giomba
/
opensc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
8,314 Commits 1 Branch 30 Tags 20 MiB
Commit Graph

8314 Commits

Author SHA1 Message Date
Jakub Jelen 71876042bd oberthur: Do not leak memory on error 
Thanks oss-fuzz

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24518
 2020-09-15 12:41:37 +02:00
Jakub Jelen a1d35518dd CID 357984: Avoid casting signed integer to unsigned before checking its value 2020-09-15 12:41:37 +02:00
Jakub Jelen 34a5a80870 CID 360515: Avoid dereferencing null pointer crypt_out_p. 
Thanks coverity and oss-fuzz

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=23976
 2020-09-15 12:41:37 +02:00
Zoltan Kelemen 7c8c77cf1f Corrected highly misleading, confusing and ambiguous use of PIN length_offset 
field. Now only the PIN offset fields are used.

This change synchronizes the code with similar changes in reader-pcsc.c
(commit eb3e00a385).
 2020-09-04 12:28:24 +02:00
Raul Metsma 57f37ffd8d Remove unused and broken RSA EstEID support 
Signed-off-by: Raul Metsma <raul@metsma.ee>
 2020-09-02 11:21:33 +02:00
Ludovic Rousseau 4e0fef0e27
Merge pull request #2101 from marschap/master-spelling 
spelling fixes
 2020-08-30 14:24:39 +02:00
Peter Marschall 16c889cf7d spelling fixes 
Fix various spelling errors, mostly in comments but also in texts displayed.

Errors found & interactively fixed using 'codespell', with additional manual
checks after the fixes.
 2020-08-30 10:35:14 +02:00
Ludovic Rousseau 8ada99b4d3 Fix spelling error 
Thanks to Debian lintian:
I: opensc: typo-in-manual-page usr/share/man/man5/opensc.conf.5.gz
developement development
 2020-08-29 23:30:32 +02:00
Ludovic Rousseau 17005c9f14 Fix spelling error 
Thanks to Debian lintian:
I: opensc: typo-in-manual-page usr/share/man/man5/opensc.conf.5.gz
"allows to" "allows one to"
 2020-08-29 23:28:11 +02:00
Ludovic Rousseau 3168f48503 Fix spelling error in comments 2020-08-29 23:22:34 +02:00
Ludovic Rousseau e1353c0488 Fix spelling error 
Thanks to Debian lintian:
I: opensc-pkcs11: spelling-error-in-binary
usr/lib/x86_64-linux-gnu/libopensc.so.6.0.0 certificat certificate
 2020-08-29 23:19:37 +02:00
Ludovic Rousseau 7fc00a1178 Fix spelling error 
Thanks to Debian lintian:
I: opensc: spelling-error-in-binary usr/bin/netkey-tool conatin contain
I: opensc: spelling-error-in-binary usr/bin/piv-tool conatin contain
 2020-08-29 23:17:02 +02:00
Ludovic Rousseau a70b082a09 Fix spelling error 
Thanks to Debian lintian:
I: opensc: spelling-error-in-binary usr/bin/egk-tool arguement argument
 2020-08-29 23:14:49 +02:00
Peter Marschall 4dbfc77eba opensc-explorer: extend do_asn1() to accept offsets 
Have do_asn1() accept an optional parameter indicating an offset.
If this is given then start ASN.1-decoding the file/record at this offset.
 2020-08-23 22:46:26 +02:00
Peter Marschall 45e7039940 opensc-explorer: extend do_asn1() to decode records 
Have do_asn1() accept an optional parameter indicating a record number.
If this is given and the file is a record-oriented file, then ASN.1-decode
the record requested.
 2020-08-23 22:46:26 +02:00
Peter Marschall d345c65a5d opensc-explorer: extend do_cat() 
Have do_cat() accept an optional second parameter indicating a record number.
If this is given and the file is a record-oriented file, only print the record
requested.
 2020-08-23 22:46:26 +02:00
Zoltan Kelemen f0b157b8e7 Improved comments for PIN cmd structures. 2020-08-19 10:01:58 +02:00
Zoltan Kelemen 11adcfca99 Removed 'acls' from the public interface in 'sc_pin_cmd_pin' since it is not 
supported by most of the card drivers and can therefore not be regarded to be
part of the public interface.

Modified the only remaining card driver that used it (authentic) to store acls
in a private variable.
 2020-08-19 10:01:58 +02:00
Zoltan Kelemen 6e3e81a9f4 Remove unused stored_length field. 2020-08-19 10:01:58 +02:00
Zoltan Kelemen 48d939b057 Removed length_offset since it is not used any more. 2020-08-19 10:01:58 +02:00
Zoltan Kelemen aca0d08e29 Removed the 'crts' field from 'sc_acl_entry' type since: 
- its definition is specific to the IAS-ECC card type
- its presence can not be assumed since it is read from non-mandatory SE type of an SDO
- it is currently not used anywhere in the code
 2020-08-19 10:01:58 +02:00
Peter Marschall 376cc2d910 iso7816: set record_length for any record-oriented EF 2020-08-19 09:58:12 +02:00
Jakub Jelen ad81126c07
Fix link to virt_cacard project 2020-08-05 09:11:35 +02:00
Jakub Jelen cdbcb5b7db coolkey: Fix AddressSanitizer: stack-use-after-scope 
Thanks oss-fuzz

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=23979
 2020-08-04 13:11:55 +02:00
Peter Marschall 8963c35189 pkcs15-sc-hsm: use correct name for EF.CDF 2020-08-03 15:34:22 +02:00
Peter Marschall 07e98b5193 pkcs15-sc-hsm: fix commit c4d7bb1 
Set the trigger for LOG_TEST_RET() to a negative value if obj.data == NULL.
 2020-08-03 15:34:22 +02:00
Frank Morgner 978c912c70 fixed Heap-buffer-overflow READ 
7cf8087351 seemed to be incomplete. Change
the length of the buffer right before it's accessed.

fixes https://oss-fuzz.com/testcase-detail/5734055866531840
 2020-07-30 02:40:02 +02:00
Frank Morgner 6903aebfdd Heap-buffer-overflow WRITE 
fixes https://oss-fuzz.com/testcase-detail/5088104168554496
 2020-07-30 02:27:02 +02:00
Julian Strobl 9ffb9bae63 tcos: add missing encryption certificates 2020-07-30 02:00:15 +02:00
Zoltan Kelemen 2b78374e37 Print error message for the case that a PUK object is not available for a PIN 
during an unblock operation (this is a sign of a card with invalid PKCS #15
info). Without this error message the program just terminates silently, which
is confusing to the user.
 2020-07-22 22:58:57 +02:00
Zoltan Kelemen 6f1df6454a Reject the case that the PIN and PUK padding flags are different, since this 
case can not be handled by the card driver interface. Better to detect and
fail early instead of sending invalid data to the card.
 2020-07-22 22:58:57 +02:00
Zoltan Kelemen 555cb73615 Fix for using the correct info for PIN/PUK (before they were switched). 2020-07-22 22:58:57 +02:00
Zoltan Kelemen e80906d973 Add path selection to sc_pkcs15_get_pin_info to make it work correctly with 
local PINs. This makes the code behave the same way as PIN verification,
change and unblock, before calling the PIN command handler in the card driver.
 2020-07-22 22:58:57 +02:00
Zoltan Kelemen bad74e1ed6 Enabled code for using PUK reference for PIN unblock, when available. 2020-07-22 22:57:23 +02:00
Zoltan Kelemen 998284dd1c Removed unused define. 2020-07-22 22:57:23 +02:00
Zoltan Kelemen ba76bc0239 Improved syntactic readability without any change in functionality. 2020-07-22 22:57:23 +02:00
Zoltan Kelemen c903ddfce1 Fixed bounds checking and enabled the function again. 2020-07-22 22:57:23 +02:00
Zoltan Kelemen 163b69e6a7 Change ADF selection to return FCP for Oberthur cards. No need to simulate 
since it is supported.
 2020-07-22 22:57:23 +02:00
Zoltan Kelemen 3331a7f134 Fix MF selection APDU to use 0x0c in P2 (no data). The previous value of 0x00 
is invalid according to IAS-ECC and resulted in 6A 86 on the Oberthur
cards that we tested with.
 2020-07-22 22:57:23 +02:00
Zoltan Kelemen 471468260e Improved PIN unblock function: 
- Uses PIN padding from merged policy
- Added PIN-pad support
- Use ISO 7816 layer to avoid code duplication
 2020-07-22 22:57:23 +02:00
Zoltan Kelemen 79e81eeef0 Improved PIN change function: 
- Uses PIN padding from merged policy
- Improved PIN-pad logic and merged here from separate function
 2020-07-22 22:57:23 +02:00
Zoltan Kelemen 5ae488c1b9 Improved PIN verification function: 
- Uses PIN padding from merged policy
- Moved PIN-pad logic into this function instead of keeping separate
 2020-07-22 22:57:23 +02:00
Zoltan Kelemen d0b3e90431 Simlified low-level CHV verification function: 
- Removed special PIN-pad case, moving logic into high-level function.
- Use ISO 7816 layer to avoid code duplication.
 2020-07-22 22:57:23 +02:00
Zoltan Kelemen 8c2d629f94 Functions used to control PIN padding and PIN pad use: 
- Use PIN padding information when provided by upper layers
- Enable PIN padding at card level when min/max len set to same, nonzero value
- Allow PIN-pad use to be dynamically selected for each PIN
 2020-07-22 22:57:23 +02:00
Zoltan Kelemen ca911e342c Improved PIN info retrieval, now returning verification status, and attempts 
left even when previously not available (due to card not providing it in the
SDO).
 2020-07-22 22:57:23 +02:00
Zoltan Kelemen 19063932f0 Simplified PIN policy retrieval to only read the data that is actually needed, 
excluding the CRT info from the SE-SDO, which is not guaranteed to be
available in all card types.

Use an explicit PIN policy structure type instead of keeping the info in the
sc_pin_cmd_data, since this type of info is only used privately in the card
driver.
 2020-07-22 22:57:23 +02:00
Zoltan Kelemen 741ee73ec9 Add generic function for PIN status retrieval, for subsequent use (among 
others intended to replace iasecc_pin_is_verified).

Base it on functionality in the ISO 7816 layer to avoid code duplication.
 2020-07-22 22:57:23 +02:00
Zoltan Kelemen 7ed876c816 Added ATR mask for Idemia (Oberthur) IAS-ECC card to recognize Cosmo V8 cards. 2020-07-22 22:57:23 +02:00
Zoltan Kelemen eb3e00a385 Corrected highly misleading, confusing and ambiguous use of PIN length_offset 
field. Now only the PIN offset fields are used. Also added error checking for
invalid values.
 2020-07-22 22:56:09 +02:00
Zoltan Kelemen 80853bda31 Only enable static frame size for PIN padding when padding length is below 
maximum limits. Otherwise resort to adaptive support.
 2020-07-22 22:56:09 +02:00