Jelen
5b420318d4 Allocate private data outside and avoid memory leaks 2018-06-11 22:31:44 +02:00
Jakub Jelen
92df907681 Typo, clean up comments, dump more useful information from CCC 2018-06-11 22:31:44 +02:00
Jakub Jelen
52451ac438 card-cac.c: Dump also the MSCUID 2018-06-11 22:31:44 +02:00
asc
335c242ce0 Filter certificates other than CKC_X_509 2018-06-08 08:28:37 +02:00