Menu
▾
▴
[Opensc-commits] [OpenSC/OpenSC] 5f51d5: Added implementation of C_UnwrapKey all the way fr...
|
From: GitHub <no...@gi...> - 2018-11-06 09:52:52
|
Branch: refs/heads/master Home: https://github.com/OpenSC/OpenSC Commit: 5f51d5d315aa7a30bc670190d99e30a0a7fb53a1 https://github.com/OpenSC/OpenSC/commit/5f51d5d315aa7a30bc670190d99e30a0a7fb53a1 Author: Hannu Honkanen <han...@av...> Date: 2018-10-31 (Wed, 31 Oct 2018) Changed paths: M src/libopensc/card-myeid.c M src/libopensc/iso7816.c M src/libopensc/libopensc.exports M src/libopensc/opensc.h M src/libopensc/pkcs15-sec.c M src/libopensc/pkcs15.h M src/libopensc/sec.c M src/pkcs11/framework-pkcs15.c M src/pkcs11/mechanism.c M src/pkcs11/openssl.c M src/pkcs11/pkcs11-object.c M src/pkcs11/sc-pkcs11.h M src/pkcs15init/pkcs15-init.h M src/pkcs15init/pkcs15-lib.c Log Message: ----------- Added implementation of C_UnwrapKey all the way from PKCS#11 interface to the card driver level. Not yet complete, but can be run with CKA_TOKEN=FALSE set in the target object. Currently unwrapping emulated with a decrypt operation in card-myeid.c. To be improved. Commit: a10480d50ed32ddda73089e7fb5e865efd441c82 https://github.com/OpenSC/OpenSC/commit/a10480d50ed32ddda73089e7fb5e865efd441c82 Author: Hannu Honkanen <han...@av...> Date: 2018-10-31 (Wed, 31 Oct 2018) Changed paths: M src/libopensc/card-myeid.c M src/libopensc/opensc.h M src/libopensc/pkcs15-sec.c M src/pkcs11/framework-pkcs15.c M src/pkcs15init/pkcs15-lib.c Log Message: ----------- Continued implementation of unwrap: Creation of a target key object on card to receive an unwrapped key. Setting target key path in sc_security_env_t. Commit: 9772edc7d1b11cd4b13eae36ccb7731b83f067a2 https://github.com/OpenSC/OpenSC/commit/9772edc7d1b11cd4b13eae36ccb7731b83f067a2 Author: Hannu Honkanen <han...@av...> Date: 2018-10-31 (Wed, 31 Oct 2018) Changed paths: M src/tools/pkcs15-init.c Log Message: ----------- Handle -u option (x509-usage) when storing secret keys. Commit: 7fc6c52f81ddff4e0903d8b7d59b2c76c676a5ff https://github.com/OpenSC/OpenSC/commit/7fc6c52f81ddff4e0903d8b7d59b2c76c676a5ff Author: Hannu Honkanen <han...@av...> Date: 2018-10-31 (Wed, 31 Oct 2018) Changed paths: M src/libopensc/pkcs15-skey.c Log Message: ----------- Set native=1 as default when decoding. Check supported algorithms and set PKCS#11 key type, if key supports AES. Commit: 1c09fa8a22d918dc2a0505d0b1eb62b6e079c0b8 https://github.com/OpenSC/OpenSC/commit/1c09fa8a22d918dc2a0505d0b1eb62b6e079c0b8 Author: Hannu Honkanen <han...@av...> Date: 2018-10-31 (Wed, 31 Oct 2018) Changed paths: M src/libopensc/padding.c Log Message: ----------- Handle AES algorithm. Doesn't set any flags, but check for AES is needed to avoid SC_ERROR_NOT_SUPPORTED. Commit: 9d6ac01c274d8242d4308e144c11549848e73425 https://github.com/OpenSC/OpenSC/commit/9d6ac01c274d8242d4308e144c11549848e73425 Author: Hannu Honkanen <han...@av...> Date: 2018-10-31 (Wed, 31 Oct 2018) Changed paths: M src/pkcs15init/pkcs15-myeid.c Log Message: ----------- pkcs15init: Handle user_consent and set new proprietary information flags in myeid_create_key(). Commit: edd48b32006bc3a8f716a693025e579a55ac5f27 https://github.com/OpenSC/OpenSC/commit/edd48b32006bc3a8f716a693025e579a55ac5f27 Author: Hannu Honkanen <han...@av...> Date: 2018-10-31 (Wed, 31 Oct 2018) Changed paths: M src/pkcs15init/pkcs15-init.h M src/pkcs15init/pkcs15-lib.c Log Message: ----------- pkcs15init: - Added session_object flag to sc_pkcs15init_skeyargs to enable on-card session objects. - Corrections to handling native and extractable flags - Allow creating an empty secret key EF for receiving an unwrapped key later. Commit: c217b254fc4a12383afeacaa81161f40dee4daeb https://github.com/OpenSC/OpenSC/commit/c217b254fc4a12383afeacaa81161f40dee4daeb Author: Hannu Honkanen <han...@av...> Date: 2018-10-31 (Wed, 31 Oct 2018) Changed paths: M src/libopensc/card-myeid.c Log Message: ----------- MyEID: Initial implementation of key wrapping and unwrapping operations, and the related additions to myeid_set_security_env. Commit: a9ee85452ef140c206d7428e5260060321440367 https://github.com/OpenSC/OpenSC/commit/a9ee85452ef140c206d7428e5260060321440367 Author: Hannu Honkanen <han...@av...> Date: 2018-10-31 (Wed, 31 Oct 2018) Changed paths: M src/libopensc/pkcs15-sec.c Log Message: ----------- Resolved a merge conflict. Included both changes manually. Commit: aa814fd8e80d57951ae91871e70822e4fe1e27cf https://github.com/OpenSC/OpenSC/commit/aa814fd8e80d57951ae91871e70822e4fe1e27cf Author: Hannu Honkanen <han...@av...> Date: 2018-10-31 (Wed, 31 Oct 2018) Changed paths: M src/libopensc/card.c M src/libopensc/cardctl.h M src/libopensc/libopensc.exports M src/libopensc/opensc.h M src/libopensc/pkcs15.h M src/libopensc/sec.c M src/pkcs11/framework-pkcs15.c M src/pkcs11/mechanism.c M src/pkcs11/pkcs11-object.c M src/pkcs11/sc-pkcs11.h Log Message: ----------- Implemented C_Wrap into PKCS#11 interface. Added support for wrapping and unwrapping with secret keys into framework-pkcs15.c and all the way to the card driver level. Commit: ae5675ca221427b42f5853d954d331e3d6a32ca7 https://github.com/OpenSC/OpenSC/commit/ae5675ca221427b42f5853d954d331e3d6a32ca7 Author: Hannu Honkanen <han...@av...> Date: 2018-10-31 (Wed, 31 Oct 2018) Changed paths: M src/libopensc/card-myeid.c Log Message: ----------- Fixed MSE for unwrap operation. Fixed wrong P1 when formatting APDU in myeid_unwrap_key. Commit: a2156da04443d8b66889b67fc262799a1863de1d https://github.com/OpenSC/OpenSC/commit/a2156da04443d8b66889b67fc262799a1863de1d Author: Hannu Honkanen <han...@av...> Date: 2018-10-31 (Wed, 31 Oct 2018) Changed paths: M src/libopensc/pkcs15.c Log Message: ----------- Fix encoding of SC_ASN1_CHOICE entry "parameters" in c_asn1_algorithm_info. Format only the selected entry of the choice. Commit: 7454133272645a3593921b0d66d1bc3f5e2e0b34 https://github.com/OpenSC/OpenSC/commit/7454133272645a3593921b0d66d1bc3f5e2e0b34 Author: Hannu Honkanen <han...@av...> Date: 2018-10-31 (Wed, 31 Oct 2018) Changed paths: M src/libopensc/opensc.h Log Message: ----------- Added flags to distinguish AES ECB and CBC modes. Added SC_ALGORIHM_UNDEFINED definition to be used with CKK_GENERIC_SECRET type keys. Added sc_sec_env_param type, which can be used to define additional parameters when settings security environment. This is now used for setting IV in symmetric crypto and target EF in key wrapping/unwrapping. Commit: 2487bc18d18040b62e08de2862fe231f4bbdf30c https://github.com/OpenSC/OpenSC/commit/2487bc18d18040b62e08de2862fe231f4bbdf30c Author: Hannu Honkanen <han...@av...> Date: 2018-10-31 (Wed, 31 Oct 2018) Changed paths: M src/pkcs15init/pkcs15-lib.c M src/pkcs15init/pkcs15-myeid.c Log Message: ----------- When creating symmetric keys, use CKK_ definitions (key type) rather than CKM_ definitions (mechanism) to specify the key type. Commit: 550d4eb030dade20e6cffaa35787862152e00c30 https://github.com/OpenSC/OpenSC/commit/550d4eb030dade20e6cffaa35787862152e00c30 Author: Hannu Honkanen <han...@av...> Date: 2018-10-31 (Wed, 31 Oct 2018) Changed paths: M src/libopensc/card-myeid.c M src/libopensc/padding.c M src/libopensc/pkcs15-sec.c M src/libopensc/pkcs15.h M src/pkcs11/framework-pkcs15.c Log Message: ----------- Small fixes to key wrapping and unwrapping. Handle target file ref using sc_sec_env_param type. Transmit initialization vector in symmetric key operations from PKCS#11 layer (mechanism param) to the card driver level, allow setting it in sc_set_security_env. Commit: 6b8c284d3e4d8f82fb44390cd5c777f76e7d6e90 https://github.com/OpenSC/OpenSC/commit/6b8c284d3e4d8f82fb44390cd5c777f76e7d6e90 Author: Lars Silvén <la...@pr...> Date: 2018-10-31 (Wed, 31 Oct 2018) Changed paths: M src/libopensc/pkcs15-sec.c M src/libopensc/pkcs15.h Log Message: ----------- Fixing pointer conversion that is invalid on some architectures. Commit: c891ad2aad28f4b225859f4529e1f3e4b026def7 https://github.com/OpenSC/OpenSC/commit/c891ad2aad28f4b225859f4529e1f3e4b026def7 Author: Hannu Honkanen <han...@av...> Date: 2018-10-31 (Wed, 31 Oct 2018) Changed paths: M src/libopensc/card-myeid.c Log Message: ----------- Fixed version check for key wrapping functionality. Return needed buffer size in myeid_wrap_key, if no buffer or too small buffer is provided. Commit: f74150b53d4a9954d01058e0cd02c0eae49231fb https://github.com/OpenSC/OpenSC/commit/f74150b53d4a9954d01058e0cd02c0eae49231fb Author: Hannu Honkanen <han...@av...> Date: 2018-10-31 (Wed, 31 Oct 2018) Changed paths: M src/pkcs15init/pkcs15-myeid.c Log Message: ----------- Proprietary attribute bits in FCP had to be adjusted due to conflicts with existing attributes. The needed changes were made to both card and OpenSC code. Commit: eba75ead207b9c5866bb476061dd7ab395dab736 https://github.com/OpenSC/OpenSC/commit/eba75ead207b9c5866bb476061dd7ab395dab736 Author: Hannu Honkanen <han...@av...> Date: 2018-10-31 (Wed, 31 Oct 2018) Changed paths: M src/libopensc/pkcs15-sec.c M src/pkcs11/framework-pkcs15.c Log Message: ----------- framework-pkcs15: set CKA_EXTRACTABLE into pkcs#15 secret key object's access flags when set. pkcs15-sec: Return needed buffer size correctly when an insufficient buffer is provided. Commit: 4ce7e5289b47166ab92dd50e00765250d3a0abd9 https://github.com/OpenSC/OpenSC/commit/4ce7e5289b47166ab92dd50e00765250d3a0abd9 Author: Hannu Honkanen <han...@av...> Date: 2018-10-31 (Wed, 31 Oct 2018) Changed paths: M src/pkcs15init/pkcs15-lib.c Log Message: ----------- Fixed setting secret key length. CKA_VALUE_LEN comes as number of bytes, so multiply it by 8 to set correct bit length to the key file. Commit: 861d8b308b4fece4c4af7a2bf1f5f939da703256 https://github.com/OpenSC/OpenSC/commit/861d8b308b4fece4c4af7a2bf1f5f939da703256 Author: Hannu Honkanen <han...@av...> Date: 2018-10-31 (Wed, 31 Oct 2018) Changed paths: M src/libopensc/card-myeid.c Log Message: ----------- Fixed myeid_unwrap with symmetric keys: set correct p2 and no padding indicator byte. Commit: 287a63c7045b544b1a678b585788d20b24d161c6 https://github.com/OpenSC/OpenSC/commit/287a63c7045b544b1a678b585788d20b24d161c6 Author: Hannu Honkanen <han...@av...> Date: 2018-10-31 (Wed, 31 Oct 2018) Changed paths: M src/libopensc/card-myeid.c M src/libopensc/pkcs15-sec.c M src/pkcs11/framework-pkcs15.c Log Message: ----------- Fixes to key wrapping and unwrapping code: Set IV correctly in symmetric unwrap. Correctly distinguish symmetric and asymmetric operation when building APDUs. Check CKA_TOKEN from the pkcs15 object in framework_pkcs15. Updated some comments. Commit: f2c041d29024c727b37b13a3c2311fec15937322 https://github.com/OpenSC/OpenSC/commit/f2c041d29024c727b37b13a3c2311fec15937322 Author: Hannu Honkanen <han...@av...> Date: 2018-10-31 (Wed, 31 Oct 2018) Changed paths: M src/libopensc/card-myeid.c M src/pkcs11/mechanism.c Log Message: ----------- card-myeid: Removed NULL out buffer assertion to allow caller to query required buffer size. mechanism.c: Bug fix to sc_pkcs11_wrap. Wrong operation was stopped in end of the function. Commit: e636b6437708d7bbabff7fd195476fa1809a96c1 https://github.com/OpenSC/OpenSC/commit/e636b6437708d7bbabff7fd195476fa1809a96c1 Author: Hannu Honkanen <han...@av...> Date: 2018-10-31 (Wed, 31 Oct 2018) Changed paths: M src/libopensc/pkcs15-sec.c Log Message: ----------- Fixed: Return OK by PKCS#11 convention if NULL out buffer is provided, when caller wants to query required buffer size. Commit: ec297b618ffd59a4e24e4a43a8b029415fdd232e https://github.com/OpenSC/OpenSC/commit/ec297b618ffd59a4e24e4a43a8b029415fdd232e Author: Hannu Honkanen <han...@av...> Date: 2018-10-31 (Wed, 31 Oct 2018) Changed paths: M src/libopensc/pkcs15-sec.c Log Message: ----------- sc_pkcs15_wrap: Fixed checking target key type. (checked partly from wrapping key) Commit: 8ebb43d440858237d5f69c2d174d97b9009ce214 https://github.com/OpenSC/OpenSC/commit/8ebb43d440858237d5f69c2d174d97b9009ce214 Author: Hannu Honkanen <han...@av...> Date: 2018-10-31 (Wed, 31 Oct 2018) Changed paths: M src/pkcs11/framework-pkcs15.c Log Message: ----------- Removed #ifdef USE_PKCS15_INIT around __pkcs15_create_secret_key_object. This function is now used also when reading and parsing a card, not only when creating new objects. Commit: 84317f4e9ddd42ab2167104317ff99e8990c5e0d https://github.com/OpenSC/OpenSC/commit/84317f4e9ddd42ab2167104317ff99e8990c5e0d Author: Lars Silvén <lar...@pr...> Date: 2018-10-31 (Wed, 31 Oct 2018) Changed paths: M src/pkcs11/framework-pkcs15.c Log Message: ----------- Fixing missing call to sc_unlock. Commit: 90ec7123baaf5aa5b3c320da931c9da2605ac2d3 https://github.com/OpenSC/OpenSC/commit/90ec7123baaf5aa5b3c320da931c9da2605ac2d3 Author: Hannu Honkanen <han...@av...> Date: 2018-10-31 (Wed, 31 Oct 2018) Changed paths: M src/libopensc/card-myeid.c M src/libopensc/opensc.h M src/libopensc/pkcs15-sec.c M src/libopensc/pkcs15-skey.c M src/pkcs11/framework-pkcs15.c M src/pkcs11/mechanism.c M src/pkcs11/openssl.c M src/pkcs15init/pkcs15-lib.c Log Message: ----------- Corrections and code cleanup as requested in review. Changed value to void* in sc_sec_env_param_t, because param_type defines type of the value. Fixed handling of secret key length in framework-pkcs15 and pkcs15-lib: CKA_VALUE_LEN from PKCS#11 is in bytes, PKCS#15 objects need key length in bits. Rebased on top of upstream/master and resolved merge conflicts. Commit: 7bb53423a16dc1321be008b5d0757c330f9fcd10 https://github.com/OpenSC/OpenSC/commit/7bb53423a16dc1321be008b5d0757c330f9fcd10 Author: Hannu Honkanen <han...@av...> Date: 2018-10-31 (Wed, 31 Oct 2018) Changed paths: M src/libopensc/card-myeid.c M src/libopensc/padding.c M src/libopensc/pkcs15-sec.c M src/libopensc/pkcs15-skey.c M src/pkcs11/framework-pkcs15.c M src/pkcs11/mechanism.c M src/pkcs11/pkcs11-object.c M src/pkcs15init/pkcs15-lib.c Log Message: ----------- Code cleanup and minor corrections according to review. pkcs15-lib: Extractable keys are now marked as native. Check return value of check_key_compatibility in more explicit way to avoid misunderstandings. Commit: f88419bc63c3f61d024eb02b69db613a75e2a530 https://github.com/OpenSC/OpenSC/commit/f88419bc63c3f61d024eb02b69db613a75e2a530 Author: Hannu Honkanen <han...@av...> Date: 2018-10-31 (Wed, 31 Oct 2018) Changed paths: M src/libopensc/card-myeid.c Log Message: ----------- Removed pointless curly brackets Commit: b35fb19ec46df21c35864725a6d2b1e5c55e0d0c https://github.com/OpenSC/OpenSC/commit/b35fb19ec46df21c35864725a6d2b1e5c55e0d0c Author: Hannu Honkanen <han...@av...> Date: 2018-11-02 (Fri, 02 Nov 2018) Changed paths: M src/pkcs11/framework-pkcs15.c Log Message: ----------- Resolved conflict in pkcs15_create_secret_key Commit: 351e0d2bd6d67bdd74c9cc49a484d87ad6ed0bcb https://github.com/OpenSC/OpenSC/commit/351e0d2bd6d67bdd74c9cc49a484d87ad6ed0bcb Author: Hannu Honkanen <han...@av...> Date: 2018-11-02 (Fri, 02 Nov 2018) Changed paths: M src/common/simclist.h M src/libopensc/card-npa.c M src/libopensc/card-npa.h M src/libopensc/internal.h M src/libopensc/log.h M src/libopensc/opensc.h M src/libopensc/sm.h M src/pkcs11/framework-pkcs15.c M src/pkcs11/framework-pkcs15init.c M src/pkcs11/mechanism.c M src/pkcs11/misc.c M src/pkcs11/openssl.c M src/pkcs11/pkcs11-object.c M src/pkcs11/pkcs11-session.c M src/pkcs11/pkcs11-spy.c M src/pkcs11/sc-pkcs11.h M src/pkcs11/slot.c M src/tools/npa-tool.c M src/tools/pkcs15-tool.c Log Message: ----------- Merge remote-tracking branch 'upstream/master' into wrapping-rebased and resolve conflicts Commit: 22c8204a2ff1a1c72ce6a1bd14e7525d360ca443 https://github.com/OpenSC/OpenSC/commit/22c8204a2ff1a1c72ce6a1bd14e7525d360ca443 Author: Frank Morgner <fra...@gm...> Date: 2018-11-06 (Tue, 06 Nov 2018) Changed paths: M src/libopensc/card-myeid.c M src/libopensc/card.c M src/libopensc/cardctl.h M src/libopensc/iso7816.c M src/libopensc/libopensc.exports M src/libopensc/opensc.h M src/libopensc/padding.c M src/libopensc/pkcs15-sec.c M src/libopensc/pkcs15-skey.c M src/libopensc/pkcs15.c M src/libopensc/pkcs15.h M src/libopensc/sec.c M src/pkcs11/framework-pkcs15.c M src/pkcs11/mechanism.c M src/pkcs11/openssl.c M src/pkcs11/pkcs11-object.c M src/pkcs11/sc-pkcs11.h M src/pkcs15init/pkcs15-init.h M src/pkcs15init/pkcs15-lib.c M src/pkcs15init/pkcs15-myeid.c M src/tools/pkcs15-init.c Log Message: ----------- Merge remote-tracking branch 'upstream/pr/1393' closes https://github.com/OpenSC/OpenSC/pull/1393 Compare: https://github.com/OpenSC/OpenSC/compare/13c75745103b...22c8204a2ff1 **NOTE:** This service has been marked for deprecation: https://developer.github.com/changes/2018-04-25-github-services-deprecation/ Functionality will be removed from GitHub.com on January 31st, 2019. |
