forked from pool/opensc
Accepting request 923351 from home:danidoni:branches:security:chipcard
- Update to OpenSC 0.22.0:
* Removed changes in opensc-gcc11.patch already present in upstream.
- See e549e9c62e
* Removed some false positives from the openrc-rpmlintrc file.
* Use standard paths for file cache on Linux (#2148) and OSX (#2214)
* Various issues of memory/buffer handling in legacy drivers mostly reported by oss-fuzz and coverity (tcos, oberthur, isoapplet, iasecc, westcos, gpk, flex, dnie, mcrd, authentic, belpic)
* Add threading test to `pkcs11-tool` (#2067)
* Add support to generate generic secret keys (#2140)
* `opensc-explorer`: Print information about LCS (Life cycle status byte) (#2195)
* Add support for Apple's arm64 (M1) binaries, removed TokenD. A seperate installer with TokenD (and without arm64 binaries) will be available (#2179).
* Support for gcc11 and its new strict aliasing rules (#2241, #2260)
* Initial support for building with OpenSSL 3.0 (#2343)
* pkcs15-tool: Write data objects in binary mode (#2324)
* Avoid limited size of log messages (#2352)
* Support for ECDSA verification (#2211)
* Support for ECDSA with different SHA hashes (#2190)
* Prevent issues in p11-kit by not returning unexpected return codes (#2207)
* Add support for PKCS#11 3.0: The new interfaces, profile objects and functions (#2096, #2293)
* Standardize the version 2 on 2.20 in the code (#2096)
* Fix CKA_MODIFIABLE and CKA_EXTRACTABLE (#2176)
* Copy arguments of C_Initialize (#2350)
* Fix RSA-PSS signing (#2234)
* Fix DO deletion (#2215)
* Add support for (X)EdDSA keys (#1960)
* Add support for applet version 3 and fix RSA-PSS mechanisms (#2205)
* Add support for applet version 4 (#2332)
* New configuration option for opensc.conf to disable pkcs1_padding (#2193)
* Add support for ECDSA with different hashes (#2190)
* Enable more mechanisms (#2178)
* Fixed asking for a user pin when formatting a card (#1737)
* Added support for French CPx Healthcare cards (#2217)
* Added ATR for new CardOS 5.4 version (#2296)
OBS-URL: https://build.opensuse.org/request/show/923351
OBS-URL: https://build.opensuse.org/package/show/security:chipcard/opensc?expand=0&rev=67
This commit is contained in:
parent
6f06492cfe
commit
7615a78b4c
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:2bfbbb1dcb4b8d8d75685a3e95c30798fb6411d4efab3690fd89d2cb25f3325e
|
|
||||||
size 2210878
|
|
3
opensc-0.22.0.tar.gz
Normal file
3
opensc-0.22.0.tar.gz
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:8d4e5347195ebea332be585df61dcc470331c26969e4b0447c851fb0844c7186
|
||||||
|
size 2287020
|
@ -29,333 +29,3 @@ Date: Tue Feb 23 19:57:02 2021 +0100
|
|||||||
|
|
||||||
https://bugzilla.redhat.com/show_bug.cgi?id=1930652
|
https://bugzilla.redhat.com/show_bug.cgi?id=1930652
|
||||||
|
|
||||||
diff --git a/src/pkcs11/framework-pkcs15.c b/src/pkcs11/framework-pkcs15.c
|
|
||||||
index 18803b83..c65ec3ed 100644
|
|
||||||
--- a/src/pkcs11/framework-pkcs15.c
|
|
||||||
+++ b/src/pkcs11/framework-pkcs15.c
|
|
||||||
@@ -670,6 +670,7 @@ __pkcs15_create_cert_object(struct pkcs15_fw_data *fw_data, struct sc_pkcs15_obj
|
|
||||||
{
|
|
||||||
struct sc_pkcs15_cert_info *p15_info = NULL;
|
|
||||||
struct sc_pkcs15_cert *p15_cert = NULL;
|
|
||||||
+ struct pkcs15_any_object *any_object = NULL;
|
|
||||||
struct pkcs15_cert_object *object = NULL;
|
|
||||||
struct pkcs15_pubkey_object *obj2 = NULL;
|
|
||||||
int rv;
|
|
||||||
@@ -686,8 +687,9 @@ __pkcs15_create_cert_object(struct pkcs15_fw_data *fw_data, struct sc_pkcs15_obj
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Certificate object */
|
|
||||||
- rv = __pkcs15_create_object(fw_data, (struct pkcs15_any_object **) &object,
|
|
||||||
+ rv = __pkcs15_create_object(fw_data, &any_object,
|
|
||||||
cert, &pkcs15_cert_ops, sizeof(struct pkcs15_cert_object));
|
|
||||||
+ object = (struct pkcs15_cert_object *) any_object;
|
|
||||||
if (rv < 0) {
|
|
||||||
if (p15_cert != NULL)
|
|
||||||
sc_pkcs15_free_certificate(p15_cert);
|
|
||||||
@@ -720,7 +722,7 @@ __pkcs15_create_cert_object(struct pkcs15_fw_data *fw_data, struct sc_pkcs15_obj
|
|
||||||
pkcs15_cert_extract_label(object);
|
|
||||||
|
|
||||||
if (cert_object != NULL)
|
|
||||||
- *cert_object = (struct pkcs15_any_object *) object;
|
|
||||||
+ *cert_object = any_object;
|
|
||||||
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
@@ -730,6 +732,7 @@ static int
|
|
||||||
__pkcs15_create_pubkey_object(struct pkcs15_fw_data *fw_data,
|
|
||||||
struct sc_pkcs15_object *pubkey, struct pkcs15_any_object **pubkey_object)
|
|
||||||
{
|
|
||||||
+ struct pkcs15_any_object *any_object = NULL;
|
|
||||||
struct pkcs15_pubkey_object *object = NULL;
|
|
||||||
struct sc_pkcs15_pubkey *p15_key = NULL;
|
|
||||||
int rv;
|
|
||||||
@@ -758,8 +761,9 @@ __pkcs15_create_pubkey_object(struct pkcs15_fw_data *fw_data,
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Public key object */
|
|
||||||
- rv = __pkcs15_create_object(fw_data, (struct pkcs15_any_object **) &object,
|
|
||||||
+ rv = __pkcs15_create_object(fw_data, &any_object,
|
|
||||||
pubkey, &pkcs15_pubkey_ops, sizeof(struct pkcs15_pubkey_object));
|
|
||||||
+ object = (struct pkcs15_pubkey_object *) any_object;
|
|
||||||
if (rv >= 0) {
|
|
||||||
object->pub_info = (struct sc_pkcs15_pubkey_info *) pubkey->data;
|
|
||||||
object->pub_data = p15_key;
|
|
||||||
@@ -773,7 +777,7 @@ __pkcs15_create_pubkey_object(struct pkcs15_fw_data *fw_data,
|
|
||||||
object->pub_data->alg_id->params = &((object->pub_data->u).gostr3410.params);
|
|
||||||
}
|
|
||||||
if (pubkey_object != NULL)
|
|
||||||
- *pubkey_object = (struct pkcs15_any_object *) object;
|
|
||||||
+ *pubkey_object = any_object;
|
|
||||||
|
|
||||||
return rv;
|
|
||||||
}
|
|
||||||
@@ -783,16 +787,18 @@ static int
|
|
||||||
__pkcs15_create_prkey_object(struct pkcs15_fw_data *fw_data,
|
|
||||||
struct sc_pkcs15_object *prkey, struct pkcs15_any_object **prkey_object)
|
|
||||||
{
|
|
||||||
+ struct pkcs15_any_object *any_object = NULL;
|
|
||||||
struct pkcs15_prkey_object *object = NULL;
|
|
||||||
int rv;
|
|
||||||
|
|
||||||
- rv = __pkcs15_create_object(fw_data, (struct pkcs15_any_object **) &object,
|
|
||||||
+ rv = __pkcs15_create_object(fw_data, &any_object,
|
|
||||||
prkey, &pkcs15_prkey_ops, sizeof(struct pkcs15_prkey_object));
|
|
||||||
+ object = (struct pkcs15_prkey_object *) any_object;
|
|
||||||
if (rv >= 0)
|
|
||||||
object->prv_info = (struct sc_pkcs15_prkey_info *) prkey->data;
|
|
||||||
|
|
||||||
if (prkey_object != NULL)
|
|
||||||
- *prkey_object = (struct pkcs15_any_object *) object;
|
|
||||||
+ *prkey_object = any_object;
|
|
||||||
|
|
||||||
return rv;
|
|
||||||
}
|
|
||||||
@@ -802,18 +808,20 @@ static int
|
|
||||||
__pkcs15_create_data_object(struct pkcs15_fw_data *fw_data,
|
|
||||||
struct sc_pkcs15_object *object, struct pkcs15_any_object **data_object)
|
|
||||||
{
|
|
||||||
+ struct pkcs15_any_object *any_object = NULL;
|
|
||||||
struct pkcs15_data_object *dobj = NULL;
|
|
||||||
int rv;
|
|
||||||
|
|
||||||
- rv = __pkcs15_create_object(fw_data, (struct pkcs15_any_object **) &dobj,
|
|
||||||
+ rv = __pkcs15_create_object(fw_data, &any_object,
|
|
||||||
object, &pkcs15_dobj_ops, sizeof(struct pkcs15_data_object));
|
|
||||||
+ dobj = (struct pkcs15_data_object *) any_object;
|
|
||||||
if (rv >= 0) {
|
|
||||||
dobj->info = (struct sc_pkcs15_data_info *) object->data;
|
|
||||||
dobj->value = NULL;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (data_object != NULL)
|
|
||||||
- *data_object = (struct pkcs15_any_object *) dobj;
|
|
||||||
+ *data_object = any_object;
|
|
||||||
|
|
||||||
return rv;
|
|
||||||
}
|
|
||||||
@@ -853,16 +861,18 @@ static int
|
|
||||||
__pkcs15_create_secret_key_object(struct pkcs15_fw_data *fw_data,
|
|
||||||
struct sc_pkcs15_object *object, struct pkcs15_any_object **skey_object)
|
|
||||||
{
|
|
||||||
+ struct pkcs15_any_object *any_object = NULL;
|
|
||||||
struct pkcs15_skey_object *skey = NULL;
|
|
||||||
int rv;
|
|
||||||
|
|
||||||
- rv = __pkcs15_create_object(fw_data, (struct pkcs15_any_object **) &skey,
|
|
||||||
+ rv = __pkcs15_create_object(fw_data, &any_object,
|
|
||||||
object, &pkcs15_skey_ops, sizeof(struct pkcs15_skey_object));
|
|
||||||
+ skey = (struct pkcs15_skey_object *) any_object;
|
|
||||||
if (rv >= 0)
|
|
||||||
skey->info = (struct sc_pkcs15_skey_info *) object->data;
|
|
||||||
|
|
||||||
if (skey_object != NULL)
|
|
||||||
- *skey_object = (struct pkcs15_any_object *) skey;
|
|
||||||
+ *skey_object = any_object;
|
|
||||||
|
|
||||||
return rv;
|
|
||||||
}
|
|
||||||
diff --git a/src/libopensc/pkcs15-westcos.c b/src/libopensc/pkcs15-westcos.c
|
|
||||||
index 885abd37..9277061b 100644
|
|
||||||
--- a/src/libopensc/pkcs15-westcos.c
|
|
||||||
+++ b/src/libopensc/pkcs15-westcos.c
|
|
||||||
@@ -124,18 +124,17 @@ static int sc_pkcs15emu_westcos_init(sc_pkcs15_card_t * p15card)
|
|
||||||
struct sc_pkcs15_pubkey_info pubkey_info;
|
|
||||||
struct sc_pkcs15_object pubkey_obj;
|
|
||||||
struct sc_pkcs15_pubkey *pkey = NULL;
|
|
||||||
+ sc_pkcs15_cert_t *cert = NULL;
|
|
||||||
+
|
|
||||||
memset(&cert_info, 0, sizeof(cert_info));
|
|
||||||
memset(&cert_obj, 0, sizeof(cert_obj));
|
|
||||||
cert_info.id.len = 1;
|
|
||||||
cert_info.id.value[0] = 0x45;
|
|
||||||
cert_info.authority = 0;
|
|
||||||
cert_info.path = path;
|
|
||||||
- r = sc_pkcs15_read_certificate(p15card, &cert_info,
|
|
||||||
- (sc_pkcs15_cert_t
|
|
||||||
- **) (&cert_obj.data));
|
|
||||||
+ r = sc_pkcs15_read_certificate(p15card, &cert_info, &cert);
|
|
||||||
+ cert_obj.data = (void *) cert;
|
|
||||||
if (!r) {
|
|
||||||
- sc_pkcs15_cert_t *cert =
|
|
||||||
- (sc_pkcs15_cert_t *) (cert_obj.data);
|
|
||||||
strlcpy(cert_obj.label, "User certificate",
|
|
||||||
sizeof(cert_obj.label));
|
|
||||||
cert_obj.flags = SC_PKCS15_CO_FLAG_MODIFIABLE;
|
|
||||||
diff --git a/src/pkcs11/framework-pkcs15.c b/src/pkcs11/framework-pkcs15.c
|
|
||||||
index c65ec3ed..a5e6ff1f 100644
|
|
||||||
--- a/src/pkcs11/framework-pkcs15.c
|
|
||||||
+++ b/src/pkcs11/framework-pkcs15.c
|
|
||||||
@@ -673,6 +673,7 @@ __pkcs15_create_cert_object(struct pkcs15_fw_data *fw_data, struct sc_pkcs15_obj
|
|
||||||
struct pkcs15_any_object *any_object = NULL;
|
|
||||||
struct pkcs15_cert_object *object = NULL;
|
|
||||||
struct pkcs15_pubkey_object *obj2 = NULL;
|
|
||||||
+ struct pkcs15_any_object *any_object2 = NULL;
|
|
||||||
int rv;
|
|
||||||
|
|
||||||
p15_info = (struct sc_pkcs15_cert_info *) cert->data;
|
|
||||||
@@ -700,10 +701,11 @@ __pkcs15_create_cert_object(struct pkcs15_fw_data *fw_data, struct sc_pkcs15_obj
|
|
||||||
object->cert_data = p15_cert;
|
|
||||||
|
|
||||||
/* Corresponding public key */
|
|
||||||
- rv = public_key_created(fw_data, &p15_info->id, (struct pkcs15_any_object **) &obj2);
|
|
||||||
+ rv = public_key_created(fw_data, &p15_info->id, &any_object2);
|
|
||||||
if (rv != SC_SUCCESS)
|
|
||||||
- rv = __pkcs15_create_object(fw_data, (struct pkcs15_any_object **) &obj2,
|
|
||||||
+ rv = __pkcs15_create_object(fw_data, &any_object2,
|
|
||||||
NULL, &pkcs15_pubkey_ops, sizeof(struct pkcs15_pubkey_object));
|
|
||||||
+ obj2 = (struct pkcs15_pubkey_object *) any_object2;
|
|
||||||
if (rv < 0)
|
|
||||||
return rv;
|
|
||||||
|
|
||||||
@@ -2975,14 +2977,17 @@ set_gost3410_params(struct sc_pkcs15init_prkeyargs *prkey_args,
|
|
||||||
const CK_BYTE * gost_params_encoded_oid_from_template;
|
|
||||||
const CK_BYTE * gost_hash_params_encoded_oid_from_template;
|
|
||||||
size_t len, param_index, hash_index;
|
|
||||||
+ void *ptr = NULL;
|
|
||||||
CK_RV rv;
|
|
||||||
|
|
||||||
/* If template has CKA_GOSTR3410_PARAMS attribute, set param_index to
|
|
||||||
* corresponding item's index in gostr3410_param_oid[] */
|
|
||||||
- if (pPrivTpl && ulPrivCnt)
|
|
||||||
- rv = attr_find_ptr2(pPubTpl, ulPubCnt, pPrivTpl, ulPrivCnt, CKA_GOSTR3410_PARAMS, (void **)&gost_params_encoded_oid_from_template, &len);
|
|
||||||
- else
|
|
||||||
- rv = attr_find_ptr(pPubTpl, ulPubCnt, CKA_GOSTR3410_PARAMS, (void **)&gost_params_encoded_oid_from_template, &len);
|
|
||||||
+ if (pPrivTpl && ulPrivCnt) {
|
|
||||||
+ rv = attr_find_ptr2(pPubTpl, ulPubCnt, pPrivTpl, ulPrivCnt, CKA_GOSTR3410_PARAMS, &ptr, &len);
|
|
||||||
+ } else {
|
|
||||||
+ rv = attr_find_ptr(pPubTpl, ulPubCnt, CKA_GOSTR3410_PARAMS, &ptr, &len);
|
|
||||||
+ }
|
|
||||||
+ gost_params_encoded_oid_from_template = (const CK_BYTE *) ptr;
|
|
||||||
|
|
||||||
if (rv == CKR_OK) {
|
|
||||||
size_t nn = sizeof(gostr3410_param_oid)/sizeof(gostr3410_param_oid[0]);
|
|
||||||
@@ -3005,10 +3010,12 @@ set_gost3410_params(struct sc_pkcs15init_prkeyargs *prkey_args,
|
|
||||||
|
|
||||||
/* If template has CKA_GOSTR3411_PARAMS attribute, set hash_index to
|
|
||||||
* corresponding item's index in gostr3410_hash_param_oid[] */
|
|
||||||
- if (pPrivTpl && ulPrivCnt)
|
|
||||||
- rv = attr_find_ptr2(pPubTpl, ulPubCnt, pPrivTpl, ulPrivCnt, CKA_GOSTR3411_PARAMS, (void **)&gost_hash_params_encoded_oid_from_template, &len);
|
|
||||||
- else
|
|
||||||
- rv = attr_find_ptr(pPubTpl, ulPubCnt, CKA_GOSTR3411_PARAMS, (void **)&gost_hash_params_encoded_oid_from_template, &len);
|
|
||||||
+ if (pPrivTpl && ulPrivCnt) {
|
|
||||||
+ rv = attr_find_ptr2(pPubTpl, ulPubCnt, pPrivTpl, ulPrivCnt, CKA_GOSTR3411_PARAMS, &ptr, &len);
|
|
||||||
+ } else {
|
|
||||||
+ rv = attr_find_ptr(pPubTpl, ulPubCnt, CKA_GOSTR3411_PARAMS, &ptr, &len);
|
|
||||||
+ }
|
|
||||||
+ gost_hash_params_encoded_oid_from_template = ptr;
|
|
||||||
|
|
||||||
if (rv == CKR_OK) {
|
|
||||||
size_t nn = sizeof(gostr3410_hash_param_oid)/sizeof(gostr3410_hash_param_oid[0]);
|
|
||||||
@@ -3155,9 +3162,11 @@ pkcs15_gen_keypair(struct sc_pkcs11_slot *slot, CK_MECHANISM_PTR pMechanism,
|
|
||||||
}
|
|
||||||
else if (keytype == CKK_EC) {
|
|
||||||
struct sc_lv_data *der = &keygen_args.prkey_args.key.u.ec.params.der;
|
|
||||||
+ void *ptr = NULL;
|
|
||||||
|
|
||||||
der->len = sizeof(struct sc_object_id);
|
|
||||||
- rv = attr_find_and_allocate_ptr(pPubTpl, ulPubCnt, CKA_EC_PARAMS, (void **)&der->value, &der->len);
|
|
||||||
+ rv = attr_find_and_allocate_ptr(pPubTpl, ulPubCnt, CKA_EC_PARAMS, &ptr, &der->len);
|
|
||||||
+ der->value = (unsigned char *) ptr;
|
|
||||||
if (rv != CKR_OK) {
|
|
||||||
sc_unlock(p11card->card);
|
|
||||||
return sc_to_cryptoki_error(rc, "C_GenerateKeyPair");
|
|
||||||
diff --git a/src/pkcs11/pkcs11-object.c b/src/pkcs11/pkcs11-object.c
|
|
||||||
index 8fb3e5af..a6c91ce1 100644
|
|
||||||
--- a/src/pkcs11/pkcs11-object.c
|
|
||||||
+++ b/src/pkcs11/pkcs11-object.c
|
|
||||||
@@ -347,6 +347,7 @@ C_FindObjectsInit(CK_SESSION_HANDLE hSession, /* the session's handle */
|
|
||||||
struct sc_pkcs11_object *object;
|
|
||||||
struct sc_pkcs11_find_operation *operation;
|
|
||||||
struct sc_pkcs11_slot *slot;
|
|
||||||
+ struct sc_pkcs11_operation *op = NULL;
|
|
||||||
|
|
||||||
if (pTemplate == NULL_PTR && ulCount > 0)
|
|
||||||
return CKR_ARGUMENTS_BAD;
|
|
||||||
@@ -363,7 +364,8 @@ C_FindObjectsInit(CK_SESSION_HANDLE hSession, /* the session's handle */
|
|
||||||
dump_template(SC_LOG_DEBUG_NORMAL, "C_FindObjectsInit()", pTemplate, ulCount);
|
|
||||||
|
|
||||||
rv = session_start_operation(session, SC_PKCS11_OPERATION_FIND,
|
|
||||||
- &find_mechanism, (struct sc_pkcs11_operation **)&operation);
|
|
||||||
+ &find_mechanism, &op);
|
|
||||||
+ operation = (struct sc_pkcs11_find_operation *) op;
|
|
||||||
if (rv != CKR_OK)
|
|
||||||
goto out;
|
|
||||||
|
|
||||||
diff --git a/src/pkcs11/pkcs11-object.c b/src/pkcs11/pkcs11-object.c
|
|
||||||
index a6c91ce1..603a6713 100644
|
|
||||||
--- a/src/pkcs11/pkcs11-object.c
|
|
||||||
+++ b/src/pkcs11/pkcs11-object.c
|
|
||||||
@@ -453,6 +453,7 @@ C_FindObjects(CK_SESSION_HANDLE hSession, /* the session's handle */
|
|
||||||
CK_ULONG to_return;
|
|
||||||
struct sc_pkcs11_session *session;
|
|
||||||
struct sc_pkcs11_find_operation *operation;
|
|
||||||
+ struct sc_pkcs11_operation *op = NULL;
|
|
||||||
|
|
||||||
if (phObject == NULL_PTR || ulMaxObjectCount == 0 || pulObjectCount == NULL_PTR)
|
|
||||||
return CKR_ARGUMENTS_BAD;
|
|
||||||
@@ -465,7 +466,8 @@ C_FindObjects(CK_SESSION_HANDLE hSession, /* the session's handle */
|
|
||||||
if (rv != CKR_OK)
|
|
||||||
goto out;
|
|
||||||
|
|
||||||
- rv = session_get_operation(session, SC_PKCS11_OPERATION_FIND, (sc_pkcs11_operation_t **) & operation);
|
|
||||||
+ rv = session_get_operation(session, SC_PKCS11_OPERATION_FIND, &op);
|
|
||||||
+ operation = (struct sc_pkcs11_find_operation *) op;
|
|
||||||
if (rv != CKR_OK)
|
|
||||||
goto out;
|
|
||||||
|
|
||||||
diff --git a/src/tools/pkcs11-register.c b/src/tools/pkcs11-register.c
|
|
||||||
index 007ff1ae..873ebcba 100644
|
|
||||||
--- a/src/tools/pkcs11-register.c
|
|
||||||
+++ b/src/tools/pkcs11-register.c
|
|
||||||
@@ -123,13 +123,15 @@ add_module_pkcs11_txt(const char *profile_dir,
|
|
||||||
char pkcs11_txt_path[PATH_MAX];
|
|
||||||
char *pkcs11_txt = NULL;
|
|
||||||
size_t pkcs11_txt_len = 0;
|
|
||||||
+ unsigned char *txt = NULL;
|
|
||||||
+
|
|
||||||
if (!profile_dir
|
|
||||||
|| snprintf(pkcs11_txt_path, sizeof pkcs11_txt_path,
|
|
||||||
"%s%c%s", profile_dir, path_sep, "pkcs11.txt") < 0
|
|
||||||
- || !fread_to_eof(pkcs11_txt_path,
|
|
||||||
- (unsigned char **) &pkcs11_txt, &pkcs11_txt_len)) {
|
|
||||||
+ || !fread_to_eof(pkcs11_txt_path, &txt, &pkcs11_txt_len)) {
|
|
||||||
goto err;
|
|
||||||
}
|
|
||||||
+ pkcs11_txt = (char *)txt;
|
|
||||||
char *p = realloc(pkcs11_txt, pkcs11_txt_len+1);
|
|
||||||
if (!p)
|
|
||||||
goto err;
|
|
||||||
diff --git a/src/tools/pkcs11-tool.c b/src/tools/pkcs11-tool.c
|
|
||||||
index a4d9c94b..35b96792 100644
|
|
||||||
--- a/src/tools/pkcs11-tool.c
|
|
||||||
+++ b/src/tools/pkcs11-tool.c
|
|
||||||
@@ -6303,11 +6303,12 @@ static CK_SESSION_HANDLE test_kpgen_certwrite(CK_SLOT_ID slot, CK_SESSION_HANDLE
|
|
||||||
return session;
|
|
||||||
}
|
|
||||||
|
|
||||||
- tmp = getID(session, priv_key, (CK_ULONG *) &opt_object_id_len);
|
|
||||||
- if (opt_object_id_len == 0) {
|
|
||||||
+ tmp = getID(session, priv_key, &i);
|
|
||||||
+ if (i == 0) {
|
|
||||||
fprintf(stderr, "ERR: newly generated private key has no (or an empty) CKA_ID\n");
|
|
||||||
return session;
|
|
||||||
}
|
|
||||||
+ opt_object_id_len = (size_t) i;
|
|
||||||
memcpy(opt_object_id, tmp, opt_object_id_len);
|
|
||||||
|
|
||||||
/* This is done in NSS */
|
|
||||||
@@ -6485,11 +6486,12 @@ static void test_ec(CK_SLOT_ID slot, CK_SESSION_HANDLE session)
|
|
||||||
if (!gen_keypair(slot, session, &pub_key, &priv_key, opt_key_type))
|
|
||||||
return;
|
|
||||||
|
|
||||||
- tmp = getID(session, priv_key, (CK_ULONG *) &opt_object_id_len);
|
|
||||||
- if (opt_object_id_len == 0) {
|
|
||||||
+ tmp = getID(session, priv_key, &i);
|
|
||||||
+ if (i == 0) {
|
|
||||||
printf("ERR: newly generated private key has no (or an empty) CKA_ID\n");
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
+ i = (size_t) opt_object_id_len;
|
|
||||||
memcpy(opt_object_id, tmp, opt_object_id_len);
|
|
||||||
|
|
||||||
/* This is done in NSS */
|
|
||||||
|
@ -1,5 +1,3 @@
|
|||||||
# Private library don't need to be in a separate package.
|
|
||||||
addFilter("shlib-policy-missing-suffix")
|
|
||||||
# There is no devel package any more.
|
# There is no devel package any more.
|
||||||
addFilter("obsolete-not-provided")
|
addFilter("obsolete-not-provided")
|
||||||
addFilter("devel-file-in-non-devel-package")
|
addFilter("devel-file-in-non-devel-package")
|
||||||
|
@ -1,3 +1,39 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Mon Oct 4 12:59:24 UTC 2021 - Daniel Donisa <daniel.donisa@suse.com>
|
||||||
|
|
||||||
|
- Update to OpenSC 0.22.0:
|
||||||
|
* Removed changes in opensc-gcc11.patch already present in upstream.
|
||||||
|
- See https://github.com/OpenSC/OpenSC/pull/2241/commits/e549e9c62eb4fcd2260800e2665071e4dd9bbbda
|
||||||
|
* Removed some false positives from the openrc-rpmlintrc file.
|
||||||
|
* Use standard paths for file cache on Linux (#2148) and OSX (#2214)
|
||||||
|
* Various issues of memory/buffer handling in legacy drivers mostly reported by oss-fuzz and coverity (tcos, oberthur, isoapplet, iasecc, westcos, gpk, flex, dnie, mcrd, authentic, belpic)
|
||||||
|
* Add threading test to `pkcs11-tool` (#2067)
|
||||||
|
* Add support to generate generic secret keys (#2140)
|
||||||
|
* `opensc-explorer`: Print information about LCS (Life cycle status byte) (#2195)
|
||||||
|
* Add support for Apple's arm64 (M1) binaries, removed TokenD. A seperate installer with TokenD (and without arm64 binaries) will be available (#2179).
|
||||||
|
* Support for gcc11 and its new strict aliasing rules (#2241, #2260)
|
||||||
|
* Initial support for building with OpenSSL 3.0 (#2343)
|
||||||
|
* pkcs15-tool: Write data objects in binary mode (#2324)
|
||||||
|
* Avoid limited size of log messages (#2352)
|
||||||
|
* Support for ECDSA verification (#2211)
|
||||||
|
* Support for ECDSA with different SHA hashes (#2190)
|
||||||
|
* Prevent issues in p11-kit by not returning unexpected return codes (#2207)
|
||||||
|
* Add support for PKCS#11 3.0: The new interfaces, profile objects and functions (#2096, #2293)
|
||||||
|
* Standardize the version 2 on 2.20 in the code (#2096)
|
||||||
|
* Fix CKA_MODIFIABLE and CKA_EXTRACTABLE (#2176)
|
||||||
|
* Copy arguments of C_Initialize (#2350)
|
||||||
|
* Fix RSA-PSS signing (#2234)
|
||||||
|
* Fix DO deletion (#2215)
|
||||||
|
* Add support for (X)EdDSA keys (#1960)
|
||||||
|
* Add support for applet version 3 and fix RSA-PSS mechanisms (#2205)
|
||||||
|
* Add support for applet version 4 (#2332)
|
||||||
|
* New configuration option for opensc.conf to disable pkcs1_padding (#2193)
|
||||||
|
* Add support for ECDSA with different hashes (#2190)
|
||||||
|
* Enable more mechanisms (#2178)
|
||||||
|
* Fixed asking for a user pin when formatting a card (#1737)
|
||||||
|
* Added support for French CPx Healthcare cards (#2217)
|
||||||
|
* Added ATR for new CardOS 5.4 version (#2296)
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Sun Jun 27 16:48:49 UTC 2021 - Predrag Ivanović <predivan@mts.rs>
|
Sun Jun 27 16:48:49 UTC 2021 - Predrag Ivanović <predivan@mts.rs>
|
||||||
|
|
||||||
|
@ -18,7 +18,7 @@
|
|||||||
|
|
||||||
%define completionsdir %(pkg-config --variable completionsdir bash-completion)
|
%define completionsdir %(pkg-config --variable completionsdir bash-completion)
|
||||||
Name: opensc
|
Name: opensc
|
||||||
Version: 0.21.0
|
Version: 0.22.0
|
||||||
Release: 0
|
Release: 0
|
||||||
Summary: Smart Card Utilities
|
Summary: Smart Card Utilities
|
||||||
License: LGPL-2.1-or-later
|
License: LGPL-2.1-or-later
|
||||||
|
Loading…
Reference in New Issue
Block a user