3168f48503
Fix spelling error in comments
2020-08-29 23:22:34 +02:00
e1353c0488
Fix spelling error
...
Thanks to Debian lintian:
I: opensc-pkcs11: spelling-error-in-binary
usr/lib/x86_64-linux-gnu/libopensc.so.6.0.0 certificat certificate
2020-08-29 23:19:37 +02:00
7fc00a1178
Fix spelling error
...
Thanks to Debian lintian:
I: opensc: spelling-error-in-binary usr/bin/netkey-tool conatin contain
I: opensc: spelling-error-in-binary usr/bin/piv-tool conatin contain
2020-08-29 23:17:02 +02:00
4dbfc77eba
opensc-explorer: extend do_asn1() to accept offsets
...
Have do_asn1() accept an optional parameter indicating an offset.
If this is given then start ASN.1-decoding the file/record at this offset.
2020-08-23 22:46:26 +02:00
45e7039940
opensc-explorer: extend do_asn1() to decode records
...
Have do_asn1() accept an optional parameter indicating a record number.
If this is given and the file is a record-oriented file, then ASN.1-decode
the record requested.
2020-08-23 22:46:26 +02:00
d345c65a5d
opensc-explorer: extend do_cat()
...
Have do_cat() accept an optional second parameter indicating a record number.
If this is given and the file is a record-oriented file, only print the record
requested.
2020-08-23 22:46:26 +02:00
f0b157b8e7
Improved comments for PIN cmd structures.
2020-08-19 10:01:58 +02:00
11adcfca99
Removed 'acls' from the public interface in 'sc_pin_cmd_pin' since it is not
...
supported by most of the card drivers and can therefore not be regarded to be
part of the public interface.
Modified the only remaining card driver that used it (authentic) to store acls
in a private variable.
2020-08-19 10:01:58 +02:00
6e3e81a9f4
Remove unused stored_length field.
2020-08-19 10:01:58 +02:00
48d939b057
Removed length_offset since it is not used any more.
2020-08-19 10:01:58 +02:00
aca0d08e29
Removed the 'crts' field from 'sc_acl_entry' type since:
...
- its definition is specific to the IAS-ECC card type
- its presence can not be assumed since it is read from non-mandatory SE type of an SDO
- it is currently not used anywhere in the code
2020-08-19 10:01:58 +02:00
376cc2d910
iso7816: set record_length for any record-oriented EF
2020-08-19 09:58:12 +02:00
cdbcb5b7db
coolkey: Fix AddressSanitizer: stack-use-after-scope
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=23979
2020-08-04 13:11:55 +02:00
8963c35189
pkcs15-sc-hsm: use correct name for EF.CDF
2020-08-03 15:34:22 +02:00
07e98b5193
pkcs15-sc-hsm: fix commit c4d7bb1
...
Set the trigger for LOG_TEST_RET() to a negative value if obj.data == NULL.
2020-08-03 15:34:22 +02:00
978c912c70
fixed Heap-buffer-overflow READ
...
7cf8087351https://oss-fuzz.com/testcase-detail/5734055866531840
2020-07-30 02:40:02 +02:00
6903aebfdd
Heap-buffer-overflow WRITE
...
fixes https://oss-fuzz.com/testcase-detail/5088104168554496
2020-07-30 02:27:02 +02:00
9ffb9bae63
tcos: add missing encryption certificates
2020-07-30 02:00:15 +02:00
2b78374e37
Print error message for the case that a PUK object is not available for a PIN
...
during an unblock operation (this is a sign of a card with invalid PKCS #15
info). Without this error message the program just terminates silently, which
is confusing to the user.
2020-07-22 22:58:57 +02:00
6f1df6454a
Reject the case that the PIN and PUK padding flags are different, since this
...
case can not be handled by the card driver interface. Better to detect and
fail early instead of sending invalid data to the card.
2020-07-22 22:58:57 +02:00
555cb73615
Fix for using the correct info for PIN/PUK (before they were switched).
2020-07-22 22:58:57 +02:00
e80906d973
Add path selection to sc_pkcs15_get_pin_info to make it work correctly with
...
local PINs. This makes the code behave the same way as PIN verification,
change and unblock, before calling the PIN command handler in the card driver.
2020-07-22 22:58:57 +02:00
bad74e1ed6
Enabled code for using PUK reference for PIN unblock, when available.
2020-07-22 22:57:23 +02:00
998284dd1c
Removed unused define.
2020-07-22 22:57:23 +02:00
ba76bc0239
Improved syntactic readability without any change in functionality.
2020-07-22 22:57:23 +02:00
c903ddfce1
Fixed bounds checking and enabled the function again.
2020-07-22 22:57:23 +02:00
163b69e6a7
Change ADF selection to return FCP for Oberthur cards. No need to simulate
...
since it is supported.
2020-07-22 22:57:23 +02:00
3331a7f134
Fix MF selection APDU to use 0x0c in P2 (no data). The previous value of 0x00
...
is invalid according to IAS-ECC and resulted in 6A 86 on the Oberthur
cards that we tested with.
2020-07-22 22:57:23 +02:00
471468260e
Improved PIN unblock function:
...
- Uses PIN padding from merged policy
- Added PIN-pad support
- Use ISO 7816 layer to avoid code duplication
2020-07-22 22:57:23 +02:00
79e81eeef0
Improved PIN change function:
...
- Uses PIN padding from merged policy
- Improved PIN-pad logic and merged here from separate function
2020-07-22 22:57:23 +02:00
5ae488c1b9
Improved PIN verification function:
...
- Uses PIN padding from merged policy
- Moved PIN-pad logic into this function instead of keeping separate
2020-07-22 22:57:23 +02:00
d0b3e90431
Simlified low-level CHV verification function:
...
- Removed special PIN-pad case, moving logic into high-level function.
- Use ISO 7816 layer to avoid code duplication.
2020-07-22 22:57:23 +02:00
8c2d629f94
Functions used to control PIN padding and PIN pad use:
...
- Use PIN padding information when provided by upper layers
- Enable PIN padding at card level when min/max len set to same, nonzero value
- Allow PIN-pad use to be dynamically selected for each PIN
2020-07-22 22:57:23 +02:00
ca911e342c
Improved PIN info retrieval, now returning verification status, and attempts
...
left even when previously not available (due to card not providing it in the
SDO).
2020-07-22 22:57:23 +02:00
19063932f0
Simplified PIN policy retrieval to only read the data that is actually needed,
...
excluding the CRT info from the SE-SDO, which is not guaranteed to be
available in all card types.
Use an explicit PIN policy structure type instead of keeping the info in the
sc_pin_cmd_data, since this type of info is only used privately in the card
driver.
2020-07-22 22:57:23 +02:00
741ee73ec9
Add generic function for PIN status retrieval, for subsequent use (among
...
others intended to replace iasecc_pin_is_verified).
Base it on functionality in the ISO 7816 layer to avoid code duplication.
2020-07-22 22:57:23 +02:00
7ed876c816
Added ATR mask for Idemia (Oberthur) IAS-ECC card to recognize Cosmo V8 cards.
2020-07-22 22:57:23 +02:00
eb3e00a385
Corrected highly misleading, confusing and ambiguous use of PIN length_offset
...
field. Now only the PIN offset fields are used. Also added error checking for
invalid values.
2020-07-22 22:56:09 +02:00
80853bda31
Only enable static frame size for PIN padding when padding length is below
...
maximum limits. Otherwise resort to adaptive support.
2020-07-22 22:56:09 +02:00
afffeccc29
Fixed problems with PIN min/max length handling:
...
- The wrong PIN was selected from the sc_pin_cmd_data structure.
- When the PIN max value was zero from the caller (meaning unknown max), the
reader max value was not used.
2020-07-22 22:56:09 +02:00
1dc359cb61
Fix for issue #1999 :
...
- Reset context to undefined handle value on error since call may alter
output parameter.
- Continue to assume -1 as undefined handle value in all PCSC
implementations, to keep this fix as small and surgical as possible.
2020-07-22 22:55:30 +02:00
b16a5cbee0
pkcs15: Free app info when allocating new and in cleanup
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=23746
2020-07-07 16:21:21 +02:00
c82aa92687
pkcs15: Clean memory on alocation failure
2020-07-07 16:21:21 +02:00
2d6de2510c
pkcs15: Drop bogus checks
2020-07-07 16:21:21 +02:00
4c473fba29
authentic: Clean private data on error
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=23786
2020-07-07 16:21:21 +02:00
05dcde508b
authentic: Use memmove as the memory can overlap (if path is > 2B)
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=23787
2020-07-07 16:21:21 +02:00
5098cfdb40
authentic: Do not leak memory on fail path
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=23788
2020-07-07 16:21:21 +02:00
7cf8087351
asepcos: Avoid heap-buffer-overflow
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=23529
2020-07-07 16:21:21 +02:00
c4d7bb1a7b
Do not crash on if private certificate is ignored ( #2057 )
2020-07-07 16:21:21 +02:00
43379b3b22
coolkey: Rewrite coolkey_rsa_op() for better readability
2020-07-07 16:21:21 +02:00
0cda376dba
pkcs15-pubkey: Make sc_pkcs15_pubkey_from_spki_fields more robust against errors
...
Original patch from Douglas E Engert <deengert@gmail.com>
2020-07-07 16:21:21 +02:00
e759b17b66
pkcs15-pubkey: Avoid memory leaks when spki parsing fails
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22189
2020-07-07 16:21:21 +02:00
56f4c6c34a
piv: Free pubkey on error
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22297
2020-07-07 16:21:21 +02:00
3696331d5c
Remove more needless checks for NULL before free
2020-07-07 16:21:21 +02:00
fea08d749d
coolkey: Avoid memory leak
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=23251
2020-07-07 16:21:21 +02:00
97ec23a2d9
pkcs11: Propagate ignore_user_consent
...
If user consent is ignored through configuration, do not present
ALWAYS_AUTHENTICATE=TRUE attribute in PKCS#11
Fixes #2039
2020-07-03 17:55:24 +02:00
929717b505
Make PUK reference available to card driver from PKCS #15 layer for PIN
...
unblock operations. This helps some of the card drivers which otherwise
would have a hard time locating the PUK for a PIN.
2020-07-02 13:24:57 +02:00
bf30d64cf9
Fixes build error in opensc-notify (issue #2068 ).
2020-07-02 13:20:01 +02:00
223a0949e8
Add sc_free()
...
For more details see https://github.com/OpenSC/OpenSC/issues/2054
2020-06-22 10:47:59 +02:00
4d96fbfed4
Remove compiler warnings/errors
...
Recent compilers have activated some additional
checks which let the build fail. (at least with cygwin)
(Normally it would be warnings but opensc compiles
with -Werror)
GCC 9.3:
In file included from profile.c:27:
profile.c: In function '__expr_get':
profile.c:2273:18: error: array subscript has type 'char' [-Werror=char-subscripts]
2273 | while (isspace(*s))
| ^~
clang 8.0.1:
compat_getopt_main.c:102:22: error: array subscript is of type 'char' [-Werror,-Wchar-subscripts]
rc = toupper(rc);
^~~~~~~~~~~
/usr/include/ctype.h:161:25: note: expanded from macro 'toupper'
(void) __CTYPE_PTR[__x]; (toupper) (__x);})
^~~~
Actually the code is correct as isspace and others
are used here with data type char, and are to be used
with data type int.
So either the compiler should have deactivated
this error, or the ctype.h macros have to be
written so the compiler no longer complains.
As there is also a simple workaround by casting
char to unsigned char, there is no need to wait for one
of the former options to be happen sometime.
2020-06-22 10:47:02 +02:00
7ae74c524f
piv: Avoid accessing memory after zero-length tags
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=23215
2020-06-09 13:02:27 +02:00
5e7d4fb8ba
oberthur: Avoid memory leaks
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=23126
2020-06-09 13:02:27 +02:00
0a34d11cb7
oberthur: Avoid memory leaks on error paths
2020-06-09 13:02:27 +02:00
62403eec34
tcos: Use memset instead of for cycle
2020-06-09 13:02:27 +02:00
9dd3370673
oberthur: Fix operator precedence
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22665
2020-06-09 13:02:27 +02:00
a5f04188bc
pteid: Do not overwrite already set information in tokeninfo
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22578
2020-06-09 13:02:27 +02:00
f49162af04
Avoid memory leaks when initializing tokeninfo in various drivers
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22578
2020-06-09 13:02:27 +02:00
71d1f69a3a
Reformat tcos_compute_signature() for better readability
2020-06-09 13:02:27 +02:00
e6848b6d88
tcos: Yet anoter buffer underflow as previous
2020-06-09 13:02:27 +02:00
fa719b301f
tcos: Prevent buffer underflow
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22995
2020-06-09 13:02:27 +02:00
d141b35596
tcos: Rewrite assert to explicit check
2020-06-09 13:02:27 +02:00
1819ca33d6
tcos_decipher: Reformat to improve readability
2020-06-09 13:02:27 +02:00
53395f4075
tcos: Replace assert with explicit check
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22999
2020-06-09 13:02:27 +02:00
8940ed5d85
tcos: Avoid memory leak on invalid inputs
...
(make sure the pointer is initialized)
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22765#c2
2020-06-09 13:02:27 +02:00
b418601942
pkcs11-spy: Dump slot id for C_WaitForSlotEvent
2020-06-09 13:02:27 +02:00
36247d85b0
pkcs11: fixed notifying twice in case of an attached reader
...
before 14e396273
2020-06-09 12:07:04 +02:00
1c7b311289
pcsc: immediately exit on hotplug events
...
fixes delayed notification for removed readers
closes https://github.com/OpenSC/OpenSC/issues/2021
2020-06-09 12:07:04 +02:00
8f6e5dc2b0
Unbreak wait for events
...
By Jabuk Jelen
Fixes https://github.com/OpenSC/OpenSC/issues/2021
2020-06-09 12:07:04 +02:00
1bb2547abc
respect PKCS#11 allowed return values
2020-06-08 14:18:23 +02:00
6a6b3e4b62
prevent memory leak
2020-06-08 14:18:23 +02:00
58b03b68dd
check for unbound cards
...
closes https://github.com/OpenSC/OpenSC/pull/2045
2020-06-08 14:18:23 +02:00
a10b661f99
IsoApplet: Fix uninitialized public key oid during key generation
2020-06-05 14:48:50 +02:00
ca5f5c8844
explorer: set stdout to O_BINARY in Windows where needed
2020-06-05 14:48:08 +02:00
5714dbfa08
opensc-explorer: add function 'get_record'
2020-06-05 14:48:08 +02:00
f55c4e5c93
opensc-explorer: extend path_to_filename()
...
Expect a record number as 3rd parameter:
if this record number is greater than 0, indicating a single record,
then append the record number to the file name being constructed.
2020-06-05 14:48:08 +02:00
180c57fd15
fixed compiler warning
2020-06-05 09:43:38 +02:00
0f0e0b2e30
prevent out of bounds read
...
fixes https://oss-fuzz.com/testcase-detail/5769298181357568
2020-06-05 08:31:19 +02:00
9d294de90d
prevent out of bounds write
...
fixes https://oss-fuzz.com/testcase-detail/5226571123392512
2020-06-04 10:04:10 +02:00
55fd3db2b5
prevent integer underflow and subsequent heap overflow
...
fixes https://oss-fuzz.com/testcase-detail/5666689944649728
2020-06-04 09:47:22 +02:00
4bc03cb55d
fixed memory leak
...
fixes https://oss-fuzz.com/testcase-detail/5113223765557248
2020-06-04 00:13:57 +02:00
f334f3eabe
Bug fixed ( #1859 )
...
* Bug fixed
1. It solves the problem that can be signed without input PIN, and new code will check the state that the PIN value
2. The algorithm fails to verify sha256, cause signature failure
3. The format of distinguishing ECC and RSA key pair is added - after the key pair is generated successfully, ECC and RSA need to be distinguished when reading the public key. The return format of ECC is different from the RSA
4. Fix ECC information display bug - The problem is using pkcs15-tool -D to print ECC key pair information no display correctly
5. Modify the module attribute of generating ECC key pair, and add 0x04 flag according to pkcs11 standard
2020-06-03 14:54:39 +02:00
16456922e2
pkcs11: Return CKR_TOKEN_NOT_RECOGNIZED for not recognized cards
...
Fixes #2030
2020-05-30 16:00:04 +02:00
e8a2644435
Remove duplicate condition
...
Thanks coverity
2020-05-29 09:57:39 +02:00
38474739b3
card-cardos: Fix NULL dereference
...
Thanks coverity
2020-05-29 09:57:39 +02:00
0a17188710
fixed out of bounds read
...
fixes https://oss-fuzz.com/testcase-detail/5769032858075136
2020-05-24 23:47:29 +02:00
d4a9405bf4
Initial support for Polish eID card (e-dowód, eDO) ( #2023 )
2020-05-19 14:05:13 +02:00
ed55fcd299
fixed invalid read
...
fixes https://oss-fuzz.com/testcase-detail/5765246676631552
2020-05-18 17:25:32 +02:00
96a7eca99a
fixed memory leak
...
fixes https://oss-fuzz.com/testcase-detail/5633315576217600
2020-05-18 17:13:48 +02:00
4cb9788b99
fixed invalid read
...
fixes https://oss-fuzz.com/testcase-detail/5726023753924608
2020-05-18 16:45:24 +02:00
7e1679b2db
fixed memory leak
...
fixes https://oss-fuzz.com/testcase-detail/5675417580339200
2020-05-18 16:38:43 +02:00
Ludovic Rousseau
Peter Marschall
Zoltan Kelemen
Jakub Jelen
Frank Morgner
Julian Strobl
René Liebscher
Luka Logar
Feitian Technologies
Piotr Majkrzak