Skip to content

Fix issues with uninitialized object identifiiers with OpenPACE #2472

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
Jakuje merged 5 commits into from
Mar 1, 2022
Merged

Fix issues with uninitialized object identifiiers with OpenPACE #2472

Jakuje merged 5 commits into from
Mar 1, 2022

Conversation

@frankmorgner
Copy link
Member

@frankmorgner frankmorgner commented Dec 21, 2021
edited
Loading

fixes #2354

Checklist
  • Documentation is added or updated
  • PKCS#11 module is tested
  • Windows minidriver is tested
  • macOS tokend is tested

@frankmorgner frankmorgner force-pushed the openpace branch 3 times, most recently from 0199f91 to 4ea9ff0 Compare December 22, 2021 16:00
@frankmorgner frankmorgner changed the title update to new version of OpenPACE Fix issues with uninitialized object identifiiers with OpenPACE Dec 22, 2021
@frankmorgner frankmorgner marked this pull request as ready for review December 22, 2021 17:01
@frankmorgner frankmorgner mentioned this pull request Dec 22, 2021
Closed
@Jakuje
Copy link
Member

Jakuje commented Jan 6, 2022

OSX build here fails with:

sm-eac.c:417:45: error: implicit declaration of function 'EAC_OBJ_nid2obj' is invalid in C99 [-Werror,-Wimplicit-function-declaration]
                data->cryptographic_mechanism_reference = EAC_OBJ_nid2obj(protocol);
                                                          ^
sm-eac.c:417:45: note: did you mean 'OBJ_nid2obj'?
/Users/runner/work/OpenSC/OpenSC/openssl_bin/Library/OpenSC/include/openssl/objects.h:59:14: note: 'OBJ_nid2obj' declared here
ASN1_OBJECT *OBJ_nid2obj(int n);
             ^
sm-eac.c:417:43: error: incompatible integer to pointer conversion assigning to 'ASN1_OBJECT *' (aka 'struct asn1_object_st *') from 'int' [-Werror,-Wint-conversion]
                data->cryptographic_mechanism_reference = EAC_OBJ_nid2obj(protocol);
                                                        ^ ~~~~~~~~~~~~~~~~~~~~~~~~~
2 errors generated.

Is it something to be addressed with inside of the openpace or in opensc build?

@frankmorgner
Copy link
Member Author

frankmorgner commented Jan 6, 2022

thanks for the pointer. Using EAC_OBJ_nid2obj is intended as OpenPACE internally extends the object identifiers that may not be visible when the library is linked statically. that's why we ship a wrapper around this openssl function.

@frankmorgner frankmorgner force-pushed the openpace branch 2 times, most recently from ba65307 to ebbe63e Compare January 7, 2022 17:15
@frankmorgner
Copy link
Member Author

frankmorgner commented Jan 10, 2022

OSX build here fails with:

sm-eac.c:417:45: error: implicit declaration of function 'EAC_OBJ_nid2obj' is invalid in C99 [-Werror,-Wimplicit-function-declaration]
                data->cryptographic_mechanism_reference = EAC_OBJ_nid2obj(protocol);
                                                          ^
sm-eac.c:417:45: note: did you mean 'OBJ_nid2obj'?
/Users/runner/work/OpenSC/OpenSC/openssl_bin/Library/OpenSC/include/openssl/objects.h:59:14: note: 'OBJ_nid2obj' declared here
ASN1_OBJECT *OBJ_nid2obj(int n);
             ^
sm-eac.c:417:43: error: incompatible integer to pointer conversion assigning to 'ASN1_OBJECT *' (aka 'struct asn1_object_st *') from 'int' [-Werror,-Wint-conversion]
                data->cryptographic_mechanism_reference = EAC_OBJ_nid2obj(protocol);
                                                        ^ ~~~~~~~~~~~~~~~~~~~~~~~~~
2 errors generated.

Is it something to be addressed with inside of the openpace or in opensc build?

I've changed the code to check whether EAC_OBJ_nid2obj is available in that specific version of OpenPACE. Additionally, I've updated the OpenPACE version for macOS. The build is OK now 😉

@frankmorgner
update to new version of OpenPACE
0158f05
@frankmorgner
use openpace's object wrappers
2ce428d 
fixes OpenSC#2354
@frankmorgner
iso7816: relax error handling when reading by sfid
ce613f5 
assume success if we were able to read at least some amount of data
@frankmorgner
npa-tool: some more hints about MRTDs
fd2ed84
@frankmorgner
call EAC_init() when needed
2d2490c 
EAC_init() should be called before actually using OpenPACE. Move
EAC_init() to sm-eac.c so that it is not in responsibility of the card
driver anymore. The card driver, however, still needs to call EAC_init()
if it uses any OpenPACE specific code. Note that mulitple calls of
EAC_init() are allowed and don't add any overhead.
@frankmorgner
Copy link
Member Author

frankmorgner commented Feb 28, 2022

cleaned up the commits and rebased onto master

@Jakuje Jakuje merged commit e899b3a into OpenSC:master Mar 1, 2022
@xhanulik xhanulik mentioned this pull request Jul 12, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Jakuje Jakuje Jakuje approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

npa-tool.exe fails to perform pace authentication with can value

2 participants

@frankmorgner @Jakuje