Jakub Jelen
2d6de2510c
pkcs15: Drop bogus checks
2020-07-07 16:21:21 +02:00
Jakub Jelen
4c473fba29
authentic: Clean private data on error
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=23786
2020-07-07 16:21:21 +02:00
Jakub Jelen
05dcde508b
authentic: Use memmove as the memory can overlap (if path is > 2B)
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=23787
2020-07-07 16:21:21 +02:00
Jakub Jelen
5098cfdb40
authentic: Do not leak memory on fail path
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=23788
2020-07-07 16:21:21 +02:00
Jakub Jelen
7cf8087351
asepcos: Avoid heap-buffer-overflow
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=23529
2020-07-07 16:21:21 +02:00
Jakub Jelen
c4d7bb1a7b
Do not crash on if private certificate is ignored ( #2057 )
2020-07-07 16:21:21 +02:00
Jakub Jelen
43379b3b22
coolkey: Rewrite coolkey_rsa_op() for better readability
2020-07-07 16:21:21 +02:00
Jakub Jelen
0cda376dba
pkcs15-pubkey: Make sc_pkcs15_pubkey_from_spki_fields more robust against errors
...
Original patch from Douglas E Engert <deengert@gmail.com>
2020-07-07 16:21:21 +02:00
Jakub Jelen
e759b17b66
pkcs15-pubkey: Avoid memory leaks when spki parsing fails
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22189
2020-07-07 16:21:21 +02:00
Jakub Jelen
56f4c6c34a
piv: Free pubkey on error
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22297
2020-07-07 16:21:21 +02:00
Jakub Jelen
3696331d5c
Remove more needless checks for NULL before free
2020-07-07 16:21:21 +02:00
Jakub Jelen
fea08d749d
coolkey: Avoid memory leak
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=23251
2020-07-07 16:21:21 +02:00
Jakub Jelen
054cb08c90
Add CII Best practices badge
...
this splits also badges to separate lines for simpler diffs. They are still rendered on single line
2020-07-07 12:37:58 +02:00
Jakub Jelen
0defebfe05
doc: Recommend pin caching in combination with pin_cache_ignore_user_consent configuration option
2020-07-03 17:55:24 +02:00
Jakub Jelen
97ec23a2d9
pkcs11: Propagate ignore_user_consent
...
If user consent is ignored through configuration, do not present
ALWAYS_AUTHENTICATE=TRUE attribute in PKCS#11
Fixes #2039
2020-07-03 17:55:24 +02:00
Raul Metsma
7a29e6c047
Move to macOS Utilities folder
...
Signed-off-by: Raul Metsma <raul@metsma.ee>
2020-07-03 17:36:49 +02:00
Jakub Jelen
c458d81723
SECURITY.md: Introduce security reporting process
2020-07-03 17:32:50 +02:00
Zoltan Kelemen
929717b505
Make PUK reference available to card driver from PKCS #15 layer for PIN
...
unblock operations. This helps some of the card drivers which otherwise
would have a hard time locating the PUK for a PIN.
2020-07-02 13:24:57 +02:00
Zoltan Kelemen
bf30d64cf9
Fixes build error in opensc-notify (issue #2068 ).
2020-07-02 13:20:01 +02:00
René Liebscher
223a0949e8
Add sc_free()
...
For more details see https://github.com/OpenSC/OpenSC/issues/2054
2020-06-22 10:47:59 +02:00
René Liebscher
4d96fbfed4
Remove compiler warnings/errors
...
Recent compilers have activated some additional
checks which let the build fail. (at least with cygwin)
(Normally it would be warnings but opensc compiles
with -Werror)
GCC 9.3:
In file included from profile.c:27:
profile.c: In function '__expr_get':
profile.c:2273:18: error: array subscript has type 'char' [-Werror=char-subscripts]
2273 | while (isspace(*s))
| ^~
clang 8.0.1:
compat_getopt_main.c:102:22: error: array subscript is of type 'char' [-Werror,-Wchar-subscripts]
rc = toupper(rc);
^~~~~~~~~~~
/usr/include/ctype.h:161:25: note: expanded from macro 'toupper'
(void) __CTYPE_PTR[__x]; (toupper) (__x);})
^~~~
Actually the code is correct as isspace and others
are used here with data type char, and are to be used
with data type int.
So either the compiler should have deactivated
this error, or the ctype.h macros have to be
written so the compiler no longer complains.
As there is also a simple workaround by casting
char to unsigned char, there is no need to wait for one
of the former options to be happen sometime.
2020-06-22 10:47:02 +02:00
Jakub Jelen
e63f054af9
README: Fix pipeline icons from gitlab CI
2020-06-11 11:23:31 +02:00
Jakub Jelen
7ae74c524f
piv: Avoid accessing memory after zero-length tags
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=23215
2020-06-09 13:02:27 +02:00
Jakub Jelen
5e7d4fb8ba
oberthur: Avoid memory leaks
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=23126
2020-06-09 13:02:27 +02:00
Jakub Jelen
0a34d11cb7
oberthur: Avoid memory leaks on error paths
2020-06-09 13:02:27 +02:00
Jakub Jelen
c3b9152a99
.travis-ci: Explicitly require new build dependency for yubico-piv-tool
2020-06-09 13:02:27 +02:00
Jakub Jelen
57c895165f
.travis-ci: yubico-piv-tool build system was changed to cmake
2020-06-09 13:02:27 +02:00
Jakub Jelen
62403eec34
tcos: Use memset instead of for cycle
2020-06-09 13:02:27 +02:00
Jakub Jelen
9dd3370673
oberthur: Fix operator precedence
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22665
2020-06-09 13:02:27 +02:00
Jakub Jelen
a5f04188bc
pteid: Do not overwrite already set information in tokeninfo
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22578
2020-06-09 13:02:27 +02:00
Jakub Jelen
f49162af04
Avoid memory leaks when initializing tokeninfo in various drivers
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22578
2020-06-09 13:02:27 +02:00
Jakub Jelen
71d1f69a3a
Reformat tcos_compute_signature() for better readability
2020-06-09 13:02:27 +02:00
Jakub Jelen
e6848b6d88
tcos: Yet anoter buffer underflow as previous
2020-06-09 13:02:27 +02:00
Jakub Jelen
fa719b301f
tcos: Prevent buffer underflow
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22995
2020-06-09 13:02:27 +02:00
Jakub Jelen
d141b35596
tcos: Rewrite assert to explicit check
2020-06-09 13:02:27 +02:00
Jakub Jelen
1819ca33d6
tcos_decipher: Reformat to improve readability
2020-06-09 13:02:27 +02:00
Jakub Jelen
53395f4075
tcos: Replace assert with explicit check
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22999
2020-06-09 13:02:27 +02:00
Jakub Jelen
8940ed5d85
tcos: Avoid memory leak on invalid inputs
...
(make sure the pointer is initialized)
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22765#c2
2020-06-09 13:02:27 +02:00
Jakub Jelen
b418601942
pkcs11-spy: Dump slot id for C_WaitForSlotEvent
2020-06-09 13:02:27 +02:00
Frank Morgner
36247d85b0
pkcs11: fixed notifying twice in case of an attached reader
...
before 14e396273
sc_wait_for_event() only notified in case of a new
reader, but didn't add it to the internal list of readers. That's why
PKCS#11 needed to bail out early in this case (and the application had
to call C_WaitForSlotEvent a second time to actually get the related
slot). Since sc_wait_for_event() can now handle insertion correctly, we
can now immediately check (and reset) the events on the slots.
2020-06-09 12:07:04 +02:00
Frank Morgner
1c7b311289
pcsc: immediately exit on hotplug events
...
fixes delayed notification for removed readers
closes https://github.com/OpenSC/OpenSC/issues/2021
2020-06-09 12:07:04 +02:00
Frank Morgner
8f6e5dc2b0
Unbreak wait for events
...
By Jabuk Jelen
Fixes https://github.com/OpenSC/OpenSC/issues/2021
2020-06-09 12:07:04 +02:00
Frank Morgner
1bb2547abc
respect PKCS#11 allowed return values
2020-06-08 14:18:23 +02:00
Luka Logar
fc296b5488
IsoApplet: Add some more Travis tests
2020-06-08 14:18:23 +02:00
Frank Morgner
6a6b3e4b62
prevent memory leak
2020-06-08 14:18:23 +02:00
Frank Morgner
58b03b68dd
check for unbound cards
...
closes https://github.com/OpenSC/OpenSC/pull/2045
2020-06-08 14:18:23 +02:00
Luka Logar
a10b661f99
IsoApplet: Fix uninitialized public key oid during key generation
2020-06-05 14:48:50 +02:00
Peter Marschall
ca5f5c8844
explorer: set stdout to O_BINARY in Windows where needed
2020-06-05 14:48:08 +02:00
Peter Marschall
5714dbfa08
opensc-explorer: add function 'get_record'
2020-06-05 14:48:08 +02:00
Peter Marschall
f55c4e5c93
opensc-explorer: extend path_to_filename()
...
Expect a record number as 3rd parameter:
if this record number is greater than 0, indicating a single record,
then append the record number to the file name being constructed.
2020-06-05 14:48:08 +02:00