Peter Jones
a4c64c8c21
Initialize C_Initialize's reader list to NULs.
...
valgrind --track-origins=true says:
==13529== Conditional jump or move depends on uninitialised value(s)
==13529== at 0x4AF92D1: PK11_MakeString (pk11slot.c:1073)
==13529== by 0x4AFA5AA: PK11_InitSlot (pk11slot.c:1456)
==13529== by 0x4AE315E: secmod_LoadPKCS11Module (pk11load.c:563)
==13529== by 0x4AEF68C: SECMOD_LoadModule (pk11pars.c:1838)
==13529== by 0x4AEF7C7: SECMOD_LoadModule (pk11pars.c:1874)
==13529== by 0x4ABCB6A: nss_InitModules (nssinit.c:464)
==13529== by 0x4ABCB6A: nss_Init (nssinit.c:689)
==13529== by 0x4ABD17C: NSS_Init (nssinit.c:824)
==13529== by 0x4059C0: main (pesign.c:354)
==13529== Uninitialised value was created by a stack allocation
==13529== at 0x484D175: C_Initialize (in /usr/lib64/libykcs11.so.1.5.0)
This is the result of a combination of two problems. In
ykcs11/utils.c:parse_readers(), the code does:
for (i = 0; i < len; i++)
if (readers[i] == '\0' && i != len - 1) {
But in ykcs11/ykcs11.c:C_Initialize(), the parts of readers[] that are
initialized are only the parts that have been populated; the rest of
the array is still just whatever value is on the stack. Additionally,
in lib/ykpiv.c:ykpiv_list_readers(), which populates the array, the
length is updated only in the case where the buffer is smaller than the
data, not when there is additional buffer but no data:
if (num_readers > *len) {
num_readers = (pcsc_word)*len;
}
The result is that if the amount of reader data is smaller than 2048
bytes, PK11_InitSlot() will try to find reader data in the rest of the
array, which has not been initialized.
This patch adds an initialization for the data to set it all '\0', and
also updates the length when there is excess buffer available.
Signed-off-by: Peter Jones <pjones@redhat.com >
2019-05-21 11:01:24 -04:00
Dave Pate
c61d6c6f23
lib: warn, but don't fail on error reading serial number or version
...
lib: fix Windows build with OpenSSL 1.1.1
ykcs11: fix size_t/unsigned long type mismatch on Windows x64
2019-05-06 14:46:46 -07:00
Dave Pate
7b64528cf7
lib: check tlv length encoding when reading complex data
2019-04-03 09:46:59 +02:00
Dave Pate
5113a5ed02
lib: tlv length buffer checks
2019-04-03 09:46:54 +02:00
Dave Pate
afbe1b2670
lib: handle realloc failures safely
2019-04-03 09:46:49 +02:00
Dave Pate
f37cf3f462
lib: clear secrets in set_protected_mgm
2019-04-03 09:46:41 +02:00
Dave Pate
7ff3007017
lib: clear secrets in ykpiv_import_private_key
2019-04-03 09:46:35 +02:00
Dave Pate
a10ab1ace5
lib: correct zero memory defines, correct overflow checks in _write_certificate
2019-04-03 09:46:27 +02:00
Dave Pate
c4dbf9d02c
lib: clear secrets in auth api
2019-04-03 09:46:20 +02:00
Dave Pate
340177f070
lib: check that serial/version checks occur during select
2019-04-03 09:46:15 +02:00
Dave Pate
934120888f
lib: define constant for max pin len magic numbers
...
lib: clear pin buffers when no longer used
2019-04-03 09:46:01 +02:00
Dave Pate
eb250134f8
lib: check internal authentication crypt errors
2019-04-03 09:45:57 +02:00
Dave Pate
b2dd16deb4
lib: clear buffers containing key material
2019-04-03 09:45:53 +02:00
Dave Pate
28189201a4
lib: use secure zero memory platform functions
2019-04-03 09:45:49 +02:00
Dave Pate
2e72c8f85c
lib: resolves potential reads of uninitialized data
2019-04-03 09:45:44 +02:00
Stacey Sheldon
811ddbb22d
CHUID: fix the encoding of the FASC-N data element in the CHUID
...
This is the hard-coded FASC-N field being used by yubico-piv-tool
[9999-9999-999999-0-1-0000000000300001]
S9999F9999F999999F0F1F0000000000300001E
It should be encoded as this sequence of 5-bit values
11010 (SS)
10011 10011 10011 10011 (9999)
10110 (FS)
10011 10011 10011 10011 (9999)
10110 (FS)
10011 10011 10011 10011 10011 10011 (999999)
10110 (FS)
00001 (0)
10110 (FS)
10000 (1)
10110 (FS)
00001 00001 00001 00001 00001 00001 00001 00001 00001 00001 (0000000000)
11001 (3)
00001 00001 00001 00001 (0000)
10000 (1)
11111 (ES)
01011 (LRC)
This packs into this 25-byte (200-bit) sequence of hex bytes:
d4 e7 39 da 73 9c ed 39 ce 73 9d 83 68 58 21 08
42 10 84 21 c8 42 10 c3 eb
2019-01-01 01:43:51 -05:00
Dave Pate
cbd5ba5122
libykpiv/piv-tool 1.6.3
...
lib: promote get_serial to base API
lib: add ykpiv_get_serial to external API
tool: add serial number/version to status command
build: fix msvc build of case insensitive-reader (missing strncasecmp and cast warnings)
lib: consolidate neo/yk4 + yk5 serial number routines
lib: fix GCC 8 compilier warnings
lib: reimplement deauthenticate to select mgmt aid
build: disable -Waggregate-return
lib: fix warning differences between gcc and msvc
lib: add option to disable implicit card transactions
lib: remove application reselect prior to crypt operations
build: fix msvc warnings wrt length checking logic fixes
lib: fix error condition logic in untransacted internal functions
lib: create internal transactionless ykpiv_transfer_data
2018-09-14 14:29:39 -07:00
Klas Lindfors
6e51db8c80
lib: make the reader comparison case-insensitive
...
sadly strcasestr is a GNU/BSD extension, not part of posix so we have to
do our own thing here or do different things on different platforms.
2018-09-07 12:57:10 +02:00
Klas Lindfors
16d539041e
ykpiv: when decoding an object compare lengths correctly
...
the length comparison when reading an object out was messed up, this
fixes it to compare correctly.
relates #154
2018-08-16 14:25:31 +02:00
Klas Lindfors
c15efbfdd7
ykpiv: fix length when encoding exactly 0xff bytes
...
this should be encoded as 81 ff, not 82 00 ff
relates #154
2018-08-16 14:25:14 +02:00
Jakub Jelen
d613b42b0c
Avoid unused variables and warnings when building against OpenSSL 1.1
2018-08-08 16:12:25 +02:00
Klas Lindfors
80d47c82f0
lib: in _ykpiv_fetch_object() handle bogus length by returning
...
otherwise we might memmove() to much data
Thanks to Eric Sesterhenn of x41 D-Sec for reporting this issue to us.
2018-08-03 10:51:46 +02:00
Klas Lindfors
01a127a44a
lib: in ykpiv_transfer_data() handle overflow by exiting
...
this is detected and printed, but we never exit the function
Thanks to Eric Sesterhenn of x41 D-Sec for reporting this issue to us.
2018-08-03 10:51:00 +02:00
Dave Pate
775eaacc9f
Merge upstream master commits
2018-03-05 11:32:25 -08:00
Dave Pate
b98f97ef62
Fixes linux/osx build warnings
...
Clarify logic for configuration file
2018-03-05 11:28:52 -08:00
Jakub Jelen
bbd92009fc
libcheck 0.9 compatibility for RHEL7
2018-02-27 15:40:31 +01:00
Jakub Jelen
dfca8e2e55
Remove unused variables
2018-02-27 15:40:31 +01:00
Jakub Jelen
f5c42cef89
Do not build test if HW_TESTS is not enabled (to avoid warnings)
2018-02-10 19:35:12 +01:00
Dave Pate
0b2dcb0aaf
Fix msvc build warning re: return values
2018-02-09 09:14:45 -08:00
Dave Pate
9783f9b626
Fix warnings in msvc build
2018-02-09 09:03:10 -08:00
Dave Pate
289896ac61
Add syslog/windows event log output
...
Read multistage configuration
Update ROCA mitigation check and warnings
2018-02-09 08:28:51 -08:00
Trevor Bentley
c9f4d684d1
Support specifying custom PCSC lib
2018-01-24 15:44:22 +01:00
Trevor Bentley
d5d953be95
Use library dependencies for openssl compat layer
2017-11-29 09:47:45 +00:00
Trevor Bentley
20a5ecce0f
Fix OpenSSL 1.1 build with mingw32/64
2017-11-27 11:27:11 +01:00
Trevor Bentley
7ca0267ddf
Fix OpenSSL 1.1 compat layer
...
- Changes for latest ykpiv_util refactor
- Passes hw tests with openssl 1.0 and 1.1
- Passes valgrind
2017-11-21 17:08:38 +01:00
Trevor Bentley
6a34b6ef96
Fix cross-compiling for mingw64
2017-11-17 16:13:15 +01:00
Trevor Bentley
aa3b69926b
Doxygen documentation for ykpiv_util_* API.
2017-11-08 11:38:27 +01:00
Trevor Bentley
3ce4f0ccae
Clean up typos, warnings, and incorrect libtool age.
2017-11-08 11:11:45 +01:00
Trevor Bentley
366de02ab1
Organize ykpiv.h, update NEWS file for 1.5.0
2017-11-03 16:15:13 +01:00
Trevor Bentley
c6abe7ac6d
Add integration test for PIN cache
2017-11-03 13:39:23 +01:00
Trevor Bentley
7818b49e7d
Skip unusable integration tests when testing a NEO
2017-10-31 15:40:51 +01:00
Trevor Bentley
c939cff518
Allow changing libykpiv compile-time ifdefs from CFLAGS
2017-10-31 12:34:15 +01:00
Trevor Bentley
252226220a
Disable ensure_application_selected() by default, since it breaks PIN policy.
2017-10-31 12:29:16 +01:00
Trevor Bentley
4eb6f1b193
Fix build on Linux
...
Signed-off-by: Trevor Bentley <trevor@yubico.com >
2017-10-26 17:03:35 +02:00
Dave Pate
999312e6b5
api: use uintptr_t for architecture specific handle sizes
2017-10-26 14:09:09 +02:00
Trevor Bentley
a7eb0657f1
Fix compile time warnings about -no-install on Darwin/clang
2017-10-26 12:37:05 +02:00
Trevor Bentley
05ac49abbb
Suppress sscanf_s error on Windows
2017-10-25 16:19:13 +02:00
Trevor Bentley
edda816abe
Remove accidental printf
2017-10-25 16:18:53 +02:00
Trevor Bentley
c2f86d0a0f
Move YK4 insecure on-chip key generation prevention from yubico-piv-tool to libykpiv
2017-10-24 15:59:44 +02:00
Trevor Bentley
15f533d7de
Move hardware tests to "make hwtest", with one warning for all test suites.
...
- "make check" will mark destructive tests as skipped
- "make hwtest" will ask once for user confirmation
2017-10-24 15:10:45 +02:00