partially implements https://github.com/OpenSC/OpenSC/issues/1215
Refactored OpenPGP code so that future versions of the card will be
accessed using the logic for OpenPGP V2. We hope that backward
compatibility of the standard will keep the new versions functional.
tools/pkcs15-tool.c:
Dead assignment: Value stored to 'c' is never read
tools/pkcs11-tool.c:
Dead assignment: Value stored to 'n' is never read
Dead assignment: Value stored to 'rv' is never read
libopensc/card-cac.c:
Dead assignemnt: Value stored to 'tl_head_len' is never read
Dead increment: Value stored to 'outp' is never read
common/libpkcs11.c:
Memory leak in case of C_UnloadModule() fails
libopensc/pkcs15-pubkey.c:
Potential memory leaks
pkcs11/mechanism.c:
Potential memory leak
pkcs11/framework-pkcs15.c:
Potential memory leaks
Dereference of null pointer
Dead assignments
tools/sc-hsm-tool.c:
Function call argument is an uninitialized value
Dead assignment: Value stored to 'r' is never read
libopensc/card-openpgp.c:
Dead assignment: ignoring the errors in case of sc_pkcs15_encode_pubkey() failed
libopensc/pkcs15-cac.c:
Dead assignments: ignoring return values
libopensc/pkcs15-coolkey.c:
Dead assignments: ignoring return values
libopensc/card-sc-hsm.c:
Dereference of undefined pointer value: Properly check the file allocation
pkcs11/slot.c:
Dead assignment
pkcs15init/pkcs15-cflex.c:
Dereference of null pointer
Uninitialized argument values
Since "Add GCC format checking attributes to log functions" commit GCC
warns us about problems with format strings and their arguments provided
to OpenSC message logging functions.
This commit fixes all cases where GCC warned about incorrect format on
64-bit Linux, 32-bit and 64-bit mingw builds (with SM and OpenSSL enabled).
Well, almost all since on mingw GCC does not recognize "ll" size specifier
(present at least since Visual Studio 2005, also in mingw own CRT) so these
(few) warnings about it remain.
In most cases format size specifier for size_t type was missing (usually
size was left at default int level, with is different on 64-bit x86).
Some formats had too few / too many arguments.
In some cases pointers were printed as integers.
Some long variables were missing "l" prefix (especially with regard to %x
format).
Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
"CHANGE REFERENCE DATA" (PIN change) and "RESET RETRY COUNTER"
(PIN unblock) commands in OpenPGP card have various limitations.
These also depend on whether the card is version 1.x or 2.x.
Provide helpful debug messages for user in case he is trying to do
a PIN command in a way that isn't supported by the card.
Also, take into account that version 2.x cards don't support references to
PW1-mode 2 (82) in these commands - change them to PW1 (81).
Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
According to descriptions of commands "PSO: COMPUTE DIGITAL SIGNATURE",
"PSO: DECIPHER" and "INTERNAL AUTHENTICATE" in OpenPGP card spec (versions
1.1 and 2.1.1) the card adds / strips and checks PKCS#1 padding
automatically.
There is no documented way to perform raw RSA operations on this card so
SC_ALGORITHM_RSA_RAW flag shouldn't be set.
Signed-off-by: Maciej S. Szmigiero <mail@maciej.szmigiero.name>
- bug fix: re-initialize index to start searching at the right place
- get rid of unnecessary variable
- add some line breaks & comemnts for easier understanding
- get rid of unnecessary variable
- use easily understandable hex representation of APDUs
- auto-calculate APDU length based on hex representation
- restrict scope of some variables
- use sc_log() instead of directly writing to console
- line breaks & comments for easier reading/understanding
- fix typo in log message
- 2 line breaks between functions for easier reading
- function type on separate line
- mark each function as 'ABI' or 'Internal'
- slightly doxygen-ize comments introducing functions
- fix typos in comments
- break over-long comment lines
- break comment lines at sensible places
- consistent calling style for DRVDATA()
- no code change
- get rid of unnecessary variables
- use for-loop to initialize/check/increase run variable in one place
- restrict variables to the necessary scope
- use ternary operator inside a statement instead of if...else...
Basically checks that the memory allocation succeed.
The ctbcs.c change improve the readability
because count = 0 and len > 254 does not add any value.
VTA: added few coding style changes
In old implementation, the DOs which their access is restricted by
PIN (like DOs 0101 -> 0104) were excluded from the fake filesystem,
leading to that we cannot read their data later, even if we verified PIN.
If tlvblock is not stored then the value is lost and the allocated
mempry is leaked.
Coverity: Resource leak (RESOURCE_LEAK)
Calling allocation function "pgp_build_tlv" on "tlvblock".
The card contains only 1 certificate, which can be used for encrypting.
But this certificate is bound with authentication key, so when decrypting,
the authentication key will be presented to check.
This commit allows to bypass the check in driver. However, it is not enough.
The users have to import the same key to "Encryption key" to help the card find
right key to work.
OpenPGP: Add log and comments.
OpenPGP: Pretend to select dummy files.
Some files are needed by pkcs15init, but not exist in OpenPGP card.
We pretend to know these dummy files to make pkcs15init successful.
Compilation error on windows:
when declaring array use explicit size, add pkcs15-openpgp.obj in Makefile.mak
OpenPGP: Some indentations need to be tab-size-independent.
OpenPGP: Check for null data when storing fingerprints.
OpenPGP: Allow to provide creation time to store (when gen/import key).
Old: Only store current time.
New: Can provide time to store, not only calculate current time.
OpenPGP: Correct setting content of pubkey blobs after key generation.
cardctl: Add definitions to support key import in OpenPGP.
OpenPGP: Add support for key import at driver level.
Correct the way to parse response data.
Updated wrong blob for pubkey info <~~ Fix.
OpenPGP: Store creation time after generating keys.
OpenPGP: Put_data: Handle the case that DO exists but its blob does not.
When checking DO before writing, relying on blobs only will miss the case that DO exists but its blob does not, when DO is non-readable.
OpenPGP: Set algorithm attributes before generating key.
OpenPGP: Add dependency of OpenSSL.
OpenPGP: Calculate and store fingerprint.
Calculate and store fingerprint after generating key.
OpenPGP: Update blob of pubkey info.
Update blob holding pubkey info after generating key.
OpenPGP: Add step to update card algorithms.
Update card algorithms after generating key. However, this step is not implemented yet, because of suspection about wrong data (see code comment).
* use LOG_FUNC_CALLED() .. LOG_FUNC_RETURN for "symmetric" logging
* don't zero-fill the DO's contents but empty it
* get rid of unnecessary variables
* select parent DF after deletion (required by to ISO 7816-9)
* don't try to delete MF
Fail on idx > 0 in order to avoid the requirement to read from the DO.
The DO may be read-protected, and this might either fail or produce
wrong results.
* use LOG_FUNC_CALLED() .. LOG_FUNC_RETURN for "symmetric" logging
* update comment
* check that blob->data is defined
* fix writing new data to the correct offset
* use calloc() instead of malloc() & memset()
* align pgp_ops function pointer list
* make sure variables of type u8 do only get passed fitting data
* use LOG_FUNC_CALLED() .. LOG_FUNC_RETURN for "symmetric" logging
* leave most of the spcial casing in ADPU handling to sc_adpu_transmit()
* use SC_ADPU_CASE_1 for empty buffer (avoids special casing Lc=0)
* clean up log strings & comments
Replace the "one-trick-pony" pgp_do_iswritable() with a more generic
function returning the blob matching the passed tag.
This way we can get rid of the one-line function pgp_blob_iswritable() too.
comparisons like these can be done in the caller.
Set pin references to 0x01 - 0x03 instead of 0x81 - 0x83.
The PINs are referenced as PIN1- PIN3 (resp. PW1 - PW3) in the OpenPGP
card specification.
Technically the APDUs to verify/change the PINs contain the values OR-ed
with 0x80, but this is just a technical detail of the implementation
which the emulated file system can hide in pgp_pin_cmd().
Pros & Cons:
+ consistent PIN naming
+ no trouble entering the correct PIN names in opensc-explorer et.al.
("verify CHV1" is way better than "verify CHV129")
- manually entering the correct APDU for VERIFY is a bit more complex.
(who does this anyway, when there are better functions)
While at it, change if .. elsif ... cascade to switch statement.
* parse more extened capabilities & features into a private enum
* for v2.0 cards, always parse the "historical bytes" DO
reason: ATR may be static and thus cannot reflect the state
Remove links pointing to the blob to be deleted from other blobs in the
blob tree structure, so that removing a subordinate blob does not hurt
its parent or siblings.
Signed-off-by: Peter Marschall <peter@adpm.de>
Frank Morgner
Jakub Jelen
Maciej S. Szmigiero
Michał Trojnara
Frank Morgner
Peter Marschall
Robert Ou
Nguyễn Hồng Quân
vletoux
george
Ludovic Rousseau
Nguyễn Hồng Quân
Viktor Tarasov
Martin Paljak