import CS opensc-0.23.0-3.el9_3

This commit is contained in:
eabdullin 2023-12-20 12:44:21 +00:00
parent 7afc0ef384
commit bc50fc13d0
17 changed files with 5406 additions and 140 deletions

2
.gitignore vendored
View File

@ -1 +1 @@
SOURCES/opensc-0.22.0.tar.gz
SOURCES/opensc-0.23.0.tar.gz

View File

@ -1 +1 @@
d920880c72462619e0a1a629e0a637155b75a352 SOURCES/opensc-0.22.0.tar.gz
5a5367ef33efcc35ed420b191b4d1bc3aa34a538 SOURCES/opensc-0.23.0.tar.gz

View File

@ -3,7 +3,7 @@ diff -up opensc-0.19.0/etc/opensc.conf.pinpad opensc-0.19.0/etc/opensc.conf
+++ opensc-0.19.0/etc/opensc.conf 2018-10-22 14:33:59.939410701 +0200
@@ -4,4 +4,9 @@ app default {
framework pkcs15 {
# use_file_caching = true;
# use_file_caching = public;
}
+ reader_driver pcsc {
+ # The pinpad is disabled by default,

View File

@ -1,62 +0,0 @@
From fe198e8b3837aa4c960e75d0e2a41020ad4dc9f9 Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Fri, 24 Sep 2021 13:33:26 +0200
Subject: [PATCH 1/9] pkcs11: Unbreak detection of unenrolled cards
This was broken since 58b03b68, which tried to sanitize some states,
but caused C_GetTokenInfo returning CKR_TOKEN_NOT_RECOGNIZED instead
of empty token information.
Note, that this has effect only if the configuration options
enable_default_driver and pkcs11_enable_InitToken are turned on.
Otherwise it still returns CKR_TOKEN_NOT_RECOGNIZED.
---
src/pkcs11/framework-pkcs15.c | 17 +++++++++--------
1 file changed, 9 insertions(+), 8 deletions(-)
diff --git a/src/pkcs11/framework-pkcs15.c b/src/pkcs11/framework-pkcs15.c
index 74fe7b3c49..4205e41739 100644
--- a/src/pkcs11/framework-pkcs15.c
+++ b/src/pkcs11/framework-pkcs15.c
@@ -544,9 +544,7 @@ CK_RV C_GetTokenInfo(CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo)
{
struct sc_pkcs11_slot *slot;
struct pkcs15_fw_data *fw_data = NULL;
- struct sc_pkcs15_card *p15card = NULL;
struct sc_pkcs15_object *auth;
- struct sc_pkcs15_auth_info *pin_info;
CK_RV rv;
sc_log(context, "C_GetTokenInfo(%lx)", slotID);
@@ -578,12 +576,6 @@ CK_RV C_GetTokenInfo(CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo)
rv = sc_to_cryptoki_error(SC_ERROR_INTERNAL, "C_GetTokenInfo");
goto out;
}
- p15card = fw_data->p15_card;
- if (!p15card) {
- rv = sc_to_cryptoki_error(SC_ERROR_INVALID_CARD, "C_GetTokenInfo");
- goto out;
- }
-
/* User PIN flags are cleared before re-calculation */
slot->token_info.flags &= ~(CKF_USER_PIN_COUNT_LOW|CKF_USER_PIN_FINAL_TRY|CKF_USER_PIN_LOCKED);
auth = slot_data_auth(slot->fw_data);
@@ -591,8 +583,17 @@ CK_RV C_GetTokenInfo(CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo)
"C_GetTokenInfo() auth. object %p, token-info flags 0x%lX", auth,
slot->token_info.flags);
if (auth) {
+ struct sc_pkcs15_card *p15card = NULL;
+ struct sc_pkcs15_auth_info *pin_info = NULL;
+
pin_info = (struct sc_pkcs15_auth_info*) auth->data;
+ p15card = fw_data->p15_card;
+ if (!p15card) {
+ rv = sc_to_cryptoki_error(SC_ERROR_INVALID_CARD, "C_GetTokenInfo");
+ goto out;
+ }
+
sc_pkcs15_get_pin_info(p15card, auth);
if (pin_info->tries_left >= 0) {

View File

@ -5,8 +5,8 @@ diff -up opensc-0.22.0/etc/opensc.conf.file-cache opensc-0.22.0/etc/opensc.conf
# debug = 3;
# debug_file = opensc-debug.txt;
framework pkcs15 {
- # use_file_caching = true;
+ use_file_caching = true;
- # use_file_caching = public;
+ use_file_caching = public;
}
reader_driver pcsc {
# The pinpad is disabled by default,
@ -18,6 +18,6 @@ diff -up opensc-0.22.0/etc/opensc.conf.file-cache opensc-0.22.0/etc/opensc.conf
+# brings more trouble than use so disable that:
+app pkcs15-init {
+ framework pkcs15 {
+ use_file_caching = false;
+ use_file_caching = no;
+ }
+}

View File

@ -0,0 +1,96 @@
From bff98ff078a99e6864ba1a598fd7dc9af4a9476b Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Thu, 7 Sep 2023 13:23:04 +0200
Subject: [PATCH] cache: Honor the file offset when writing cache
When the reads are not consecutive, avoid caching anything after the gaps.
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
---
src/libopensc/pkcs15-cache.c | 18 +++++++++++++++---
1 file changed, 15 insertions(+), 3 deletions(-)
diff --git a/src/libopensc/pkcs15-cache.c b/src/libopensc/pkcs15-cache.c
index 6ebe35a8af..61af35fc5a 100644
--- a/src/libopensc/pkcs15-cache.c
+++ b/src/libopensc/pkcs15-cache.c
@@ -195,6 +195,7 @@ int sc_pkcs15_cache_file(struct sc_pkcs15_card *p15card,
{
char fname[PATH_MAX];
int r;
+ long len;
FILE *f;
size_t c;
@@ -202,22 +203,33 @@ int sc_pkcs15_cache_file(struct sc_pkcs15_card *p15card,
if (r != 0)
return r;
- f = fopen(fname, "wb");
+ f = fopen(fname, "ab");
/* If the open failed because the cache directory does
* not exist, create it and a re-try the fopen() call.
*/
if (f == NULL && errno == ENOENT) {
if ((r = sc_make_cache_dir(p15card->card->ctx)) < 0)
return r;
- f = fopen(fname, "wb");
+ f = fopen(fname, "ab");
}
if (f == NULL)
return 0;
+ /* we opened the file for appending so we should be at the end of file.
+ * The ftell() will give use the length of the file */
+ len = ftell(f);
+ if (len > path->index) {
+ /* override previous cache records on this location */
+ fseek(f, path->index, SEEK_SET);
+ } else if (path->index > len) {
+ /* We miss some bytes so we will not cache this chunk */
+ return 0;
+ }
+
c = fwrite(buf, 1, bufsize, f);
fclose(f);
if (c != bufsize) {
- sc_log(p15card->card->ctx,
+ sc_log(p15card->card->ctx,
"fwrite() wrote only %"SC_FORMAT_LEN_SIZE_T"u bytes",
c);
unlink(fname);
From 0875c69295ef28b45fb682b37cede58fc36b7a1a Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Fri, 15 Sep 2023 19:17:53 +0200
Subject: [PATCH] pkcs15-cache: Avoid fd leaks and check return values
CID 401725
CID 401726
Thanks coverity
---
src/libopensc/pkcs15-cache.c | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/src/libopensc/pkcs15-cache.c b/src/libopensc/pkcs15-cache.c
index 61af35fc5a..bae5797fe2 100644
--- a/src/libopensc/pkcs15-cache.c
+++ b/src/libopensc/pkcs15-cache.c
@@ -220,9 +220,14 @@ int sc_pkcs15_cache_file(struct sc_pkcs15_card *p15card,
len = ftell(f);
if (len > path->index) {
/* override previous cache records on this location */
- fseek(f, path->index, SEEK_SET);
+ r = fseek(f, path->index, SEEK_SET);
+ if (r != 0) {
+ fclose(f);
+ return 0;
+ }
} else if (path->index > len) {
/* We miss some bytes so we will not cache this chunk */
+ fclose(f);
return 0;
}

View File

@ -0,0 +1,50 @@
From 81944d1529202bd28359bede57c0a15deb65ba8a Mon Sep 17 00:00:00 2001
From: fullwaywang <fullwaywang@tencent.com>
Date: Mon, 29 May 2023 10:38:48 +0800
Subject: [PATCH] pkcs15init: correct left length calculation to fix buffer
overrun bug. Fixes #2785
---
src/pkcs15init/pkcs15-cardos.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/src/pkcs15init/pkcs15-cardos.c b/src/pkcs15init/pkcs15-cardos.c
index 9715cf390f..f41f73c349 100644
--- a/src/pkcs15init/pkcs15-cardos.c
+++ b/src/pkcs15init/pkcs15-cardos.c
@@ -872,7 +872,7 @@ static int cardos_have_verifyrc_package(sc_card_t *card)
sc_apdu_t apdu;
u8 rbuf[SC_MAX_APDU_BUFFER_SIZE];
int r;
- const u8 *p = rbuf, *q;
+ const u8 *p = rbuf, *q, *pp;
size_t len, tlen = 0, ilen = 0;
sc_format_apdu(card, &apdu, SC_APDU_CASE_2_SHORT, 0xca, 0x01, 0x88);
@@ -888,13 +888,13 @@ static int cardos_have_verifyrc_package(sc_card_t *card)
return 0;
while (len != 0) {
- p = sc_asn1_find_tag(card->ctx, p, len, 0xe1, &tlen);
- if (p == NULL)
+ pp = sc_asn1_find_tag(card->ctx, p, len, 0xe1, &tlen);
+ if (pp == NULL)
return 0;
if (card->type == SC_CARD_TYPE_CARDOS_M4_3) {
/* the verifyRC package on CardOS 4.3B use Manufacturer ID 0x01 */
/* and Package Number 0x07 */
- q = sc_asn1_find_tag(card->ctx, p, tlen, 0x01, &ilen);
+ q = sc_asn1_find_tag(card->ctx, pp, tlen, 0x01, &ilen);
if (q == NULL || ilen != 4)
return 0;
if (q[0] == 0x07)
@@ -902,7 +902,7 @@ static int cardos_have_verifyrc_package(sc_card_t *card)
} else if (card->type == SC_CARD_TYPE_CARDOS_M4_4) {
/* the verifyRC package on CardOS 4.4 use Manufacturer ID 0x03 */
/* and Package Number 0x02 */
- q = sc_asn1_find_tag(card->ctx, p, tlen, 0x03, &ilen);
+ q = sc_asn1_find_tag(card->ctx, pp, tlen, 0x03, &ilen);
if (q == NULL || ilen != 4)
return 0;
if (q[0] == 0x02)

View File

@ -0,0 +1,475 @@
diff --git a/src/common/Makefile.am b/src/common/Makefile.am
index 5153428dce..9ecbffe8fd 100644
--- a/src/common/Makefile.am
+++ b/src/common/Makefile.am
@@ -8,7 +8,8 @@ dist_noinst_DATA = \
LICENSE.compat_getopt compat_getopt.txt \
compat_getopt_main.c \
README.compat_strlcpy compat_strlcpy.3
-noinst_HEADERS = compat_strlcat.h compat_strlcpy.h compat_strnlen.h compat_getpass.h compat_getopt.h simclist.h libpkcs11.h libscdl.h
+noinst_HEADERS = compat_strlcat.h compat_strlcpy.h compat_strnlen.h compat_getpass.h \
+ compat_getopt.h simclist.h libpkcs11.h libscdl.h constant-time.h
AM_CPPFLAGS = -I$(top_srcdir)/src
@@ -43,7 +44,8 @@ TIDY_FILES = \
compat_report_rangecheckfailure.c \
compat___iob_func.c \
simclist.c simclist.h \
- libpkcs11.c libscdl.c
+ libpkcs11.c libscdl.c \
+ constant-time.h
check-local:
if [ -x "$(CLANGTIDY)" ]; then clang-tidy -config='' --checks='$(TIDY_CHECKS)' -header-filter=.* $(addprefix $(srcdir)/,$(TIDY_FILES)) -- $(TIDY_FLAGS); fi
diff --git a/src/common/constant-time.h b/src/common/constant-time.h
new file mode 100644
index 0000000000..f70251f5d6
--- /dev/null
+++ b/src/common/constant-time.h
@@ -0,0 +1,108 @@
+/* Original source: https://github.com/openssl/openssl/blob/9890cc42daff5e2d0cad01ac4bf78c391f599a6e/include/internal/constant_time.h */
+
+#ifndef CONSTANT_TIME_H
+# define CONSTANT_TIME_H
+
+# include <stdlib.h>
+# include <string.h>
+
+#if !defined(inline)
+# if defined(__STDC_VERSION__) && __STDC_VERSION__ >= 199901L
+# define constant_inline inline
+# elif defined(__GNUC__) && __GNUC__>=2
+# define constant_inline __inline__
+# elif defined(_MSC_VER)
+# define constant_inline __inline
+# else
+# define constant_inline
+# endif
+#else /* use what caller wants as inline may be from config.h */
+# define constant_inline inline /* inline */
+#endif
+
+static constant_inline unsigned int value_barrier(unsigned int a)
+{
+ volatile unsigned int r = a;
+ return r;
+}
+
+static constant_inline size_t value_barrier_s(size_t a)
+{
+ volatile size_t r = a;
+ return r;
+}
+
+/* MSB */
+static constant_inline size_t constant_time_msb_s(size_t a)
+{
+ return 0 - (a >> (sizeof(a) * 8 - 1));
+}
+
+static constant_inline unsigned int
+constant_time_msb(unsigned int a)
+{
+ return 0 - (a >> (sizeof(a) * 8 - 1));
+}
+
+/* Select */
+static constant_inline unsigned int
+constant_time_select(unsigned int mask, unsigned int a, unsigned int b)
+{
+ return (value_barrier(mask) & a) | (value_barrier(~mask) & b);
+}
+
+static constant_inline unsigned char
+constant_time_select_8(unsigned char mask, unsigned char a, unsigned char b)
+{
+ return (unsigned char)constant_time_select(mask, a, b);
+}
+
+static constant_inline size_t constant_time_select_s(size_t mask, size_t a, size_t b)
+{
+ return (value_barrier_s(mask) & a) | (value_barrier_s(~mask) & b);
+}
+
+/* Zero */
+static constant_inline unsigned int
+constant_time_is_zero(unsigned int a)
+{
+ return constant_time_msb(~a & (a - 1));
+}
+
+static constant_inline size_t constant_time_is_zero_s(size_t a)
+{
+ return constant_time_msb_s(~a & (a - 1));
+}
+
+/* Comparison*/
+static constant_inline size_t constant_time_lt_s(size_t a, size_t b)
+{
+ return constant_time_msb_s(a ^ ((a ^ b) | ((a - b) ^ b)));
+}
+
+static constant_inline unsigned int
+constant_time_lt(unsigned int a, unsigned int b)
+{
+ return constant_time_msb(a ^ ((a ^ b) | ((a - b) ^ b)));
+}
+
+static constant_inline unsigned int
+constant_time_ge(unsigned int a, unsigned int b)
+{
+ return ~constant_time_lt(a, b);
+}
+
+/* Equality*/
+
+static constant_inline unsigned int
+constant_time_eq(unsigned int a, unsigned int b)
+{
+ return constant_time_is_zero(a ^ b);
+}
+
+static constant_inline size_t constant_time_eq_s(size_t a, size_t b)
+{
+ return constant_time_is_zero_s(a ^ b);
+}
+
+#endif /* CONSTANT_TIME_H */
diff --git a/src/libopensc/internal.h b/src/libopensc/internal.h
index 74014235ac..13eccfa1a4 100644
--- a/src/libopensc/internal.h
+++ b/src/libopensc/internal.h
@@ -168,6 +168,8 @@ int sc_pkcs1_strip_01_padding(struct sc_context *ctx, const u8 *in_dat, size_t i
u8 *out_dat, size_t *out_len);
int sc_pkcs1_strip_02_padding(struct sc_context *ctx, const u8 *data, size_t len,
u8 *out_dat, size_t *out_len);
+int sc_pkcs1_strip_02_padding_constant_time(sc_context_t *ctx, unsigned int n, const u8 *data,
+ unsigned int data_len, u8 *out, unsigned int *out_len);
int sc_pkcs1_strip_digest_info_prefix(unsigned int *algorithm,
const u8 *in_dat, size_t in_len, u8 *out_dat, size_t *out_len);
#ifdef ENABLE_OPENSSL
diff --git a/src/libopensc/padding.c b/src/libopensc/padding.c
index 2837466992..ceb2a1e219 100644
--- a/src/libopensc/padding.c
+++ b/src/libopensc/padding.c
@@ -33,9 +33,12 @@
#include <stdlib.h>
#include "internal.h"
+#include "common/constant-time.h"
#include "pkcs11/pkcs11.h"
/* TODO doxygen comments */
+#define SC_PKCS1_PADDING_MIN_SIZE 11
+
/*
* Prefixes for pkcs-v1 signatures
*/
@@ -184,6 +187,84 @@ sc_pkcs1_strip_02_padding(sc_context_t *ctx, const u8 *data, size_t len, u8 *out
LOG_FUNC_RETURN(ctx, len - n);
}
+/* Original source: https://github.com/openssl/openssl/blob/9890cc42daff5e2d0cad01ac4bf78c391f599a6e/crypto/rsa/rsa_pk1.c#L171 */
+int
+sc_pkcs1_strip_02_padding_constant_time(sc_context_t *ctx, unsigned int n, const u8 *data, unsigned int data_len, u8 *out, unsigned int *out_len)
+{
+ unsigned int i = 0;
+ u8 *msg = NULL;
+ unsigned int good, found_zero_byte, mask;
+ unsigned int zero_index = 0, msg_index, mlen = -1, len = 0;
+ LOG_FUNC_CALLED(ctx);
+
+ if (data == NULL || data_len <= 0 || data_len > n || n < SC_PKCS1_PADDING_MIN_SIZE)
+ LOG_FUNC_RETURN(ctx, SC_ERROR_INTERNAL);
+
+ msg = calloc(n, sizeof(u8));
+ if (msg == NULL)
+ LOG_FUNC_RETURN(ctx, SC_ERROR_INTERNAL);
+
+ /*
+ * We can not check length of input data straight away and still we need to read
+ * from input even when the input is not as long as needed to keep the time constant.
+ * If data has wrong size, it is padded by zeroes from left and the following checks
+ * do not pass.
+ */
+ len = data_len;
+ for (data += len, msg += n, i = 0; i < n; i++) {
+ mask = ~constant_time_is_zero(len);
+ len -= 1 & mask;
+ data -= 1 & mask;
+ *--msg = *data & mask;
+ }
+ // check first byte to be 0x00
+ good = constant_time_is_zero(msg[0]);
+ // check second byte to be 0x02
+ good &= constant_time_eq(msg[1], 2);
+
+ // find zero byte after random data in padding
+ found_zero_byte = 0;
+ for (i = 2; i < n; i++) {
+ unsigned int equals0 = constant_time_is_zero(msg[i]);
+ zero_index = constant_time_select(~found_zero_byte & equals0, i, zero_index);
+ found_zero_byte |= equals0;
+ }
+
+ // zero_index stands for index of last found zero
+ good &= constant_time_ge(zero_index, 2 + 8);
+
+ // start of the actual message in data
+ msg_index = zero_index + 1;
+
+ // length of message
+ mlen = data_len - msg_index;
+
+ // check that there is a message after padding
+ good &= constant_time_ge(mlen, 1);
+ // check that message fits into out buffer
+ good &= constant_time_ge(*out_len, mlen);
+
+ // move the result in-place by |num|-SC_PKCS1_PADDING_MIN_SIZE-|mlen| bytes to the left.
+ *out_len = constant_time_select(constant_time_lt(n - SC_PKCS1_PADDING_MIN_SIZE, *out_len),
+ n - SC_PKCS1_PADDING_MIN_SIZE, *out_len);
+ for (msg_index = 1; msg_index < n - SC_PKCS1_PADDING_MIN_SIZE; msg_index <<= 1) {
+ mask = ~constant_time_eq(msg_index & (n - SC_PKCS1_PADDING_MIN_SIZE - mlen), 0);
+ for (i = SC_PKCS1_PADDING_MIN_SIZE; i < n - msg_index; i++)
+ msg[i] = constant_time_select_8(mask, msg[i + msg_index], msg[i]);
+ }
+ // move message into out buffer, if good
+ for (i = 0; i < *out_len; i++) {
+ unsigned int msg_index;
+ // when out is longer than message in data, use some bogus index in msg
+ mask = good & constant_time_lt(i, mlen);
+ msg_index = constant_time_select(mask, i + SC_PKCS1_PADDING_MIN_SIZE, 0); // to now overflow msg buffer
+ out[i] = constant_time_select_8(mask, msg[msg_index], out[i]);
+ }
+
+ free(msg);
+ return constant_time_select(good, mlen, SC_ERROR_WRONG_PADDING);
+}
+
#ifdef ENABLE_OPENSSL
static int mgf1(u8 *mask, size_t len, u8 *seed, size_t seedLen, const EVP_MD *dgst)
{
diff --git a/src/libopensc/pkcs15-sec.c b/src/libopensc/pkcs15-sec.c
index 7c3a39432f..b5e492fe25 100644
--- a/src/libopensc/pkcs15-sec.c
+++ b/src/libopensc/pkcs15-sec.c
@@ -308,9 +308,10 @@ int sc_pkcs15_decipher(struct sc_pkcs15_card *p15card,
/* Strip any padding */
if (pad_flags & SC_ALGORITHM_RSA_PAD_PKCS1) {
- size_t s = r;
- r = sc_pkcs1_strip_02_padding(ctx, out, s, out, &s);
- LOG_TEST_RET(ctx, r, "Invalid PKCS#1 padding");
+ unsigned int s = r;
+ unsigned int key_size = alg_info->key_length;
+ r = sc_pkcs1_strip_02_padding_constant_time(ctx, key_size / 8, out, s, out, &s);
+ /* for keeping PKCS#1 v1.5 depadding constant-time, do not log error here */
}
#ifdef ENABLE_OPENSSL
if (pad_flags & SC_ALGORITHM_RSA_PAD_OAEP)
@@ -332,7 +333,7 @@ int sc_pkcs15_decipher(struct sc_pkcs15_card *p15card,
LOG_TEST_RET(ctx, r, "Invalid OAEP padding");
}
#endif
- LOG_FUNC_RETURN(ctx, r);
+ return r;
}
/* derive one key from another. RSA can use decipher, so this is for only ECDH
diff --git a/src/pkcs11/framework-pkcs15.c b/src/pkcs11/framework-pkcs15.c
index 809cd72d93..9c75759a08 100644
--- a/src/pkcs11/framework-pkcs15.c
+++ b/src/pkcs11/framework-pkcs15.c
@@ -28,6 +28,7 @@
#include "libopensc/cardctl.h"
#include "ui/notify.h"
#include "common/compat_strnlen.h"
+#include "common/constant-time.h"
#ifdef ENABLE_OPENSSL
#include <openssl/sha.h>
#include <openssl/crypto.h>
@@ -4603,15 +4604,51 @@ pkcs15_prkey_decrypt(struct sc_pkcs11_session *session, void *obj,
rv = sc_pkcs15_decipher(fw_data->p15_card, prkey->prv_p15obj, flags,
pEncryptedData, ulEncryptedDataLen, decrypted, sizeof(decrypted), pMechanism);
- if (rv < 0 && !sc_pkcs11_conf.lock_login && !prkey_has_path)
+ if (!((flags & SC_ALGORITHM_RSA_PAD_PKCS1) && constant_time_eq_s(rv, SC_ERROR_WRONG_PADDING)) &&
+ rv < 0 && !sc_pkcs11_conf.lock_login && !prkey_has_path)
if (reselect_app_df(fw_data->p15_card) == SC_SUCCESS)
rv = sc_pkcs15_decipher(fw_data->p15_card, prkey->prv_p15obj, flags,
pEncryptedData, ulEncryptedDataLen, decrypted, sizeof(decrypted), pMechanism);
sc_unlock(p11card->card);
- sc_log(context, "Decryption complete. Result %d.", rv);
+ /* Handle buffer after PKCS#1 v1.5 depadding constant-time */
+ if (flags & SC_ALGORITHM_RSA_PAD_PKCS1) {
+ CK_ULONG mask, good, rv_pkcs11;
+
+ sc_log(context, "Decryption complete.");
+ /* only padding error must be handled in constant-time way */
+ if ((~constant_time_eq_s(rv, SC_ERROR_WRONG_PADDING) & constant_time_lt_s(sizeof(decrypted), rv)))
+ return sc_to_cryptoki_error(rv, "C_Decrypt");
+
+ /* check rv for error */
+ good = ~constant_time_eq_s(rv, SC_ERROR_WRONG_PADDING);
+ rv_pkcs11 = constant_time_select_s(good, CKR_OK, SC_ERROR_WRONG_PADDING);
+ if (pData == NULL_PTR) {
+ /* set length only if rv good */
+ *pulDataLen = constant_time_select_s(good, rv, *pulDataLen);
+ /* return error only if original rv < 0 */
+ return rv_pkcs11;
+ }
+
+ /* check whether *pulDataLen < rv and set return value accordingly */
+ mask = good & constant_time_lt_s(*pulDataLen, rv);
+ rv_pkcs11 = constant_time_select_s(mask, CKR_BUFFER_TOO_SMALL, rv_pkcs11);
+ good &= ~mask;
+ /* move everything from decrypted into out buffer, if rv is ok */
+ for (CK_ULONG i = 0; i < *pulDataLen; i++) { /* iterate over whole pData to not disclose real depadded length */
+ CK_ULONG msg_index;
+ mask = good & constant_time_lt_s(i, sizeof(decrypted)); /* i should be in the bounds of decrypted */
+ mask &= constant_time_lt_s(i, constant_time_select_s(good, rv, 0)); /* check that is in bounds of depadded message */
+ msg_index = constant_time_select_s(mask, i, 0);
+ pData[i] = constant_time_select_8(mask, decrypted[msg_index], pData[i]);
+ }
+ *pulDataLen = constant_time_select_s(good, rv, *pulDataLen);
+ return rv_pkcs11;
+ }
+
+ sc_log(context, "Decryption complete. Result %d.", rv);
if (rv < 0)
return sc_to_cryptoki_error(rv, "C_Decrypt");
@@ -4622,7 +4659,6 @@ pkcs15_prkey_decrypt(struct sc_pkcs11_session *session, void *obj,
if (buff_too_small)
return CKR_BUFFER_TOO_SMALL;
memcpy(pData, decrypted, *pulDataLen);
-
return CKR_OK;
}
diff --git a/src/pkcs11/mechanism.c b/src/pkcs11/mechanism.c
index 03495265a4..95d80249bb 100644
--- a/src/pkcs11/mechanism.c
+++ b/src/pkcs11/mechanism.c
@@ -25,6 +25,7 @@
#include <string.h>
#include "sc-pkcs11.h"
+#include "common/constant-time.h"
/* Also used for verification data */
struct hash_signature_info {
@@ -1093,7 +1094,8 @@ sc_pkcs11_decr(struct sc_pkcs11_session *session,
rv = op->type->decrypt(op, pEncryptedData, ulEncryptedDataLen,
pData, pulDataLen);
- if (rv != CKR_BUFFER_TOO_SMALL && pData != NULL)
+ /* terminate session for any return value except CKR_BUFFER_TOO_SMALL */
+ if (!constant_time_eq_s(rv, CKR_BUFFER_TOO_SMALL) && pData != NULL)
session_stop_operation(session, SC_PKCS11_OPERATION_DECRYPT);
return rv;
@@ -1536,6 +1538,13 @@ sc_pkcs11_decrypt(sc_pkcs11_operation_t *operation,
if (pulDataLen)
*pulDataLen = ulDataLen;
+ /* No need for DecryptFinalize */
+ if (((CK_MECHANISM_PTR) &operation->mechanism)->mechanism == CKM_RSA_PKCS) {
+ if (pulDataLen)
+ *pulDataLen = ulDataLen;
+ return rv;
+ }
+
if (rv != CKR_OK)
return rv;
diff --git a/src/pkcs11/misc.c b/src/pkcs11/misc.c
index 5ca1176b1d..2893b2bf3e 100644
--- a/src/pkcs11/misc.c
+++ b/src/pkcs11/misc.c
@@ -24,6 +24,7 @@
#include <string.h>
#include "sc-pkcs11.h"
+#include "common/constant-time.h"
#define DUMP_TEMPLATE_MAX 32
@@ -174,7 +175,7 @@ CK_RV reset_login_state(struct sc_pkcs11_slot *slot, CK_RV rv)
slot->p11card->framework->logout(slot);
}
- if (rv == CKR_USER_NOT_LOGGED_IN) {
+ if (constant_time_eq_s(rv, CKR_USER_NOT_LOGGED_IN)) {
slot->login_user = -1;
pop_all_login_states(slot);
}
diff --git a/src/pkcs11/pkcs11-object.c b/src/pkcs11/pkcs11-object.c
index f04c0b4c56..93cc319c24 100644
--- a/src/pkcs11/pkcs11-object.c
+++ b/src/pkcs11/pkcs11-object.c
@@ -1034,7 +1034,7 @@ C_Decrypt(CK_SESSION_HANDLE hSession, /* the session's handle */
rv = reset_login_state(session->slot, rv);
}
- SC_LOG_RV("C_Decrypt() = %s", rv);
+ SC_LOG("C_Decrypt()");
sc_pkcs11_unlock();
return rv;
}
diff --git a/src/pkcs11/sc-pkcs11.h b/src/pkcs11/sc-pkcs11.h
index 66dfcdde67..7239b4c5b8 100644
--- a/src/pkcs11/sc-pkcs11.h
+++ b/src/pkcs11/sc-pkcs11.h
@@ -246,6 +246,11 @@ do {\
}\
} while(0)
+#define SC_LOG(fmt)\
+do {\
+ sc_log(context, (fmt));\
+} while(0)
+
/* Debug virtual slots. S is slot to be highlighted or NULL
* C is a comment format string and args It will be preceded by "VSS " */
#define DEBUG_VSS(S, ...) do { sc_log(context,"VSS " __VA_ARGS__); _debug_virtual_slots(S); } while (0)
diff --git a/src/libopensc/padding.c b/src/libopensc/padding.c
index ceb2a1e21..c2cc58d47 100644
--- a/src/libopensc/padding.c
+++ b/src/libopensc/padding.c
@@ -192,7 +192,7 @@ int
sc_pkcs1_strip_02_padding_constant_time(sc_context_t *ctx, unsigned int n, const u8 *data, unsigned int data_len, u8 *out, unsigned int *out_len)
{
unsigned int i = 0;
- u8 *msg = NULL;
+ u8 *msg, *msg_orig = NULL;
unsigned int good, found_zero_byte, mask;
unsigned int zero_index = 0, msg_index, mlen = -1, len = 0;
LOG_FUNC_CALLED(ctx);
@@ -200,7 +200,7 @@ sc_pkcs1_strip_02_padding_constant_time(sc_context_t *ctx, unsigned int n, const
if (data == NULL || data_len <= 0 || data_len > n || n < SC_PKCS1_PADDING_MIN_SIZE)
LOG_FUNC_RETURN(ctx, SC_ERROR_INTERNAL);
- msg = calloc(n, sizeof(u8));
+ msg = msg_orig = calloc(n, sizeof(u8));
if (msg == NULL)
LOG_FUNC_RETURN(ctx, SC_ERROR_INTERNAL);
@@ -261,7 +261,7 @@ sc_pkcs1_strip_02_padding_constant_time(sc_context_t *ctx, unsigned int n, const
out[i] = constant_time_select_8(mask, msg[msg_index], out[i]);
}
- free(msg);
+ free(msg_orig);
return constant_time_select(good, mlen, SC_ERROR_WRONG_PADDING);
}
--
2.43.0

View File

@ -0,0 +1,99 @@
From cde2e050ec4f2f1b7db38429aa4e9c0f4656308c Mon Sep 17 00:00:00 2001
From: Peter Popovec <popovec.peter@gmail.com>
Date: Wed, 26 Apr 2023 13:22:09 +0200
Subject: [PATCH] NULL pointer fix
Thanks to the clang analyzer:
Null pointer passed to 2nd parameter expecting 'nonnull'
[clang-analyzer-core.NonNullParamChecker]
modified: src/libopensc/card-myeid.c
---
src/libopensc/card-myeid.c | 15 ++++++++++-----
1 file changed, 10 insertions(+), 5 deletions(-)
diff --git a/src/libopensc/card-myeid.c b/src/libopensc/card-myeid.c
index 31dd209f3..951c179f1 100644
--- a/src/libopensc/card-myeid.c
+++ b/src/libopensc/card-myeid.c
@@ -1973,6 +1973,9 @@ myeid_enc_dec_sym(struct sc_card *card, const u8 *data, size_t datalen,
return_len = block_size - pad_byte;
}
*outlen = return_len;
+ /* application can request buffer size or actual buffer size is too small */
+ if (out == NULL)
+ LOG_FUNC_RETURN(ctx, SC_SUCCESS);
if (return_len > *outlen)
LOG_FUNC_RETURN(ctx, SC_ERROR_BUFFER_TOO_SMALL);
memcpy(out, priv->sym_plain_buffer, return_len);
@@ -2042,10 +2045,11 @@ myeid_enc_dec_sym(struct sc_card *card, const u8 *data, size_t datalen,
priv->sym_crypt_buffer_len = 0;
rest_len = 0;
}
- memcpy(sdata, data, apdu_datalen);
- data += apdu_datalen;
- datalen -= apdu_datalen;
-
+ if (data) {
+ memcpy(sdata, data, apdu_datalen);
+ data += apdu_datalen;
+ datalen -= apdu_datalen;
+ }
r = sc_transmit_apdu(card, &apdu);
LOG_TEST_RET(ctx, r, "APDU transmit failed");
r = sc_check_sw(card, apdu.sw1, apdu.sw2);
@@ -2084,7 +2088,8 @@ myeid_enc_dec_sym(struct sc_card *card, const u8 *data, size_t datalen,
/* save rest of data for next run */
priv->sym_crypt_buffer_len = datalen;
sc_log(ctx, "rest data len = %zu", datalen);
- memcpy(priv->sym_crypt_buffer, data, datalen);
+ if (data)
+ memcpy(priv->sym_crypt_buffer, data, datalen);
sc_log(ctx, "return data len = %zu", return_len);
*outlen = return_len;
return SC_SUCCESS;
--
2.41.0
From f1993dc4e0b33050b8f72a3558ee88b24c4063b2 Mon Sep 17 00:00:00 2001
From: Peter Popovec <popovec.peter@gmail.com>
Date: Tue, 27 Jun 2023 09:50:42 +0200
Subject: [PATCH] myeid: fixed CID 380538 Out-of-bounds read (OVERRUN)
also fixes output buffer size checking
---
src/libopensc/card-myeid.c | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/src/libopensc/card-myeid.c b/src/libopensc/card-myeid.c
index 4ee424684..50e78ff1d 100644
--- a/src/libopensc/card-myeid.c
+++ b/src/libopensc/card-myeid.c
@@ -1986,18 +1986,20 @@ myeid_enc_dec_sym(struct sc_card *card, const u8 *data, size_t datalen,
sc_log(ctx, "Found padding byte %02x", pad_byte);
if (pad_byte == 0 || pad_byte > block_size)
LOG_FUNC_RETURN(ctx, SC_ERROR_WRONG_PADDING);
- sdata = priv->sym_plain_buffer + block_size - pad_byte;
+ sdata = priv->sym_plain_buffer + block_size;
for (i = 0; i < pad_byte; i++)
- if (sdata[i] != pad_byte)
+ if (*(--sdata) != pad_byte)
LOG_FUNC_RETURN(ctx, SC_ERROR_WRONG_PADDING);
return_len = block_size - pad_byte;
}
- *outlen = return_len;
/* application can request buffer size or actual buffer size is too small */
- if (out == NULL)
+ if (out == NULL) {
+ *outlen = return_len;
LOG_FUNC_RETURN(ctx, SC_SUCCESS);
+ }
if (return_len > *outlen)
LOG_FUNC_RETURN(ctx, SC_ERROR_BUFFER_TOO_SMALL);
+ *outlen = return_len;
memcpy(out, priv->sym_plain_buffer, return_len);
sc_log(ctx, "C_DecryptFinal %zu bytes", *outlen);
return SC_SUCCESS;
--
2.41.0

View File

@ -0,0 +1,225 @@
From 3b580b6fff9ac463ecc6e996cfaf573f62749368 Mon Sep 17 00:00:00 2001
From: Frank Morgner <frankmorgner@gmail.com>
Date: Fri, 14 Apr 2023 12:02:54 +0200
Subject: [PATCH 1/2] openpgp: identify OpenPGP compliance with bcd_version
rather than card type
---
src/libopensc/card-openpgp.c | 22 +++++++++++++---------
1 file changed, 13 insertions(+), 9 deletions(-)
diff --git a/src/libopensc/card-openpgp.c b/src/libopensc/card-openpgp.c
index fad32f0ce7..2ea5dc9d36 100644
--- a/src/libopensc/card-openpgp.c
+++ b/src/libopensc/card-openpgp.c
@@ -1780,13 +1780,18 @@ pgp_get_pubkey_pem(sc_card_t *card, unsigned int tag, u8 *buf, size_t buf_len)
* p1: number of an instance (DO 7F21: 0x00 for AUT, 0x01 for DEC and 0x02 for SIG)
*/
static int
-pgp_select_data(sc_card_t *card, u8 p1){
+pgp_select_data(sc_card_t *card, u8 p1)
+{
sc_apdu_t apdu;
u8 apdu_data[6];
int r;
+ struct pgp_priv_data *priv = DRVDATA(card);
LOG_FUNC_CALLED(card->ctx);
+ if (priv->bcd_version < OPENPGP_CARD_3_0)
+ LOG_FUNC_RETURN(card->ctx, SC_ERROR_NOT_SUPPORTED);
+
sc_log(card->ctx, "select data with: %u", p1);
// create apdu data (taken from spec: SELECT DATA 7.2.5.)
@@ -2179,8 +2184,7 @@ pgp_set_security_env(sc_card_t *card,
/* The SC_SEC_ENV_ALG_PRESENT is set always so let it pass for GNUK */
if ((env->flags & SC_SEC_ENV_ALG_PRESENT)
&& (env->algorithm != SC_ALGORITHM_RSA)
- && (priv->bcd_version < OPENPGP_CARD_3_0)
- && (card->type != SC_CARD_TYPE_OPENPGP_GNUK))
+ && (priv->bcd_version < OPENPGP_CARD_3_0))
LOG_TEST_RET(card->ctx, SC_ERROR_INVALID_ARGUMENTS,
"only RSA algorithm supported");
@@ -2944,13 +2948,13 @@ pgp_update_card_algorithms(sc_card_t *card, sc_cardctl_openpgp_keygen_info_t *ke
{
sc_algorithm_info_t *algo;
u8 id = key_info->key_id;
+ struct pgp_priv_data *priv = DRVDATA(card);
LOG_FUNC_CALLED(card->ctx);
/* protect incompatible cards against non-RSA */
if (key_info->algorithm != SC_OPENPGP_KEYALGO_RSA
- && card->type < SC_CARD_TYPE_OPENPGP_V3
- && card->type != SC_CARD_TYPE_OPENPGP_GNUK)
+ && priv->bcd_version < OPENPGP_CARD_3_0)
LOG_FUNC_RETURN(card->ctx, SC_ERROR_NOT_SUPPORTED);
if (id > card->algorithm_count) {
@@ -2992,13 +2996,13 @@ pgp_gen_key(sc_card_t *card, sc_cardctl_openpgp_keygen_info_t *key_info)
size_t apdu_le;
size_t resplen = 0;
int r = SC_SUCCESS;
+ struct pgp_priv_data *priv = DRVDATA(card);
LOG_FUNC_CALLED(card->ctx);
/* protect incompatible cards against non-RSA */
if (key_info->algorithm != SC_OPENPGP_KEYALGO_RSA
- && card->type < SC_CARD_TYPE_OPENPGP_V3
- && card->type != SC_CARD_TYPE_OPENPGP_GNUK)
+ && priv->bcd_version < OPENPGP_CARD_3_0)
LOG_FUNC_RETURN(card->ctx, SC_ERROR_NOT_SUPPORTED);
if (key_info->algorithm == SC_OPENPGP_KEYALGO_EDDSA
&& card->type != SC_CARD_TYPE_OPENPGP_GNUK)
@@ -3358,13 +3362,13 @@ pgp_store_key(sc_card_t *card, sc_cardctl_openpgp_keystore_info_t *key_info)
u8 *data = NULL;
size_t len = 0;
int r;
+ struct pgp_priv_data *priv = DRVDATA(card);
LOG_FUNC_CALLED(card->ctx);
/* protect incompatible cards against non-RSA */
if (key_info->algorithm != SC_OPENPGP_KEYALGO_RSA
- && card->type < SC_CARD_TYPE_OPENPGP_V3
- && card->type != SC_CARD_TYPE_OPENPGP_GNUK)
+ && priv->bcd_version < OPENPGP_CARD_3_0)
LOG_FUNC_RETURN(card->ctx, SC_ERROR_NOT_SUPPORTED);
/* Validate */
From 9eccc1494d8303ffe42beb772732df218875e3ac Mon Sep 17 00:00:00 2001
From: Frank Morgner <frankmorgner@gmail.com>
Date: Fri, 14 Apr 2023 12:09:55 +0200
Subject: [PATCH 2/2] openpgp: ignore errors on SELECT DATA for OpenPGP 2 and
below
fixes https://github.com/OpenSC/OpenSC/issues/2752
---
src/libopensc/pkcs15-openpgp.c | 11 +++--------
1 file changed, 3 insertions(+), 8 deletions(-)
diff --git a/src/libopensc/pkcs15-openpgp.c b/src/libopensc/pkcs15-openpgp.c
index e2f3442238..9d3fd746a0 100644
--- a/src/libopensc/pkcs15-openpgp.c
+++ b/src/libopensc/pkcs15-openpgp.c
@@ -556,14 +556,9 @@ sc_pkcs15emu_openpgp_init(sc_pkcs15_card_t *p15card)
memset(&cert_info, 0, sizeof(cert_info));
memset(&cert_obj, 0, sizeof(cert_obj));
- /* only try to SELECT DATA for OpenPGP >= v3 */
- if (card->type >= SC_CARD_TYPE_OPENPGP_V3) {
- r = sc_card_ctl(card, SC_CARDCTL_OPENPGP_SELECT_DATA, &i);
- if (r < 0) {
- free(buffer);
- LOG_TEST_RET(card->ctx, r, "Failed OpenPGP - select data");
- }
- }
+ /* try to SELECT DATA. Will only work for OpenPGP >= v3, errors are non-critical */
+ sc_card_ctl(card, SC_CARDCTL_OPENPGP_SELECT_DATA, &i);
+
sc_format_path(certs[i].path, &cert_info.path);
/* Certificate ID. We use the same ID as the authentication key */
commit e8fba322a2f4d06ec5c74fe80f9e2b0e9fdefec6
Author: Jakub Jelen <jjelen@redhat.com>
Date: Fri May 19 16:49:00 2023 +0200
openpgp: Fix fingerprint calculation
fixes https://github.com/OpenSC/OpenSC/issues/2775
diff --git a/src/libopensc/card-openpgp.c b/src/libopensc/card-openpgp.c
index cc454cef..496e38e6 100644
--- a/src/libopensc/card-openpgp.c
+++ b/src/libopensc/card-openpgp.c
@@ -2697,15 +2697,23 @@ pgp_calculate_and_store_fingerprint(sc_card_t *card, time_t ctime,
/* RSA */
if (key_info->algorithm == SC_OPENPGP_KEYALGO_RSA) {
+ unsigned short bytes_length = 0;
+
*p = 1; /* Algorithm ID, RSA */
p += 1;
+
+ /* Modulus */
+ bytes_length = BYTES4BITS(key_info->u.rsa.modulus_len);
ushort2bebytes(p, (unsigned short)key_info->u.rsa.modulus_len);
p += 2;
- memcpy(p, key_info->u.rsa.modulus, (BYTES4BITS(key_info->u.rsa.modulus_len)));
- p += (key_info->u.rsa.modulus_len >> 3);
- ushort2bebytes(++p, (unsigned short)key_info->u.rsa.exponent_len);
+ memcpy(p, key_info->u.rsa.modulus, bytes_length);
+ p += bytes_length;
+
+ /* Exponent */
+ bytes_length = BYTES4BITS(key_info->u.rsa.exponent_len);
+ ushort2bebytes(p, (unsigned short)key_info->u.rsa.exponent_len);
p += 2;
- memcpy(p, key_info->u.rsa.exponent, (BYTES4BITS(key_info->u.rsa.exponent_len)));
+ memcpy(p, key_info->u.rsa.exponent, bytes_length);
}
/* ECC */
else if (key_info->algorithm == SC_OPENPGP_KEYALGO_ECDH
commit 891f10e49de1a5ee038b1cb2fb59dce40429e6c2
Author: Jakub Jelen <jjelen@redhat.com>
Date: Fri May 19 17:53:35 2023 +0200
openpgp: Fix modulus length calculation in pkc15init layer
diff --git a/src/libopensc/pkcs15.h b/src/libopensc/pkcs15.h
index 5a0a19c5..ba685a30 100644
--- a/src/libopensc/pkcs15.h
+++ b/src/libopensc/pkcs15.h
@@ -373,7 +373,7 @@ struct sc_pkcs15_prkey_info {
unsigned int usage, access_flags;
int native, key_reference;
/* convert to union if other types are supported */
- size_t modulus_length; /* RSA */
+ size_t modulus_length; /* RSA, in bits */
size_t field_length; /* EC in bits */
unsigned int algo_refs[SC_MAX_SUPPORTED_ALGORITHMS];
diff --git a/src/pkcs15init/pkcs15-openpgp.c b/src/pkcs15init/pkcs15-openpgp.c
index c75bcbda..3e060be5 100644
--- a/src/pkcs15init/pkcs15-openpgp.c
+++ b/src/pkcs15init/pkcs15-openpgp.c
@@ -235,7 +235,7 @@ static int openpgp_generate_key_rsa(sc_card_t *card, sc_pkcs15_object_t *obj,
/* Prepare buffer */
key_info.u.rsa.modulus_len = required->modulus_length;
- key_info.u.rsa.modulus = calloc(required->modulus_length >> 3, 1);
+ key_info.u.rsa.modulus = calloc(BYTES4BITS(required->modulus_length), 1);
if (key_info.u.rsa.modulus == NULL)
LOG_FUNC_RETURN(ctx, SC_ERROR_NOT_ENOUGH_MEMORY);
@@ -252,18 +252,18 @@ static int openpgp_generate_key_rsa(sc_card_t *card, sc_pkcs15_object_t *obj,
pubkey->algorithm = SC_ALGORITHM_RSA;
sc_log(ctx, "Set output modulus info");
- pubkey->u.rsa.modulus.len = key_info.u.rsa.modulus_len;
- pubkey->u.rsa.modulus.data = calloc(key_info.u.rsa.modulus_len, 1);
+ pubkey->u.rsa.modulus.len = BYTES4BITS(key_info.u.rsa.modulus_len);
+ pubkey->u.rsa.modulus.data = calloc(pubkey->u.rsa.modulus.len, 1);
if (pubkey->u.rsa.modulus.data == NULL)
goto err;
- memcpy(pubkey->u.rsa.modulus.data, key_info.u.rsa.modulus, key_info.u.rsa.modulus_len);
+ memcpy(pubkey->u.rsa.modulus.data, key_info.u.rsa.modulus, BYTES4BITS(key_info.u.rsa.modulus_len));
sc_log(ctx, "Set output exponent info");
- pubkey->u.rsa.exponent.len = key_info.u.rsa.exponent_len;
- pubkey->u.rsa.exponent.data = calloc(BYTES4BITS(key_info.u.rsa.exponent_len), 1);
+ pubkey->u.rsa.exponent.len = BYTES4BITS(key_info.u.rsa.exponent_len);
+ pubkey->u.rsa.exponent.data = calloc(pubkey->u.rsa.exponent.len, 1);
if (pubkey->u.rsa.exponent.data == NULL)
goto err;
- memcpy(pubkey->u.rsa.exponent.data, key_info.u.rsa.exponent, BYTES4BITS(key_info.u.rsa.exponent_len));
+ memcpy(pubkey->u.rsa.exponent.data, key_info.u.rsa.exponent, pubkey->u.rsa.exponent.len);
err:
free(key_info.u.rsa.modulus);

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1,107 @@
From 868f76fb31255fd3fdacfc3e476452efeb61c3e7 Mon Sep 17 00:00:00 2001
From: Frank Morgner <frankmorgner@gmail.com>
Date: Wed, 21 Jun 2023 12:27:23 +0200
Subject: [PATCH] Fixed PIN authentication bypass
If two processes are accessing a token, then one process may leave the
card usable with an authenticated PIN so that a key may sign/decrypt any
data. This is especially the case if the token does not support a way of
resetting the authentication status (logout).
We have some tracking of the authentication status in software via
PKCS#11, Minidriver (os-wise) and CryptoTokenKit, which is why a
PIN-prompt will appear even though the card may technically be unlocked
as described in the above example. However, before this change, an empty
PIN was not verified (likely yielding an error during PIN-verification),
but it was just checked whether the PIN is authenticated. This defeats
the purpose of the PIN verification, because an empty PIN is not the
correct one. Especially during OS Logon, we don't want that kind of
shortcut, but we want the user to verify the correct PIN (even though
the token was left unattended and authentication at the computer).
This essentially reverts commit e6f7373ef066cfab6e3162e8b5f692683db23864.
---
src/libopensc/pkcs15-pin.c | 13 -------------
1 file changed, 13 deletions(-)
diff --git a/src/libopensc/pkcs15-pin.c b/src/libopensc/pkcs15-pin.c
index 80a185fecd..393234efe4 100644
--- a/src/libopensc/pkcs15-pin.c
+++ b/src/libopensc/pkcs15-pin.c
@@ -307,19 +307,6 @@ sc_pkcs15_verify_pin(struct sc_pkcs15_card *p15card, struct sc_pkcs15_object *pi
LOG_FUNC_RETURN(ctx, SC_ERROR_INVALID_PIN_REFERENCE);
auth_info = (struct sc_pkcs15_auth_info *)pin_obj->data;
- /*
- * if pin cache is disabled, we can get here with no PIN data.
- * in this case, to avoid error or unnecessary pin prompting on pinpad,
- * check if the PIN has been already verified and the access condition
- * is still open on card.
- */
- if (pinlen == 0) {
- r = sc_pkcs15_get_pin_info(p15card, pin_obj);
-
- if (r == SC_SUCCESS && auth_info->logged_in == SC_PIN_STATE_LOGGED_IN)
- LOG_FUNC_RETURN(ctx, r);
- }
-
r = _validate_pin(p15card, auth_info, pinlen);
if (r)
From 80cc5d30635f0d2c92b5099c0f9dc680d0ffce2f Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Tue, 24 Oct 2023 11:13:08 +0200
Subject: [PATCH] pkcs15init: Check login status before asking for a pin
The original code block from e6f7373 is still needed when pkcs15init
layer checks ACLs for PKCS#15 objects, but it should be kept out of
the libopensc, which is used for more authentication code paths
and can be used for PIN bypass.
---
src/libopensc/pkcs15-pin.c | 1 +
src/pkcs15init/pkcs15-lib.c | 16 ++++++++++++++++
2 files changed, 17 insertions(+)
diff --git a/src/libopensc/pkcs15-pin.c b/src/libopensc/pkcs15-pin.c
index 393234efe..b26e57236 100644
--- a/src/libopensc/pkcs15-pin.c
+++ b/src/libopensc/pkcs15-pin.c
@@ -307,6 +307,7 @@ sc_pkcs15_verify_pin(struct sc_pkcs15_card *p15card, struct sc_pkcs15_object *pi
LOG_FUNC_RETURN(ctx, SC_ERROR_INVALID_PIN_REFERENCE);
auth_info = (struct sc_pkcs15_auth_info *)pin_obj->data;
+ /* Check the provided pin matches pin requirements */
r = _validate_pin(p15card, auth_info, pinlen);
if (r)
diff --git a/src/pkcs15init/pkcs15-lib.c b/src/pkcs15init/pkcs15-lib.c
index 9148b83b5..cca11d1f1 100644
--- a/src/pkcs15init/pkcs15-lib.c
+++ b/src/pkcs15init/pkcs15-lib.c
@@ -3958,6 +3958,22 @@ sc_pkcs15init_verify_secret(struct sc_profile *profile, struct sc_pkcs15_card *p
found:
if (pin_obj) {
+ /*
+ * If pin cache is disabled or the reader is using pinpad, we can get here
+ * with no PIN data. This is ok as we can not asynchronously invoke the prompt
+ * (unless the pinpad is in use).
+ * In this case, check if the PIN has been already verified and
+ * the access condition is still open on card.
+ */
+ if (pinsize == 0) {
+ r = sc_pkcs15_get_pin_info(p15card, pin_obj);
+ /* update local copy of auth info */
+ memcpy(&auth_info, pin_obj->data, sizeof(auth_info));
+
+ if (r == SC_SUCCESS && auth_info.logged_in == SC_PIN_STATE_LOGGED_IN)
+ LOG_FUNC_RETURN(ctx, r);
+ }
+
r = sc_pkcs15_verify_pin(p15card, pin_obj, use_pinpad || pinsize == 0 ? NULL : pinbuf, use_pinpad ? 0 : pinsize);
LOG_TEST_RET(ctx, r, "Cannot validate pkcs15 PIN");
}
--
2.43.0

View File

@ -0,0 +1,212 @@
From 99f7b82f187ca3512ceae6270c391243d018fdac Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Thu, 1 Dec 2022 20:08:53 +0100
Subject: [PATCH 1/4] pkcs11-tool: Fix private key import
---
src/tools/pkcs11-tool.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/tools/pkcs11-tool.c b/src/tools/pkcs11-tool.c
index aae205fe2c..cfee8526d5 100644
--- a/src/tools/pkcs11-tool.c
+++ b/src/tools/pkcs11-tool.c
@@ -3669,13 +3669,13 @@ parse_rsa_pkey(EVP_PKEY *pkey, int private, struct rsakey_info *rsa)
RSA_get0_factors(r, &r_p, &r_q);
RSA_get0_crt_params(r, &r_dmp1, &r_dmq1, &r_iqmp);
#else
- if (EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_FACTOR1, &r_d) != 1 ||
+ if (EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_D, &r_d) != 1 ||
EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_FACTOR1, &r_p) != 1 ||
EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_FACTOR2, &r_q) != 1 ||
EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_EXPONENT1, &r_dmp1) != 1 ||
EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_EXPONENT2, &r_dmq1) != 1 ||
- EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_EXPONENT3, &r_iqmp) != 1) {
util_fatal("OpenSSL error during RSA private key parsing");
+ EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_COEFFICIENT1, &r_iqmp) != 1) {
}
#endif
RSA_GET_BN(rsa, private_exponent, r_d);
From 4a6e1d1dcd18757502027b1c5d2fb2cbaca28407 Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Thu, 1 Dec 2022 20:11:41 +0100
Subject: [PATCH 2/4] pkcs11-tool: Log more information on OpenSSL errors
---
src/tools/pkcs11-tool.c | 15 ++++++---------
1 file changed, 6 insertions(+), 9 deletions(-)
diff --git a/src/tools/pkcs11-tool.c b/src/tools/pkcs11-tool.c
index cfee8526d5..f2e6b1dd91 100644
--- a/src/tools/pkcs11-tool.c
+++ b/src/tools/pkcs11-tool.c
@@ -3641,10 +3641,8 @@ parse_rsa_pkey(EVP_PKEY *pkey, int private, struct rsakey_info *rsa)
const BIGNUM *r_dmp1, *r_dmq1, *r_iqmp;
r = EVP_PKEY_get1_RSA(pkey);
if (!r) {
- if (private)
- util_fatal("OpenSSL error during RSA private key parsing");
- else
- util_fatal("OpenSSL error during RSA public key parsing");
+ util_fatal("OpenSSL error during RSA %s key parsing: %s", private ? "private" : "public",
+ ERR_error_string(ERR_peek_last_error(), NULL));
}
RSA_get0_key(r, &r_n, &r_e, NULL);
@@ -3654,10 +3652,8 @@ parse_rsa_pkey(EVP_PKEY *pkey, int private, struct rsakey_info *rsa)
BIGNUM *r_dmp1 = NULL, *r_dmq1 = NULL, *r_iqmp = NULL;
if (EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_N, &r_n) != 1 ||
EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_E, &r_e) != 1) {
- if (private)
- util_fatal("OpenSSL error during RSA private key parsing");
- else
- util_fatal("OpenSSL error during RSA public key parsing");
+ util_fatal("OpenSSL error during RSA %s key parsing: %s", private ? "private" : "public",
+ ERR_error_string(ERR_peek_last_error(), NULL));
}
#endif
RSA_GET_BN(rsa, modulus, r_n);
@@ -3674,8 +3670,9 @@ parse_rsa_pkey(EVP_PKEY *pkey, int private, struct rsakey_info *rsa)
EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_FACTOR2, &r_q) != 1 ||
EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_EXPONENT1, &r_dmp1) != 1 ||
EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_EXPONENT2, &r_dmq1) != 1 ||
- util_fatal("OpenSSL error during RSA private key parsing");
EVP_PKEY_get_bn_param(pkey, OSSL_PKEY_PARAM_RSA_COEFFICIENT1, &r_iqmp) != 1) {
+ util_fatal("OpenSSL error during RSA private key parsing: %s",
+ ERR_error_string(ERR_peek_last_error(), NULL));
}
#endif
RSA_GET_BN(rsa, private_exponent, r_d);
From 267da3e81f1fc23a9ccce1462ab5deb1a4d4aec5 Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Thu, 1 Dec 2022 20:38:31 +0100
Subject: [PATCH 3/4] Reproducer for broken pkcs11-tool key import
---
tests/Makefile.am | 10 ++++---
tests/test-pkcs11-tool-import.sh | 48 ++++++++++++++++++++++++++++++++
2 files changed, 54 insertions(+), 4 deletions(-)
create mode 100755 tests/test-pkcs11-tool-import.sh
diff --git a/tests/Makefile.am b/tests/Makefile.am
index d378e2ee00..9d8a24c321 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -14,8 +14,9 @@ dist_noinst_SCRIPTS = common.sh \
test-pkcs11-tool-test-threads.sh \
test-pkcs11-tool-sign-verify.sh \
test-pkcs11-tool-allowed-mechanisms.sh \
- test-pkcs11-tool-sym-crypt-test.sh\
- test-pkcs11-tool-unwrap-wrap-test.sh
+ test-pkcs11-tool-sym-crypt-test.sh \
+ test-pkcs11-tool-unwrap-wrap-test.sh \
+ test-pkcs11-tool-import.sh
.NOTPARALLEL:
TESTS = \
@@ -25,8 +26,9 @@ TESTS = \
test-pkcs11-tool-test.sh \
test-pkcs11-tool-test-threads.sh \
test-pkcs11-tool-allowed-mechanisms.sh \
- test-pkcs11-tool-sym-crypt-test.sh\
- test-pkcs11-tool-unwrap-wrap-test.sh
+ test-pkcs11-tool-sym-crypt-test.sh \
+ test-pkcs11-tool-unwrap-wrap-test.sh \
+ test-pkcs11-tool-import.sh
XFAIL_TESTS = \
test-pkcs11-tool-test-threads.sh \
test-pkcs11-tool-test.sh
diff --git a/tests/test-pkcs11-tool-import.sh b/tests/test-pkcs11-tool-import.sh
new file mode 100755
index 0000000000..76ff8e51be
--- /dev/null
+++ b/tests/test-pkcs11-tool-import.sh
@@ -0,0 +1,48 @@
+#!/bin/bash
+SOURCE_PATH=${SOURCE_PATH:-..}
+
+source $SOURCE_PATH/tests/common.sh
+
+echo "======================================================="
+echo "Setup SoftHSM"
+echo "======================================================="
+if [[ ! -f $P11LIB ]]; then
+ echo "WARNING: The SoftHSM is not installed. Can not run this test"
+ exit 77;
+fi
+card_setup
+
+ID="0100"
+OPTS=""
+for KEYTYPE in "RSA" "EC"; do
+ echo "======================================================="
+ echo "Generate and import $KEYTYPE keys"
+ echo "======================================================="
+ if [ "$KEYTYPE" == "RSA" ]; then
+ ID="0100"
+ elif [ "$KEYTYPE" == "EC" ]; then
+ ID="0200"
+ OPTS="-pkeyopt ec_paramgen_curve:P-521"
+ fi
+ openssl genpkey -out "${KEYTYPE}_private.der" -outform DER -algorithm $KEYTYPE $OPTS
+ assert $? "Failed to generate private $KEYTYPE key"
+ $PKCS11_TOOL --write-object "${KEYTYPE}_private.der" --id "$ID" --type privkey \
+ --label "$KEYTYPE" -p "$PIN" --module "$P11LIB"
+ assert $? "Failed to write private $KEYTYPE key"
+
+ openssl pkey -in "${KEYTYPE}_private.der" -out "${KEYTYPE}_public.der" -pubout -inform DER -outform DER
+ assert $? "Failed to convert private $KEYTYPE key to public"
+ $PKCS11_TOOL --write-object "${KEYTYPE}_public.der" --id "$ID" --type pubkey --label "$KEYTYPE" \
+ -p $PIN --module $P11LIB
+ assert $? "Failed to write public $KEYTYPE key"
+ # certificate import already tested in all other tests
+
+ rm "${KEYTYPE}_private.der" "${KEYTYPE}_public.der"
+done
+
+echo "======================================================="
+echo "Cleanup"
+echo "======================================================="
+card_cleanup
+
+exit $ERRORS
From 63a7bceeca43ece1eee201ef7a974b20b294ba4e Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jakuje@gmail.com>
Date: Fri, 2 Dec 2022 18:07:43 +0100
Subject: [PATCH 4/4] Simplify the new test
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Co-authored-by: Veronika Hanulíková <61348757+xhanulik@users.noreply.github.com>
---
tests/test-pkcs11-tool-import.sh | 8 +++-----
1 file changed, 3 insertions(+), 5 deletions(-)
diff --git a/tests/test-pkcs11-tool-import.sh b/tests/test-pkcs11-tool-import.sh
index 76ff8e51be..c90b3b4926 100755
--- a/tests/test-pkcs11-tool-import.sh
+++ b/tests/test-pkcs11-tool-import.sh
@@ -12,15 +12,13 @@ if [[ ! -f $P11LIB ]]; then
fi
card_setup
-ID="0100"
-OPTS=""
for KEYTYPE in "RSA" "EC"; do
echo "======================================================="
echo "Generate and import $KEYTYPE keys"
echo "======================================================="
- if [ "$KEYTYPE" == "RSA" ]; then
- ID="0100"
- elif [ "$KEYTYPE" == "EC" ]; then
+ ID="0100"
+ OPTS=""
+ if [ "$KEYTYPE" == "EC" ]; then
ID="0200"
OPTS="-pkeyopt ec_paramgen_curve:P-521"
fi

File diff suppressed because it is too large Load Diff

View File

@ -1,33 +0,0 @@
commit 6bc05d7037041e543d627248ca9df90723426ce1
Author: Jakub Jelen <jjelen@redhat.com>
Date: Tue Aug 10 16:30:40 2021 +0200
p11test: Fix invalid format string on 32b architectures
diff --git a/src/tests/p11test/p11test.c b/src/tests/p11test/p11test.c
index dbac167d..49de6a93 100644
--- a/src/tests/p11test/p11test.c
+++ b/src/tests/p11test/p11test.c
@@ -139,7 +139,7 @@ int main(int argc, char** argv) {
return -1;
}
- debug_print("Card info:\n\tPIN %s\n\tPIN LENGTH %lu\n\t",
+ debug_print("Card info:\n\tPIN %s\n\tPIN LENGTH %zu\n\t",
token.pin, token.pin_length);
return cmocka_run_group_tests(readonly_tests_without_initialization,
diff --git a/src/tests/p11test/p11test_case_pss_oaep.c b/src/tests/p11test/p11test_case_pss_oaep.c
index 1d876a5b..5a6ae9d0 100644
--- a/src/tests/p11test/p11test_case_pss_oaep.c
+++ b/src/tests/p11test/p11test_case_pss_oaep.c
@@ -402,7 +402,7 @@ int oaep_encrypt_decrypt_test(test_cert_t *o, token_info_t *info, test_mech_t *m
if (message_length < 0) {
mech->usage_flags &= ~CKF_DECRYPT;
debug_print(" [SKIP %s ] Too small modulus (%ld bits)"
- " or too large hash %s (%lu B) for OAEP", o->id_str,
+ " or too large hash %s (%zu B) for OAEP", o->id_str,
o->bits, get_mechanism_name(mech->hash),
get_hash_length(mech->hash));
return 0;

View File

@ -1,16 +0,0 @@
diff --git a/src/tools/opensc-explorer.c b/src/tools/opensc-explorer.c
index d251495c..e48f3189 100644
--- a/src/tools/opensc-explorer.c
+++ b/src/tools/opensc-explorer.c
@@ -2030,9 +2030,9 @@ static int do_put_data(int argc, char **argv)
static int do_apdu(int argc, char **argv)
{
sc_apdu_t apdu;
- u8 buf[SC_MAX_EXT_APDU_BUFFER_SIZE];
+ u8 buf[SC_MAX_EXT_APDU_BUFFER_SIZE] = {0};
u8 rbuf[SC_MAX_EXT_APDU_BUFFER_SIZE];
- size_t len, i;
+ size_t len = 0, i;
int r;
if (argc < 1)

View File

@ -2,8 +2,8 @@
%define nssdb %{_sysconfdir}/pki/nssdb
Name: opensc
Version: 0.22.0
Release: 2%{?dist}
Version: 0.23.0
Release: 3%{?dist}
Summary: Smart card library and applications
License: LGPLv2+
@ -11,16 +11,52 @@ URL: https://github.com/OpenSC/OpenSC/wiki
Source0: https://github.com/OpenSC/OpenSC/releases/download/%{version}/%{name}-%{version}.tar.gz
Source1: opensc.module
Patch1: opensc-0.19.0-pinpad.patch
# https://github.com/OpenSC/OpenSC/pull/2241/
Patch5: %{name}-gcc11.patch
# https://github.com/OpenSC/OpenSC/pull/2343
Patch7: %{name}-32b-arch.patch
# File caching by default (#2000626)
Patch8: %{name}-%{version}-file-cache.patch
# https://github.com/OpenSC/OpenSC/pull/2414 (#2007029)
Patch9: %{name}-%{version}-detect-empty.patch
Patch8: %{name}-0.22.0-file-cache.patch
# https://github.com/OpenSC/OpenSC/pull/2656
Patch9: %{name}-0.23.0-pkcs11-tool-import.patch
# https://github.com/OpenSC/OpenSC/pull/2712
Patch10: %{name}-0.23.0-openssl-ctx.patch
# https://github.com/OpenSC/OpenSC/pull/2753
# https://github.com/OpenSC/OpenSC/commit/e8fba322a2f4d06ec5c74fe80f9e2b0e9fdefec6
# https://github.com/OpenSC/OpenSC/commit/891f10e49de1a5ee038b1cb2fb59dce40429e6c2
Patch11: %{name}-0.23.0-openpgp.patch
# https://github.com/OpenSC/OpenSC/commit/81944d1529202bd28359bede57c0a15deb65ba8a
Patch12: %{name}-0.23.0-cardos-pkcs15init.patch
# https://github.com/OpenSC/OpenSC/commit/bff98ff078a99e6864ba1a598fd7dc9af4a9476b
# https://github.com/OpenSC/OpenSC/commit/0875c69295ef28b45fb682b37cede58fc36b7a1a
Patch13: %{name}-0.23.0-cache-offsets.patch
# https://github.com/OpenSC/OpenSC/commit/868f76fb31255fd3fdacfc3e476452efeb61c3e7
# https://github.com/OpenSC/OpenSC/commit/80cc5d30635f0d2c92b5099c0f9dc680d0ffce2f
Patch14: %{name}-0.23.0-pin-bypass.patch
# https://github.com/OpenSC/OpenSC/commit/245efe608d083fd4e4ec96793fdefd218e26fde7
# https://github.com/OpenSC/OpenSC/commit/440ca666eff10cc7011901252d20f3fc4ea23651
# https://github.com/OpenSC/OpenSC/commit/41d61da8481582e12710b5858f8b635e0a71ab5e
# https://github.com/OpenSC/OpenSC/commit/88880db0307a07e33cf2e1592bb029e9c170dfea
# https://github.com/OpenSC/OpenSC/commit/638a5007a5d240d6fa901aa822cfeef94fe36e85
# https://github.com/OpenSC/OpenSC/commit/c449a181a6988cc1e8dc8764d23574e48cdc3fa6
# https://github.com/OpenSC/OpenSC/commit/5631e9843c832a99769def85b7b9b68b4e3e3959
# https://github.com/OpenSC/OpenSC/commit/e7f81d86dcdc751f4737f4b29a99bfc54d29c5c9
# https://github.com/OpenSC/OpenSC/commit/df5a176bfdf8c52ba89c7fef1f82f6f3b9312bc1
# https://github.com/OpenSC/OpenSC/commit/578aed8391ef117ca64a9e0cba8e5c264368a0ec
# https://github.com/OpenSC/OpenSC/commit/4013a807492568bf9907cfb3df41f130ac83c7b9
# https://github.com/OpenSC/OpenSC/commit/09164045facaeae193feb48d9c2fc5cc4321e8a
# https://github.com/OpenSC/OpenSC/commit/fc2c20c3f895569eeb58328bb882aec07325d3b
# https://github.com/OpenSC/OpenSC/commit/3b9129bd3cfc6ac57d5554e015c3df85f5076dc
# https://github.com/OpenSC/OpenSC/commit/bda61d0d276dc98b9d1d1e6810bbd21d19e3859
# https://github.com/OpenSC/OpenSC/commit/a4921ab23fd0853f327517636c50de947548161
# https://github.com/OpenSC/OpenSC/commit/085994384a7171c5c68f6718d9db10ed77c5af1
# https://github.com/OpenSC/OpenSC/commit/0f0985f6343eeac4044661d56807ee9286db42c
# https://github.com/OpenSC/OpenSC/commit/5f6370a35f151497838628f78111087eb8e7ff1
# https://github.com/OpenSC/OpenSC/commit/fbff25ec6c6d0ad3f8df76f57210698f7947fc3
Patch15: %{name}-0.23.0-pkcs15init.patch
# https://github.com/OpenSC/OpenSC/commit/cde2e050ec4f2f1b7db38429aa4e9c0f4656308c
# https://github.com/OpenSC/OpenSC/commit/f1993dc4e0b33050b8f72a3558ee88b24c4063b2
Patch16: %{name}-0.23.0-myeid-sym.patch
# https://github.com/OpenSC/OpenSC/pull/2948
Patch17: %{name}-0.23.0-constant-time-pkcs1.5.patch
BuildRequires: make
BuildRequires: make
BuildRequires: pcsc-lite-devel
BuildRequires: readline-devel
BuildRequires: openssl-devel
@ -31,6 +67,7 @@ BuildRequires: bash-completion
BuildRequires: zlib-devel
# For tests
BuildRequires: libcmocka-devel
BuildRequires: vim-common
%if ! 0%{?rhel}
BuildRequires: softhsm
%endif
@ -56,10 +93,16 @@ every software/card that does so, too.
%prep
%setup -q
%patch1 -p1 -b .pinpad
%patch5 -p1 -b .gcc11
%patch7 -p1 -b .32b
%patch8 -p1 -b .file-cache
%patch9 -p1 -b .detect-empty
%patch9 -p1 -b .pkcs11-tool-import
%patch10 -p1 -b .ossl3context
%patch11 -p1 -b .openpgp
%patch12 -p1 -b .cardos-pkcs15init
%patch13 -p1 -b .cache-offsets
%patch14 -p1 -b .pin-bypass
%patch15 -p1 -b .pkcs15init
%patch16 -p1 -b .myeid-sym
%patch17 -p1 -b .constant-time-pkcs1
cp -p src/pkcs15init/README ./README.pkcs15init
cp -p src/scconf/README.scconf .
@ -75,21 +118,19 @@ sed -i -e 's/opensc.conf/opensc-%{_arch}.conf/g' src/libopensc/Makefile.in
sed -i -e 's|"/lib /usr/lib\b|"/%{_lib} %{_libdir}|' configure # lib64 rpaths
%set_build_flags
CFLAGS="$CFLAGS -Wstrict-aliasing=2 -Wno-deprecated-declarations"
%configure --disable-static \
%configure --disable-static \
--disable-autostart-items \
--disable-notify \
--disable-assert \
--enable-pcsc \
--enable-cmocka \
--enable-sm \
--with-pcsc-provider=libpcsclite.so.1
--enable-sm
%make_build
%check
make check
%install
%make_install
install -Dpm 644 %{SOURCE1} $RPM_BUILD_ROOT%{_datadir}/p11-kit/modules/opensc.module
@ -119,9 +160,6 @@ rm -f $RPM_BUILD_ROOT%{_libdir}/libopensc.so
# remove the .pc file so we do not confuse users #1673139
rm -f $RPM_BUILD_ROOT%{_libdir}/pkgconfig/*.pc
rm -f $RPM_BUILD_ROOT%{_libdir}/libsmm-local.so
%if 0%{?rhel} && 0%{?rhel} < 7
rm -rf %{buildroot}%{_datadir}/bash-completion/
%endif
# the npa-tool builds to nothing since we do not have OpenPACE library
rm -rf %{buildroot}%{_bindir}/npa-tool
@ -132,7 +170,6 @@ rm -rf %{buildroot}%{_bindir}/pkcs11-register
rm -rf %{buildroot}%{_mandir}/man1/pkcs11-register.1*
# Remove the notification files
rm %{buildroot}%{_bindir}/opensc-notify
rm %{buildroot}%{_datadir}/applications/org.opensc.notify.desktop
rm %{buildroot}%{_mandir}/man1/opensc-notify.1*
@ -140,9 +177,7 @@ rm %{buildroot}%{_mandir}/man1/opensc-notify.1*
%files
%doc COPYING NEWS README*
%if ! 0%{?rhel} || 0%{?rhel} >= 7
%{_datadir}/bash-completion/*
%endif
%ifarch %{ix86}
%{_mandir}/man5/opensc-%{_arch}.conf.5*
@ -209,6 +244,21 @@ rm %{buildroot}%{_mandir}/man1/opensc-notify.1*
%changelog
* Thu Nov 30 2023 Jakub Jelen <jjelen@redhat.com> - 0.23.0-3
- Fix file caching with different offsets (RHEL-4079)
- Fix CVE-2023-40660: Potential PIN bypass
- Fix CVE-2023-40661: Dynamic analyzers reports in pkcs15init
- Fix CVE-2023-4535: Out-of-bounds read in MyEID driver handling encryption using symmetric keys
- Fix CVE-2023-5992: Side-channel leaks while stripping encryption PKCS#1.5 padding
* Thu May 25 2023 Jakub Jelen <jjelen@redhat.com> - 0.23.0-2
- Fix regression in handling OpenPGP cards
- Fix CVE-2023-2977: buffer overrun in pkcs15init for cardos
* Wed Mar 08 2023 Jakub Jelen <jjelen@redhat.com> - 0.23.0-1
- Rebase to latest 0.23.0 release (#2100409)
- Use separate OpenSSL context to work better from inside of OpenSSL providers
* Fri Oct 08 2021 Jakub Jelen <jjelen@redhat.com> - 0.22.0-2
- Unbreak detection of unentrolled smart cards (#2007029)
- Enable file caching by default except for pkcs15-init (#2000626)