3135fccdca
itacns: Correctly free allocated memory
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28510
2021-01-06 14:15:06 +01:00
049b2a8754
pkcs15: Do not override tokeninfo in bind_internal
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28550
2021-01-06 14:15:06 +01:00
66f274dcaf
authentic: Fix copy&paste error in log message
2021-01-06 14:15:06 +01:00
b48696539d
tests: Verify there are no duplicate symbols exported
2021-01-06 14:15:06 +01:00
88543529a2
pkcs11.exports: Remove duplicate symbols
2021-01-06 14:15:06 +01:00
f7b0ce3dac
Remove duplicate symbols from libopensc.exports
2021-01-06 14:15:06 +01:00
f443c391b0
PIV whitespace cleanup and addtion of // clang-format off|on
...
Cleanup trailing whitespaces and protect hand formated structures
in card-piv.c and pkcs15-piv.c
On branch PIV-whitespace
Changes to be committed:
modified: card-piv.c
modified: pkcs15-piv.c
2020-12-15 11:14:15 +01:00
f8af905574
Fixes #2175 , C_GetAttributeValue for CKA_EXTRACTABLE, CKA_MODIFIABLE
2020-12-10 13:04:11 +01:00
1ae8b60425
mcrd: Do not leak memory
...
Similar as in 62049ea18chttps://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28405
2020-12-09 15:50:54 +01:00
5df913b7f5
tcos: Check bounds in insert_pin()
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28383
2020-12-09 15:50:54 +01:00
69544553c3
tcos: Reformat insert_pin() for readability
2020-12-09 15:50:54 +01:00
196bf9e574
gpk: Replace assert with error
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28306
2020-12-09 15:50:54 +01:00
a089353e1f
MyEID: enable more PKCS11 mechanisms
...
This patch enables using of: SHA224-RSA-PKCS, SHA256-RSA-PKCS,
SHA384-RSA-PKCS, SHA512-RSA-PKCS and PSS variants of these mechanism for
MyEID users. (This patch is related to issue #2173.)
CI tests for these mechanisms are also enabled (using OsEID emulation).
2020-12-09 04:29:46 +01:00
f015746d22
idprime: Use temporary variable instead of messing up the passed one
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28185
2020-12-04 09:30:10 +01:00
78cdab949f
tcos: prevent out of bounds read
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=27719
2020-12-04 09:30:10 +01:00
3ffe24cfb6
pkcs15: Clean tokeninfo on parse errors to avoid memory leaks
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=27779
2020-12-04 09:30:10 +01:00
fb83cd0439
asn1: Improve logging
2020-12-04 09:30:10 +01:00
61eb4e487e
card: Correctly free pointers durint cache invalidation
...
As the whole structure is memset(0) on the following line,
we need to clean the pointers before doing so.
Thanks oss-fuzz
Related to:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=27797
2020-12-04 09:30:10 +01:00
175c357c37
opensctoken: avoid component spec when it's not built
2020-12-01 15:54:27 +01:00
85e08ae675
pkcs11-tool: Avoid calloc with 0 argument
2020-11-25 14:38:23 +01:00
3ce249f365
Issue 2153: organizationIdentifier is not translated by openssl 1.1.0/1.0.x
2020-11-25 09:33:20 +01:00
98beb86a38
fixed atrmask for gnuk
...
fixes https://github.com/OpenSC/OpenSC/issues/2155
2020-11-25 09:28:00 +01:00
480da424a5
fix possible infinite recursion ( #2151 )
...
fixes https://github.com/OpenSC/OpenSC/issues/2149
2020-11-25 09:27:28 +01:00
0365c3ce6c
westcos: Avoid assigning local variable to function arguments
2020-11-25 09:26:42 +01:00
3d257410b2
sc-hsm: Avoid assigning local variable to function arguments
2020-11-25 09:26:42 +01:00
63bb85b050
gpk: Avoid assigning local variable to function arguments
2020-11-25 09:26:42 +01:00
871e4f2ac6
flex: Avoid assigning local variable to function arguments
2020-11-25 09:26:42 +01:00
55a5556949
dnie: Remove unused assignment leaking local variable through parameters
2020-11-25 09:26:42 +01:00
af2fb6938c
cac: Avoid assigning local variable to function arguments
...
Reported by cppcheck. The argument is not used after
returning from this function, but better make it explicit.
2020-11-25 09:26:42 +01:00
8a6708c163
doc: Update documentation about the cache location
2020-11-25 09:26:18 +01:00
d0e5d62bf5
Verify the cache dir is correctly set with different combination of variables
2020-11-25 09:26:18 +01:00
3eae6a031c
ctx: Use more standard cache directory
...
https://specifications.freedesktop.org/basedir-spec/basedir-spec-latest.html
2020-11-25 09:26:18 +01:00
00ad8644e6
Enable CIFuzz to run fuzzers even before merging changes
2020-11-25 08:54:54 +01:00
483e153182
ASN1 cleanup part 1
...
ASN1 tags are represented in two many ways within OpenSC.
This is a trivial change to simplify one aspect of this.
It also makes the code more readable.
SC_ASN1_CLASS_MASK, SC_ASN1_APP, SC_ASN1_CTX, SC_ASN1_PRV,
SC_ASN1_CONS are changed, and SC_ASN1_CLASS_MASK is added.
These then align with the bits defined by SC_ASN1_TAG_CLASS,
SC_ASN1_TAG_APPLICATION, SC_ASN1_TAG_CONTEXT, SC_ASN1_TAG_PRIVATE,
and SC_ASN1_TAG_CONSTRUCTED.
(SC_ASN1_UNI and SC_ASN1_TAG_UNIVERSAL are both 0x00 thus no change
is needed).
(No sign of a right shift of SC_ASN1_CTX or SC_ASN1_PRV causeing
problems has been seen in the code.) If found, can be solved.)
Close examination of the OpenSC code base shows all uses of tags
used by routines and sc_asn1_entry use the defines.
This could allows 26 lines of code in sc_asn1_skip_tag used to test
the 3 CLASS and CONSTRUCTED bits to be replaced by:
if (((cla << 24) | tag) != tag_in)
return NULL;
The 26 lines still work as will any other code in OpenSC
that tests the bits using the defines. It also allows new code
to be simplified.
Problem identified while looking at better way to check response
on GET_DATA (0xCB) that returns TLV as used in card-piv.c
Changes tested using pkcs11-tool --test --login with PIV, SC_HSM
and OpenPGP cards.
2020-11-25 08:50:13 +01:00
30180986a0
update date in NEWS
2020-11-24 10:12:21 +01:00
e13294b085
speedup macOS build
...
brew update is just dead slow on older travis images
2020-11-23 22:18:38 +01:00
0e55a3497c
fixed date in NEWS
2020-11-20 22:46:30 +01:00
96a9fcd628
prepare 0.21.0
2020-11-20 21:08:47 +01:00
412372b024
tcos: Make sure we have at least two bytes to dive into the cycle
2020-11-18 23:02:34 +01:00
65461e4eb5
authentic: Avoid accessing behind buffers
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26900
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26860
2020-11-18 23:02:34 +01:00
445c651549
authentic: Improve debugging logs
2020-11-18 23:02:34 +01:00
c8b2e82713
oberthur: Once again, fix the error check
...
The shared codition was executed but the condition in LOG_TEST_RET
was not met in case of the acl was null.
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=25962
2020-11-18 23:02:34 +01:00
5eccebb4ee
pkcs15-cert: Free memory on error
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26145
2020-11-18 23:02:34 +01:00
b5b1afe401
tcos: Avoid reading behind the end of allocated buffer
...
Thanks oss-fuzz
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=27480
2020-11-18 23:02:34 +01:00
d3451faa21
tcos: Reformat insert_key
2020-11-18 23:02:34 +01:00
4554d69119
code signing is not available in pull requests
...
(since this is untrusted code)
2020-11-18 13:22:10 +01:00
c4a75eb1c2
updated NEWS file with CVEs
2020-11-12 11:14:17 +01:00
3bad4089fd
updated key.p12 password
2020-11-12 00:02:44 +01:00
b145c2c30e
added most recent changes to NEWS
2020-11-10 23:33:17 +01:00
e05574d942
use correct naming scheme for launch agents
2020-11-10 23:23:11 +01:00
Jakub Jelen
Doug Engert
Carsten Blüggel
Peter Popovec
Frank Morgner
rickyepoderi