OpenPGP: fixed state tracking after erasing card #3024

frankmorgner · 2024-02-12T20:53:57Z

Checklist

Documentation is added or updated
New files have a LGPL 2.1 license statement
PKCS#11 module is tested
Windows minidriver is tested
macOS tokend is tested

Jakuje · 2024-02-13T10:22:33Z

src/libopensc/card-openpgp.c

+		if (((info->access & READ_MASK) != READ_NEVER) && (info->get_fn != NULL)) {
+			pgp_blob_t *child = NULL;
+
+			child = pgp_new_blob(card, priv->mf, info->id, sc_file_new());


If the pgp_new_blob() fails, the memory allocated by sc_file_new() is leaked (yeah, it was in the original code too but as I noticed it, it would be good to fix it).

src/libopensc/card-openpgp.c

frankmorgner · 2024-02-13T13:01:11Z

thanks for the review. I'll look at the suggestions, when @arrowd confirms that it actually fixes the problem

arrowd · 2024-02-14T17:29:04Z

I will not be able to test this during this week, sorry, but I will certainly check this out later.

If I'm reading it right, this change would allow me to just do sc_disconnect_card + sc_connect_card to refresh the state?

frankmorgner · 2024-02-14T23:53:45Z

If I'm reading it right, this change would allow me to just do sc_disconnect_card + sc_connect_card to refresh the state?

No. If this works as expected, then you will get refreshed objects right after erasing the card without the need of reconnecting.

arrowd · 2024-02-15T05:44:12Z

The problem is not only with erasing.

The first post of #3018 shows a code that generates a keypair twice in a row, but it seemingly doesn't change until the reinsertion (physical or emulated with my hacks).

frankmorgner · 2024-02-15T07:20:42Z

please check if it works in case of erasing the card. If so, one case is fixed and you know where to poke.

arrowd · 2024-02-25T15:20:10Z

Sorry for taking this too long. The proposed change indeed improves things for both opensc-explorer and my daemon program. Erasing the card causes OPENPGP_ACCOUNT field to be reset immediately without the need to reinsert the token or to programmatically reset the reader via hacks.

The key information isn't updated, though.

frankmorgner · 2024-02-26T10:46:33Z

If I understand correctly, you are NOT referring to opensc-explorer with respect to the key inforamtion, since this isn't used anywhere here. I assume that opensc-explorer works as expected.

If you're talking about the card's profile which is readable via PKCS#11, we will only refresh that if modifications were executed via PKCS#11. If some concurrent process modifies the card, you need to C_Finalize and C_Initialize again to refresh the token information. Modification of the OpenPGP card via PKCS#11 is not completely implemented; in particular, erasing the card is currently not available:

OpenSC/src/pkcs15init/pkcs15-openpgp.c

Lines 45 to 48 in de5942f

    
           static int openpgp_erase(struct sc_profile *profile, sc_pkcs15_card_t *p15card) 
        
           { 
        
           	return SC_ERROR_NOT_SUPPORTED; 
        
           }

dengert · 2024-02-26T12:19:48Z

Modification of the OpenPGP card via PKCS#11 is not completely implemented; in particular, erasing the card is currently not available:

It might be easy to add. OpenPGP specs V3.4.1 (also in v.2.0 ) defines two optional commands
7.2.16 TERMINATE DF must be run first.
7.2.17 ACTIVATE FILE
"This optional command (announced in Life Cycle Status indicator in Historical bytes) can
be used to reset all values (DOs, Keys, PWs etc.) to their default values (after production/
initialisation)."

openpgp-tool.c uses SC_CARDCTL_ERASE_CARD to call https://github.com/OpenSC/OpenSC/blob/master/src/libopensc/card-openpgp.c#L3480-L3555

Accept for the pin code this comes down to the TERMINATE DF and ACTIVATE FILE commands.

@arrowd you could try these on your cards" opensc-tool -s "00 E6 00 00" -s "00 44 00 00"
but the could leave the card unusable

arrowd · 2024-02-26T12:56:53Z

If I understand correctly, you are NOT referring to opensc-explorer with respect to the key inforamtion, since this isn't used anywhere here. I assume that opensc-explorer works as expected.

Yes, the problem with opensc-explorer was

OpenSC [3F00]> cat 005e
00000000: 61 73 64 61 73 64 00 asdasd.
OpenSC [3F00]> erase
OpenSC [3F00]> cat 005e
00000000: 61 73 64 61 73 64 00 asdasd.

It now works correctly - nothing gets printed after erase is done.

If you're talking about the card's profile which is readable via PKCS#11, we will only refresh that if modifications were executed via PKCS#11. If some concurrent process modifies the card, you need to C_Finalize and C_Initialize again to refresh the token information.

There are no concurrent processes in my case. I just call C_GenerateKeyPair twice and the key doesn't change after the second call without reinserting/resetting hack. See #3018 (comment) after the "A related example with PKCS11 API is following" sentence.

C_Finalize was already suggested before, but it isn't a solution for me: #3018 (comment)

Modification of the OpenPGP card via PKCS#11 is not completely implemented; in particular, erasing the card is currently not available

Indeed, in my daemon I call sc_card_ctl(m_slot->p11card->card, SC_CARDCTL_ERASE_CARD, NULL) to reset the token. I tried C_InitToken but it didn't work.

you could try these on your cards" opensc-tool -s "00 E6 00 00" -s "00 44 00 00"
but the could leave the card unusable

What does 00 44 00 00 do in this case?

dengert · 2024-02-26T13:52:12Z

What does 00 44 00 00 do in this case?

7.2.17 ACTIVATE FILE
This optional command (announced in Life Cycle Status indicator in Historical bytes) can
be used to reset all values (DOs, Keys, PWs etc.) to their default values (after production/
initialisation). The command has effect only, if the life cycle status is in initialisation state
(indicator byte set to 03). If the command is used in operational state, it will end with status
bytes 9000, but nothing in the application will be changed (dummy command). The command
can be used directly after TERMINATE DF without resetting the card.
Command:
CLA 00 / 0C
INS 44
P1 00
P2 00
Lc Empty
Data
field
Empty
Le Empty
Response:
Data field Empty
SW1-SW2 9000 or specific status bytes
Example:
CLA INS P1 P2
00 44 00 00
SW1SW2
9000

dengert · 2024-02-26T14:26:00Z

00 44 00 00 "reset all values (DOs, Keys, PWs etc.) to their default values (after production/initialisation)" It is part of card-openpgp.c pgp_erase_card

If you then run opensc-explorer erase it may delete all the DOs which were just reset! I would suggest only use opensc-explorer to examine the card, not to change anything on it.

Modify pkcs15init/pkcs15-openpgp.c to call sc_card_ctl(m_slot->p11card->card, SC_CARDCTL_ERASE_CARD, NULL) (with changes as needed).

Modify libopensc/card-openpgp.c to make sure populate_blobs_to_mf is called at the end of pgp_erase_card

fixes OpenSC#3018

frankmorgner · 2024-02-27T02:58:36Z

I fixed the memory leaks and found some other minor fix. I'd like to leave this fix as is, because I doubt that we will get more insights without debugging.

Jakuje

lgtm. Do we want this in 0.25.0?

frankmorgner · 2024-02-27T10:05:18Z

It is not essential, so we can postpone this to the next release

New in 0.26.1; 2025-01-14 General improvements Align allocations of sc_mem_secure_alloc (OpenSC/OpenSC#3281) Fix -O3 gcc optimization failure on amd64 and ppc64el (OpenSC/OpenSC#3299) pkcs11-spy Avoid crash while spying C_GetInterface() (OpenSC/OpenSC#3275) TCOS Fix reading certificate (OpenSC/OpenSC#3296) New in 0.26.0; 2024-11-13 Security CVE-2024-45615: Usage of uninitialized values in libopensc and pkcs15init (OpenSC/OpenSC#3225) CVE-2024-45616: Uninitialized values after incorrect check or usage of APDU response values in libopensc (OpenSC/OpenSC#3225) CVE-2024-45617: Uninitialized values after incorrect or missing checking return values of functions in libopensc (OpenSC/OpenSC#3225) CVE-2024-45618: Uninitialized values after incorrect or missing checking return values of functions in pkcs15init (OpenSC/OpenSC#3225) CVE-2024-45619: Incorrect handling length of buffers or files in libopensc (OpenSC/OpenSC#3225) CVE-2024-45620: Incorrect handling of the length of buffers or files in pkcs15init (OpenSC/OpenSC#3225) CVE-2024-8443: Heap buffer overflow in OpenPGP driver when generating key (OpenSC/OpenSC#3219) General improvements Fix reselection of DF after error in PKCSOpenSC/OpenSC#15 layer (OpenSC/OpenSC#3067) Unify OpenSSL logging throughout code (OpenSC/OpenSC#2922) Extend the p11test to support kryoptic (OpenSC/OpenSC#3141) Fix for error in PCSC reconnection (OpenSC/OpenSC#3150) Fixed various issues reported by OSS-Fuzz and Coverity in drivers, PKCS#11 and PKCS#15 layer PKCS#15 Documentation for PKCS#15 profile files (OpenSC/OpenSC#3132) minidriver Support PinCacheAlwaysPrompt usable for PIV cards (OpenSC/OpenSC#3167) pkcs11-tool Show URI when listing token information (OpenSC/OpenSC#3125) and objects (OpenSC/OpenSC#3130) Do not limit size of objects to 5000 bytes (OpenSC/OpenSC#3174) Add support for AES CMAC (OpenSC/OpenSC#3184) Add support for AES GCM encryption (OpenSC/OpenSC#3195) Add support for RSA OAEP encryption (OpenSC/OpenSC#3175) Add support for HKDF (OpenSC/OpenSC#3193) Implement better support for wrapping and unwrapping (OpenSC/OpenSC#3198) Add support for EdDSA sign and verify (OpenSC/OpenSC#2979) pkcs15-crypt Fix PKCS#1 encoding function to correctly detect padding type (OpenSC/OpenSC#3075) piv-tool Fix RSA key generation (OpenSC/OpenSC#3158) Avoid possible state change when matching unknown card (OpenSC/OpenSC#3112) sc-hsm-tool Cleanse buffer with plaintext key share (OpenSC/OpenSC#3226) pkcs11-register Fix pkcs11-register defaults on macOS and Windows (OpenSC/OpenSC#3053) IDPrime Fix identification of IDPrime 840 cards (OpenSC/OpenSC#3146) Fix container mapping for IDPrime 940 cards (OpenSC/OpenSC#3220) Reorder ATRs for matching cards (OpenSC/OpenSC#3154) OpenPGP Fix state tracking after erasing card (OpenSC/OpenSC#3024) Belpic Disable Applet V1.8 (OpenSC/OpenSC#3109) MICARDO Deactivate driver (OpenSC/OpenSC#3152) SmartCard-HSM Fix signing with secp521r1 signature (OpenSC/OpenSC#3157) eOI Set model via sc_card_ctl function (OpenSC/OpenSC#3189) Rutoken increase the minimum PIN size to support Rutoken ECP BIO (OpenSC/OpenSC#3208) JPKI Adjust parameters for public key in PKCS#15 emulator (OpenSC/OpenSC#3182) D-Trust Add support for ECDSA signatures and ECDH key agreement for D-Trust Signatures Cards 4.1/4.4 (OpenSC/OpenSC#3240, OpenSC/OpenSC#openwrt#3248) Signed-off-by: Daniel Golle <[email protected]>

New in 0.26.1; 2025-01-14 General improvements Align allocations of sc_mem_secure_alloc (OpenSC/OpenSC#3281) Fix -O3 gcc optimization failure on amd64 and ppc64el (OpenSC/OpenSC#3299) pkcs11-spy Avoid crash while spying C_GetInterface() (OpenSC/OpenSC#3275) TCOS Fix reading certificate (OpenSC/OpenSC#3296) New in 0.26.0; 2024-11-13 Security CVE-2024-45615: Usage of uninitialized values in libopensc and pkcs15init (OpenSC/OpenSC#3225) CVE-2024-45616: Uninitialized values after incorrect check or usage of APDU response values in libopensc (OpenSC/OpenSC#3225) CVE-2024-45617: Uninitialized values after incorrect or missing checking return values of functions in libopensc (OpenSC/OpenSC#3225) CVE-2024-45618: Uninitialized values after incorrect or missing checking return values of functions in pkcs15init (OpenSC/OpenSC#3225) CVE-2024-45619: Incorrect handling length of buffers or files in libopensc (OpenSC/OpenSC#3225) CVE-2024-45620: Incorrect handling of the length of buffers or files in pkcs15init (OpenSC/OpenSC#3225) CVE-2024-8443: Heap buffer overflow in OpenPGP driver when generating key (OpenSC/OpenSC#3219) General improvements Fix reselection of DF after error in PKCSOpenSC/OpenSC#15 layer (OpenSC/OpenSC#3067) Unify OpenSSL logging throughout code (OpenSC/OpenSC#2922) Extend the p11test to support kryoptic (OpenSC/OpenSC#3141) Fix for error in PCSC reconnection (OpenSC/OpenSC#3150) Fixed various issues reported by OSS-Fuzz and Coverity in drivers, PKCS#11 and PKCS#15 layer PKCS#15 Documentation for PKCS#15 profile files (OpenSC/OpenSC#3132) minidriver Support PinCacheAlwaysPrompt usable for PIV cards (OpenSC/OpenSC#3167) pkcs11-tool Show URI when listing token information (OpenSC/OpenSC#3125) and objects (OpenSC/OpenSC#3130) Do not limit size of objects to 5000 bytes (OpenSC/OpenSC#3174) Add support for AES CMAC (OpenSC/OpenSC#3184) Add support for AES GCM encryption (OpenSC/OpenSC#3195) Add support for RSA OAEP encryption (OpenSC/OpenSC#3175) Add support for HKDF (OpenSC/OpenSC#3193) Implement better support for wrapping and unwrapping (OpenSC/OpenSC#3198) Add support for EdDSA sign and verify (OpenSC/OpenSC#2979) pkcs15-crypt Fix PKCS#1 encoding function to correctly detect padding type (OpenSC/OpenSC#3075) piv-tool Fix RSA key generation (OpenSC/OpenSC#3158) Avoid possible state change when matching unknown card (OpenSC/OpenSC#3112) sc-hsm-tool Cleanse buffer with plaintext key share (OpenSC/OpenSC#3226) pkcs11-register Fix pkcs11-register defaults on macOS and Windows (OpenSC/OpenSC#3053) IDPrime Fix identification of IDPrime 840 cards (OpenSC/OpenSC#3146) Fix container mapping for IDPrime 940 cards (OpenSC/OpenSC#3220) Reorder ATRs for matching cards (OpenSC/OpenSC#3154) OpenPGP Fix state tracking after erasing card (OpenSC/OpenSC#3024) Belpic Disable Applet V1.8 (OpenSC/OpenSC#3109) MICARDO Deactivate driver (OpenSC/OpenSC#3152) SmartCard-HSM Fix signing with secp521r1 signature (OpenSC/OpenSC#3157) eOI Set model via sc_card_ctl function (OpenSC/OpenSC#3189) Rutoken increase the minimum PIN size to support Rutoken ECP BIO (OpenSC/OpenSC#3208) JPKI Adjust parameters for public key in PKCS#15 emulator (OpenSC/OpenSC#3182) D-Trust Add support for ECDSA signatures and ECDH key agreement for D-Trust Signatures Cards 4.1/4.4 (OpenSC/OpenSC#3240, OpenSC/OpenSC##3248) Signed-off-by: Daniel Golle <[email protected]>

frankmorgner mentioned this pull request Feb 12, 2024

Resetting library state #3018

Closed

Jakuje reviewed Feb 13, 2024

View reviewed changes

OpenPGP: fixed state tracking after erasing card

5a7139b

fixes OpenSC#3018

frankmorgner force-pushed the pgp-cache branch from 064af69 to 5a7139b Compare February 27, 2024 01:21

fixed error handling

a151013

Jakuje approved these changes Feb 27, 2024

View reviewed changes

frankmorgner merged commit d2cbd63 into OpenSC:master Mar 11, 2024

xhanulik mentioned this pull request Aug 29, 2024

Towards new release 0.26.0 #3223

Closed

OpenPGP: fixed state tracking after erasing card #3024

OpenPGP: fixed state tracking after erasing card #3024

Uh oh!

Conversation

frankmorgner commented Feb 12, 2024

Checklist

Uh oh!

Jakuje Feb 13, 2024

Choose a reason for hiding this comment

Uh oh!

Uh oh!

frankmorgner commented Feb 13, 2024

Uh oh!

arrowd commented Feb 14, 2024

Uh oh!

frankmorgner commented Feb 14, 2024

Uh oh!

arrowd commented Feb 15, 2024

Uh oh!

frankmorgner commented Feb 15, 2024

Uh oh!

arrowd commented Feb 25, 2024

Uh oh!

frankmorgner commented Feb 26, 2024

Uh oh!

dengert commented Feb 26, 2024

Uh oh!

arrowd commented Feb 26, 2024

Uh oh!

dengert commented Feb 26, 2024

Uh oh!

dengert commented Feb 26, 2024

Uh oh!

frankmorgner commented Feb 27, 2024

Uh oh!

Jakuje left a comment

Choose a reason for hiding this comment

Uh oh!

frankmorgner commented Feb 27, 2024

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

4 participants