3331a7f134Fix MF selection APDU to use 0x0c in P2 (no data). The previous value of 0x00 is invalid according to IAS-ECC and resulted in 6A 86 on the Oberthur cards that we tested with.
Zoltan Kelemen
2020-07-01 09:59:32 +0200
471468260eImproved PIN unblock function: - Uses PIN padding from merged policy - Added PIN-pad support - Use ISO 7816 layer to avoid code duplication
Zoltan Kelemen
2020-07-01 09:53:18 +0200
79e81eeef0Improved PIN change function: - Uses PIN padding from merged policy - Improved PIN-pad logic and merged here from separate function
Zoltan Kelemen
2020-07-01 09:31:01 +0200
5ae488c1b9Improved PIN verification function: - Uses PIN padding from merged policy - Moved PIN-pad logic into this function instead of keeping separate
Zoltan Kelemen
2020-07-01 09:09:10 +0200
d0b3e90431Simlified low-level CHV verification function: - Removed special PIN-pad case, moving logic into high-level function. - Use ISO 7816 layer to avoid code duplication.
Zoltan Kelemen
2020-07-01 08:54:51 +0200
8c2d629f94Functions used to control PIN padding and PIN pad use: - Use PIN padding information when provided by upper layers - Enable PIN padding at card level when min/max len set to same, nonzero value - Allow PIN-pad use to be dynamically selected for each PIN
Zoltan Kelemen
2020-07-01 08:38:54 +0200
ca911e342cImproved PIN info retrieval, now returning verification status, and attempts left even when previously not available (due to card not providing it in the SDO).
Zoltan Kelemen
2020-07-01 08:16:27 +0200
19063932f0Simplified PIN policy retrieval to only read the data that is actually needed, excluding the CRT info from the SE-SDO, which is not guaranteed to be available in all card types.
Zoltan Kelemen
2020-07-01 08:02:53 +0200
741ee73ec9Add generic function for PIN status retrieval, for subsequent use (among others intended to replace iasecc_pin_is_verified).
Zoltan Kelemen
2020-07-01 07:18:10 +0200
7ed876c816Added ATR mask for Idemia (Oberthur) IAS-ECC card to recognize Cosmo V8 cards.
Zoltan Kelemen
2020-06-29 18:51:47 +0200
eb3e00a385Corrected highly misleading, confusing and ambiguous use of PIN length_offset field. Now only the PIN offset fields are used. Also added error checking for invalid values.
Zoltan Kelemen
2020-07-04 09:43:38 +0200
80853bda31Only enable static frame size for PIN padding when padding length is below maximum limits. Otherwise resort to adaptive support.
Zoltan Kelemen
2020-07-03 12:08:31 +0200
afffeccc29Fixed problems with PIN min/max length handling: - The wrong PIN was selected from the sc_pin_cmd_data structure. - When the PIN max value was zero from the caller (meaning unknown max), the reader max value was not used.
Zoltan Kelemen
2020-07-03 09:23:54 +0200
1dc359cb61Fix for issue #1999: - Reset context to undefined handle value on error since call may alter output parameter. - Continue to assume -1 as undefined handle value in all PCSC implementations, to keep this fix as small and surgical as possible.
Zoltan Kelemen
2020-07-12 22:07:13 +0200
b16a5cbee0pkcs15: Free app info when allocating new and in cleanup
Jakub Jelen
2020-06-30 11:39:17 +0200
c82aa92687pkcs15: Clean memory on alocation failure
Jakub Jelen
2020-06-30 11:38:38 +0200
2d6de2510cpkcs15: Drop bogus checks
Jakub Jelen
2020-06-30 11:16:59 +0200
4c473fba29authentic: Clean private data on error
Jakub Jelen
2020-06-29 21:29:16 +0200
05dcde508bauthentic: Use memmove as the memory can overlap (if path is > 2B)
Jakub Jelen
2020-06-29 19:16:57 +0200
5098cfdb40authentic: Do not leak memory on fail path
Jakub Jelen
2020-06-29 18:53:16 +0200
7cf8087351asepcos: Avoid heap-buffer-overflow
Jakub Jelen
2020-06-22 11:22:46 +0200
c4d7bb1a7bDo not crash on if private certificate is ignored (#2057)
Jakub Jelen
2020-06-22 10:57:00 +0200
43379b3b22coolkey: Rewrite coolkey_rsa_op() for better readability
Jakub Jelen
2020-06-15 14:27:33 +0200
0cda376dbapkcs15-pubkey: Make sc_pkcs15_pubkey_from_spki_fields more robust against errors
Jakub Jelen
2020-06-15 12:27:42 +0200
e759b17b66pkcs15-pubkey: Avoid memory leaks when spki parsing fails
Jakub Jelen
2020-06-10 15:15:17 +0200
56f4c6c34apiv: Free pubkey on error
Jakub Jelen
2020-06-10 13:54:13 +0200
3696331d5cRemove more needless checks for NULL before free
Jakub Jelen
2020-06-10 12:35:19 +0200
fea08d749dcoolkey: Avoid memory leak
Jakub Jelen
2020-06-10 12:22:36 +0200
Add CII Best practices badge
Jakub Jelen
2020-07-07 12:37:58 +0200
0defebfe05doc: Recommend pin caching in combination with pin_cache_ignore_user_consent configuration option
Jakub Jelen
2020-06-09 14:00:34 +0200
97ec23a2d9pkcs11: Propagate ignore_user_consent
Jakub Jelen
2020-05-27 14:47:01 +0200
7a29e6c047Move to macOS Utilities folder
Raul Metsma
2020-06-16 11:14:31 +0300
c458d81723SECURITY.md: Introduce security reporting process
Jakub Jelen
2020-06-11 14:58:13 +0200
929717b505Make PUK reference available to card driver from PKCS #15 layer for PIN unblock operations. This helps some of the card drivers which otherwise would have a hard time locating the PUK for a PIN.
Zoltan Kelemen
2020-07-02 10:26:13 +0200