the first usage is to update the public key PKCS#15 object attributes
and to encode it's direct value.
(support of the Oberthur's AuthentIC V3.2 card)
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5001 c6295689-39f2-0310-b995-f0e70906c6a9
From http://en.wikipedia.org/wiki/Malloc#Casting_and_type_safety
" Casting and type safety
malloc returns a void pointer (void *), which indicates that it is a
pointer to a region of unknown data type. One may "cast" (see type
conversion) this pointer to a specific type, as in
int *ptr = (int*)malloc(10 * sizeof (int));
When using C, this is considered bad practice; it is redundant under the
C standard. Moreover, putting in a cast may mask failure to include the
header stdlib.h, in which the prototype for malloc is found. In the
absence of a prototype for malloc, the C compiler will assume that
malloc returns an int, and will issue a warning in a context such as the
above, provided the error is not masked by a cast. On certain
architectures and data models (such as LP64 on 64 bit systems, where
long and pointers are 64 bit and int is 32 bit), this error can actually
result in undefined behavior, as the implicitly declared malloc returns
a 32 bit value whereas the actually defined function returns a 64 bit
value. Depending on calling conventions and memory layout, this may
result in stack smashing.
The returned pointer need not be explicitly cast to a more specific
pointer type, since ANSI C defines an implicit conversion between the
void pointer type and other pointers to objects. An explicit cast of
malloc's return value is sometimes performed because malloc originally
returned a char *, but this cast is unnecessary in standard C
code.[4][5] Omitting the cast, however, creates an incompatibility with
C++, which does require it.
The lack of a specific pointer type returned from malloc is type-unsafe
behaviour: malloc allocates based on byte count but not on type. This
distinguishes it from the C++ new operator that returns a pointer whose
type relies on the operand. (see C Type Safety). "
See also
http://www.opensc-project.org/pipermail/opensc-devel/2010-August/014586.html
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4636 c6295689-39f2-0310-b995-f0e70906c6a9
Noted by Ludovic.
In sc_pkcs15init_update_file() procedure the file selection errors other then SC_ERROR_FILE_NOT_FOUND were not treated.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4271 c6295689-39f2-0310-b995-f0e70906c6a9
Some cards do not include security attributes into the FCI returned by 'SELECT' command.
For such cards, when updating certificate, to authenticate 'UPDATE' operation use the
'sc_file' with default ACLs instantiated from the card profile.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4265 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-oberthur-awp.c: In function ‘awp_encode_data_info’:
pkcs15-oberthur-awp.c:1211: warning: implicit declaration of function ‘sc_asn1_encode_object_id’
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4205 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-oberthur-awp.c: In function ‘awp_new_container_entry’:
pkcs15-oberthur-awp.c:241: warning: declaration of ‘rand’ shadows a global declaration
/usr/include/stdlib.h:176: warning: shadowed declaration is here
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4204 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-oberthur.c: In function ‘cosm_write_tokeninfo’:
pkcs15-oberthur.c💯 warning: comparison between signed and unsigned
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4203 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-myeid.c: In function ‘myeid_generate_key’:
pkcs15-myeid.c:687: warning: comparison between signed and unsigned
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4202 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-myeid.c: In function ‘myeid_new_file’:
pkcs15-myeid.c:321: warning: assignment discards qualifiers from pointer target type
pkcs15-myeid.c:323: warning: assignment discards qualifiers from pointer target type
pkcs15-myeid.c:325: warning: assignment discards qualifiers from pointer target type
pkcs15-myeid.c:327: warning: assignment discards qualifiers from pointer target type
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4201 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-entersafe.c:200: warning: initialization discards qualifiers from pointer target type
pkcs15-entersafe.c:201: warning: initialization discards qualifiers from pointer target type
pkcs15-entersafe.c:202: warning: initialization discards qualifiers from pointer target type
pkcs15-entersafe.c:203: warning: initialization discards qualifiers from pointer target type
pkcs15-entersafe.c:204: warning: initialization discards qualifiers from pointer target type
pkcs15-entersafe.c:205: warning: initialization discards qualifiers from pointer target type
pkcs15-entersafe.c:206: warning: initialization discards qualifiers from pointer target type
pkcs15-entersafe.c:207: warning: initialization discards qualifiers from pointer target type
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4200 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-setcos.c: In function ‘setcos_new_file’:
pkcs15-setcos.c:263: warning: assignment discards qualifiers from pointer target type
pkcs15-setcos.c:265: warning: assignment discards qualifiers from pointer target type
pkcs15-setcos.c:267: warning: assignment discards qualifiers from pointer target type
pkcs15-setcos.c:269: warning: assignment discards qualifiers from pointer target type
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4197 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-lib.c: In function ‘get_template_name_from_object’:
pkcs15-lib.c:2152: warning: return discards qualifiers from pointer target type
pkcs15-lib.c:2154: warning: return discards qualifiers from pointer target type
pkcs15-lib.c:2156: warning: return discards qualifiers from pointer target type
pkcs15-lib.c:2159: warning: return discards qualifiers from pointer target type
pkcs15-lib.c:2161: warning: return discards qualifiers from pointer target type
pkcs15-lib.c: In function ‘get_pin_ident_name’:
pkcs15-lib.c:2815: warning: return discards qualifiers from pointer target type
pkcs15-lib.c:2817: warning: return discards qualifiers from pointer target type
pkcs15-lib.c:2819: warning: return discards qualifiers from pointer target type
pkcs15-lib.c:2823: warning: return discards qualifiers from pointer target type
pkcs15-lib.c:2825: warning: return discards qualifiers from pointer target type
pkcs15-lib.c:2827: warning: return discards qualifiers from pointer target type
pkcs15-lib.c:2829: warning: return discards qualifiers from pointer target type
pkcs15-lib.c:2832: warning: return discards qualifiers from pointer target type
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4196 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-oberthur.c: In function ‘cosm_write_tokeninfo’:
pkcs15-oberthur.c:94: warning: format not a string literal and no format arguments
pkcs15-oberthur.c:96: warning: format not a string literal and no format arguments
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4160 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-oberthur.c:61: warning: redundant redeclaration of ‘cosm_delete_file’
pkcs15-oberthur.h:93: warning: previous declaration of ‘cosm_delete_file’ was here
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4159 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-westcos.c:41: warning: redundant redeclaration of ‘sc_check_sw’
../../src/libopensc/opensc.h:674: warning: previous declaration of
‘sc_check_sw’ was here
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4158 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-lib.c:799: warning: no previous prototype for ‘sc_pkcs15init_store_puk’
pkcs15-lib.c:2814: warning: no previous prototype for ‘get_pin_ident_name’
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4152 c6295689-39f2-0310-b995-f0e70906c6a9
Now the native Oberthur card format is supported for emulation of pkcs15 and pkcs15init.
It means that card personalized with OpenSC and the obejcts created with OpenSC
will be usable with the native Oberthur's middleware
and vice-versa.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4137 c6295689-39f2-0310-b995-f0e70906c6a9
Set 'TOKEN INITIALIZED' after an application has been added,
set 'USER PIN INITIALIZED' and 'LOGIN REQUIRED' after User PIN object has been created.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4130 c6295689-39f2-0310-b995-f0e70906c6a9
Four method are added to the 'sc_pkcs15init_operations':
emu_update_dir -- create or not the DIR file;
emu_update_any_df -- update the non-pkcs15 descriptors that are equivalents to pkcs15 xDF files;
emu_update_tokeninfo -- update analog of tokenInfo;
emu_write_info -- to not create OPENSC-INFO file;
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4128 c6295689-39f2-0310-b995-f0e70906c6a9
; do not pad PIN in pkcs15init. It's already done in libopensc/pkcs15-pin;
; the 'do_verify_pin()', 'sc_pkcs15init_verify_key()' and 'do_get_and_verify_secret()' are replaced by unique 'sc_pkcs15init_verify_secret()'; edit debug messages;
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4123 c6295689-39f2-0310-b995-f0e70906c6a9
* reduce to a few, supported functions.
* change all functions to take the debug level as parameter.
* use symbolic names for the debug levels.
* fix tools to pass "verbose"/"opt_debug" as ctx->debug.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4118 c6295689-39f2-0310-b995-f0e70906c6a9
This bug concerned the card drivers for which the file ACLs cannot be obtained from the FCI of the selected file.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4114 c6295689-39f2-0310-b995-f0e70906c6a9
Some non-pkcs15 cards protect the reading of the private objects attributes.
For the emulated pkcs15 cards, the 'init' emu-handler was the only place where pkcs15 objects could be loaded.
This handler is called before the card is binded, and so, for an application there was no 'normal' way to verify PIN and load the objects with protected attributes.
Actually it's possible to complete list of the pkcs15 objects after the emulated pkcs15 card has been binded.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4096 c6295689-39f2-0310-b995-f0e70906c6a9
In the 'flex' card profile the ACLs of the public objects are set to 'NONE'.
As the pkcs15init core currently implemented, the AuthID attribute is not used for the public objects.
Without AuthID the destination 'pin-domain' DF cannot be determined in a simple and sure manner.
That's why 'pin-domain' works only for private key, private data
and the public objects are placed into the application DF.
; take 'flex' CHV files settings from the card profile;
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4085 c6295689-39f2-0310-b995-f0e70906c6a9
When binding profile and p15card (in sc_pkcs15init_set_p15card()), add to the profile EF list the named DF for the path of the all existing AUTH.
; variables name and coding style issues;
; debug messages;
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4084 c6295689-39f2-0310-b995-f0e70906c6a9
; new, athena dedicated, PIN pkcs15 flag 'TRANSPORT_KEY':
in the Athena initialization procedure the 'trasport' SOPIN object is used. This object references to the pre-existing global SOPIN and is different from the final SOPIN of the card. This object should be ignored when fixing up the ACLs of the newly created file;
; the pkcs15 refereces of the new private keys are derived from the file-id;
; remove duplicated code;
; some log messages in pkcs15-lib.c;
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4077 c6295689-39f2-0310-b995-f0e70906c6a9
This patch is not largely tested and it will be followed (hope in a few hours) with another one
that will replace the using of the static pincache
with the pincache as the content of the AUTH pkcs15 object.
In the intervention into the card specific part I tried to respect its creator's coding style.
Sorry, if it's not always the case.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4057 c6295689-39f2-0310-b995-f0e70906c6a9
Profile option 'protect-certifcates' was activated by default for all the cards,
was mentioned and commented out only in 'flex' profile,
and finaly is not working 'by design' of pkcs15-lib.c
So, no need to keep this option, untill the valid arguments to restore it back.
Anyway, the access to certificates is controlled by the file's ACLs defined in profile.
;in profile use the 'define' macros to define the pin encoding type;
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4050 c6295689-39f2-0310-b995-f0e70906c6a9
; in 'sc_pkcs15_pin_info' structure add 'auth_method' member to keep the PIN authentication method: CHV, AUT or SM;
; in pkcs15init profile add function to search PIN template by auth method and reference;
; in 'sc_pkcs15_remove_object' return silently if object to delete is NULL;
; in 'sc_pkcs15_object' structure add 'usage_counter' member;
; new 'sc_pkcs15_find_pin_by_type_and_reference' procedure to search PIN pkcs15 object by auth method and reference;
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4048 c6295689-39f2-0310-b995-f0e70906c6a9
The implementation was based on the previous MSC build, each tool had its own
description in version resource.
This change sets a single version resource to all files, and produces much
simpler build.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3980 c6295689-39f2-0310-b995-f0e70906c6a9
Migrated without testing, but normally should work -- the pkcs15init part of MyEID and SetCOS are sufficiently close.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3975 c6295689-39f2-0310-b995-f0e70906c6a9
When creating application DF ('PKCS15-AppDF'), User PIN is not yet created, and AC type 'SC_AC_SYMBOLIC' cannot be resolved.
So, in the card profile, the macro '$PIN' cannot be used to define the ACLs of the application DF.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3967 c6295689-39f2-0310-b995-f0e70906c6a9
;when putting SOPIN into the global cache, use the path from the object info;
;sc_pkcs15init_create_pin() can be called to create PUK object;
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3964 c6295689-39f2-0310-b995-f0e70906c6a9