Hi,
I created the final 0.11.7 release file and
wrote release notes / a security advisory,
and got a CVE number from debian.
If any native english speaker (or someone with
better english skills) could review the text and
improve it (typo, grammar etc.), that would be
very welcome.
I will post this to the mailing lists for opensc
and the security mailing lists later today.
Thanks, Andreas
OpenSC today released a new version OpenSC 0.11.7 with these changes:
* hide_empty_slots now on by default.
* pinpad supported fixed for Mac OS X.
* ruToken driver was updated.
* openct virtual readers reduced to 2 by default.
* link with iconv on Mac OS X for i18n support.
* Security issue: Fix private data support.
* Enable lock_login by default.
* Disable allow_soft_keygen by default.
Regards, Andreas Jellinghaus
a...@opensc-project.org
Security update for OpenSC
==========================
OpenSC Security Advisory [26-Feb-2009] CVE-2009-0368
----------------------------------------------------
OpenSC stores private data without proper access restrictions.
User "b.badrignans" reported this security problem on december 4th, 2008.
In june 2007 support form privata data objects was added to OpenSC. Only later
a severe security bug was found out: while the OpenSC PKCS#11 implementation
requires PIN verification to access the data, low level APDU commands or
debugging
tools like opensc-explorer or opensc-tool can access the private data without
any authentication. This was fixed in OpenSC 0.11.7.
RSA keys are not affected by this security problem. National eID cards and other
cards initialized by other software are not affected by this problem. Only
blank cards initialized with OpenSC are affected by this problem. It is not
known
if the problem is limited to some drivers, but we believe all drivers are
affected.
We could only test very few cards, but all of them had the problem, and the fix
worked on all of them. All other cards are completely untest for either.
This fix only improves creating new private data objects. Cards already
initialized
with such private data objects need to be modified to repair the access control
conditions
on such cards. One way to do that is to erase the card and re-initialize it,
but doing
this you would loose all content on the card, including RSA private keys. An
alternative
is to download the private data object(s) to your PC, delete them on the card,
and store
them once more on the card with the new, fixed version of OpenSC. This
procedure has been
tested with success on some cards, but no guarrantee of any kind can be given.
WARNING! Only follow this procedure if you know what you are doing.
This could damage your card or erase all data on it! No warranty of any kind,
you are on your own! WARNING!
Testing your card:
To create a file with a secret:
echo "This is my secret data" > secret-file
To initialize a blank card:
pkcs15-init --create-pkcs15 --use-default-transport-keys \
--profile pkcs15+onepin --pin 123456 --puk 78907890
To write a private data object to the card:
pkcs11-tool --label "my secret" --type data --write-object secret-file \
--private --login --pin 123456
To see all objects on the card:
pkcs15-tool --dump
This will list the data object, including the path it is stored, for
example:
"Path: 3f0050154701"
To access such an object with low level tools:
opensc-explorer
cd 5015
get 4701
New versions of OpenSC will not allow this to succeed. For older versions
the
file name is usualy 4601 for the first data object (private or not), and it
is never protected, thus you can download the content with the get command.
After testing you can erase a card with this command:
pkcs15-init --erase-card --use-default-transport-keys
WARNING! Only follow this procedure if you know what you are doing.
This could damage your card or erase all data on it! No warranty of any kind,
you are on your own! WARNING!
Other security changes
----------------------
When OpenSC was created some cards could already create RSA keys on card,
but other popular cards could only execute signing and decryption on card,
but not create RSA key. The OpenSC code was written to use the hardware RSA
key creation, if the card supports it, and - to make things easier for everyone
-
to create an RSA key in software, if the card does not support it. This could
always be turned off with the "soft_keygen_allowed" in the config file.
We have not heard of any user of such old cards without the capability to create
RSA keys for a long time. Thus we changed the default of the soft_keygen_allowed
option to false in OpenSC 0.11.7. Users of Siemens CardOS based smart cards will
still need to turn this option on, if they want to use the "split-key" option
to work around limitations in the CardOS card operating system (not being able
to have RSA keys valid for both signing and decryption).
OpenSC used to lock access to a smart card, when applications used the Login
function with OpenSC. This option was disabled by default a while ago, because
popular applications like Firefox and Thunderbird call the Login function when
they are started (and OpenSC is configured as PKCS#11 module). If locking is
enabled, you cannot run both applications at the same time, as the first gets
the lock, and the second is stuck till the first application is quit. Also
you can't use any other application at the same time, for example you can't
use a screensaver with smart card authentication.
Still we revised this default setting in OpenSC 0.11.7 and enabled lock_login
by default. This will harm all users of several concurrent applications trying
to use smart cards. But without locking we cannot rule out the possibility of
a security issue in some race scenario. Also some applications seem to not work
properly without lock_login enabled.
Security fixes available
------------------------
http://www.opensc-project.org/files/opensc/opensc-0.11.7.tar.gz
md5sum opensc-0.11.7.tar.gz
419e9be372c2f9bbb3ce9704c929d5ec opensc-0.11.7.tar.gz
sha1sum opensc-0.11.7.tar.gz
f91f66bb350d94c07fb01e427c936ce56f1c7d0d opensc-0.11.7.tar.gz
sha256sum opensc-0.11.7.tar.gz
6dab273cbdba8e92c59207715199f48f4f9e541e6d873561e30154bd40c4011d
opensc-0.11.7.tar.gz
In our subversion repository the private data fix is available as revision 3605,
the new default settings are commited in revision 3604. Note however that we
can support
only released versions of OpenSC and current trunk. If you have a problem with
an older
version or patched version, you need to try the latest release.
State of OpenSC
===============
I believe that security software should be simple, well designed, well writen
and actively maintained by a dedicated team.
I'm sad to inform you that OpenSC is a rather large and complex software,
the design shows that is clearly grown over the years. Most developers stopped
being interested in smart cards many years ago, only few are left, of those
nearly noone actually uses smart cards day to day. Time for improving OpenSC
is scarce if it exists at all, and not a single developer knows the OpenSC
core code in detail.
OpenSC is working fine for some applications, like using it with openssh
for smart card authenticated ssh login, or for console login with a pam module,
or testing and learning about smart cards. But in general you need to judge
yourself if the state of OpenSC is compatible with your requirements.
The projects needs more developers and a new project maintainer. If you are
interested
in spending your free time to work with smart cards, we would like to welcome
you to
the project, and will try to help you and support your work.
Binary distributions
====================
Our Mac OS X Installer Package "SCA" is well maintained and a new version
including this new version will be available soon. Al versions up to and
including 0.2.4.1 are vulnerable, but the new experimental 0.2.5-pre1
and the final 0.2.5 will include the fixed OpenSC 0.11.7.
Our old Windows Installer Package "SCB" is also affected by this vulnerability:
All versions are affected. We don't have any windows developer left, so noone
can update this package.
New windows binaries build using mingw are available in the "Build" project.
Version 001
and 002 are both vulnerable, a new version 003 with OpenSC 0.11.7 will be soon
available.
Contact and Feedback
====================
If you have questions or feedback, please do not hesitate to contact us on our
mailing
lists "opensc-devel" or "opensc-user". You need to subscribe to these lists
before posting,
as we are getting a lot of spam each day and do not have the resource to sort
out valid email.
Regards, Andreas Jellinghaus
a...@opensc-project.org_______________________________________________
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel
