When failed to access reader, cxt needs to be released before
exiting the program. Like in the patch of CVE-2019-6502, a
sc_release_context(ctx) is needed before line 71, or a
memory leak may occur.
Fix various spelling errors, mostly in comments but also in texts displayed.
Errors found & interactively fixed using 'codespell', with additional manual
checks after the fixes.
Have do_asn1() accept an optional parameter indicating a record number.
If this is given and the file is a record-oriented file, then ASN.1-decode
the record requested.
Have do_cat() accept an optional second parameter indicating a record number.
If this is given and the file is a record-oriented file, only print the record
requested.
during an unblock operation (this is a sign of a card with invalid PKCS #15
info). Without this error message the program just terminates silently, which
is confusing to the user.
Recent compilers have activated some additional
checks which let the build fail. (at least with cygwin)
(Normally it would be warnings but opensc compiles
with -Werror)
GCC 9.3:
In file included from profile.c:27:
profile.c: In function '__expr_get':
profile.c:2273:18: error: array subscript has type 'char' [-Werror=char-subscripts]
2273 | while (isspace(*s))
| ^~
clang 8.0.1:
compat_getopt_main.c:102:22: error: array subscript is of type 'char' [-Werror,-Wchar-subscripts]
rc = toupper(rc);
^~~~~~~~~~~
/usr/include/ctype.h:161:25: note: expanded from macro 'toupper'
(void) __CTYPE_PTR[__x]; (toupper) (__x);})
^~~~
Actually the code is correct as isspace and others
are used here with data type char, and are to be used
with data type int.
So either the compiler should have deactivated
this error, or the ctype.h macros have to be
written so the compiler no longer complains.
As there is also a simple workaround by casting
char to unsigned char, there is no need to wait for one
of the former options to be happen sometime.
Expect a record number as 3rd parameter:
if this record number is greater than 0, indicating a single record,
then append the record number to the file name being constructed.
Some cards can provide supported algorithms in tokenInfo
which contain ECDSA OID, and PKCS11 mechanism
Don't know how many Algo_refs were actually read,
and a ref of 0 may be valid. print at least one Algo_refs.
Print the mechanism from PKCS11, and print operations
Use the $(top_srcdir)/src/pkcs11/pkcs11-display.c on Unix
Use the $(TOPDIR)\src\pkcs11\pkcs11-display.obj on Windows
pkcs15.tool.c treat ECDSA OID as inline
pkcs15-tool prints PKCS11 mechanisms using pkcs11-display.c
Automake now warns that the default will change, in the future
so "[subdir-objects]" is added to configure.ac
Changes to be committed:
modified: configure.ac
modified: src/tools/Makefile.am
modified: src/tools/Makefile.mak
modified: src/tools/pkcs15-tool.c
In tests, make sute test data is either padded, or "zero" padded
so size if data <= modlen - 11. The smallest pad in 11 bytes,
00 | NN | PS | 00. PS is at least 8 bytes.
"zero" padding has N = 00, PS >= 8 byte of 00.
On branch cardos-5.3
Changes to be committed:
modified: tools/pkcs11-tool.c
always should be used, even if a PIN pad reader is used. PIN must only
be fetched from the PIN pad reader if the corresponding parameter is
null.
Before this commit PIN was always fetch from the reader if the PIN could
be fetched from the reader.
The 'pkcs11-tool has also been updated. Before parameters was never
taken from the command line if a PID pad reader was used. Now PINs from
the command line is always used but if not existing the PIN is fetched
from the reader if a reader with a PIN pad is used, otherwise the user
is prompted for PIN(s) from the CLI.
- If readers are attatched, the new reader is probed for a card to check
if a notification needs to be sent
- removal of readers are not notified to the user, we assume that PC/SC
sends the correct card removal event
- The list of readers to be monitored is adjusted once a reader (dis)appears
- On macOS, without PnP notification, we always check for new/removed
readers with SCardListReaders
- fixes interrupt handling in opensc-notify on Unix
fixes https://github.com/OpenSC/OpenSC/issues/1874
* replace magic magic number used as potentially too small buffer size
by SC_MAX_EXT_APDU_RESP_SIZE
* start error message with upper-case letter
* return 0 on success
* bug fix: pass correct buffer length to sc_update_record()
* bug fix: report correct number of bytes written
* bug fix: check for offs to be small enough
* replace magic magic number used as potentially too small buffer size
by SC_MAX_EXT_APDU_DATA_SIZE
* remove print() statement that looks suspiciously like a leftover from debugging
* start error messages with upper-case letters
* use sc_strerror(r) instead of plain numeric r in error messages
* fix spaces before opening curly braces
* replace magic magic number used as potentially too small buffer size
by SC_MAX_EXT_APDU_DATA_SIZE
* remove print() statement that looks suspiciously like a leftover from debugging
* start error messages with upper-case letters
* use sc_strerror(r) instead of plain numeric r in error message
* fix spaces before opening curly braces
* replace magic magic number used as potentially too small buffer size
by SC_MAX_EXT_APDU_RESP_SIZE
* replace magic number for filename by SC_MAX_PATH_STRING_SIZE
* start error messages with upper-case letters
* use braces after sizeof, i.e. sizeof(X) instead of sizeof X
* fix indentation
* determine DO ID/tag the same way as do_find_tags()
* start error message with upper-case letter
* use sc_strerror(r) instead of plain numeric r in error message
* adapt size of buffer to SC_MAX_EXT_APDU_DATA_SIZE
* determine DO ID/tag the same way as do_find_tags()
* replace magic magic number used as potentially too small buffer size
by SC_MAX_EXT_APDU_RESP_SIZE
* change buffer type from unsigned char to u8 for consistency with
do_put_data() & do_find_tags()
* give ID/tag of DO in error message
* open target file in binary mode
* set default values for variables at declaration time
* replace magic number used as potentially too small buffer size
by SC_MAX_EXT_APDU_RESP_SIZE
* use braces after sizeof, i.e. sizeof(X) instead of sizeof X
* set default values for variables at declaration time
* use sizeof(fid) instead of magic number
* use braces after sizeof, i.e. sizeof(X) instead of sizeof X
* start error message with upper-case letter
* rename from read_and_util_print_binary_file(); adapt callers
* use large enough buffer size SC_MAX_EXT_APDU_RESP_SIZE
instead of potentially too small magic number
* fix spaces before opening curly braces
* avoid special casing SC_CARD_TYPE_BELPIC_EID: a successful read
of an empty file is still a success, even if nothing can get printed
* do not fail on SC_FILE_TYPE_UNKNOWN: be more flexible w.r.t accepting
unknown file types when the preceding card operations succeeded
* fix spaces before opening curly braces