giomba
/
opensc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
7,802 Commits 1 Branch 30 Tags 20 MiB
Commit Graph

7802 Commits

Author SHA1 Message Date
Jakub Jelen ef61a95b31 coolkey: Make sure the matching objects have same lengths 
This ensures that we do not go behind the allocated buffer if
we get wrong data.

Thanks to oss-fuzz:

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19031
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19032
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19038
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19039
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19040
 2019-11-29 22:48:00 +01:00
Jakub Jelen aa6d3e1d36 coolkey: Fix the comparator return value 2019-11-29 22:48:00 +01:00
Jakub Jelen 249e928176 gp: Correctly check for the CPLC data length 2019-11-29 22:47:26 +01:00
Jakub Jelen 4f3d87d03c coolkey: Split the CPLC related structures and function to the generic GP file 2019-11-29 22:47:26 +01:00
Jakub Jelen 326955a147 reader-pcsc: Preserve the CARD_PRESENT flag to make sure the card is detected after reader reinsertion 2019-11-28 11:18:25 +01:00
Jakub Jelen 4bd8cda966 pkcs11-session: When we notice logout in lower layers, while pkcs11 thinks we are logged in, invalidate all sessions in given slot 2019-11-28 11:18:25 +01:00
Jakub Jelen e0e1f10bd3 pkcs11/slot: Fix indentation 2019-11-28 11:18:25 +01:00
Oskar Wiksten 79a51e0d18 pkcs11: Support for RSA PSS padding in verify 
* Explicitly copies the mechanism parameters during a PKCS#11 `C_VerifyInit`
  and `C_DecryptInit` operation.
* Resolves issues where the calling application deallocates the `pParameter`
  pointer in the `CK_MECHANISM` struct between calls to `C_VerifyInit` and
  `C_Verify`, or between `C_DecryptInit` and `C_Decrypt`.
* These mech parameters are used in RSASSA-PSS and RSAES-OAEP, for example.
* This commit copies the same fix that was applied to `sc_pkcs11_sign_init` in
  commit e5707b545e for supporting RSASSA-PSS.
 2019-11-28 11:17:12 +01:00
AdriaoNeves ce71b171e2 Add support for 4K RSA keys in GemsafeV1 2019-11-23 22:13:28 +01:00
carblue 6d98f8c8d8 card-myeid.c: issue #1219 2019-11-23 21:38:14 +01:00
carblue d4823541b7 pkcs15-init: Fix issue #1219 2019-11-23 21:38:14 +01:00
Jakub Jelen 2d02de4233 coolkey: Do not return uninitialized data if card does not return CPLP data 
Thanks oss-fuzz

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18990
 2019-11-18 14:02:07 +01:00
Frank Morgner bec794fbee fixed memory leak 
https://crbug.com/oss-fuzz/18953
 2019-11-18 14:01:50 +01:00
Jakub Jelen c4dcac5de7 pkcs15-prkey: Free allocated data on all error exit paths 
Thanks oss-fuzz

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18790
 2019-11-14 19:36:01 +01:00
Jakub Jelen 6d6d158f13 pkcs15-cert: Free data on all error exit paths 
https://oss-fuzz.com/testcase-detail/5645063405436928
 2019-11-14 19:36:01 +01:00
Jakub Jelen 5645fe2d16 muscle: Check length first before calling memcmp() 2019-11-14 19:36:01 +01:00
Jakub Jelen 1594b1167d muscle: Initialize variables and check return codes 2019-11-14 19:36:01 +01:00
Jakub Jelen 7360c4bf0c muscle: Avoid access uninitialized memory 2019-11-14 19:36:01 +01:00
Jakub Jelen 2c68c0662c coolkey: Avoid success from init if there are no reasonable data raturned 
Thanks to oss-fuzz

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18918
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18915
 2019-11-14 19:36:01 +01:00
Jakub Jelen 75847f4e93 Make ef_dir variable local 
Thanks oss-fuzz

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18821
 2019-11-13 15:48:40 +01:00
Jakub Jelen f11c286bc6 coolkey: Refactor the object listing to avoid invalid memory access 
Probably resolves some bad memory access from oss-fuzz such as

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18907
 2019-11-13 15:48:33 +01:00
Jakub Jelen 07d3d8e0df compression: Free allocated data and return error if nothing was uncompressed 
Also harmonizes the return codes from decompress*() functions

Fixes oss-fuzz issue

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18771
 2019-11-13 15:48:25 +01:00
Frank Morgner 5557f34f5e Revert "pkcs15-pubkey: Avoid memory leaks" 
This reverts commit 0977b5496a.
 2019-11-12 11:57:43 +01:00
Jakub Jelen b79db82ae7 openpgp: Workaround non-compliant Yubikey 5 OpenPGP applets 
Fixes #1850
 2019-11-12 03:38:09 +01:00
Jakub Jelen 0977b5496a pkcs15-pubkey: Avoid memory leaks 
Thanks oss-fuzz

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18758
 2019-11-11 22:02:53 +01:00
Jakub Jelen cc917b541f asn1: Avoid calling malloc with 0 argument 
Caused problems reported by oss-fuzz

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18758
 2019-11-11 22:02:41 +01:00
Jakub Jelen cd51430ba7 asn1: Avoid malloc(0) also from BIT STRING and GENERALIZED TIME structures 2019-11-11 22:02:30 +01:00
Jakub Jelen e50bc29bd9 card-setcos.c: Avoid unsigned integer underflow 
Thanks oss-fuzz

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18798
 2019-11-11 22:02:18 +01:00
Jakub Jelen c173563ad2 coolkey: Accept only SW=90 00 as success to prevent interpretting invalid values 2019-11-11 22:02:08 +01:00
Jakub Jelen ef3e223917 coolkey: Do not interpret empty answers as success 
Thanks to oss-fuzz

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18868
 2019-11-11 22:01:56 +01:00
Peter Popovec e6a24b71ab MyEID: fix max_recv_size 
MyEID 3.3.3 is not working with hardcoded max_recv_size=256 in
card-myeid.c. Use max_recv_size=255 if card major version < 40

Fixes #1852
 2019-11-11 21:01:51 +01:00
Frank Morgner a8de0070fd fixed Null-dereference READ 
https://oss-fuzz.com/testcase-detail/5644373382922240
Thanks to OSS-Fuzz
 2019-11-06 23:38:37 +01:00
Frank Morgner 1a069ca71e fixed Global-buffer-overflow READ 1 
https://oss-fuzz.com/testcase-detail/5685978287308800
Thanks to OSS-Fuzz
 2019-11-06 23:08:43 +01:00
Frank Morgner 8fea658fe9 fixed 121888 Time of check time of use 2019-11-05 21:49:30 +01:00
Frank Morgner 3a5a90450e fixed 333715 Dereference after null check 2019-11-05 21:49:30 +01:00
Frank Morgner 7007b4a889 fixed 127766 Out-of-bounds read 2019-11-05 21:49:30 +01:00
Frank Morgner 8d7092c0cb 13598 Unchecked return value 2019-11-05 21:49:30 +01:00
Frank Morgner 192994fa13 fixed 13608 Unchecked return value 2019-11-05 21:49:30 +01:00
Frank Morgner 804cb68057 removed 339153 Logically dead code 2019-11-05 21:49:30 +01:00
Frank Morgner 8d3dfb2f6d ignore for 339158 Dereference before null check 2019-11-05 21:49:30 +01:00
Frank Morgner 07cff0e168 fixed 341844 Incorrect deallocator used 2019-11-05 21:49:30 +01:00
Frank Morgner 8b6ba40a8e fixed 341853 Resource leak 2019-11-05 21:49:30 +01:00
Frank Morgner fa35be5859 fixed 347857 Resource leak 2019-11-05 21:49:30 +01:00
Frank Morgner 2a2662fb3d fixed 348981 Resource leak 2019-11-05 21:49:30 +01:00
Frank Morgner 7a1e42e135 fixed compiler warning 
fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18701
 2019-11-05 10:58:32 +01:00
Frank Morgner c3f23b836e fixed UNKNOWN READ 
Reported by OSS-Fuzz
https://oss-fuzz.com/testcase-detail/5681169970757632
 2019-11-03 04:45:28 +01:00
Frank Morgner 6263afbe43 fixed memory leak 
Reported by OSS-Fuzz
https://oss-fuzz.com/testcase-detail/5697134632632320
 2019-11-03 04:38:09 +01:00
Jakub Jelen d3f60a657f pkcs15*: Fail if there is no fallback file_app 2019-11-01 15:53:40 +01:00
Jakub Jelen b75c002cfb cac1: Correctly handle the buffer limits 
Found by oss-fuzz

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18618
and others
 2019-11-01 15:53:40 +01:00
pkubaj bfa8415ea3 Fix build on ARM, PPC 
Those architectures use unsigned char by default, and command variable is later compared to -1.
 2019-11-01 15:51:06 +01:00