Once written the 'compulsorily use' data cannot be changed.
Write this data immediately after a new key slot has been created.
It helps to avoid further confusion between 'use new key slot' and 'reuse existing slot'.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5402 c6295689-39f2-0310-b995-f0e70906c6a9
; dedicated function to parse ACLs from DOCP data;
; when converting ACL chack and parse ACLs;
; change prototype of the internal static functions.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5396 c6295689-39f2-0310-b995-f0e70906c6a9
Most of the card producers interpret 'send' values in 'IO buffer size' data as "maximum APDU data size" .
The last Oberthur's card strictly follows specification and interpret these values as "maximum APDU command size".
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5392 c6295689-39f2-0310-b995-f0e70906c6a9
EC parameters can be presented in a three forms: namedCurve, OID and implicit data.
This new data type will facilitate manipulation of ec-parameters in the OpenSC tools and library.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5386 c6295689-39f2-0310-b995-f0e70906c6a9
On Windows every DLL has their own file descriptor table, thus specifying
-v from any of the OpenSC tools resulted in a crash when the tool tried to override
ctx->debug_file with stderr.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5359 c6295689-39f2-0310-b995-f0e70906c6a9
... when serial number was asked for the first time.
Then return the stored value for the every next request of serial number.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5348 c6295689-39f2-0310-b995-f0e70906c6a9
There is no need to carry around that attribute, because it's easy to look up the 'file' as needed. This is done by issuing a single sc_select_file command in sc_pkcs15init_update_any_df (pkcs15-lib.c).
The parameter 'file' of sc_pkcs15_add_df (pkcs15.c) became useless too and was removed in turn.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5316 c6295689-39f2-0310-b995-f0e70906c6a9
dir.c:212: warning: comparison between signed and unsigned
dir.c:220: warning: comparison between signed and unsigned
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5298 c6295689-39f2-0310-b995-f0e70906c6a9
asn1.c:747: warning: comparison between signed and unsigned
asn1.c:785: warning: comparison between signed and unsigned
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5297 c6295689-39f2-0310-b995-f0e70906c6a9
On Mac OS X the HP smart card keyboard claims secure PIN entry support but the PIN is transmitted to host.
Disregard the pinpad flag for this reader. Other readers claiming pinpad support but having problems to follow in this list.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5273 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-oberthur.c: In function 'sc_pkcs15emu_oberthur_add_pubkey':
pkcs15-oberthur.c:585: warning: statement with no effect
pkcs15-oberthur.c: In function 'sc_pkcs15emu_oberthur_add_cert':
pkcs15-oberthur.c:654: warning: statement with no effect
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5269 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-itacns.c: In function 'itacns_add_data_files':
pkcs15-itacns.c:478: warning: declaration of 'list_size' shadows a global declaration
../../src/common/simclist.h:497: warning: shadowed declaration is here
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5267 c6295689-39f2-0310-b995-f0e70906c6a9
card-iasecc.c: In function 'iasecc_get_serialnr':
card-iasecc.c:2218: warning: declaration of 'ii' shadows a previous local
card-iasecc.c:2165: warning: shadowed declaration is here
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5266 c6295689-39f2-0310-b995-f0e70906c6a9
card-iasecc.c: In function 'iasecc_select_file':
card-iasecc.c:647: warning: declaration of 'rv' shadows a previous local
card-iasecc.c:635: warning: shadowed declaration is here
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5265 c6295689-39f2-0310-b995-f0e70906c6a9
card-iasecc.c:1529: warning: declaration of 'ffs' shadows a global declaration
/usr/include/string.h:121: warning: shadowed declaration is here
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5264 c6295689-39f2-0310-b995-f0e70906c6a9
card-authentic.c: In function 'authentic_chv_verify_pinpad':
card-authentic.c:1255: warning: declaration of 'ffs' shadows a global declaration
/usr/include/string.h:121: warning: shadowed declaration is here
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5262 c6295689-39f2-0310-b995-f0e70906c6a9
card-westcos.c: In function 'westcos_init':
card-westcos.c:255: warning: declaration of 'priv_data' shadows a previous local
card-westcos.c:210: warning: shadowed declaration is here
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5261 c6295689-39f2-0310-b995-f0e70906c6a9
card-piv.c:179: warning: 'oid_prime256v1' defined but not used
card-piv.c:180: warning: 'oid_secp384r1' defined but not used
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5260 c6295689-39f2-0310-b995-f0e70906c6a9
card-oberthur.c: In function 'auth_pin_verify_pinpad':
card-oberthur.c:1581: warning: declaration of 'ffs' shadows a global declaration
/usr/include/string.h:121: warning: shadowed declaration is here
card-oberthur.c: In function 'auth_pin_reset_oberthur_style':
card-oberthur.c:1802: warning: declaration of 'ffs' shadows a global declaration
/usr/include/string.h:121: warning: shadowed declaration is here
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5259 c6295689-39f2-0310-b995-f0e70906c6a9
reader-pcsc.c: In function 'refresh_attributes':
reader-pcsc.c:339: warning: declaration of 'rv' shadows a previous local
reader-pcsc.c:273: warning: shadowed declaration is here
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5258 c6295689-39f2-0310-b995-f0e70906c6a9
reader-pcsc.c: In function 'refresh_attributes':
reader-pcsc.c:337: warning: declaration of 'state' shadows a previous local
reader-pcsc.c:272: warning: shadowed declaration is here
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5257 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-pubkey.c: In function 'sc_pkcs15_pubkey_from_spki_filename':
pkcs15-pubkey.c:944: warning: 'buflen' may be used uninitialized in this function
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5256 c6295689-39f2-0310-b995-f0e70906c6a9
ctx.c: In function 'sc_context_create':
ctx.c:646: warning: implicit declaration of function 'lt_dlinit'
ctx.c:646: warning: nested extern declaration of 'lt_dlinit'
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5255 c6295689-39f2-0310-b995-f0e70906c6a9
after r5186 the SC_MAX_APDU_BUFFER_SIZE has been increased
and so existing defintion of Le value became invalid.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5233 c6295689-39f2-0310-b995-f0e70906c6a9
in r5186 the SC_MAX_APDU_BUFFER_SIZE has been increased
and so the previous defintion of Le value became invalid.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5225 c6295689-39f2-0310-b995-f0e70906c6a9
even if the normal usage does not allow sign.
This is need when initializing a card when called by
OpenSSL req -engine
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5215 c6295689-39f2-0310-b995-f0e70906c6a9
* shift libpkcs11 from src/pkcs11 to src/common as it is not used to implement the OpenSC PKCS#11 module
* invent a "libscdl" mini library that implements either libltdl based dynamic loading or uses native interfaces
* drop hard requirement for libltl to build OpenSC
* native Windows build does not need libltdl any more
* specify CNGSDK include dir to find cardmod.h. CNGSDK only registers with a handful of compilers
Deals with #323
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5201 c6295689-39f2-0310-b995-f0e70906c6a9
The registry in no longer used to pass the
handles provided by BaseCSP. sc_ctx_use_reader
is used instead. (uses r5190)
A decryption routine was added as it is needed by login.
Key container names are based on the card serial
number and cert ID. The must be unique as they
are searched for in the certificate store to
find the card to insert in some situations.
If the handles change, the association to the reader
and card is refreshed as it may be a different card
or reader. (uses r5127)
Extra low lowel debugging was added. To use
it the CARDMOD_LOW_LEVEL_DEBUG but be defined in
cardmod.c This can log entries before and sc_context
is established.
The use of "texte" was replaced, as it looked like there
could be buffer overflows. It was replaced with a
loghex routine.
SC_ALGORITHM_RSA_HASH_MD5_SHA1 can now be used
(IE uses this.)
Several other bugs were fixed.
The code can now bue used for AD login, and was tested
with swaping cards duirng login, and with several readers.
The code is still experimental, and for login to work,
the dlls were moved to system32.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5192 c6295689-39f2-0310-b995-f0e70906c6a9
It is used by cardmod to pass in pointers to the PC/SC handles
provided by the caller of cardmod. Other drivers will return
an error if this routine called.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5190 c6295689-39f2-0310-b995-f0e70906c6a9
to PIV KEY Management keys and certificates, includeing the Retired keys.
This applies to 0.12.0 and needs to be in 0.12.1
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5189 c6295689-39f2-0310-b995-f0e70906c6a9
p15card-helper.c:263:22: warning: Although the value stored to 'r' is used in
the enclosing expression, the value is never actually read from 'r'
...!= (r = sc_pkcs15emu_add_x509_cert(p15card, &cert_obj, &cert_info))) {
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
p15card-helper.c:237:22: warning: Although the value stored to 'r' is used in
the enclosing expression, the value is never actually read from 'r'
...if(SC_SUCCESS != (r = sc_select_file(card, &cert_info.path, NULL))) {
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
p15card-helper.c:224:3: warning: Value stored to 'r' is never read
r = SC_SUCCESS;
^ ~~~~~~~~~~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5182 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-oberthur.c:353:3: warning: Value stored to 'len' is never read
len = sizeof(label) - 1;
^ ~~~~~~~~~~~~~~~~~
pkcs15-oberthur.c:587:3: warning: Value stored to 'sz' is never read
...sz = len > sizeof(key_obj.label) - 1 ? sizeof(key_obj.label) - 1 : len;
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
pkcs15-oberthur.c:669:2: warning: Value stored to 'offs' is never read
offs += 2 + len;
^ ~~~~~~~
pkcs15-oberthur.c:656:3: warning: Value stored to 'sz' is never read
...sz = len > sizeof(cobj.label) - 1 ? sizeof(cobj.label) - 1 : len;
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5181 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-tccardos.c:253:3: warning: Value stored to 'pinType' is never read
pinType = key_descr & TC_CARDOS_PIN_MASK;
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5179 c6295689-39f2-0310-b995-f0e70906c6a9
card-authentic.c:913:33: warning: Field access results in a dereference of a
null pointer (loaded from variable 'apdus')
rv = sc_check_sw(card, apdus->sw1, apdus->sw2);
~~~~~ ^
card-authentic.c:958:33: warning: Field access results in a dereference of a
null pointer (loaded from variable 'apdus')
rv = sc_check_sw(card, apdus->sw1, apdus->sw2);
~~~~~ ^
card-authentic.c:1001:33: warning: Field access results in a dereference of a
null pointer (loaded from variable 'apdus')
rv = sc_check_sw(card, apdus->sw1, apdus->sw2);
~~~~~ ^
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5176 c6295689-39f2-0310-b995-f0e70906c6a9
card-authentic.c:440:2: warning: Value stored to 'resp_len' is never read
resp_len = sizeof(resp);
^ ~~~~~~~~~~~~
card-authentic.c:1053:4: warning: Value stored to 'acls' is never read
acls = acls_NEVER;
^ ~~~~~~~~~~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5175 c6295689-39f2-0310-b995-f0e70906c6a9
card-ias.c:132:32: warning: Although the value stored to 'ins' is used in the
enclosing expression, the value is never actually read from 'ins'
r = len = pad = use_pin_pad = ins = p1 = 0;
^ ~~~~~~
card-ias.c:132:2: warning: Value stored to 'r' is never read
r = len = pad = use_pin_pad = ins = p1 = 0;
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
card-ias.c:366:2: warning: Value stored to 'ctx' is never read
ctx = card->ctx;
^ ~~~~~~~~~
card-ias.c:361:6: warning: Although the value stored to 'pathlen' is used in the
enclosing expression, the value is never actually read from 'pathlen'
r = pathlen = stripped_len = offset = 0;
^ ~~~~~~~~~~~~~~~~~~~~~~~~~
card-ias.c:361:2: warning: Value stored to 'r' is never read
r = pathlen = stripped_len = offset = 0;
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
card-ias.c:361:31: warning: Although the value stored to 'offset' is used in the
enclosing expression, the value is never actually read from 'offset'
r = pathlen = stripped_len = offset = 0;
^ ~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5174 c6295689-39f2-0310-b995-f0e70906c6a9
card-westcos.c:1066:4: warning: Value stored to 'r' is never read
r = SC_ERROR_INVALID_ARGUMENTS;
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5173 c6295689-39f2-0310-b995-f0e70906c6a9
card-asepcos.c:446:19: warning: Value stored to 'p' during its initialization is
never read
u8 buf[64], *p = buf;
^ ~~~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5172 c6295689-39f2-0310-b995-f0e70906c6a9
card-piv.c:614:2: warning: Value stored to 'buf_end' is never read
buf_end = rp + buf_len;
^ ~~~~~~~~~~~~
card-piv.c:1129:3: warning: Value stored to 'r' is never read
r = 0;
^ ~
card-piv.c:1478:2: warning: Value stored to 'q' is never read
q = rbuf;
^ ~~~~
card-piv.c:1628:2: warning: Value stored to 'q' is never read
q = rbuf;
^ ~~~~
card-piv.c:2456:4: warning: Value stored to 'certobjlen' is never read
certobjlen = 0;
^ ~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5170 c6295689-39f2-0310-b995-f0e70906c6a9
card-atrust-acos.c:548:2: warning: Value stored to 'keyID' is never read
keyID = env->key_ref[0];
^ ~~~~~~~~~~~~~~~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5169 c6295689-39f2-0310-b995-f0e70906c6a9
If card is NULL we can't dereference card->ctx to log an error
We must assume card i snever NULL
card-oberthur.c:1537:3: warning: Field access results in a dereference of a null
pointer (loaded from variable 'card')
...SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_INVALID_ARGUMENTS)...
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
card-oberthur.c:1537:24: note: instantiated from:
SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_NORMAL, ...
~~~~ ^
card-oberthur.c:2258:3: warning: Field access results in a dereference of a null
pointer (loaded from variable 'card')
...SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_NORMAL, SC_ERROR_INVALID_ARGUMENTS)...
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
card-oberthur.c:2258:24: note: instantiated from:
SC_FUNC_RETURN(card->ctx, SC_LOG_DEBUG_NORMAL, ...
~~~~ ^
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5168 c6295689-39f2-0310-b995-f0e70906c6a9
card-oberthur.c:1539:2: warning: Value stored to 'prv' is never read
prv = (struct auth_private_data *) card->drv_data;
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5167 c6295689-39f2-0310-b995-f0e70906c6a9
card-starcos.c:657:5: warning: Value stored to 'p' is never read
*p++ = file->record_length & 0xff;
^~~
card-starcos.c:652:5: warning: Value stored to 'p' is never read
*p++ = file->record_length & 0xff;
^~~
card-starcos.c:647:5: warning: Value stored to 'p' is never read
*p++ = file->size & 0xff;
^~~
card-starcos.c:609:4: warning: Value stored to 'p' is never read
*p++ = tmp; /* SM ISF */
^~~
card-starcos.c:572:4: warning: Value stored to 'p' is never read
*p++ = tmp;
^~~
card-starcos.c:1024:2: warning: Value stored to 'keyID' is never read
keyID = env->key_ref[0];
^ ~~~~~~~~~~~~~~~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5166 c6295689-39f2-0310-b995-f0e70906c6a9
card-mcrd.c:1023:20: warning: Value stored to 'linep' during its initialization
is never read
char line[256], *linep = line;
^ ~~~~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5165 c6295689-39f2-0310-b995-f0e70906c6a9
card-flex.c:358:2: warning: Value stored to 'left' is never read
left = *p++;
^ ~~~~
card-flex.c:358:10: warning: Value stored to 'p' is never read
left = *p++;
^~~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5163 c6295689-39f2-0310-b995-f0e70906c6a9
muscle.c:417:2: warning: Value stored to 'ptr' is never read
ptr += newPinLength;
^ ~~~~~~~~~~~~
muscle.c:918:2: warning: Value stored to 'inPtr' is never read
inPtr += toSend;
^ ~~~~~~
muscle.c:917:2: warning: Value stored to 'left' is never read
left -= toSend;
^ ~~~~~~
muscle.c:1012:26: warning: Value stored to 'p' is never read
ushort2bebytes(p, use); p+=2;
^ ~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5160 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-gemsafeV1.c:262:5: warning: Value stored to 'endptr' is never read
endptr = (char *)(apdu.resp + apdu.resplen);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5159 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15.c:1033:3: warning: Value stored to 'r' is never read
r = sc_pkcs15_parse_df(p15card, df);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
pkcs15.c:1677:3: warning: Value stored to 'obj_len' is never read
obj_len = p - oldp;
^ ~~~~~~~~
pkcs15.c:1948:4: warning: Value stored to 'r' is never read
r = len;
^ ~~~
pkcs15.c:1942:6: warning: Value stored to 'record_len' is never read
record_len = head[2] * 256 + head[3];
^ ~~~~~~~~~~~~~~~~~~~~~~~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5158 c6295689-39f2-0310-b995-f0e70906c6a9
apdu.c:166:5: warning: Value stored to 'p' is never read
*p++ = (u8)apdu->le;
^~~
apdu.c:156:4: warning: Value stored to 'p' is never read
p += apdu->lc & 0xff;
^ ~~~~~~~~~~~~~~~
apdu.c:147:5: warning: Value stored to 'p' is never read
*p++ = (u8)apdu->le;
^~~
apdu.c:139:3: warning: Value stored to 'p' is never read
p += apdu->lc;
^ ~~~~~~~~
apdu.c:118:3: warning: Value stored to 'p' is never read
p += apdu->lc;
^ ~~~~~~~~
apdu.c:112:5: warning: Value stored to 'p' is never read
*p++ = (u8)apdu->le;
^~~
apdu.c:107:5: warning: Value stored to 'p' is never read
*p++ = (u8)apdu->le;
^~~
apdu.c:102:4: warning: Value stored to 'p' is never read
*p++ = (u8)apdu->le;
^~~
apdu.c:99:5: warning: Value stored to 'p' is never read
*p++ = (u8)0x00;
^~~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5157 c6295689-39f2-0310-b995-f0e70906c6a9
ef-atr.c:41:16: warning: Value stored to 'category' during its initialization is
never read
unsigned char category = *buf;
^ ~~~~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5156 c6295689-39f2-0310-b995-f0e70906c6a9
log.c:107:2: warning: Value stored to 'left' is never read
left -= r;
^ ~
log.c:106:2: warning: Value stored to 'p' is never read
p += r;
^ ~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5154 c6295689-39f2-0310-b995-f0e70906c6a9
sc.c:667:12: warning: The left operand of '>=' is a garbage value
if (tx[2] >= 0)
~~~~~ ^
sc.c:656:12: warning: The left operand of '>=' is a garbage value
if (tx[0] >= 0) {
~~~~~ ^
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5152 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-pubkey.c:787:5: warning: no previous prototype for function
'sc_pkcs15_read_der_file' [-Wmissing-prototypes]
int sc_pkcs15_read_der_file(sc_context_t *ctx, char * filename,
^
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5131 c6295689-39f2-0310-b995-f0e70906c6a9
Such PIN codes were erroneously cached in memory, even though not used with revalidation..
User consent relates to private keys, not PIN codes.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5124 c6295689-39f2-0310-b995-f0e70906c6a9
- do nothing if child has 'aid';
- child inherit the parents's 'aid' if this one exists;
- child inherit parents's path of type 'DF NAME' as 'aid';
- return if child path is zero length;
- finaly concatenate parent and child paths.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5108 c6295689-39f2-0310-b995-f0e70906c6a9
for some cards to prepare security environment for the PSO operation
card driver may need the value of 'algRef' attribut of tokenInfo.supportedAlgorithm.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5092 c6295689-39f2-0310-b995-f0e70906c6a9
This extension is used by multi-applications cards when EF.ODF with EF.tokenInfo
and xDF with (secure) data objects are placed in a different applications.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5082 c6295689-39f2-0310-b995-f0e70906c6a9
* Correct naming: openpgp not opengpg
* Set the card name from ATR table
* Add card type enums
* Currently OpenPGP is read-only.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5072 c6295689-39f2-0310-b995-f0e70906c6a9
For some cards the acl bytes, retrived from 'select' response, can reference
a SE (and not directly PIN).
In such case, to proceed an authentication for the card operation
the information about the SE's CRTs is needed.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5066 c6295689-39f2-0310-b995-f0e70906c6a9
not all application DF have and can be selected by its file-id.
So, new member in 'sc_path' will help to describe the full path to some EF(DF) inside a card.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5047 c6295689-39f2-0310-b995-f0e70906c6a9
; 'known' pkcs#15 applications are moved to the head of the card applications array;
; card specific 'bind finalization' code moved to the dedicated procedures;
; remove unused sc_application member, procedures;
; remove commented code;
; add debug messages;
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5045 c6295689-39f2-0310-b995-f0e70906c6a9
Most smart cards currently have only 64K or 128K of EEPROM. This will give better errors earlier for people trying to import huge keyfiles with TrueCrypt.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5030 c6295689-39f2-0310-b995-f0e70906c6a9
when used with virtual reader, the APDUs can be buffered in the reader's
internal buffer, before sending it to the distant card.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5021 c6295689-39f2-0310-b995-f0e70906c6a9
add 'current_ef' and 'current_df' member to 'sc_card_cache'.
The main purpose of this is to reduce number of APDU transactions.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5002 c6295689-39f2-0310-b995-f0e70906c6a9
That patch prevents the repeated attachment of objects to obj_list, because it marks an EF as enumerated as soon the first object was successfully appended.
Left over from #266.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4983 c6295689-39f2-0310-b995-f0e70906c6a9
If re-validation of a cached PIN fails, then free that cached PIN to ensure that it isn't used again for re-validation.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4924 c6295689-39f2-0310-b995-f0e70906c6a9
Native keys are generated with exponent 65537, imported keys can now have any (?) exponent.
Tested with openssl genrsa -3/-f4 keys.
Improves r4910 and closes#297
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4915 c6295689-39f2-0310-b995-f0e70906c6a9
emulated cards. True PKCS#15 cards with EC
will need additional changes.
Main changes are in framework-pkcs15.c, mechanism.c,
padding.c, pkcs15-algo.c and pkcs15-sec.c
where switch statements for key type, and testing
of flags was modified to make it easier to add
additional key types in the future.
The code was tested using RSA and ECDSA using a PIV card
from pkcs11-tool, OpenSSL and Thunderbird with
modifications to NSS-3.12.7 to get ECDSA to sign e-mail.
Only named curves are supported for ECDSA, ECDH is still
needed. pkcs11-tool has only minimal changes need to work
with the -O option to list EC keys.
One additional line was added to pkcs15-sec.c which
should get GOSTR sign to work.
libp11 and engine do not yet have EC support.
--This line, and those below, will be ignored--
M src/tools/piv-tool.c
M src/tools/pkcs11-tool.c
M src/pkcs11/framework-pkcs15.c
M src/pkcs11/mechanism.c
M src/pkcs11/pkcs11-object.c
M src/libopensc/pkcs15-prkey.c
M src/libopensc/card-piv.c
M src/libopensc/padding.c
M src/libopensc/cardctl.h
M src/libopensc/pkcs15-algo.c
M src/libopensc/libopensc.exports
M src/libopensc/pkcs15-piv.c
M src/libopensc/pkcs15-sec.c
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4904 c6295689-39f2-0310-b995-f0e70906c6a9
support routines. Add definitions for EC keys,
parameters and extensions to structures.
Add the sc_card_find_ec_alg, sc_pkcs15_decode_pubkey_ec,
sc_pkcs15_encode_pubkey_ec, sc_pkcs15emu_add_ec_prkey,
sc_pkcs15emu_add_ec_pubkey routines.
Only EC named curves are currently supported.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4902 c6295689-39f2-0310-b995-f0e70906c6a9
* Detect different cards based on ATR-s and on card objects
* Set the card name from the ATR table
* Conditionally add support for 2048b keys
* Add workarounds for broken MULTOS and JavaCard cards.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4893 c6295689-39f2-0310-b995-f0e70906c6a9
One of the few cards that has two different ATR-s is the EstonianEid card. The changing ATR (especially if
it has different protocol information and historical bytes) can cause confusion in many places, like
Microsoft BaseCSP or certain versions of pcsc-lite.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4890 c6295689-39f2-0310-b995-f0e70906c6a9
Compilation fails on Mac OS X (but not on GNU/Linux):
Undefined symbols:
"_sc_pkcs15emu_postponed_load", referenced from:
-exported_symbol[s_list] command line option
ld: symbol(s) not found
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4879 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15.c: object search continues with normal processing, even if enumeration of some files failed
pkcs15.h: obsolete prototype removed
pkcs15-syn.c: now obsolete function sc_pkcs15emu_postponed_load removed
fixes: #266
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4877 c6295689-39f2-0310-b995-f0e70906c6a9
to pkcs15-pubkey.c and call the new sc_pkcs15_pubkey_from_spki.
Add sc_pkcs15_pubkey_from_spki_filename to allow a file to
contain the subjectPubkeyInfo, which will be used the the PIV
driver when EC is implemented. The format of the file, is the
same as an X509 certificate subjectPublicKeyInfo and what
OpenSSL calls an EVP_PKEY, which includes the algorithm,
any parameters and the public key.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4874 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-tcos.c:216: warning: declaration of ‘r’ shadows a previous local
pkcs15-tcos.c:194: warning: shadowed declaration is here
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4868 c6295689-39f2-0310-b995-f0e70906c6a9
card-itacns.c:90: warning: no previous prototype for ‘itacns_match_cns_card’
card-itacns.c:125: warning: no previous prototype for ‘itacns_match_cie_card’
card-itacns.c:146: warning: no previous prototype for ‘itacns_match_card’
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4861 c6295689-39f2-0310-b995-f0e70906c6a9
This makes it universal, as some cards don't have the personal data file (Digi-ID)
It also makes it a bit ugly, as the common name is the name and personal ID code
concatenated like "FIRSTNAME,LASTNAME,123456789"
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4817 c6295689-39f2-0310-b995-f0e70906c6a9
r4761 added a test in the wrong place. Second fix
r4804 added the test in the correct place. This fix
removes one of the tests added by r4761
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4806 c6295689-39f2-0310-b995-f0e70906c6a9
sc_pkcs15_cert now has pointer to sc_pkcs15_pubkey, allowing it to
be removed and used separatly.
sc_pkcs15_pubkey now has pointer to sc_algorithm_id to faclitate
addition of other key algorithms and their parameters.
Various code changes to free these structures and references
to the structures have been changed.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4805 c6295689-39f2-0310-b995-f0e70906c6a9
PIV driver client can build and run without OpenSSL,
(admin functions and piv-tool still need OpenSSL)
define PIV specific ctrl codes and structures.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4767 c6295689-39f2-0310-b995-f0e70906c6a9
* One sc_context has only a single reader driver.
* remove dynamic reader driver loading capabilities
* remove opensc-tool -R command
* change the internal API, we don't need to pass around a "driver data" pointer as it can be found directly from the context.
* check in ./configure for only a single enabled reader driver
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4709 c6295689-39f2-0310-b995-f0e70906c6a9
From http://en.wikipedia.org/wiki/Malloc#Casting_and_type_safety
" Casting and type safety
malloc returns a void pointer (void *), which indicates that it is a
pointer to a region of unknown data type. One may "cast" (see type
conversion) this pointer to a specific type, as in
int *ptr = (int*)malloc(10 * sizeof (int));
When using C, this is considered bad practice; it is redundant under the
C standard. Moreover, putting in a cast may mask failure to include the
header stdlib.h, in which the prototype for malloc is found. In the
absence of a prototype for malloc, the C compiler will assume that
malloc returns an int, and will issue a warning in a context such as the
above, provided the error is not masked by a cast. On certain
architectures and data models (such as LP64 on 64 bit systems, where
long and pointers are 64 bit and int is 32 bit), this error can actually
result in undefined behavior, as the implicitly declared malloc returns
a 32 bit value whereas the actually defined function returns a 64 bit
value. Depending on calling conventions and memory layout, this may
result in stack smashing.
The returned pointer need not be explicitly cast to a more specific
pointer type, since ANSI C defines an implicit conversion between the
void pointer type and other pointers to objects. An explicit cast of
malloc's return value is sometimes performed because malloc originally
returned a char *, but this cast is unnecessary in standard C
code.[4][5] Omitting the cast, however, creates an incompatibility with
C++, which does require it.
The lack of a specific pointer type returned from malloc is type-unsafe
behaviour: malloc allocates based on byte count but not on type. This
distinguishes it from the C++ new operator that returns a pointer whose
type relies on the operand. (see C Type Safety). "
See also
http://www.opensc-project.org/pipermail/opensc-devel/2010-August/014586.html
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4636 c6295689-39f2-0310-b995-f0e70906c6a9
Program received signal SIGSEGV, Segmentation fault.
0x00007f7d6f29fd55 in free () from /lib64/libc.so.6
(gdb) bt
#0 0x00007f7d6f29fd55 in free () from /lib64/libc.so.6
#1 0x00007f7d703a4128 in sc_update_dir (card=0x17463a0, app=<value optimized out>) at dir.c:306
#2 0x00007f7d7040cb58 in sc_pkcs15init_add_app (card=<value optimized out>, profile=0x1754840,
args=<value optimized out>) at pkcs15-lib.c:2354
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4389 c6295689-39f2-0310-b995-f0e70906c6a9
Would fail on PowerPC in 64-bits for example.
Fix
card-entersafe.c: In function ‘entersafe_cipher_apdu’:
card-entersafe.c:197: warning: passing argument 3 of ‘EVP_EncryptUpdate’ from incompatible pointer type
card-entersafe.c: In function ‘entersafe_mac_apdu’:
card-entersafe.c:270: warning: passing argument 3 of ‘EVP_EncryptUpdate’ from incompatible pointer type
card-entersafe.c:278: warning: passing argument 3 of ‘EVP_EncryptUpdate’ from incompatible pointer type
card-entersafe.c:286: warning: passing argument 3 of ‘EVP_EncryptUpdate’ from incompatible pointer type
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4212 c6295689-39f2-0310-b995-f0e70906c6a9
Fix
reader-pcsc.c: In function ‘pcsc_detect_readers’:
reader-pcsc.c:856: warning: initialization discards qualifiers from pointer target type
reader-pcsc.c:884: warning: initialization discards qualifiers from pointer target type
reader-pcsc.c:894: warning: initialization discards qualifiers from pointer target type
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4211 c6295689-39f2-0310-b995-f0e70906c6a9
Fix
muscle.c: In function ‘msc_create_object’:
muscle.c:144: warning: declaration of ‘read’ shadows a global declaration
/usr/include/unistd.h:477: warning: shadowed declaration is here
muscle.c:144: warning: declaration of ‘write’ shadows a global declaration
/usr/include/unistd.h:513: warning: shadowed declaration is here
muscle.c: In function ‘msc_import_key’:
muscle.c:941: warning: declaration of ‘read’ shadows a global declaration
/usr/include/unistd.h:477: warning: shadowed declaration is here
muscle.c:942: warning: declaration of ‘write’ shadows a global declaration
/usr/include/unistd.h:513: warning: shadowed declaration is here
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4210 c6295689-39f2-0310-b995-f0e70906c6a9
Would fail on PowerPC in 64-bits for example.
pkcs15-wrap.c: In function ‘do_cipher’:
pkcs15-wrap.c:152: warning: dereferencing type-punned pointer will break strict-aliasing rules
pkcs15-wrap.c:159: warning: dereferencing type-punned pointer will break strict-aliasing rules
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4209 c6295689-39f2-0310-b995-f0e70906c6a9
Would fail on PowerPC in 64-bits for example.
pkcs15-sec.c: In function ‘sc_pkcs15_decipher’:
pkcs15-sec.c:136: warning: dereferencing type-punned pointer will break strict-aliasing rules
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4208 c6295689-39f2-0310-b995-f0e70906c6a9
asn1.c: In function ‘asn1_decode_entry’:
asn1.c:979: warning: dereferencing type-punned pointer will break strict-aliasing rules
asn1.c: In function ‘asn1_encode_entry’:
asn1.c:1263: warning: dereferencing type-punned pointer will break strict-aliasing rules
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4207 c6295689-39f2-0310-b995-f0e70906c6a9
warning: initialization discards qualifiers from pointer target type
Also cast from now (const char *) to (void *) for free()
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4176 c6295689-39f2-0310-b995-f0e70906c6a9
warning: initialization discards qualifiers from pointer target type
Also cast from now (const char *) to (void *) for free()
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4175 c6295689-39f2-0310-b995-f0e70906c6a9
card-piv.c: In function ‘piv_get_data’:
card-piv.c:612: warning: assignment discards qualifiers from pointer target type
card-piv.c:615: warning: assignment discards qualifiers from pointer target type
card-piv.c:618: warning: assignment discards qualifiers from pointer target type
card-piv.c:621: warning: assignment discards qualifiers from pointer target type
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4162 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-pubkey.c:445: warning: no previous prototype for ‘sc_pkcs15_decode_pubkey_gostr3410’
pkcs15-pubkey.c:462: warning: no previous prototype for ‘sc_pkcs15_encode_pubkey_gostr3410’
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4149 c6295689-39f2-0310-b995-f0e70906c6a9
Now the native Oberthur card format is supported for emulation of pkcs15 and pkcs15init.
It means that card personalized with OpenSC and the obejcts created with OpenSC
will be usable with the native Oberthur's middleware
and vice-versa.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4137 c6295689-39f2-0310-b995-f0e70906c6a9
; do not pad PIN in pkcs15init. It's already done in libopensc/pkcs15-pin;
; the 'do_verify_pin()', 'sc_pkcs15init_verify_key()' and 'do_get_and_verify_secret()' are replaced by unique 'sc_pkcs15init_verify_secret()'; edit debug messages;
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4123 c6295689-39f2-0310-b995-f0e70906c6a9
* reduce to a few, supported functions.
* change all functions to take the debug level as parameter.
* use symbolic names for the debug levels.
* fix tools to pass "verbose"/"opt_debug" as ctx->debug.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4118 c6295689-39f2-0310-b995-f0e70906c6a9
In previous version the card specific 'parse_df' handler was a part of 'sc_pkcs15_df'.
Now the placehold ('sc_pkcs15_operations') created for the all card emulator specific operations .
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4109 c6295689-39f2-0310-b995-f0e70906c6a9
Some non-pkcs15 cards protect the reading of the private objects attributes.
For the emulated pkcs15 cards, the 'init' emu-handler was the only place where pkcs15 objects could be loaded.
This handler is called before the card is binded, and so, for an application there was no 'normal' way to verify PIN and load the objects with protected attributes.
Actually it's possible to complete list of the pkcs15 objects after the emulated pkcs15 card has been binded.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4096 c6295689-39f2-0310-b995-f0e70906c6a9
; new, athena dedicated, PIN pkcs15 flag 'TRANSPORT_KEY':
in the Athena initialization procedure the 'trasport' SOPIN object is used. This object references to the pre-existing global SOPIN and is different from the final SOPIN of the card. This object should be ignored when fixing up the ACLs of the newly created file;
; the pkcs15 refereces of the new private keys are derived from the file-id;
; remove duplicated code;
; some log messages in pkcs15-lib.c;
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4077 c6295689-39f2-0310-b995-f0e70906c6a9
; in 'sc_pkcs15_pin_info' structure add 'auth_method' member to keep the PIN authentication method: CHV, AUT or SM;
; in pkcs15init profile add function to search PIN template by auth method and reference;
; in 'sc_pkcs15_remove_object' return silently if object to delete is NULL;
; in 'sc_pkcs15_object' structure add 'usage_counter' member;
; new 'sc_pkcs15_find_pin_by_type_and_reference' procedure to search PIN pkcs15 object by auth method and reference;
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4048 c6295689-39f2-0310-b995-f0e70906c6a9
update_binary() was not foreseen by the middleware creators of BELPIC
so I added it, which allows to write some data in the
MF/ID/EF(Preferences) of the card.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4010 c6295689-39f2-0310-b995-f0e70906c6a9
Replace not-used 'der' structure member by the 'content' one.
'Der' member was introduced to keep the ASN1 encoded object attributes. Actually it's not used.
'Content' is intended to keep the object value (AUTH object - pin cache value; CERT object - der value, ...)
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4008 c6295689-39f2-0310-b995-f0e70906c6a9
1. Add --enable-cardmod to autoconf to enable feature explicitly.
2. Modify opensc-cardmod.dll to always have bitness suffix eg opensc-cardmod32.dll
3. Remove complex cardmod.h detection, could not find any reason for this.
4. Make cardmod.inf a template and inject opensc version into its version string.
5. More minor autoconf/automake cleanups.
6. Remove internal-winscard.h usage in cardmod.c as cardmod.h already includes winscard.h
7. DllMain is not exportable.
Notes:
1. I may caused other build not to work, will happy to work it out.
2. Cannot find reason why cardmod.inf cardmod-westcos.reg should reside in bin directory.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4003 c6295689-39f2-0310-b995-f0e70906c6a9
the PIV driver no longer need to set the card max_*_size parameters
to get around emulating read_binary and write_binary. It can
now handle partial reads and writes.
The assumptions for write_binary are that the first chuck will
have idx = 0, and the last chunk will write the last byte.
The flags parameter will contain the total length.
The only write_binary operations are done when initializing
a card, and this is only done from piv-tool.c which was modified
to pass in the length and other flags.
Piv-tool continues to be a primative test tool for inializing test
cards. But it has been expanded to be able to write other objects
on test cards.
The serial number of a PIV card is obtained from the CHUID object
if present which has a FASC-N which is an ID number created by the
issuer. Normally PIV cards are issued the U.S. Federal government
But there are ways to use the same cards with a non government CA.
This is then be referred to as PIV Compatible. In this case,
the FASC-N should start with an agency code = 9999 and an RFC 4122
GUID should be present in the CHUID. If this is the case, the GUID
is used as the serial number.
Windows 7 comes with a PIV card card driver, but to get it use one of
these card the CHUID is required. (piv-tool can now write one.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3998 c6295689-39f2-0310-b995-f0e70906c6a9
On OS X, when you insert a card, securityd sequentially starts all found Tokend-s to see if a card can be handled with one.
If a non-tokend application waits for a card insertion with sc_wait_for_event and tries to connect to the card right after the system sees it, it will fail with "The reader is in use by another application" 95% of the time.
With this hack connecting to the card succeeds 95% of the time with the probable penalty of an extra second on initialization for non-tokend clients.
This should only affect applications that wait for card insertion events.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3991 c6295689-39f2-0310-b995-f0e70906c6a9
The implementation was based on the previous MSC build, each tool had its own
description in version resource.
This change sets a single version resource to all files, and produces much
simpler build.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3980 c6295689-39f2-0310-b995-f0e70906c6a9
Migrated without testing, but normally should work -- the pkcs15init part of MyEID and SetCOS are sufficiently close.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3976 c6295689-39f2-0310-b995-f0e70906c6a9
Migrated without testing, but normally should work -- the pkcs15init part of MyEID and SetCOS are sufficiently close.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3975 c6295689-39f2-0310-b995-f0e70906c6a9
no more 'init_app'.
- Oberthur unblock style is the only one (local SOPIN is used as PUK);
- user PIN and PUK should be everywhere defined as local;
- SOPIN is always global.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3950 c6295689-39f2-0310-b995-f0e70906c6a9
- for 'global' PINs path in not encoded into the AODF;
- when selecting pin_reference, start from value defined in profile.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3946 c6295689-39f2-0310-b995-f0e70906c6a9
reader-openct.c: In function 'openct_reader_connect':
reader-openct.c:204: error: 'reder' undeclared (first use in this function)
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3941 c6295689-39f2-0310-b995-f0e70906c6a9
- Remove slot abstraction from internal API and all reader drivers. CT-API (from where it all comes from) readers with multiple slots (if still found) can be presented as separate readers, OpenCT should remove the slot abstraction, PC/SC never knew about it. None of the tools knew how to use slots.
- Add sc_cancel (translates to SCardCancel)
- Re-implement sc_wait_for_event; support a blocking call.
- Replace the "int reader" API with "* sc_reader_t" style; add "Get reader by name" functionality.
- Remove "action" parameter from sc_disconnect_card() (was not used)
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3931 c6295689-39f2-0310-b995-f0e70906c6a9
When trying to import a too large keyfile as a data object, TrueCrypt received a CKR_GENERAL_ERROR before this.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3926 c6295689-39f2-0310-b995-f0e70906c6a9
at the profile level the difference between EF and BSO is:
- BSO path is always the path of the host DF and do not indexated when template is instanciated;
- EF path is always ending with file-id that is always indexated when template is instanciated.
New non-static 'sc_profile_get_file_instance' procedure to instanciate non-template entries.
In profile.c get_uint() accepts hexadecimals.
In CardOS profile (I venture to) increase the xDF sizes
and change ACL to permit the key re-importing.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3919 c6295689-39f2-0310-b995-f0e70906c6a9
Working now with GOST R 34.10:
$ pkcs15-init --store-private-key key --key-usage sign,decrypt --auth-id 2 --id 1 --pin "12345678"
$ pkcs15-init --store-certificate my_cert --id 1 --pin "12345678"
But have problem: no CKA_GOSTR3410_PARAMS by retrieve pub_key from certificate, if pub_key object was removed (see parse_x509_cert, asn1_decode_gostr3410_params)
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3859 c6295689-39f2-0310-b995-f0e70906c6a9
- time stamp in the log messages: for Windows 1msec resolution, otherwise 1sec;
- one more dump hex function, to be easily inserted into the formatted message.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3856 c6295689-39f2-0310-b995-f0e70906c6a9
* Make opensc-tool -l display pinpad capabilities, if available
* Detect reader capabilities when a reader is found, not when a connection to a card is opened
* Fix unpadded PIN block parameters to not be rejected by the latest free CCID driver
* When locking the card and it has been reset by some other application (or re-attached), clear cache and lock again
* Enable pinpad detection by default
git-svn-id: https://www.opensc-project.org/svnp/opensc/branches/martin/0.12@3730 c6295689-39f2-0310-b995-f0e70906c6a9
The major issue is with getting the length of an object or the cert
contained in an object. The PIV card does not have a directory on the card,
So the previous version tried to put off as long as possible the reading
of objects for performance so as to avoid having to read objects that would
not be used. The first standard, NIST 800-73, set maximum sizes for objects.
800-73-2 removed this for certificates.
A certificate object can contain a certificate which might be compressed.
The only way to get the length of the compressed certificate is to decompress
it. Thus the decompressed certificate could be larger then the container object,
so even if the PIV card had a directory, one would still need to decompress
the certificate to find its length.
OpenSC sc_read_binary will use the length obtained by using
sc_select_file(...,&file_out), and thus the lengths must be determined
in sc_select_file.
Change are to card-piv.c and pkcs15-piv.c and include:
* The old cache code which was not working was removed.
* New cache code was added which caches all object read from the card
* If an object has a cert, the cert is decompressed and also cached.
* As part of reading an object the first 8 bytes are read
and this is then used to allocate a large buffer to read in the
object.
* If pkcs15 or pkcs11 asks about a certificate, the cert object
will be read, and the cert decompressed, to get the actual length.
* If piv_select_file is called with the file_out != NULL the object
will be read to get the length If called with NULL it will not be read.
* The enumeration of the objects now starts with 0.
* sc_ctx_suppress_errors_on and off are used to avoid file not found
messages which are are a by product of not having a directory.
* "Unsigned Card Holder Unique Identifier" object in card-piv and pkcs15-piv.c
had conflicting paths, as NIST 800-72-1 had two tables with different
paths. The enumtag for it in card-piv.c was also wrong.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3710 c6295689-39f2-0310-b995-f0e70906c6a9