* Ensure CKA_ALWAYS_SENSITIVE and CKA_NEVER_EXTRACTABLE are only set when
generating the key on board, not reason to set them when importing a private
key.
add the possibility to store public ECC keys encoded according to SPKI
EC pubkey storing: Check if params are available before copying.
pkcs15-lib.c / sc_pkcs15init_store_public_key may be called with keyargs->key.u.ec.params.value == NULL. In this case, allocating and copying the parameters will fail. Add a check to prevent this.
If a certificate is deleted after the related private key, then the driver
picks the wrong certificate EF, leading to an CKR_GENERAL_ERROR or the wrong
certificate being deleted.
Private key import is not supported by the SmartCard-HSM. However there is no error code
if it is still tried using pkcs15-init or from within Firefox.
card-asepcos: removed dead code
card-authentic: removed dead code
card-belpic: removed dead code
card-epass2003: removed dead code
card-flex: removed dead code
card-gpk: removed dead code
card-oberthur: removed dead code
card-piv: removed dead code
card-setcos: removed dead code
ctbcs: removed dead code
cwa14890: removed dead code
muscle: removed dead code
pkcs15-atrust-acos: removed dead code
pkcs15-gemsafeV1: removed dead code
pkcs15-skey: removed dead code
reader-ctapi: removed dead code
framework-pkcs15: removed dead code
pkcs11-object: removed dead code
pkcs15-asepcos: removed dead code
pkcs15-cardos: removed dead code
pkcs15-jcop: removed dead code
pkcs15-lib: removed dead code
pkcs15-oberthur: removed dead code
parse: removed dead code
sclex: removed dead code
sm-card-authentic: removed dead code
sm-card-iasecc: removed dead code
sm-cwa14890: removed dead code
sm-global-platform: removed dead code
sc-test: removed dead code
pkcs11-tool: removed dead code
pkcs15-tool: removed dead code
pkcs15: in pubkey-info data
* introduced new 'direct' 'raw' and 'spki' members
* removed 'encoded der data' member
* in 'read-public-key' try firstly SPKI direct value
pkcs11:
'direct' data used when getting CKA_VALUE attribute of public key
pkcs15init:
* initialize 'raw' and 'spki' direct public key value
existing 'guid' obejct's data replaced by the one in private-key info
New CMAP record data used by pkcs15init emulator for the cards that have
the MD specific on-card data
The name implies what the format of the returned value, a SPKI.
The support for spki as a pkcs15 format of a pubkey, is extended to
work for any algorithm not just EC pubkeys. PKCS#15 appears to allow this.
sc_pkcs15_decode_pubkey_with_param will look for a SPKI
and attempt to use it for any algorithm, including RSA.
(RSA is the null case, as there are no algorithm parameters.)
sc_pkcs15_encode_pubkey_as_spki is exported from libopensc.
pkcs15-piv.c will use sc_pkcs15_encode_pubkey_as_spki to load public keys
as SPKI for RSA and EC.
The pubkey->data is never a SPKI, it is the DER encoding of the
pubkey without the parameters. If an spki is needed, use the
sc_pkcs15_encode_pubkey_as_spki to get the DER encoding of the spki.
As in the previous set of patches, pkcs15-tool.c will output both
sc_pkcs15_decode_pubkey_with_param and its internal.
This was left for testing, and the pubkey_pem_encode should be deleted
The original ECC code in OpenSC stored the ecpointQ as a DER encoded OCTET STRING.
Shortly before 0.13.0, code changes where made to store the ecpointQ as raw data
without the DER encoding.
Only some of the code was changed to support this but not all, and the comments
that said the ecpointQ was in DER where not changed either.
Some card drivers continued to work, using the original code in all place,
while some cards failed, as they where using a mixture of original code and
0.13.0 code.
This commit fixes these problems.
The ecpointQ is stored in raw format
A new structure type sc_pkcs15_u8 is defined.
The ecpointQ are changed to use the struct sc_pkcs15_u8. This was done to avoid
the confusion of using struct sc_pkcs15_der to hold non-DER encoded data.
(There may be other uses for this too...)
Comments are change is many places.
sc_pkcs15_decode_pubkey_ec was fixed to store the raw ecpointQ correctly.
sc_pkcs15_pubkey_from_spki was change to get the sc_ec_params from the alg_id
and fix up u.ec.params. Unfortunately the OpenSC code has two places EC parameters
are stored. They can get out of sync, or there may still be code
that looks in the wrng oplace. o(TODO get it to only only place.)
The u.ec.params.field_length is now set in a number of places, as this is need
in many of the PKCS#11 routines.
framework-pkcs15.c will now correctly return the DER encode ecpointQ,
for the CKA_EC_POINT attribute using pubkey->data which has the DER encoding
for the ecpointQ.
framework-pkcs15.c will look for the EC parameters in either the u.ec.params.der,
or in the alg_id->params. (TODO get it to only only place.)
pkcs15-myeid.c has some comments, as it looks like the code is storing a TLV
rather then a DER encoding of the ecpointQ. With the wrong encoding PKCS#11 will
return the wrong attribute for CKA_ECDSA_PARAMS.
pkcs15-piv.c is changed so emulation of a pubkey taken from a certificate will
work correctly.
Cards formatted with one-pin profile can not be used (for modification
of the data on the card with pkcs15-init -X for example) after this
commit, which prevent the reading of 5015/4946 (containing the
profile).
The part of the code was simply commented out without comment.
Maybe it was used for testing purposes, and not removed for
the commit ?
When creating new DATA object, keep it's value in 'data' member of
'sc-pkcs15-data-info' data.
Used by pkcs15init emulation layer to store DATA value into a proprietary placement.
Initiated by discussion in https://github.com/OpenSC/OpenSC/pull/134 .
SC_ERROR_MEMORY_FAILURE has to be used as a resulting code of the card related operations,
and not as result of the memory allocation problems.
New 'warning' category of SC_ERRORs introduced -- SC_WARNING_xx .
Error text and SC_ERROR associated with return codes 6300 and 6200 has been changed.
To hold the raw certificate blob in 'sc_pkcs15_cert' data use the 'sc_pkcs15_der' data type.
also:
; in 'pkcs15-cert.c' use short call of the debug messages;
; in 'destroy-object' pkcs15 framework handler take into account the multi-application cards:
-- when binding card use the application info;
-- when finalizing profile use the application ID.
Fix autoreconf warnings:
$ autoreconf -vis -Wall
[...]
src/common/Makefile.am:12: warning: 'INCLUDES' is the old name for 'AM_CPPFLAGS' (or '*_CPPFLAGS')
src/libopensc/Makefile.am:19: warning: 'INCLUDES' is the old name for 'AM_CPPFLAGS' (or '*_CPPFLAGS')
src/minidriver/Makefile.am:15: warning: 'INCLUDES' is the old name for 'AM_CPPFLAGS' (or '*_CPPFLAGS')
src/pkcs11/Makefile.am:10: warning: 'INCLUDES' is the old name for 'AM_CPPFLAGS' (or '*_CPPFLAGS')
src/pkcs15init/Makefile.am:36: warning: 'INCLUDES' is the old name for 'AM_CPPFLAGS' (or '*_CPPFLAGS')
src/scconf/Makefile.am:12: warning: 'INCLUDES' is the old name for 'AM_CPPFLAGS' (or '*_CPPFLAGS')
src/sm/Makefile.am:8: warning: 'INCLUDES' is the old name for 'AM_CPPFLAGS' (or '*_CPPFLAGS')
src/tests/Makefile.am:9: warning: 'INCLUDES' is the old name for 'AM_CPPFLAGS' (or '*_CPPFLAGS')
src/tools/Makefile.am:15: warning: 'INCLUDES' is the old name for 'AM_CPPFLAGS' (or '*_CPPFLAGS')
select_object_path: Fixed misplaced return and wrong return code. This bug is the cause why a profile
must include a template even for fully emulated cards.
sc_pkcs15init_store_certificate: Added a call to the emulation layer when the private key
description requires an update after storing a certificate. Should not break existing code.
sc_pkcs15init_delete_object: Now calling the emulation layer before the frameworks tries to delete
files itself. An emulation that deletes object explicitly and leaves the deletion of some objects
to the framework will now need to completely handle deleting objects (by calling the methods of the
framework).
sc_pkcs15init_update_certificate: Missing call to the emulation layer added.
According to ch.4.2 of MyEID reference manual v1.7.6 the only possible value of P2 of 'SELECT' APDU is '00'.
For this reason, when caller do not request to return 'sc_file' data,
use the non-null dummy 'sc_file' pointer in the call of iso->select_file,
and thus avoid the P2 different from '00'.
Also log calls are replaced by its short forms,
and resolved the 'trailing spaces' issues.
The card contains only 1 certificate, which can be used for encrypting.
But this certificate is bound with authentication key, so when decrypting,
the authentication key will be presented to check.
This commit allows to bypass the check in driver. However, it is not enough.
The users have to import the same key to "Encryption key" to help the card find
right key to work.
OpenPGP: Add log and comments.
OpenPGP: Pretend to select dummy files.
Some files are needed by pkcs15init, but not exist in OpenPGP card.
We pretend to know these dummy files to make pkcs15init successful.
Compilation error on windows:
when declaring array use explicit size, add pkcs15-openpgp.obj in Makefile.mak
OpenPGP-pkcs15int: Add more debug log.
OpenPGP-pkcs15init: Add more checks in key generation.
Check for key ID. Set default key.
Check for result of key generation from driver.
Example command:
pkcs15-init --delete-objects privkey,pubkey --id 3 --store-private-key quan-key.pem --auth-id 3 --verify-pin --extractable --id 3
pkcs15init-OpenPGP: Some parts in openpgp.profile are not used.
We need this function to use OpenPGP's specific action flow instead pkcs15init's default.
This will help to avoid redundant steps which may make the overall process fail.
Application path can contain non-zero length path value and AID.
In this case select AID as DF_NAME only if length of path value is zero.
Segfault: dereferencing NULL pointer, thanks to Magosányi Árpád
- Create/delete the PKCS#15 'DATA' objects destinated to supply support of minidriver. For a while only 'Gemalto' style of such support is implemented.
- Declare epass2003 pkcs15init operations.
- include into OpenSC configuration the SM related sections
call sc_profile_finish() with application info data as an argument;
in delete-by-path procedure, when getting authorization to delete file, make distinction between 'DELETE' and 'DELETE-SELF';
call card specific 'store' handler updating PrKDF and PubKDF files;
deduce the private key pkcs#15 attributes (like subject) from the friend certificate;
ignore SM authentication type when getting authorisation for operation;
copy GUID from the object create data to the pkcs#15 object attributes.
The on-card support of minidriver could need some MD specific pkcs#15 (DATA) objects.
There is no standard for these objects.
New option will allow to choose one of the possible implementations.
Add new argument 'application-info',
that will allow to select the on-card application to by binded with.
pkcs11: use sc_pkcs15init_bind with 'AID' argument
Prototype of sc_pkcs15init_bind() has been changed to add argument with
AID of the on-card application to be binded with.
* Print out warning when mlock fails, and continue.
* The warning required a ctx to be passed in, so that means
changing a few function signatures.
https://www.opensc-project.org/opensc/ticket/389
can be loaded at ADMINISTRATION life cycle phase to change
the behavior of the VERIFY command in regard to return codes.
When that package is loaded, the return code of the VERIFY
will be ISO7816-4 compliant (63Cx with x being the value of
the remaining retry counter when required verification has failed).
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5565 c6295689-39f2-0310-b995-f0e70906c6a9
can be loaded at ADMINISTRATION life cycle phase to change
the behavior of the VERIFY command in regard to return codes.
When that package is loaded, the PIN can be created with this
"verifyRC" flag in cardos.profile if the return code must be
ISO7816-4 compliant (63Cx with x being the value of the remaining
retry counter when required verification has failed).
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5558 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-wrap.c can be removed. Clarified/changed the meaning of "insecure" flag to pkcs15-init tool,
which will be needed to explicitly enforce the creation of a key which does not require a PIN.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5510 c6295689-39f2-0310-b995-f0e70906c6a9
Obertbur's card do not returns FCP for selected application DF.
Newly introduced option will supply the missing ACL when creating new objects or files.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5395 c6295689-39f2-0310-b995-f0e70906c6a9
EC parameters can be presented in a three forms: namedCurve, OID and implicit data.
This new data type will facilitate manipulation of ec-parameters in the OpenSC tools and library.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5386 c6295689-39f2-0310-b995-f0e70906c6a9
There is no need to carry around that attribute, because it's easy to look up the 'file' as needed. This is done by issuing a single sc_select_file command in sc_pkcs15init_update_any_df (pkcs15-lib.c).
The parameter 'file' of sc_pkcs15_add_df (pkcs15.c) became useless too and was removed in turn.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5316 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-lib.c: In function 'prkey_fixup_rsa':
pkcs15-lib.c:1936: warning: declaration of 'ctx' shadows a previous local
pkcs15-lib.c:1911: warning: shadowed declaration is here
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5253 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-lib.c: In function 'sc_pkcs15init_store_private_key':
pkcs15-lib.c:1339: warning: declaration of ‘ctx’ shadows a previous local
pkcs15-lib.c:1278: warning: shadowed declaration is here
The ctx variable was already declared with the correct value.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5252 c6295689-39f2-0310-b995-f0e70906c6a9
profile.c: In function 'sc_profile_get_pin_id_by_reference':
profile.c:785: warning: declaration of ‘pin_info’ shadows a global declaration
profile.c:217: warning: shadowed declaration is here
Avoid using a typedef with a "common" name
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5250 c6295689-39f2-0310-b995-f0e70906c6a9
* shift libpkcs11 from src/pkcs11 to src/common as it is not used to implement the OpenSC PKCS#11 module
* invent a "libscdl" mini library that implements either libltdl based dynamic loading or uses native interfaces
* drop hard requirement for libltl to build OpenSC
* native Windows build does not need libltdl any more
* specify CNGSDK include dir to find cardmod.h. CNGSDK only registers with a handful of compilers
Deals with #323
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5201 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-oberthur-awp.c:143:3: warning: Value stored to 'desc' is never read
desc = "Oberthur AWP container list";
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
pkcs15-oberthur-awp.c:138:3: warning: Value stored to 'desc' is never read
desc = "Oberthur AWP private object list";
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
pkcs15-oberthur-awp.c:133:3: warning: Value stored to 'desc' is never read
desc = "Oberthur AWP public object list";
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
pkcs15-oberthur-awp.c:128:3: warning: Value stored to 'desc' is never read
desc = "Oberthur AWP token info";
^ ~~~~~~~~~~~~~~~~~~~~~~~~~
pkcs15-oberthur-awp.c:122:3: warning: Value stored to 'desc' is never read
desc = "Oberthur AWP private data object info";
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
pkcs15-oberthur-awp.c:117:3: warning: Value stored to 'desc' is never read
desc = "Oberthur AWP data object info";
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
pkcs15-oberthur-awp.c:112:3: warning: Value stored to 'desc' is never read
desc = "Oberthur AWP public key info";
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
pkcs15-oberthur-awp.c:106:3: warning: Value stored to 'desc' is never read
desc = "Oberthur AWP private key info";
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
pkcs15-oberthur-awp.c💯3: warning: Value stored to 'desc' is never read
desc = "Oberthur AWP certificate info";
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
pkcs15-oberthur-awp.c:338:2: warning: Value stored to 'rec_offs' is never read
rec_offs = 0;
^ ~
pkcs15-oberthur-awp.c:1369:2: warning: Value stored to 'offs' is never read
offs += len;
^ ~~~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5150 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-oberthur.c:457:4: warning: Value stored to 'type' is never read
type = SC_PKCS15INIT_USER_PIN;
^ ~~~~~~~~~~~~~~~~~~~~~~
pkcs15-oberthur.c:452:4: warning: Value stored to 'type' is never read
type = SC_PKCS15INIT_USER_PUK;
^ ~~~~~~~~~~~~~~~~~~~~~~
pkcs15-oberthur.c:445:4: warning: Value stored to 'type' is never read
type = SC_PKCS15INIT_SO_PIN;
^ ~~~~~~~~~~~~~~~~~~~~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5149 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-myeid.c:251:4: warning: Value stored to 'type' is never read
type = SC_PKCS15INIT_USER_PIN;
^ ~~~~~~~~~~~~~~~~~~~~~~
pkcs15-myeid.c:244:4: warning: Value stored to 'type' is never read
type = SC_PKCS15INIT_SO_PIN;
^ ~~~~~~~~~~~~~~~~~~~~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5148 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-muscle.c:101:3: warning: Value stored to 'type' is never read
type = SC_PKCS15INIT_USER_PIN;
^ ~~~~~~~~~~~~~~~~~~~~~~
pkcs15-muscle.c:99:3: warning: Value stored to 'type' is never read
type = SC_PKCS15INIT_SO_PIN;
^ ~~~~~~~~~~~~~~~~~~~~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5147 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-incrypto34.c:133:7: warning: Although the value stored to 'r' is used in
the enclosing expression, the value is never actually read from 'r'
...r = sc_pkcs15init_authenticate(profile, p15card, file, SC_AC_OP_DELETE)...
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5146 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-starcos.c:158:3: warning: Value stored to 'p' is never read
*p++ = ipf_file->size & 0xff;
^~~
pkcs15-starcos.c:128:3: warning: Value stored to 'p' is never read
*p++ = 0x00; /* SM ISF: no */
^~~
pkcs15-starcos.c:239:3: warning: Value stored to 'p' is never read
*p++ = ipf_file->size & 0xff;
^~~
pkcs15-starcos.c:206:3: warning: Value stored to 'p' is never read
*p++ = 0x00; /* SM ISF: no */
^~~
pkcs15-starcos.c:636:4: warning: Value stored to 'p' is never read
*p++ = 0x00;
^~~
pkcs15-starcos.c:613:4: warning: Value stored to 'p' is never read
*p++ = (u8) kinfo->key_reference; /* CHA byte */
^~~
pkcs15-starcos.c:699:3: warning: Value stored to 'p' is never read
*p++ = (u8) kinfo->key_reference; /* CHA */
^~~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5145 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-jcop.c:118:17: warning: Value stored to 'type' is never read
type = SC_PKCS15INIT_USER_PIN;
^ ~~~~~~~~~~~~~~~~~~~~~~
pkcs15-jcop.c:112:17: warning: Value stored to 'type' is never read
type = SC_PKCS15INIT_SO_PIN;
^ ~~~~~~~~~~~~~~~~~~~~
pkcs15-jcop.c:171:9: warning: Value stored to 'pub_len' is never read
pub_len = 2 + mod_len + exp_len;
^ ~~~~~~~~~~~~~~~~~~~~~
pkcs15-jcop.c:284:6: warning: Value stored to 'bytes' is never read
bytes = mod_len / 2;
^ ~~~~~~~~~~~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5144 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-gpk.c:213:3: warning: Value stored to 'type' is never read
type = SC_PKCS15INIT_USER_PIN;
^ ~~~~~~~~~~~~~~~~~~~~~~
pkcs15-gpk.c:207:3: warning: Value stored to 'type' is never read
type = SC_PKCS15INIT_SO_PIN;
^ ~~~~~~~~~~~~~~~~~~~~
pkcs15-gpk.c:853:3: warning: Value stored to 'pe' is never read
pe++;
^~~~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5142 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-lib.c:727:4: warning: Value stored to 'pin_type' is never read
pin_type = SC_PKCS15INIT_USER_PIN;
^ ~~~~~~~~~~~~~~~~~~~~~~
pkcs15-lib.c:1011:3: warning: Value stored to 'pin_type' is never read
pin_type = SC_PKCS15INIT_SO_PIN;
^ ~~~~~~~~~~~~~~~~~~~~
pkcs15-lib.c:1009:3: warning: Value stored to 'pin_type' is never read
pin_type = SC_PKCS15INIT_USER_PUK;
^ ~~~~~~~~~~~~~~~~~~~~~~
pkcs15-lib.c:1505:2: warning: Value stored to 'usage' is never read
usage = SC_PKCS15_PRKEY_USAGE_SIGN;
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~
pkcs15-lib.c:1507:3: warning: Value stored to 'usage' is never read
usage = sc_pkcs15init_map_usage(args->x509_usage, 0);
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
pkcs15-lib.c:2560:3: warning: Value stored to 'file' is never read
file = df->file;
^ ~~~~~~~~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5141 c6295689-39f2-0310-b995-f0e70906c6a9
The initializations are already done a few lines below
pkcs15-lib.c:1938:11: warning: Value stored to 'ctx' during its initialization
is never read
BN_CTX *ctx = BN_CTX_new();
^ ~~~~~~~~~~~~
pkcs15-lib.c:1937:11: warning: Value stored to 'aux' during its initialization
is never read
BIGNUM *aux = BN_new();
^ ~~~~~~~~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5140 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-authentic.c:97:1: warning: no previous prototype for function
'authentic_reference_to_pkcs15_id' [-Wmissing-prototypes]
authentic_reference_to_pkcs15_id (unsigned int ref, struct sc_pkcs15_id *id)
^
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5130 c6295689-39f2-0310-b995-f0e70906c6a9
to take into account the non-zero 'aid' member in the 'path' parameter
or in the path of the file's instance
also take into account the non-zero 'aid' when getting 'file-id'
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5099 c6295689-39f2-0310-b995-f0e70906c6a9
to get profile instance of the parent of some file presented by it's profile name.
;accept hexadecimal values presented in 'xAB' form;
;coding style issues;
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5098 c6295689-39f2-0310-b995-f0e70906c6a9
'profile-extention' profile parameter used to load from the separate file
the AID dependent profile part.
'exclusive-aid' profile parameter used to introduce the AID for the DF
that do not have file-id and that can be selected only by 'DF-NAME' selection.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5097 c6295689-39f2-0310-b995-f0e70906c6a9
Each application of the multi-application PKCS#15 card has it's own associated pkcs15init profile file.
Profile of the multi-application card contains an association between the ID of the on-card application
and associated profile name.
When sc_profile_finish() is called
- sc_card is connected,
- information on the preset on-card applications is available;
- AID of the applicaition to be binded is known.
thus allowing to sc_profile_finish() to load the final part of the profile.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5096 c6295689-39f2-0310-b995-f0e70906c6a9
the first usage is to update the public key PKCS#15 object attributes
and to encode it's direct value.
(support of the Oberthur's AuthentIC V3.2 card)
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5001 c6295689-39f2-0310-b995-f0e70906c6a9
From http://en.wikipedia.org/wiki/Malloc#Casting_and_type_safety
" Casting and type safety
malloc returns a void pointer (void *), which indicates that it is a
pointer to a region of unknown data type. One may "cast" (see type
conversion) this pointer to a specific type, as in
int *ptr = (int*)malloc(10 * sizeof (int));
When using C, this is considered bad practice; it is redundant under the
C standard. Moreover, putting in a cast may mask failure to include the
header stdlib.h, in which the prototype for malloc is found. In the
absence of a prototype for malloc, the C compiler will assume that
malloc returns an int, and will issue a warning in a context such as the
above, provided the error is not masked by a cast. On certain
architectures and data models (such as LP64 on 64 bit systems, where
long and pointers are 64 bit and int is 32 bit), this error can actually
result in undefined behavior, as the implicitly declared malloc returns
a 32 bit value whereas the actually defined function returns a 64 bit
value. Depending on calling conventions and memory layout, this may
result in stack smashing.
The returned pointer need not be explicitly cast to a more specific
pointer type, since ANSI C defines an implicit conversion between the
void pointer type and other pointers to objects. An explicit cast of
malloc's return value is sometimes performed because malloc originally
returned a char *, but this cast is unnecessary in standard C
code.[4][5] Omitting the cast, however, creates an incompatibility with
C++, which does require it.
The lack of a specific pointer type returned from malloc is type-unsafe
behaviour: malloc allocates based on byte count but not on type. This
distinguishes it from the C++ new operator that returns a pointer whose
type relies on the operand. (see C Type Safety). "
See also
http://www.opensc-project.org/pipermail/opensc-devel/2010-August/014586.html
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4636 c6295689-39f2-0310-b995-f0e70906c6a9
Noted by Ludovic.
In sc_pkcs15init_update_file() procedure the file selection errors other then SC_ERROR_FILE_NOT_FOUND were not treated.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4271 c6295689-39f2-0310-b995-f0e70906c6a9
Some cards do not include security attributes into the FCI returned by 'SELECT' command.
For such cards, when updating certificate, to authenticate 'UPDATE' operation use the
'sc_file' with default ACLs instantiated from the card profile.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4265 c6295689-39f2-0310-b995-f0e70906c6a9
Frank Morgner
Thomas Calderon
Nguyễn Hồng Quân
Andreas Schwier
Philip Wendland
Henryk Plötz
Viktor Tarasov
Doug Engert
Jean-Pierre Szikora
Ondrej Mikle
Toni Sjöblom
riham
Ludovic Rousseau
Nguyễn Hồng Quân
Stef Walter
Robbert Müller
jps
vtarasov
martin
ludovic.rousseau
andre
viktor.tarasov
s