Viktor Tarasov
e8eb4cd7ed
pkcs11-framework: do not wrap subject in a second ASN1 sequence
...
In a supplement to f5d53ab01783b0c37802e35f063fdbe5814bdbc7.
Subject and Issuer, returned by pkcs#15 framework, are already encoded as ASN1 sequence.
No need to wrap them in a second ASN1 sequence frame.
2013-04-07 17:09:15 +02:00
Viktor Tarasov
c66278098b
tools: missing names for ACL methods
...
thanks to fdeybach@gmail.com
https://sourceforge.net/mailarchive/message.php?msg_id=30684430
2013-04-06 22:06:52 +02:00
Viktor Tarasov
98db49936a
pkcs15: 'issuer' and 'subject' have to be DER encoded sequence
...
'issuer' and 'subject' data have been the non-encoded sequence of rDNs
2013-03-17 13:56:26 +01:00
Martin Paljak
32ed309037
pkcs11: use calloc instead of malloc; remove obsolete malloc.h references.
2013-03-15 23:02:02 +02:00
Martin Paljak
3b4f7b9ff7
pkcs11: Don't touch readers or inserted cards in C_Initialize in 2.20 mode
...
This significantly speeds up calling C_Initialize.
Thanks to Nikos Mavrogiannopoulos for the tip.
2013-03-15 23:01:16 +02:00
Martin Paljak
c2b6a0d500
pkcs11: report the library version based on plug-n-play feature.
2013-03-15 21:28:29 +02:00
Martin Paljak
9901682288
Normalize SC_ERROR_* API and clean up ISO7816-4 errors.
...
* iso7816_check_sw() emits a "informational message" (from ISO7816-4 table 6)
* SW-s which are not known or not meaningful for internal API get translated
to SC_ERROR_CARD_CMD_FAILED by default, so use it also in the SW table
* Remove undefined SW-s and move generic SW-s to their sequential location.
This commit improves 8fc679bf40
2013-03-15 12:30:38 +02:00
Viktor Tarasov
6f1ae23b1e
pkcs11: segfault if 'application-file' not defined
...
for some cards with emulated PKCS#15 'file_app' from 'application-info' is not defined
2013-03-12 10:23:35 +01:00
Viktor Tarasov
3b0ac5f8e7
pkcs15init: copy DATA object value to 'pkcs15-data-info'
...
When creating new DATA object, keep it's value in 'data' member of
'sc-pkcs15-data-info' data.
Used by pkcs15init emulation layer to store DATA value into a proprietary placement.
2013-03-11 18:25:22 +01:00
Viktor Tarasov
c1b6575204
pkcs15init tool: throw error when invalid appliaction-id supplied
...
fix action labels
2013-03-11 18:25:05 +01:00
Viktor Tarasov
743ca1cedc
pkcs15: new 'data' member in 'sc_pkcs15_data_info'
...
New member keeps the value of the PKCS#15 DATA object.
Internal pkcs15 procedure that reads DATA object is modified
to check if requested data are already vailable in 'data-info',
an only then try to read the content of dedicated on-card file.
For some emulated PKCS#15 systems value of DATA object is kept as 'direct' value
in a proprietary attribute files and so the common read procedure could not be used.
; some efforts to unify layout of code source.
2013-03-11 13:04:10 +01:00
Viktor Tarasov
a24ecd0733
pkcs11-tool: ignore CRYPTOKI_ALREADY_INITIALIZED error
...
https://github.com/OpenSC/OpenSC/pull/118
Print warning and ignore 'Cryptoki library has already been initialized' error
returned by C_Initialize().
2013-03-10 13:45:32 +01:00
Viktor Tarasov
8fc679bf40
libopensc: invalid usage of SC_ERROR_MEMORY_FAILURE
...
Initiated by discussion in https://github.com/OpenSC/OpenSC/pull/134 .
SC_ERROR_MEMORY_FAILURE has to be used as a resulting code of the card related operations,
and not as result of the memory allocation problems.
New 'warning' category of SC_ERRORs introduced -- SC_WARNING_xx .
Error text and SC_ERROR associated with return codes 6300 and 6200 has been changed.
2013-03-02 19:29:14 +01:00
Zbigniew Halas
b1a4775310
epass2003: properly disable padding
...
EVP_CIPHER_CTX_set_padding needs to be called after EVP_EncryptInit_ex
and EVP_DecryptInit_ex, otherwise padding is re-enabled, which in turn
causes buffer overruns
2013-02-27 23:44:02 +00:00
Ondrej Mikle
83dc469f07
epass2003: list_files implemented
2013-02-25 19:21:52 +01:00
Viktor Tarasov
7a57fa8689
win32: build and include to MSI package 'openpgp-tool.exe'
2013-02-25 19:12:06 +01:00
Martin Paljak
16ee818440
Update domain name. paljak.pri.ee is gone since 2011.
2013-02-25 11:58:25 +02:00
Viktor Tarasov
3c804ff382
libopensc: more comments about FCP data
2013-02-25 10:20:31 +01:00
Viktor Tarasov
4b30292585
more macros for the values from ISO specification
2013-02-24 19:37:35 +01:00
Viktor Tarasov
326232de90
libopensc: introduce 'encoded-content' to the sc_file data
...
it's the hold place for the file's initial encoded content.
For some cards such data can be included into the file creation command.
2013-02-24 19:37:35 +01:00
Viktor Tarasov
5140c4a1f1
libopensc: use short form of the debug message calls
2013-02-24 19:37:35 +01:00
Ondrej Mikle
ee48ea187a
Fix to allow exponents other than 65537 for Feitian ePass 2003
2013-02-16 21:13:17 +01:00
Andreas Schwier
b34d916e60
sc-hsm: Fixed problem deleting CA certificates
...
sc-hsm: Fixed public key format returned when generating ECC keys
2013-02-15 15:02:28 +01:00
Frank Thater
0577f7d4f5
sc-hsm-tool: Added support for DKEK password sharing scheme
2013-02-07 15:07:42 +01:00
Andreas Schwier
99af6cd8ee
sc-hsm: Fixed a bug that prevents a newly generated 2048 key to show up at the PKCS#11 interface
2013-01-27 18:42:33 +01:00
Andreas Schwier
6d51b320f3
sc-hsm-tool: Added better error handling for non-SmartCard-HSM cards
2013-01-27 18:42:33 +01:00
mescheryakov1
f55bb019d9
Update src/tools/pkcs11-tool.c
...
fixed filling key type attr on writing object
pointer refers to local variable from destroyed stack frame
2013-01-27 18:37:45 +01:00
Toni Sjöblom
58679a5df1
Fixed file-id in myeid.profile
2013-01-27 18:34:07 +01:00
Viktor Tarasov
d30cd83ad4
SM: common SM 'increase-sequence-counter' procedure
2013-01-06 17:34:35 +01:00
Viktor Tarasov
6a4de6d551
libopensc: APDU 'allocate & copy'and 'free' procedures
2013-01-06 17:30:41 +01:00
Viktor Tarasov
8d7c773561
SM: move SM APDU procedures to dedicated source file
...
new SM errors: 'session-already-opened' and 'invalid-checksum'
declare typed data for DH SM session
2013-01-06 16:40:17 +01:00
Viktor Tarasov
4c1c39f3e4
opensc-tool: add 'call-SM-handler' command
...
'open' and 'close' handlers of the card's SM driver can be called
2013-01-06 13:13:08 +01:00
Viktor Tarasov
3f30e14087
sm: move SM common crypto procedures to the dedicated library
...
rename 'sm' source directory
2013-01-04 22:29:59 +01:00
Viktor Tarasov
250364c060
pkcs15init: fix spurious gcc overflow warning,
...
thanks to Milan Broz (mbroz@redhat.com )
As discussed in pull request #115 (https://github.com/OpenSC/OpenSC/pull/115 ),
'if' test of impossible condition is removed in 'cardos' and 'incypto34' card drivers.
2013-01-04 19:03:46 +01:00
Viktor Tarasov
cc5a171ddc
pkcs15: regression in e35febe: compute cert length
...
parse_x509_cert() reviewed.
Now certificate's DER data are allocated and the DER data length is determined in one place.
https://github.com/OpenSC/OpenSC/pull/114
https://github.com/OpenSC/OpenSC/commit/e35febe
2012-12-25 20:05:45 +01:00
Viktor Tarasov
3aaf95c21b
cardOS: compile on Windows
...
few coding style remarks
2012-12-16 11:50:08 +01:00
mtausig
1d75427f55
cardOS: Use information from AlgorithmInfo
...
In set_security_env, the algorithmInfo structure (from the TokenInfo file of
PKCS#15) is parsed to see, what algorithm IDs are supported for signature
operations.
Using the information from AlgorithmInfo set in set_security_env when
computing signatures.
Fixed incorrect order of code blocks. If neither a reference to rsa_sig nor to
rsa_pure_sig is found in AlogirthmInfo, boths methods are enabled before (and
not after) trying pure_sig
2012-12-16 11:23:35 +01:00
blumentopf
d5c2401e19
pkcs15-gemsafeV1.c: Multiple key containers and ATR-specific PIN policies
...
pkcs15-gemsafeV1.c: Change PIN data structure to make MSVC compiler happy
pkcs15-gemsafeV1.c: Turn constants into macros to make MSVC compiler happy
2012-12-16 10:09:44 +01:00
Anthony Foiani
f7c12574ee
pkcs15-tool: initialize 'opt_auth_id' consistently.
...
All the other option values are initialized to NULL, so do the same to
opt_auth_id.
(Although, as they're all static globals, they should be set to 0 at
runtime anyway, I think...)
Signed-Off-By: Anthony Foiani <anthony.foiani@gmail.com>
2012-12-10 00:54:26 -07:00
Viktor Tarasov
8b07b9c5a7
compile on Windows, minor codding style issues
2012-12-03 15:21:22 +01:00
sjoblomt
457426543d
MyEID ECDSA support
2012-12-03 14:37:13 +01:00
Viktor Tarasov
9e9b3d0bd8
tool: in 'do_apdu' increase size of send/receive buffers
2012-11-28 11:09:36 +01:00
Viktor Tarasov
60b7e52e06
pkcs15: mandatory 'publicKeyCoefficients' in encode/decode public key procedures
...
http://www.opensc-project.org/pipermail/opensc-devel/2012-November/018586.html
2012-11-20 22:58:37 +01:00
Ludovic Rousseau
81bbddfc24
card-gemsafeV1: Add a GemSafe V1 ATR
...
Thanks to Lukas Wunner for the patch
2012-11-20 19:11:23 +01:00
Anthony Foiani
27c677188e
pcks11: trivial: fix debug output for CKA_PRIME_1 and CKA_PRIME_2
...
Without this patch, debugging output issues these as unknown
attributes:
... C_CreateObject(): CKA_PRIVATE_EXPONENT = 97F798...
... C_CreateObject(): Attribute 0x124 = EFE5AD...
... C_CreateObject(): Attribute 0x125 = D4D3F6...
... C_CreateObject(): CKA_EXPONENT_1 = 5815FD...
With this patch, we see:
... C_CreateObject(): CKA_PRIVATE_EXPONENT = 97F798...
... C_CreateObject(): CKA_PRIME_1 = EFE5AD...
... C_CreateObject(): CKA_PRIME_2 = D4D3F6...
... C_CreateObject(): CKA_EXPONENT_1 = 5815FD...
Signed-Off-By: Anthony Foiani <anthony.foiani@gmail.com>
2012-11-20 08:46:27 +01:00
Anthony Foiani
f63135afab
tools: check return value after each call.
...
It seems that this suffered some copy and paste damage at some point.
Change so that we check each return value immediately after the API
call.
Signed-Off-By: Anthony Foiani <anthony.foiani@gmail.com>
2012-11-20 08:46:27 +01:00
Andreas Schwier
fb8e0cc3b2
sc-hsm: Improved checking in sc-hsm-tool
2012-11-20 08:46:27 +01:00
Andreas Schwier
0adec1bddd
sc-hsm: Fixed bug with memory released to early
2012-11-20 08:46:27 +01:00
Andreas Schwier
bbbfae4bf0
sc-hsm: Now saving the internal CSR in place of the certificate and decoding the public key at initialization (RSA only)
2012-11-20 08:46:27 +01:00
Viktor Tarasov
6c051f8490
pkcs11: check arguments in get_bignum_bits() procedure
...
t451: segmentation fault when getting public key bits number
2012-11-12 16:46:25 +01:00