giomba
/
opensc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
7,399 Commits 1 Branch 30 Tags 20 MiB
Commit Graph

7399 Commits

Author SHA1 Message Date
Jakub Jelen 7e0ef7c16c framework-pkcs15.c: Reformat 
* Reasonable line lengths
 * Correct indentation
 * Add missing SHA224 mechanism
 2018-11-05 09:15:20 +01:00
Jakub Jelen 7cced08a88 coolkey: Check return values from list initialization (coverity) 
>>>     CID 324484:  Error handling issues  (CHECKED_RETURN)
>>>     Calling "list_init" without checking return value (as is done elsewhere 8 out of 9 times).
 2018-11-05 09:15:20 +01:00
Jakub Jelen f276f7f8f4 coverity: Add allocation check 
*** CID 323588:  Uninitialized variables  (UNINIT)
/src/libopensc/sc.c: 873 in sc_mem_secure_alloc()
 2018-11-05 09:15:20 +01:00
Hannu Honkanen 351e0d2bd6 Merge remote-tracking branch 'upstream/master' into wrapping-rebased and resolve conflicts 2018-11-02 13:42:41 +02:00
Hannu Honkanen b35fb19ec4 Resolved conflict in pkcs15_create_secret_key 2018-11-02 13:28:51 +02:00
Peter Marschall 26025b2f5d pkcs15-tool: list & dump cleanups 
* when listing public keys, do not cut object labels in compact mode
* when listing private keys in compact mode, left align labels
* make hex codes at least 2 chars wide by changing "0x%X" to "0x%02X"
 2018-11-01 12:25:04 +01:00
Frank Morgner c70888f9ab allow compilation with --disable-shared 2018-11-01 00:17:22 +01:00
Frank Morgner 54cb1099a0 fixed warnings about precision loss 2018-11-01 00:17:22 +01:00
Frank Morgner 5c7b7bb0b1 fixed minor XCode documentation warnings 2018-11-01 00:17:22 +01:00
Hannu Honkanen f88419bc63 Removed pointless curly brackets 2018-10-31 10:36:50 +02:00
Hannu Honkanen 7bb53423a1 Code cleanup and minor corrections according to review. pkcs15-lib: Extractable keys are now marked as native. Check return value of check_key_compatibility in more explicit way to avoid misunderstandings. 2018-10-31 10:36:41 +02:00
Hannu Honkanen 90ec7123ba Corrections and code cleanup as requested in review. Changed value to void* in sc_sec_env_param_t, because param_type defines type of the value. Fixed handling of secret key length in framework-pkcs15 and pkcs15-lib: CKA_VALUE_LEN from PKCS#11 is in bytes, PKCS#15 objects need key length in bits. Rebased on top of upstream/master and resolved merge conflicts. 2018-10-31 10:27:03 +02:00
Lars Silvén 84317f4e9d Fixing missing call to sc_unlock. 2018-10-31 10:27:03 +02:00
Hannu Honkanen 8ebb43d440 Removed #ifdef USE_PKCS15_INIT around __pkcs15_create_secret_key_object. This function is now used also when reading and parsing a card, not only when creating new objects. 2018-10-31 10:27:03 +02:00
Hannu Honkanen ec297b618f sc_pkcs15_wrap: Fixed checking target key type. (checked partly from wrapping key) 2018-10-31 10:27:03 +02:00
Hannu Honkanen e636b64377 Fixed: Return OK by PKCS#11 convention if NULL out buffer is provided, when caller wants to query required buffer size. 2018-10-31 10:27:03 +02:00
Hannu Honkanen f2c041d290 card-myeid: Removed NULL out buffer assertion to allow caller to query required buffer size. 
mechanism.c: Bug fix to sc_pkcs11_wrap. Wrong operation was stopped in end of the function.
 2018-10-31 10:27:03 +02:00
Hannu Honkanen 287a63c704 Fixes to key wrapping and unwrapping code: Set IV correctly in symmetric unwrap. Correctly distinguish symmetric and asymmetric operation when building APDUs. Check CKA_TOKEN from the pkcs15 object in framework_pkcs15. Updated some comments. 2018-10-31 10:27:03 +02:00
Hannu Honkanen 861d8b308b Fixed myeid_unwrap with symmetric keys: set correct p2 and no padding indicator byte. 2018-10-31 10:27:03 +02:00
Hannu Honkanen 4ce7e5289b Fixed setting secret key length. CKA_VALUE_LEN comes as number of bytes, so multiply it by 8 to set correct bit length to the key file. 2018-10-31 10:27:03 +02:00
Hannu Honkanen eba75ead20 framework-pkcs15: set CKA_EXTRACTABLE into pkcs#15 secret key object's access flags when set. pkcs15-sec: Return needed buffer size correctly when an insufficient buffer is provided. 2018-10-31 10:27:03 +02:00
Hannu Honkanen f74150b53d Proprietary attribute bits in FCP had to be adjusted due to conflicts with existing attributes. The needed changes were made to both card and OpenSC code. 2018-10-31 10:27:03 +02:00
Hannu Honkanen c891ad2aad Fixed version check for key wrapping functionality. Return needed buffer size in myeid_wrap_key, if no buffer or too small buffer is provided. 2018-10-31 10:27:03 +02:00
Lars Silvén 6b8c284d3e Fixing pointer conversion that is invalid on some architectures. 2018-10-31 10:27:03 +02:00
Hannu Honkanen 550d4eb030 Small fixes to key wrapping and unwrapping. Handle target file ref using sc_sec_env_param type. Transmit initialization vector in symmetric key operations from PKCS#11 layer (mechanism param) to the card driver level, allow setting it in sc_set_security_env. 2018-10-31 10:27:03 +02:00
Hannu Honkanen 2487bc18d1 When creating symmetric keys, use CKK_ definitions (key type) rather than CKM_ definitions (mechanism) to specify the key type. 2018-10-31 10:24:19 +02:00
Hannu Honkanen 7454133272 Added flags to distinguish AES ECB and CBC modes. Added SC_ALGORIHM_UNDEFINED definition to be used with CKK_GENERIC_SECRET type keys. Added sc_sec_env_param type, which can be used to define additional parameters when settings security environment. This is now used for setting IV in symmetric crypto and target EF in key wrapping/unwrapping. 2018-10-31 10:24:19 +02:00
Hannu Honkanen a2156da044 Fix encoding of SC_ASN1_CHOICE entry "parameters" in c_asn1_algorithm_info. Format only the selected entry of the choice. 2018-10-31 10:24:19 +02:00
Hannu Honkanen ae5675ca22 Fixed MSE for unwrap operation. Fixed wrong P1 when formatting APDU in myeid_unwrap_key. 2018-10-31 10:24:19 +02:00
Hannu Honkanen aa814fd8e8 Implemented C_Wrap into PKCS#11 interface. Added support for wrapping and unwrapping with secret keys into framework-pkcs15.c and all the way to the card driver level. 2018-10-31 10:24:19 +02:00
Hannu Honkanen a9ee85452e Resolved a merge conflict. Included both changes manually. 2018-10-31 10:24:19 +02:00
Hannu Honkanen c217b254fc MyEID: Initial implementation of key wrapping and unwrapping operations, and the related additions to myeid_set_security_env. 2018-10-31 10:24:19 +02:00
Hannu Honkanen edd48b3200 pkcs15init: 
- Added session_object flag to sc_pkcs15init_skeyargs to enable on-card session objects.
- Corrections to handling native and extractable flags
- Allow creating an empty secret key EF for receiving an unwrapped key later.
 2018-10-31 10:24:19 +02:00
Hannu Honkanen 9d6ac01c27 pkcs15init: Handle user_consent and set new proprietary information flags in myeid_create_key(). 2018-10-31 10:24:19 +02:00
Hannu Honkanen 1c09fa8a22 Handle AES algorithm. Doesn't set any flags, but check for AES is needed to avoid SC_ERROR_NOT_SUPPORTED. 2018-10-31 10:24:19 +02:00
Hannu Honkanen 7fc6c52f81 Set native=1 as default when decoding. Check supported algorithms and set PKCS#11 key type, if key supports AES. 2018-10-31 10:22:16 +02:00
Hannu Honkanen 9772edc7d1 Handle -u option (x509-usage) when storing secret keys. 2018-10-31 10:22:16 +02:00
Hannu Honkanen a10480d50e Continued implementation of unwrap: Creation of a target key object on card to receive an unwrapped key. Setting target key path in sc_security_env_t. 2018-10-31 10:22:16 +02:00
Hannu Honkanen 5f51d5d315 Added implementation of C_UnwrapKey all the way from PKCS#11 interface to the card driver level. 
Not yet complete, but can be run with CKA_TOKEN=FALSE set in the target object. Currently unwrapping emulated
with a decrypt operation in card-myeid.c. To be improved.
 2018-10-31 10:22:16 +02:00
Jakub Jelen e2b1fb81e0 Restore minimal CAC1 driver for legacy cards (#1502) 
* Add minimal CAC1 driver for legacy cards.

It is using the same pkcs15 backend as the CAC2 cards as well as some of
the CAC2 driver methods.

The separation is made mostly for easier card matching or disabling.
 2018-10-30 17:27:28 +01:00
Frank Morgner c3bef7d527 fixed compilation with XCode 10 
fixes https://github.com/OpenSC/OpenSC/issues/1485
 2018-10-24 10:34:43 +02:00
Frank Morgner 5095e29ae3 gio: avoid unneccessary unitialization 2018-10-22 21:44:07 +02:00
Doug Engert 2fd8e278f5 pkcs11/openssl.c - add missing mechanisms fixes #1497 
On branch pkcs11-openssl-c
 Changes to be committed:
	modified:   ../pkcs11/openssl.c
 2018-10-19 08:27:47 +02:00
Vadim Penzin 195d53b8a2 Fix division by zero in SimCList when appending to an empty list. 2018-10-16 12:10:04 +02:00
Frank Morgner 8c535c184f removed duplicate code for adding padding 
Fixes padding handling of SC_ALGORITHM_RSA_PAD_NONE introduced with
e5707b545e
 2018-10-15 15:21:52 +02:00
Jakub Jelen 46c99e769d ctx: Move coolkey driver up after improving the matching 
Fixes #1483
 2018-10-15 12:14:22 +02:00
Jakub Jelen f220d0b77d coolkey: Improve card matching to avoid mismatches in muscle 2018-10-15 12:14:22 +02:00
Jakub Jelen 55a8478ed6 cac: These functions do not have to be exposed 2018-10-15 12:14:22 +02:00
Frank Morgner ac276b1202
starcos: fixed decipher with 2.3 (#1496) 
closes https://github.com/OpenSC/OpenSC/issues/765
fixes https://github.com/OpenSC/OpenSC/issues/1495
 2018-10-11 22:50:37 +02:00
Luka Logar d517d8e18d Fix minidriver padding 
Commit e5707b545e broke signing using minidriver on Windows.

More specifically changing #define SC_ALGORITHM_RSA_PAD_NONE from 0x00000000 to 0x00000001 caused a call to sc_pkcs1_encode() to fail as the padding algorithm was not specified anywhere in the CardSignData() implementation. It kind of worked as long as SC_ALGORITHM_RSA_PAD_NONE was 0x00000000, but the above mentioned commit broke this.

Now padding algorithm has to be explicitly specified, otherwise a call to sc_pkcs1_encode() will fail.
 2018-10-11 12:47:48 +02:00