Jakub Jelen
71876042bd
oberthur: Do not leak memory on error
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24518
2020-09-15 12:41:37 +02:00
Jakub Jelen
a1d35518dd
CID 357984: Avoid casting signed integer to unsigned before checking its value
2020-09-15 12:41:37 +02:00
Jakub Jelen
34a5a80870
CID 360515: Avoid dereferencing null pointer crypt_out_p.
...
Thanks coverity and oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=23976
2020-09-15 12:41:37 +02:00
Zoltan Kelemen
7c8c77cf1f
Corrected highly misleading, confusing and ambiguous use of PIN length_offset
...
field. Now only the PIN offset fields are used.
This change synchronizes the code with similar changes in reader-pcsc.c
(commit eb3e00a385
).
2020-09-04 12:28:24 +02:00
Raul Metsma
57f37ffd8d
Remove unused and broken RSA EstEID support
...
Signed-off-by: Raul Metsma <raul@metsma.ee>
2020-09-02 11:21:33 +02:00
Ludovic Rousseau
4e0fef0e27
Merge pull request #2101 from marschap/master-spelling
...
spelling fixes
2020-08-30 14:24:39 +02:00
Peter Marschall
16c889cf7d
spelling fixes
...
Fix various spelling errors, mostly in comments but also in texts displayed.
Errors found & interactively fixed using 'codespell', with additional manual
checks after the fixes.
2020-08-30 10:35:14 +02:00
Ludovic Rousseau
8ada99b4d3
Fix spelling error
...
Thanks to Debian lintian:
I: opensc: typo-in-manual-page usr/share/man/man5/opensc.conf.5.gz
developement development
2020-08-29 23:30:32 +02:00
Ludovic Rousseau
17005c9f14
Fix spelling error
...
Thanks to Debian lintian:
I: opensc: typo-in-manual-page usr/share/man/man5/opensc.conf.5.gz
"allows to" "allows one to"
2020-08-29 23:28:11 +02:00
Ludovic Rousseau
3168f48503
Fix spelling error in comments
2020-08-29 23:22:34 +02:00
Ludovic Rousseau
e1353c0488
Fix spelling error
...
Thanks to Debian lintian:
I: opensc-pkcs11: spelling-error-in-binary
usr/lib/x86_64-linux-gnu/libopensc.so.6.0.0 certificat certificate
2020-08-29 23:19:37 +02:00
Ludovic Rousseau
7fc00a1178
Fix spelling error
...
Thanks to Debian lintian:
I: opensc: spelling-error-in-binary usr/bin/netkey-tool conatin contain
I: opensc: spelling-error-in-binary usr/bin/piv-tool conatin contain
2020-08-29 23:17:02 +02:00
Ludovic Rousseau
a70b082a09
Fix spelling error
...
Thanks to Debian lintian:
I: opensc: spelling-error-in-binary usr/bin/egk-tool arguement argument
2020-08-29 23:14:49 +02:00
Peter Marschall
4dbfc77eba
opensc-explorer: extend do_asn1() to accept offsets
...
Have do_asn1() accept an optional parameter indicating an offset.
If this is given then start ASN.1-decoding the file/record at this offset.
2020-08-23 22:46:26 +02:00
Peter Marschall
45e7039940
opensc-explorer: extend do_asn1() to decode records
...
Have do_asn1() accept an optional parameter indicating a record number.
If this is given and the file is a record-oriented file, then ASN.1-decode
the record requested.
2020-08-23 22:46:26 +02:00
Peter Marschall
d345c65a5d
opensc-explorer: extend do_cat()
...
Have do_cat() accept an optional second parameter indicating a record number.
If this is given and the file is a record-oriented file, only print the record
requested.
2020-08-23 22:46:26 +02:00
Zoltan Kelemen
f0b157b8e7
Improved comments for PIN cmd structures.
2020-08-19 10:01:58 +02:00
Zoltan Kelemen
11adcfca99
Removed 'acls' from the public interface in 'sc_pin_cmd_pin' since it is not
...
supported by most of the card drivers and can therefore not be regarded to be
part of the public interface.
Modified the only remaining card driver that used it (authentic) to store acls
in a private variable.
2020-08-19 10:01:58 +02:00
Zoltan Kelemen
6e3e81a9f4
Remove unused stored_length field.
2020-08-19 10:01:58 +02:00
Zoltan Kelemen
48d939b057
Removed length_offset since it is not used any more.
2020-08-19 10:01:58 +02:00
Zoltan Kelemen
aca0d08e29
Removed the 'crts' field from 'sc_acl_entry' type since:
...
- its definition is specific to the IAS-ECC card type
- its presence can not be assumed since it is read from non-mandatory SE type of an SDO
- it is currently not used anywhere in the code
2020-08-19 10:01:58 +02:00
Peter Marschall
376cc2d910
iso7816: set record_length for any record-oriented EF
2020-08-19 09:58:12 +02:00
Jakub Jelen
ad81126c07
Fix link to virt_cacard project
2020-08-05 09:11:35 +02:00
Jakub Jelen
cdbcb5b7db
coolkey: Fix AddressSanitizer: stack-use-after-scope
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=23979
2020-08-04 13:11:55 +02:00
Peter Marschall
8963c35189
pkcs15-sc-hsm: use correct name for EF.CDF
2020-08-03 15:34:22 +02:00
Peter Marschall
07e98b5193
pkcs15-sc-hsm: fix commit c4d7bb1
...
Set the trigger for LOG_TEST_RET() to a negative value if obj.data == NULL.
2020-08-03 15:34:22 +02:00
Frank Morgner
978c912c70
fixed Heap-buffer-overflow READ
...
7cf8087351
seemed to be incomplete. Change
the length of the buffer right before it's accessed.
fixes https://oss-fuzz.com/testcase-detail/5734055866531840
2020-07-30 02:40:02 +02:00
Frank Morgner
6903aebfdd
Heap-buffer-overflow WRITE
...
fixes https://oss-fuzz.com/testcase-detail/5088104168554496
2020-07-30 02:27:02 +02:00
Julian Strobl
9ffb9bae63
tcos: add missing encryption certificates
2020-07-30 02:00:15 +02:00
Zoltan Kelemen
2b78374e37
Print error message for the case that a PUK object is not available for a PIN
...
during an unblock operation (this is a sign of a card with invalid PKCS #15
info). Without this error message the program just terminates silently, which
is confusing to the user.
2020-07-22 22:58:57 +02:00
Zoltan Kelemen
6f1df6454a
Reject the case that the PIN and PUK padding flags are different, since this
...
case can not be handled by the card driver interface. Better to detect and
fail early instead of sending invalid data to the card.
2020-07-22 22:58:57 +02:00
Zoltan Kelemen
555cb73615
Fix for using the correct info for PIN/PUK (before they were switched).
2020-07-22 22:58:57 +02:00
Zoltan Kelemen
e80906d973
Add path selection to sc_pkcs15_get_pin_info to make it work correctly with
...
local PINs. This makes the code behave the same way as PIN verification,
change and unblock, before calling the PIN command handler in the card driver.
2020-07-22 22:58:57 +02:00
Zoltan Kelemen
bad74e1ed6
Enabled code for using PUK reference for PIN unblock, when available.
2020-07-22 22:57:23 +02:00
Zoltan Kelemen
998284dd1c
Removed unused define.
2020-07-22 22:57:23 +02:00
Zoltan Kelemen
ba76bc0239
Improved syntactic readability without any change in functionality.
2020-07-22 22:57:23 +02:00
Zoltan Kelemen
c903ddfce1
Fixed bounds checking and enabled the function again.
2020-07-22 22:57:23 +02:00
Zoltan Kelemen
163b69e6a7
Change ADF selection to return FCP for Oberthur cards. No need to simulate
...
since it is supported.
2020-07-22 22:57:23 +02:00
Zoltan Kelemen
3331a7f134
Fix MF selection APDU to use 0x0c in P2 (no data). The previous value of 0x00
...
is invalid according to IAS-ECC and resulted in 6A 86 on the Oberthur
cards that we tested with.
2020-07-22 22:57:23 +02:00
Zoltan Kelemen
471468260e
Improved PIN unblock function:
...
- Uses PIN padding from merged policy
- Added PIN-pad support
- Use ISO 7816 layer to avoid code duplication
2020-07-22 22:57:23 +02:00
Zoltan Kelemen
79e81eeef0
Improved PIN change function:
...
- Uses PIN padding from merged policy
- Improved PIN-pad logic and merged here from separate function
2020-07-22 22:57:23 +02:00
Zoltan Kelemen
5ae488c1b9
Improved PIN verification function:
...
- Uses PIN padding from merged policy
- Moved PIN-pad logic into this function instead of keeping separate
2020-07-22 22:57:23 +02:00
Zoltan Kelemen
d0b3e90431
Simlified low-level CHV verification function:
...
- Removed special PIN-pad case, moving logic into high-level function.
- Use ISO 7816 layer to avoid code duplication.
2020-07-22 22:57:23 +02:00
Zoltan Kelemen
8c2d629f94
Functions used to control PIN padding and PIN pad use:
...
- Use PIN padding information when provided by upper layers
- Enable PIN padding at card level when min/max len set to same, nonzero value
- Allow PIN-pad use to be dynamically selected for each PIN
2020-07-22 22:57:23 +02:00
Zoltan Kelemen
ca911e342c
Improved PIN info retrieval, now returning verification status, and attempts
...
left even when previously not available (due to card not providing it in the
SDO).
2020-07-22 22:57:23 +02:00
Zoltan Kelemen
19063932f0
Simplified PIN policy retrieval to only read the data that is actually needed,
...
excluding the CRT info from the SE-SDO, which is not guaranteed to be
available in all card types.
Use an explicit PIN policy structure type instead of keeping the info in the
sc_pin_cmd_data, since this type of info is only used privately in the card
driver.
2020-07-22 22:57:23 +02:00
Zoltan Kelemen
741ee73ec9
Add generic function for PIN status retrieval, for subsequent use (among
...
others intended to replace iasecc_pin_is_verified).
Base it on functionality in the ISO 7816 layer to avoid code duplication.
2020-07-22 22:57:23 +02:00
Zoltan Kelemen
7ed876c816
Added ATR mask for Idemia (Oberthur) IAS-ECC card to recognize Cosmo V8 cards.
2020-07-22 22:57:23 +02:00
Zoltan Kelemen
eb3e00a385
Corrected highly misleading, confusing and ambiguous use of PIN length_offset
...
field. Now only the PIN offset fields are used. Also added error checking for
invalid values.
2020-07-22 22:56:09 +02:00
Zoltan Kelemen
80853bda31
Only enable static frame size for PIN padding when padding length is below
...
maximum limits. Otherwise resort to adaptive support.
2020-07-22 22:56:09 +02:00