diff options
| author | Tijl Coosemans <tijl@FreeBSD.org> | 2014-04-16 20:07:15 +0000 |
|---|---|---|
| committer | Tijl Coosemans <tijl@FreeBSD.org> | 2014-04-16 20:07:15 +0000 |
| commit | 1cde9babac1cc2242490e1477b4e6d820fdf1e9a (patch) | |
| tree | e3fa4b8e36890b37f5b4928a60728f9beda1d7b5 /security/libbeid | |
| parent | ed04a3f9a74bff2cd35fc09a5b15bfdb69497526 (diff) | |
Notes
Diffstat (limited to 'security/libbeid')
| -rw-r--r-- | security/libbeid/Makefile | 33 | ||||
| -rw-r--r-- | security/libbeid/distinfo | 2 | ||||
| -rw-r--r-- | security/libbeid/files/patch-cardlayer | 111 | ||||
| -rw-r--r-- | security/libbeid/files/patch-common | 183 | ||||
| -rw-r--r-- | security/libbeid/files/patch-dialogs | 404 | ||||
| -rw-r--r-- | security/libbeid/files/patch-pkcs11 | 171 | ||||
| -rw-r--r-- | security/libbeid/pkg-descr | 4 | ||||
| -rw-r--r-- | security/libbeid/pkg-message | 19 | ||||
| -rw-r--r-- | security/libbeid/pkg-plist | 14 |
9 files changed, 941 insertions, 0 deletions
diff --git a/security/libbeid/Makefile b/security/libbeid/Makefile new file mode 100644 index 000000000000..51676d48588d --- /dev/null +++ b/security/libbeid/Makefile @@ -0,0 +1,33 @@ +# $FreeBSD$ + +PORTNAME= libbeid +PORTVERSION= 4.0.6.1457 +CATEGORIES= security +MASTER_SITES= http://tijl.fastmail.fm/mirror/ + +MAINTAINER= tijl@FreeBSD.org +COMMENT= Belgian eID support libraries + +LICENSE= LGPL3 + +LIB_DEPENDS= libpcsclite.so:${PORTSDIR}/devel/pcsc-lite + +USES= dos2unix libtool pkgconfig tar:xz +USE_AUTOTOOLS= autoconf:env automake:env libtoolize:env +USE_GNOME= gtk20 + +DOS2UNIX_FILES= common/src/datafile.cpp common/src/logbase.cpp \ + common/src/util.cpp dialogs/src/dialogs.h pkcs11/src/asn1.c \ + pkcs11/src/log.h pkcs11/src/cal.cpp pkcs11/src/cal.h + +GNU_CONFIGURE= yes +CONFIGURE_ARGS= --disable-static + +post-patch: + @${REINPLACE_CMD} -e '/svn_revision/d' -e '/SUBDIRS/s/xpi//' \ + ${WRKSRC}/Makefile.am ${WRKSRC}/configure.ac + +pre-configure: + @(cd ${WRKSRC} && ${AUTORECONF} -i -f) + +.include <bsd.port.mk> diff --git a/security/libbeid/distinfo b/security/libbeid/distinfo new file mode 100644 index 000000000000..15f0511436a5 --- /dev/null +++ b/security/libbeid/distinfo @@ -0,0 +1,2 @@ +SHA256 (libbeid-4.0.6.1457.tar.xz) = 0e16f1229fb8e87aaa31465eb0aeb01a1d8cb4aeef5ac60c6db8ba6159f06ed6 +SIZE (libbeid-4.0.6.1457.tar.xz) = 444352 diff --git a/security/libbeid/files/patch-cardlayer b/security/libbeid/files/patch-cardlayer new file mode 100644 index 000000000000..6cd639dc0dbb --- /dev/null +++ b/security/libbeid/files/patch-cardlayer @@ -0,0 +1,111 @@ +--- cardlayer/src/cache.cpp.orig ++++ cardlayer/src/cache.cpp +@@ -202,10 +202,8 @@ + ; // TODO: log + else + { +- size_t tmpHeader = fwrite(&header, sizeof(tCacheHeader), 1, f); +- tmpHeader = tmpHeader; //avoid warning +- size_t tmpData = fwrite(oData.GetBytes(), 1, oData.Size(), f); +- tmpData = tmpData; //avoid warning ++ (void)fwrite(&header, sizeof(tCacheHeader), 1, f); ++ (void)fwrite(oData.GetBytes(), 1, oData.Size(), f); + fclose(f); + } + } +--- cardlayer/src/card.cpp.orig ++++ cardlayer/src/card.cpp +@@ -25,7 +25,7 @@ + + CCard::CCard(SCARDHANDLE hCard, CContext *poContext, CPinpad *poPinpad) : + m_hCard(hCard), m_poContext(poContext), m_poPinpad(poPinpad), +- m_oCache(poContext), m_ulLockCount(0), m_bSerialNrString(false),m_cardType(CARD_UNKNOWN) ++ m_oCache(poContext), m_cardType(CARD_UNKNOWN), m_ulLockCount(0), m_bSerialNrString(false) + { + } + +@@ -301,7 +301,7 @@ + { + // By default no caching, card must implement this method + // to allow certain files to be cached (in a certain way). +- tCacheInfo dontCache = {DONT_CACHE}; ++ tCacheInfo dontCache = {DONT_CACHE,0}; + + return dontCache; + } +--- cardlayer/src/pkcs15.cpp.orig ++++ cardlayer/src/pkcs15.cpp +@@ -27,7 +27,7 @@ + { + + const static tPin PinInvalid = {false, "",0,0,0,0,0,0, 0, 0, 0, 0, 0,PIN_ENC_BCD,"",""}; +- const static tCert CertInvalid = {false, "", 0, 0,0,0}; ++ const static tCert CertInvalid = {false, "", 0, 0,0,0,false,false,""}; + const static tPrivKey PrivKeyInvalid = {false, "", 0,0,0,0,0,0,0,"", 0,false}; + + // Hardcoded Beid V1 PINs, keys, certs -- to be removed +@@ -63,8 +63,7 @@ + { + } + +- CPKCS15::CPKCS15(CContext *poContext) : +- m_poContext(poContext) ++ CPKCS15::CPKCS15(CContext *poContext) + { + Clear(); + } +--- cardlayer/src/pkcs15.h.orig ++++ cardlayer/src/pkcs15.h +@@ -90,7 +90,6 @@ + + private: + CCard *m_poCard; +- CContext *m_poContext; + PKCS15Parser *m_poParser; + + #ifdef WIN32 +--- cardlayer/src/pkicard.cpp.orig ++++ cardlayer/src/pkicard.cpp +@@ -363,7 +363,7 @@ + tFileInfo CPkiCard::SelectFile(const std::string & csPath, bool bReturnFileInfo) + { + CByteArray oResp; +- tFileInfo xFileInfo = {0}; ++ tFileInfo xFileInfo = {0,0,0}; + + unsigned long ulPathLen = (unsigned long) csPath.size(); + if (ulPathLen % 4 != 0 || ulPathLen == 0) +--- cardlayer/src/reader.cpp.orig ++++ cardlayer/src/reader.cpp +@@ -280,8 +280,7 @@ + } + catch(CMWException &e) + { +- unsigned long err = e.GetError(); +- err = err; ++ (void)e.GetError(); + return m_oPKCS15.GetSerialNr(); + } + } +--- cardlayer/src/threadpool.cpp.orig ++++ cardlayer/src/threadpool.cpp +@@ -79,7 +79,7 @@ + m_bRunning = false; + } + +-void CEventCallbackThread::Stop() ++void CEventCallbackThread::Stop(unsigned long ulSleepFrequency) + { + m_bStop = true; + } +--- cardlayer/src/threadpool.h.orig ++++ cardlayer/src/threadpool.h +@@ -42,7 +42,7 @@ + + void Run(); + +- void Stop(); ++ void Stop(unsigned long ulSleepFrequency=100); + + bool HasStopped(); + diff --git a/security/libbeid/files/patch-common b/security/libbeid/files/patch-common new file mode 100644 index 000000000000..87ab86a8abfa --- /dev/null +++ b/security/libbeid/files/patch-common @@ -0,0 +1,183 @@ +--- common/src/bytearrayreader.cpp.orig ++++ common/src/bytearrayreader.cpp +@@ -24,7 +24,6 @@ + #include "bytearrayreader.h" + #include "bytearray.h" + +-const static unsigned long EXTRA_INCREMENT_LEN = 10; + + /***************** ByteArray **************************/ + +--- common/src/datafile.cpp.orig ++++ common/src/datafile.cpp +@@ -243,8 +243,7 @@ + while ( !bDone ) + { + memset(buffer, 0, MAX_BUFFER_LEN); +- wchar_t* tmp = fgetws( buffer, MAX_BUFFER_LEN, m_stream); +- tmp=tmp; // avoid warning ++ (void)fgetws( buffer, MAX_BUFFER_LEN, m_stream); + + szLine = buffer; + Trim(szLine); +@@ -1004,8 +1003,7 @@ + if ( buf[nLength] != '\n' && buf[nLength] != '\r' ) + buf[nLength++] = '\n'; + +- size_t tmp = fwrite(buf, sizeof( wchar_t ), nLength, stream); +- tmp = tmp; // avoid warning ++ (void)fwrite(buf, sizeof( wchar_t ), nLength, stream); + + return nLength; + } +--- common/src/dynamiclib.cpp.orig ++++ common/src/dynamiclib.cpp +@@ -42,7 +42,7 @@ + + void * CDynamicLib::GetAddress(const std::string & csFunctionName) + { +- if (m_module != m_module) ++ if (m_module == NULL) + return NULL; + + return PlatformGetAddress(csFunctionName.c_str()); +@@ -50,7 +50,7 @@ + + void CDynamicLib::Close() + { +- if (m_module != m_module) ++ if (m_module != NULL) + return PlatformClose(); + + m_module = NULL; +--- common/src/logbase.cpp.orig ++++ common/src/logbase.cpp +@@ -29,11 +29,7 @@ + #include "mw_util.h" + + #ifndef WIN32 +-#ifdef LINUX + #include "wintypes.h" +-#else +-#include "PCSC/wintypes.h" +-#endif + #include "sys/stat.h" + #include "util.h" + +@@ -567,6 +563,7 @@ + else + err = fopen_s(&m_f,utilStringNarrow(filename).c_str(),"a"); + #else ++ (void)bWchar; + m_f = fopen(utilStringNarrow(filename).c_str(),"a, ccs=UTF-8"); + if (m_f == NULL) err=errno; + #endif +--- common/src/mw_util.cpp.orig ++++ common/src/mw_util.cpp +@@ -271,7 +271,7 @@ + + if (r != -1 && csTmp != NULL) + { +- r = fprintf(stream, csTmp); ++ r = fputs(csTmp, stream); + free(csTmp); + } + +@@ -289,7 +289,7 @@ + + if (r != -1 && csTmp != NULL) + { +- r = fprintf(stream, csTmp); ++ r = fputs(csTmp, stream); + free(csTmp); + } + +@@ -306,7 +306,7 @@ + + if (r != -1 && csTmp != NULL) + { +- r = fprintf(stream, csTmp); ++ r = fputs(csTmp, stream); + free(csTmp); + } + +--- common/src/mw_util.h.orig ++++ common/src/mw_util.h +@@ -38,7 +38,6 @@ + #endif + + #if !defined __APPLE__ && !defined USE_WINERROR +-#include "error.h" + #endif + + #ifndef HAVE_ERRNO_T +--- common/src/mwexception.cpp.orig ++++ common/src/mwexception.cpp +@@ -34,14 +34,14 @@ + + // CMWEXCEPTION::CMWEXCEPTION(long lError, const char *cpFile, long lLine) + CMWException::CMWException(long lError, const char *cpFile, long lLine) +-: m_lError(lError), +- m_sFile(cpFile), ++: m_sFile(cpFile), ++ m_lError(lError), + m_lLine(lLine) + + { + } + +-const char* CMWException::what() throw() ++const char* CMWException::what() const throw() + { + return "CMWException, error code strings to be implemented"; + } +--- common/src/mwexception.h.orig ++++ common/src/mwexception.h +@@ -37,7 +37,7 @@ + //CMWException(long lError); + CMWException(long lError, const char *cpFile, long lLine); + ~CMWException () throw(){}; +- virtual const char* what() throw(); ++ virtual const char* what() const throw(); + + long GetError() const {return m_lError;}; + std::string GetFile() const {return m_sFile;}; +--- common/src/socket/socketclient.cpp.orig ++++ common/src/socket/socketclient.cpp +@@ -23,6 +23,7 @@ + #include "../util.h" + + #ifndef WIN32 ++#include <netinet/in.h> + #include <errno.h> + #endif + +--- common/src/util.cpp.orig ++++ common/src/util.cpp +@@ -348,7 +348,7 @@ + /* Get our PID and build the name of the link in /proc */ + pid = getpid(); + +- if (snprintf(linkname, sizeof(linkname), "/proc/%i/exe", pid) < 0) ++ if (snprintf(linkname, sizeof(linkname), "/proc/%i/file", pid) < 0) + { + /* This should only happen on large word systems. I'm not sure + what the proper response is here. +@@ -474,7 +474,7 @@ + + if (r != -1 && csTmp != NULL) + { +- r = fprintf(stream, csTmp); ++ r = fputs(csTmp, stream); + free(csTmp); + } + +@@ -490,7 +490,7 @@ + + if (r != -1 && csTmp != NULL) + { +- r = fprintf(stream, csTmp); ++ r = fputs(csTmp, stream); + free(csTmp); + } + diff --git a/security/libbeid/files/patch-dialogs b/security/libbeid/files/patch-dialogs new file mode 100644 index 000000000000..8178a0a9033f --- /dev/null +++ b/security/libbeid/files/patch-dialogs @@ -0,0 +1,404 @@ +--- dialogs/src/dialogsgtk/beid-askaccess.c.orig ++++ dialogs/src/dialogsgtk/beid-askaccess.c +@@ -32,22 +32,15 @@ + + + enum { MSG_ACCESS_CARD_TITLE=1, MSG_ACCESS_CARD_QUESTION }; +-char* beid_messages[4][3]={ +- "en", "beID: Card Access", "The application [%s] wants to access the eID card. Do you want to accept it?", +- "nl", "beID: Lezen Kaart", "Het Programma [%s] vraagt toegang tot de eID kaart. Wil U dit toelaten?", +- "fr", "beID: Lecture de Carte", "l'application [%s] essaye d'accéder à la carte eID. Acceptez-vous?", +- "de", "beID: Kartenzugriff", "Die Anwendung [%s] will auf die eID-Karte zugreifen. Möchten Sie akzeptieren?" +- }; ++static char const *const beid_messages[4][3]={ ++ { "en", "beID: Card Access", "The application [%s] wants to access the eID card. Do you want to accept it?" }, ++ { "nl", "beID: Lezen Kaart", "Het Programma [%s] vraagt toegang tot de eID kaart. Wil U dit toelaten?" }, ++ { "fr", "beID: Lecture de Carte", "l'Application [%s] essaye d'accéder à la carte eID. Acceptez-vous?" }, ++ { "de", "beID: Kartenzugriff", "Die Anwendung [%s] will auf die eID-Karte zugreifen. Möchten Sie akzeptieren?" } ++}; + + #include "beid-i18n.h" + +-// event handler for delete-event. always approves the deletion +-/////////////////////////////////////////////////////////////// +-static gboolean on_delete_event( GtkWidget *widget, GdkEvent* event, gpointer pindialog) +-{ +- return TRUE; +-} +- + int main(int argc, char* argv[]) + { + int return_value; +@@ -63,7 +56,7 @@ + { + char message[2048]; + snprintf(message, sizeof(message)-2, _MSG_(MSG_ACCESS_CARD_QUESTION), caller_path); +- dialog=gtk_message_dialog_new(NULL,GTK_DIALOG_MODAL,GTK_MESSAGE_QUESTION,GTK_BUTTONS_OK_CANCEL,message); ++ dialog=gtk_message_dialog_new(NULL,GTK_DIALOG_MODAL,GTK_MESSAGE_QUESTION,GTK_BUTTONS_OK_CANCEL,"%s",message); + } + else + { +--- dialogs/src/dialogsgtk/beid-askpin.c.orig ++++ dialogs/src/dialogsgtk/beid-askpin.c +@@ -35,12 +35,12 @@ + #define EXIT_ERROR 2 + + enum { MSG_PIN_CODE_REQUIRED=1, MSG_PLEASE_ENTER_PIN }; +-char* beid_messages[4][3]={ +- "en", "beID: PIN Code Required", "The application\n[%s]\nrequests your eID PIN code.", +- "nl", "beID: PINcode Vereist", "Het programma\n[%s]\nvraagt uw eID PINcode", +- "fr", "beID: Code PIN Necessaire", "l'application\n[%s]\nvous demande votre code PIN eID", +- "de", "beID: PIN Code Required", "Die Anwendung\n[%s]\nfragt um Ihren eID PIN-code" +- }; ++static char const *const beid_messages[4][3]={ ++ { "en", "beID: PIN Code Required", "The application\n[%s]\nrequests your eID PIN code." }, ++ { "nl", "beID: PINcode Vereist", "Het programma\n[%s]\nvraagt uw eID PINcode" }, ++ { "fr", "beID: Code PIN Necessaire", "l'Application\n[%s]\nvous demande votre code PIN eID" }, ++ { "de", "beID: PIN Code Required", "Die Anwendung\n[%s]\nfragt um Ihren eID PIN-code" } ++}; + + #include "beid-i18n.h" + +@@ -58,7 +58,7 @@ + /////////////////////////////////////////////////////////////////////////////////////////// + void update_pin_label(PinDialogInfo *pindialog) + { +- int i; ++ size_t i; + gchar tmp[MAX_PIN_LENGTH*6]; + tmp[0]='\0'; + for(i=0;i<strlen(pindialog->pin);i++) +@@ -74,14 +74,14 @@ + { + gtk_dialog_set_response_sensitive(GTK_DIALOG(pindialog->dialog),GTK_RESPONSE_OK, TRUE); + gtk_dialog_set_default_response(GTK_DIALOG(pindialog->dialog),GTK_RESPONSE_OK); +- gtk_widget_grab_focus(pindialog->okbutton); ++ gtk_widget_grab_focus(GTK_WIDGET(pindialog->okbutton)); + + } + else + { + gtk_dialog_set_response_sensitive(GTK_DIALOG(pindialog->dialog), GTK_RESPONSE_OK, FALSE); + gtk_dialog_set_default_response(GTK_DIALOG(pindialog->dialog),GTK_RESPONSE_CANCEL); +- gtk_widget_grab_focus(pindialog->cancelbutton); ++ gtk_widget_grab_focus(GTK_WIDGET(pindialog->cancelbutton)); + } + } + +@@ -210,7 +210,7 @@ + char message[2048]; + pindialog_init(&pindialog); // setup PinDialogInfo structure + snprintf(message, sizeof(message)-2, _MSG_(MSG_PLEASE_ENTER_PIN), caller_path); +- pindialog.dialog=gtk_message_dialog_new(NULL,GTK_DIALOG_MODAL,GTK_MESSAGE_QUESTION,GTK_BUTTONS_NONE,message); ++ pindialog.dialog=gtk_message_dialog_new(NULL,GTK_DIALOG_MODAL,GTK_MESSAGE_QUESTION,GTK_BUTTONS_NONE,"%s",message); + } + else + { +@@ -218,8 +218,8 @@ + exit(EXIT_ERROR); + } + +- pindialog.cancelbutton=gtk_dialog_add_button(pindialog.dialog,GTK_STOCK_CANCEL, GTK_RESPONSE_CANCEL); +- pindialog.okbutton =gtk_dialog_add_button(pindialog.dialog,GTK_STOCK_OK, GTK_RESPONSE_OK); ++ pindialog.cancelbutton=GTK_BUTTON(gtk_dialog_add_button(GTK_DIALOG(pindialog.dialog),GTK_STOCK_CANCEL,GTK_RESPONSE_CANCEL)); ++ pindialog.okbutton=GTK_BUTTON(gtk_dialog_add_button(GTK_DIALOG(pindialog.dialog),GTK_STOCK_OK,GTK_RESPONSE_OK)); + + gtk_dialog_set_default_response(GTK_DIALOG(pindialog.dialog),GTK_RESPONSE_OK); + gtk_window_set_title(GTK_WINDOW(pindialog.dialog),_MSG_(MSG_PIN_CODE_REQUIRED)); +--- dialogs/src/dialogsgtk/beid-badpin.c.orig ++++ dialogs/src/dialogsgtk/beid-badpin.c +@@ -16,6 +16,7 @@ + * http://www.gnu.org/licenses/. + **************************************************************************** */ + ++#include <ctype.h> + #include <gtk/gtk.h> + #include <gtk/gtkenums.h> + #include <gdk/gdkkeysyms.h> +@@ -30,22 +31,23 @@ + #define EXIT_ERROR 2 + + enum { MSG_INCORRECT_PIN_CODE=1, MSG_N_ATTEMPTS_LEFT, MSG_LAST_ATTEMPT }; +-char* beid_messages[4][4]={ +- "en", "beID: Incorrect PIN Code", "You have entered an incorrect PIN code.\nPlease note that you have only %d attempts left before your PIN is blocked.", "You have entered an incorrect PIN code.\nPlease note that at the next incorrect entry your PIN code will be blocked.", +- "nl", "beID: Foutive PINcode", "U hebt een foutive PIN code ingegeven.\nGelieve te noteren dat u nog slechts %d pogingen hebt alvorens uw PIN code geblokkeerd wordt.", "U hebt een foutive PIN code ingegeven.\nGelieve te noteren dat bij de volgende incorrecte ingave uw PIN code geblokkeerd wordt.", +- "fr", "beID: Code PIN incorrect", "Vous avez entré un code PIN incorrect.\nVeuillez noter qu'il ne vous reste plus que %d tentatives avant que votre PIN soit bloqué", "Vous avez entré un code PIN incorrect.\nVieullez noter qu'a la prochaine entree incorrecte votre code PIN sera bloqué", +- "de", "beID: Incorrect PIN Code", "You have entered an incorrect PIN code.\nPlease note that you have only %d attempts left before your PIN is blocked.", "You have entered an incorrect PIN code.\nPlease note that at the next incorrect entry your PIN code will be blocked." +- }; ++static char const *const beid_messages[4][4]={ ++ { "en", "beID: Incorrect PIN Code", ++ "You have entered an incorrect PIN code.\nPlease note that you have only %d attempts left before your PIN is blocked.", ++ "You have entered an incorrect PIN code.\nPlease note that at the next incorrect entry your PIN code will be blocked." }, ++ { "nl", "beID: Foutive PINcode", ++ "U hebt een foutive PIN code ingegeven.\nGelieve te noteren dat u nog slechts %d pogingen hebt alvorens uw PIN code geblokkeerd wordt.", ++ "U hebt een foutive PIN code ingegeven.\nGelieve te noteren dat bij de volgende incorrecte ingave uw PIN code geblokkeerd wordt." }, ++ { "fr", "beID: Code PIN incorrect", ++ "Vous avez entré un code PIN incorrect.\nVeuillez noter qu'il ne vous reste plus que %d tentatives avant que votre PIN soit bloqué", ++ "Vous avez entré un code PIN incorrect.\nVieullez noter qu'a la prochaine entree incorrecte votre code PIN sera bloqué" }, ++ { "de", "beID: Incorrect PIN Code", ++ "You have entered an incorrect PIN code.\nPlease note that you have only %d attempts left before your PIN is blocked.", ++ "You have entered an incorrect PIN code.\nPlease note that at the next incorrect entry your PIN code will be blocked." } ++}; + + #include "beid-i18n.h" + +-// event handler for delete-event. always approves the deletion +-/////////////////////////////////////////////////////////////// +-static gboolean on_delete_event( GtkWidget *widget, GdkEvent* event, gpointer pindialog) +-{ +- return TRUE; +-} +- + int main(int argc, char* argv[]) + { + int return_value=EXIT_ERROR; +@@ -63,7 +65,7 @@ + if(attempts>1) + snprintf(message,sizeof(message)-2,_MSG_(MSG_N_ATTEMPTS_LEFT),attempts); + else +- snprintf(message,sizeof(message)-2,_MSG_(MSG_LAST_ATTEMPT)); ++ snprintf(message,sizeof(message)-2,"%s",_MSG_(MSG_LAST_ATTEMPT)); + } + else + { +@@ -71,7 +73,7 @@ + exit(EXIT_ERROR); + } + +- dialog=gtk_message_dialog_new(NULL,GTK_DIALOG_MODAL,GTK_MESSAGE_WARNING,GTK_BUTTONS_OK,message); ++ dialog=gtk_message_dialog_new(NULL,GTK_DIALOG_MODAL,GTK_MESSAGE_WARNING,GTK_BUTTONS_OK,"%s",message); + gtk_dialog_set_default_response(GTK_DIALOG(dialog),GTK_RESPONSE_OK); + gtk_window_set_title(GTK_WINDOW(dialog),_MSG_(MSG_INCORRECT_PIN_CODE)); + gtk_window_set_position(GTK_WINDOW(dialog), GTK_WIN_POS_CENTER); +--- dialogs/src/dialogsgtk/beid-changepin.c.orig ++++ dialogs/src/dialogsgtk/beid-changepin.c +@@ -17,6 +17,7 @@ + * http://www.gnu.org/licenses/. + + **************************************************************************** */ ++#include <ctype.h> + #include <gtk/gtk.h> + #include <gtk/gtkenums.h> + #include <gdk/gdkkeysyms.h> +@@ -36,13 +37,20 @@ + #define EXIT_ERROR 2 + + enum { MSG_CHANGE_PIN_CODE=1, MSG_PLEASE_ENTER_OLD_AND_NEW_PINS, MSG_CURRENT_PIN, MSG_NEW_PIN, MSG_NEW_PIN_AGAIN }; +-char* beid_messages[4][6]={ +- "en", "beID: Change PIN Code", "Request from Application [%s]:\n\nPlease enter your current eID PIN, followed by your new eID PIN (twice)", "Current PIN:", "New PIN:", "New PIN (again):", +- "nl", "beID: PIN Code Wijzigen", "Verzoek van programma [%s]:\n\nGelieve Uw bestaande eID PIN code, en tweemaal uw nieuwe eID PINcode in te voeren.", "Huidige PIN:", "Nieuwe PIN:", "Nieuwe PIN (opnieuw):", +- "fr", "beID: Changement de code PIN", "Demande de l'application [%s]:\n\nVeuillez entrer votre code PIN eID existant, suivi de votre nouveau code PIN eID (2 fois)", "Code PIN existant:", "Nouveau code PIN:","Nouveau code PIN (verification):", +- "de", "beID: PIN Code ändern", "Anfrage von Anwendug [%s]:\n\nBitte geben Sie ihren bestehenden eID PIN-Code, gefolgt von Ihrem neuen eID PIN-Code (zwei mal), ein", "Aktueller PIN-Code:", "Neuer PIN-Code:", "Neuer PIN-Code (noch einmal):" +- +- }; ++static char const *const beid_messages[4][6]={ ++ { "en", "beID: Change PIN Code", ++ "Request from application [%s]:\n\nPlease enter your current eID PIN, followed by your new eID PIN (twice)", ++ "Current PIN:", "New PIN:", "New PIN (again):" }, ++ { "nl", "beID: PIN Code Wijzigen", ++ "Verzoek van programma [%s]:\n\nGelieve Uw bestaande eID PIN code, en tweemaal uw nieuwe eID PINcode in te voeren.", ++ "Huidige PIN:", "Nieuwe PIN:", "Nieuwe PIN (opnieuw):" }, ++ { "fr", "beID: Changement de code PIN", ++ "Demande de l'application [%s]:\n\nVeuillez entrer votre code PIN eID existant, suivi de votre nouveau code PIN eID (2 fois)", ++ "Code PIN existant:", "Nouveau code PIN:", "Nouveau code PIN (verification):" }, ++ { "de", "beID: PIN Code ändern", ++ "Anfrage von Anwendug [%s]:\n\nBitte geben Sie ihren bestehenden eID PIN-Code, gefolgt von Ihrem neuen eID PIN-Code (zwei mal), ein", ++ "Aktueller PIN-Code:", "Neuer PIN-Code:", "Neuer PIN-Code (noch einmal):" } ++}; + + #include "beid-i18n.h" + +@@ -161,7 +169,7 @@ + { + char message[2048]; + snprintf(message, sizeof(message)-2, _MSG_(MSG_PLEASE_ENTER_OLD_AND_NEW_PINS), caller_path); +- pindialog.dialog=gtk_message_dialog_new(NULL,GTK_DIALOG_MODAL,GTK_MESSAGE_QUESTION,GTK_BUTTONS_NONE,message); ++ pindialog.dialog=gtk_message_dialog_new(NULL,GTK_DIALOG_MODAL,GTK_MESSAGE_QUESTION,GTK_BUTTONS_NONE,"%s",message); + } + else + { +@@ -169,8 +177,8 @@ + exit(EXIT_ERROR); + } + +- pindialog.cancelbutton =gtk_dialog_add_button(pindialog.dialog,GTK_STOCK_CANCEL, GTK_RESPONSE_CANCEL); +- pindialog.okbutton =gtk_dialog_add_button(pindialog.dialog,GTK_STOCK_OK, GTK_RESPONSE_OK); ++ pindialog.cancelbutton=GTK_BUTTON(gtk_dialog_add_button(GTK_DIALOG(pindialog.dialog),GTK_STOCK_CANCEL,GTK_RESPONSE_CANCEL)); ++ pindialog.okbutton=GTK_BUTTON(gtk_dialog_add_button(GTK_DIALOG(pindialog.dialog),GTK_STOCK_OK,GTK_RESPONSE_OK)); + + gtk_dialog_set_default_response(GTK_DIALOG(pindialog.dialog),GTK_RESPONSE_OK); + gtk_window_set_title(GTK_WINDOW(pindialog.dialog),_MSG_(MSG_CHANGE_PIN_CODE)); +@@ -234,8 +242,8 @@ + { + case GTK_RESPONSE_OK: // if the user chose OK + { +- char* oldpin=gtk_entry_get_text(GTK_ENTRY(pindialog.originalPinEntry)); +- char* newpin=gtk_entry_get_text(GTK_ENTRY(pindialog.newPin0Entry)); ++ char const *oldpin=gtk_entry_get_text(GTK_ENTRY(pindialog.originalPinEntry)); ++ char const *newpin=gtk_entry_get_text(GTK_ENTRY(pindialog.newPin0Entry)); + printf("%s:%s\n",oldpin,newpin); // output the PINs to stdout + return_value=EXIT_OK; // and return OK + } +--- dialogs/src/dialogsgtk/beid-i18n.h.orig ++++ dialogs/src/dialogsgtk/beid-i18n.h +@@ -1,7 +1,7 @@ +-char* _MSG_(int msgnum) ++char const *_MSG_(int msgnum) + { +- char* message=beid_messages[0][msgnum]; // default=English +- char* lang=getenv("LANG"); ++ char const *message=beid_messages[0][msgnum]; // default=English ++ char const *lang=getenv("LANG"); + if(lang!=NULL && strlen(lang)==5 && lang[2]=='_') + { + int i; +--- dialogs/src/dialogsgtk/beid-spr-askpin.c.orig ++++ dialogs/src/dialogsgtk/beid-spr-askpin.c +@@ -34,12 +34,12 @@ + #define EXIT_ERROR 2 + + enum { MSG_PIN_CODE_REQUIRED=1, MSG_PLEASE_ENTER_PIN }; +-char* beid_messages[4][3]={ +- "en", "beID: PIN Code Required", "The application [%s] requests your eID PIN code on the secure pinpad reader:\n[%s]..", +- "nl", "beID: PINcode Vereist", "Het programma [%s] vraagt uw eID PIN code in te geven op de beveiligde kaartlezer:\n[%s].", +- "fr", "beID: Code PIN Necessaire", "l'application [%s] vous demande d'entrer votre code PIN eID sur le lecteur securise\n[%s]..", +- "de", "beID: PIN Code Required", "Die Anwendung [%s] fragt um Ihren eID PIN-Code auf dem sicheren Kartenleser:\n[%s].." +- }; ++static char const* const beid_messages[4][3]={ ++ { "en", "beID: PIN Code Required", "The application [%s] requests your eID PIN code on the secure pinpad reader:\n[%s].." }, ++ { "nl", "beID: PINcode Vereist", "Het programma [%s] vraagt uw eID PIN code in te geven op de beveiligde kaartlezer:\n[%s].." }, ++ { "fr", "beID: Code PIN Necessaire", "l'Application [%s] vous demande d'entrer votre code PIN eID sur le lecteur securise\n[%s].." }, ++ { "de", "beID: PIN Code Required", "Die Anwendung [%s] fragt um Ihren eID PIN-Code auf dem sicheren Kartenleser:\n[%s].." } ++}; + + #include "beid-i18n.h" + +@@ -88,7 +88,7 @@ + // create new message dialog with CANCEL button in standard places, in center of user's screen + /////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + +- pindialog.dialog=gtk_message_dialog_new(NULL,GTK_DIALOG_MODAL,GTK_MESSAGE_QUESTION,GTK_BUTTONS_NONE,message); ++ pindialog.dialog=gtk_message_dialog_new(NULL,GTK_DIALOG_MODAL,GTK_MESSAGE_QUESTION,GTK_BUTTONS_NONE,"%s",message); + gtk_dialog_set_default_response(GTK_DIALOG(pindialog.dialog),GTK_RESPONSE_OK); + gtk_window_set_title(GTK_WINDOW(pindialog.dialog),_MSG_(MSG_PIN_CODE_REQUIRED)); + gtk_window_set_position(GTK_WINDOW(pindialog.dialog), GTK_WIN_POS_CENTER); +--- dialogs/src/dialogsgtk/beid-spr-changepin.c.orig ++++ dialogs/src/dialogsgtk/beid-spr-changepin.c +@@ -34,12 +34,12 @@ + #define EXIT_ERROR 2 + + enum { MSG_CHANGE_PIN_CODE=1, MSG_PLEASE_CHANGE_PIN }; +-char* beid_messages[4][3]={ +- "en", "beID: Change PIN Code", "Request from Application [%s]:\n\nPlease change your eID PIN code on the secure pinpad reader:\n[%s]..", +- "nl", "beID: Wijziging PINcode", "Verzoek van programma [%s]:\n\nGelieve uw eID PIN code op de beveiligde kaartlezer:\n[%s]\nte willen wijzigen.", +- "fr", "beID: Changement de code PIN", "Demande de l'application [%s]:\n\nVeuillez changer votre code PIN eID sur le lecteur securise\n[%s]..", +- "de", "beID: Change PIN Code", "Anfrage von Anwendug [%s]:\n\nPlease change your eID PIN code on the secure pinpad reader:\n[%s].." +- }; ++static char const *const beid_messages[4][3]={ ++ { "en", "beID: Change PIN Code", "Request from Application [%s]:\n\nPlease change your eID PIN code on the secure pinpad reader:\n[%s].." }, ++ { "nl", "beID: Wijziging PINcode", "Verzoek van programma [%s]:\n\nGelieve uw eID PIN code te wijzigen op de beveiligde kaartlezer:\n[%s].." }, ++ { "fr", "beID: Changement de code PIN", "Demande de l'application [%s]:\n\nVeuillez changer votre code PIN eID sur le lecteur securise\n[%s].." }, ++ { "de", "beID: Change PIN Code", "Anfrage von Anwendug [%s]:\n\nPlease change your eID PIN code on the secure pinpad reader:\n[%s].." } ++}; + + #include "beid-i18n.h" + +@@ -60,7 +60,6 @@ + + int main(int argc, char* argv[]) + { +- char pid_path[PATH_MAX]; + int return_value=EXIT_ERROR; + PinDialogInfo pindialog; // this struct contains all dialog objects + char caller_path[1024]; +@@ -89,7 +88,7 @@ + exit(EXIT_ERROR); + } + +- pindialog.dialog=gtk_message_dialog_new(NULL,GTK_DIALOG_MODAL,GTK_MESSAGE_QUESTION,GTK_BUTTONS_NONE,message); ++ pindialog.dialog=gtk_message_dialog_new(NULL,GTK_DIALOG_MODAL,GTK_MESSAGE_QUESTION,GTK_BUTTONS_NONE,"%s",message); + gtk_dialog_set_default_response(GTK_DIALOG(pindialog.dialog),GTK_RESPONSE_OK); + gtk_window_set_title(GTK_WINDOW(pindialog.dialog),_MSG_(MSG_CHANGE_PIN_CODE)); + gtk_window_set_position(GTK_WINDOW(pindialog.dialog), GTK_WIN_POS_CENTER); +--- dialogs/src/dialogs.h.orig ++++ dialogs/src/dialogs.h +@@ -27,6 +27,7 @@ + #ifndef __DIALOGS_H__ + #define __DIALOGS_H__ + ++#include <sys/types.h> + #include <string> + + #ifdef WIN32 +--- dialogs/src/dialogsgtk/dlgs_gtk.cpp.orig ++++ dialogs/src/dialogsgtk/dlgs_gtk.cpp +@@ -56,12 +56,13 @@ + + + +-bool MW_PERROR(tLevel level, tModule mod, char* comment) ++static bool MW_PERROR(tLevel level, tModule mod, char const *comment) + { + char err_txt[256],log_txt[1024]; + wchar_t wide_log_txt[1024]; + +- snprintf(log_txt,sizeof(log_txt),"%s:%s",comment,strerror_r(errno,err_txt,sizeof(err_txt))); ++ strerror_r(errno,err_txt,sizeof(err_txt)); ++ snprintf(log_txt,sizeof(log_txt),"%s:%s",comment,err_txt); + mbstowcs(wide_log_txt,log_txt,sizeof(wide_log_txt)); + return MWLOG(level,mod,wide_log_txt); + } +@@ -112,7 +113,7 @@ + char count[4]; + MWLOG(LEV_DEBUG,MOD_DLG,L"eIDMW::DlgBadPin called"); + +- snprintf(count,sizeof(count)-2,"%1d",ulRemainingTries); ++ snprintf(count,sizeof(count)-2,"%1lu",ulRemainingTries); + char* response=sdialog_call_modal(QUOTEME(BEID_BADPIN_DIALOG),count); + free(response); + return DLG_OK; +--- dialogs/src/dialogsgtk/parent.c.orig ++++ dialogs/src/dialogsgtk/parent.c +@@ -1,4 +1,6 @@ ++#include <stdio.h> + #include <stdlib.h> ++#include <unistd.h> + #include "config.h" + #include "parent.h" + +@@ -9,7 +11,7 @@ + char proc_path[32]; + ssize_t exec_path_len=-1; + +- snprintf(proc_path,sizeof(proc_path)-1,"/proc/%d/exe",getppid()); ++ snprintf(proc_path,sizeof(proc_path)-1,"/proc/%d/file",getppid()); + if((exec_path_len=readlink(proc_path,exec_path,exec_path_size-1))!=-1) + exec_path[exec_path_len]='\0'; + return exec_path_len; +--- dialogs/src/dialogsgtk/parent.h.orig ++++ dialogs/src/dialogsgtk/parent.h +@@ -1,2 +1,4 @@ ++#include <sys/types.h> ++ + ssize_t get_parent_path(char* exec_path, size_t exec_path_size); + +--- dialogs/src/dialogsgtk/single_dialog.c.orig ++++ dialogs/src/dialogsgtk/single_dialog.c +@@ -40,14 +40,15 @@ + #define DPRINTF(format,args...) fprintf(stderr, format , ## args) + #define DERROR(label) perror(label) + #else +-#define DPRINTF +-#define DERROR ++#define DPRINTF(format,args...) ++#define DERROR(label) + #endif + + + /* the sdialog_call_modal function borrows from readpass.c in the OpenSSH distribution, whose Copyright is as follows: + * + * START OF extra (C) NOTICE FOR sdialog_call_modal() ++ */ + + /* $OpenBSD: readpass.c,v 1.47 2006/08/03 03:34:42 deraadt Exp $ */ + /* diff --git a/security/libbeid/files/patch-pkcs11 b/security/libbeid/files/patch-pkcs11 new file mode 100644 index 000000000000..a301e4261047 --- /dev/null +++ b/security/libbeid/files/patch-pkcs11 @@ -0,0 +1,171 @@ +--- pkcs11/src/asn1.c.orig ++++ pkcs11/src/asn1.c +@@ -253,7 +253,7 @@ + /* check if we are decoding inside a BIT STRING: iNumTag == parent_tag */ + /* first octet of bit string is the number of unused bits at the end of the bitstring */ + /* in CER/DER: unused bits are always zero. And if they aren't zero, we still don't need to know the nr. of unused bits */ +- if ((iNumTag == 0x03) ) ++ if (iNumTag == 0x03) + { + p_cDat++; + iLen--; +--- pkcs11/src/cal.cpp.orig ++++ pkcs11/src/cal.cpp +@@ -865,7 +865,7 @@ + std::string szReader; + // char cBuffer[250]; + // unsigned char ucBuffer[250]; +- char* plabel = NULL; ++ char const *plabel = NULL; + CTLVBuffer oTLVBuffer; + P11_SLOT *pSlot = NULL; + CK_ATTRIBUTE ID_DATA[]= BEID_TEMPLATE_ID_DATA; +@@ -1026,8 +1026,8 @@ + std::string szReader; + char cBuffer[250]; + // unsigned char ucBuffer[250]; +- char* plabel = NULL; +- char* pobjectID = NULL; ++ char const *plabel = NULL; ++ char const *pobjectID = NULL; + unsigned long ulLen=0; + CTLVBuffer oTLVBuffer; + CTLVBuffer oTLVBufferAddress;//need second buffer object, as memory is only freed when this object is destructed +@@ -1061,7 +1061,7 @@ + pobjectID = BEID_OBJECTID_ID; + ret = p11_add_slot_ID_object(pSlot, ID_DATA, sizeof(ID_DATA)/sizeof(CK_ATTRIBUTE), CK_TRUE, CKO_DATA, CK_FALSE, &hObject, + (CK_VOID_PTR)plabel, (CK_ULONG)strlen(plabel),(CK_VOID_PTR) oFileData.GetBytes(),(CK_ULONG)oFileData.Size(), +- pobjectID, (CK_ULONG)strlen(pobjectID)); ++ (CK_VOID_PTR)pobjectID, (CK_ULONG)strlen(pobjectID)); + if (ret) goto cleanup; + + oTLVBuffer.ParseTLV(oFileData.GetBytes(), oFileData.Size()); +@@ -1075,7 +1075,7 @@ + oTLVBuffer.FillUTF8Data(ID_LABELS[i].tag, cBuffer, &ulLen); + plabel = ID_LABELS[i].name; + ret = p11_add_slot_ID_object(pSlot, ID_DATA, sizeof(ID_DATA)/sizeof(CK_ATTRIBUTE), CK_TRUE, CKO_DATA, CK_FALSE, &hObject, +- (CK_VOID_PTR)plabel, (CK_ULONG)strlen(plabel),(CK_VOID_PTR) cBuffer,ulLen,pobjectID, (CK_ULONG)strlen(pobjectID)); ++ (CK_VOID_PTR)plabel, (CK_ULONG)strlen(plabel),(CK_VOID_PTR) cBuffer,ulLen,(CK_VOID_PTR)pobjectID, (CK_ULONG)strlen(pobjectID)); + if (ret) goto cleanup; + } + if(dataType != CACHED_DATA_TYPE_ALL){ +@@ -1087,7 +1087,7 @@ + pobjectID = BEID_OBJECTID_ADDRESS; + ret = p11_add_slot_ID_object(pSlot, ID_DATA, sizeof(ID_DATA)/sizeof(CK_ATTRIBUTE), CK_TRUE, CKO_DATA, CK_FALSE, &hObject, + (CK_VOID_PTR)plabel, (CK_ULONG)strlen(plabel),(CK_VOID_PTR) oFileData.GetBytes(),(CK_ULONG)oFileData.Size(), +- pobjectID, (CK_ULONG)strlen(pobjectID)); ++ (CK_VOID_PTR)pobjectID, (CK_ULONG)strlen(pobjectID)); + if (ret) goto cleanup; + oTLVBufferAddress.ParseTLV(oFileData.GetBytes(), oFileData.Size()); + nrOfItems = sizeof(ADDRESS_LABELS)/sizeof(BEID_DATA_LABELS_NAME); +@@ -1099,7 +1099,7 @@ + plabel = ADDRESS_LABELS[i].name; + ret = p11_add_slot_ID_object(pSlot, ID_DATA, sizeof(ID_DATA)/sizeof(CK_ATTRIBUTE), CK_TRUE, CKO_DATA, CK_FALSE, &hObject, + (CK_VOID_PTR)plabel, (CK_ULONG)strlen(plabel),(CK_VOID_PTR) cBuffer,ulLen, +- pobjectID, (CK_ULONG)strlen(pobjectID)); ++ (CK_VOID_PTR)pobjectID, (CK_ULONG)strlen(pobjectID)); + if (ret) goto cleanup; + } + if(dataType != CACHED_DATA_TYPE_ALL){ +@@ -1111,7 +1111,7 @@ + oFileData = oReader.ReadFile(BEID_FILE_PHOTO); + ret = p11_add_slot_ID_object(pSlot, ID_DATA, sizeof(ID_DATA)/sizeof(CK_ATTRIBUTE), CK_TRUE, CKO_DATA, CK_FALSE, &hObject, + (CK_VOID_PTR)plabel, (CK_ULONG)strlen(plabel),(CK_VOID_PTR) oFileData.GetBytes(),(CK_ULONG)oFileData.Size(), +- pobjectID, (CK_ULONG)strlen(BEID_OBJECTID_PHOTO)); ++ (CK_VOID_PTR)pobjectID, (CK_ULONG)strlen(BEID_OBJECTID_PHOTO)); + if (ret) goto cleanup; + if(dataType != CACHED_DATA_TYPE_ALL){ + break; +--- pkcs11/src/cal.h.orig ++++ pkcs11/src/cal.h +@@ -179,7 +179,7 @@ + + typedef struct BEID_DATA_LABELS_NAME { + unsigned char tag; +- char* name; ++ char const * name; + }BEID_DATA_LABELS_NAME; + + #define BEID_LABEL_DATA_FILE "DATA_FILE" +--- pkcs11/src/log.h.orig ++++ pkcs11/src/log.h +@@ -60,42 +60,42 @@ + + static P11_MAP_TYPE const P11_CLASS_TYPES[]= + { +- { CKO_DATA, "CKO_DATA" }, +- { CKO_CERTIFICATE, "CKO_CERTIFICATE" }, +- { CKO_PUBLIC_KEY, "CKO_PUBLIC_KEY" }, +- { CKO_PRIVATE_KEY, "CKO_PRIVATE_KEY" }, +- { CKO_SECRET_KEY, "CKO_SECRET_KEY" }, +- { CKO_HW_FEATURE, "CKO_HW_FEATURE" }, +- { CKO_DOMAIN_PARAMETERS, "CKO_DOMAIN_PARAMETERS" }, +- { CKO_VENDOR_DEFINED, "CKO_VENDOR_DEFINED" }, +- {0,0} ++ { CKO_DATA, "CKO_DATA", 0 }, ++ { CKO_CERTIFICATE, "CKO_CERTIFICATE", 0 }, ++ { CKO_PUBLIC_KEY, "CKO_PUBLIC_KEY", 0 }, ++ { CKO_PRIVATE_KEY, "CKO_PRIVATE_KEY", 0 }, ++ { CKO_SECRET_KEY, "CKO_SECRET_KEY", 0 }, ++ { CKO_HW_FEATURE, "CKO_HW_FEATURE", 0 }, ++ { CKO_DOMAIN_PARAMETERS, "CKO_DOMAIN_PARAMETERS", 0 }, ++ { CKO_VENDOR_DEFINED, "CKO_VENDOR_DEFINED", 0 }, ++ {0,0,0} + }; + + static P11_MAP_TYPE const P11_CERTIFICATE_TYPES[]= + { +- { CKC_X_509, "CKC_X_509" }, +- { CKC_X_509_ATTR_CERT, "CKC_X_509_ATTR_CERT" }, +- {0,0} ++ { CKC_X_509, "CKC_X_509", 0 }, ++ { CKC_X_509_ATTR_CERT, "CKC_X_509_ATTR_CERT", 0 }, ++ {0,0,0} + }; + + static P11_MAP_TYPE const P11_KEY_TYPES[]= + { +- { CKK_RSA, "CKK_RSA" }, +- { CKK_DSA, "CKK_DSA" }, +- { CKK_DH, "CKK_DH" }, +- { CKK_ECDSA, "CKK_ECDSA" }, +- { CKK_EC, "CKK_EC" }, +- { CKK_RC2, "CKK_RC2" }, +- { CKK_RC4, "CKK_RC4" }, +- { CKK_RC5, "CKK_RC5" }, +- { CKK_DES, "CKK_DES" }, +- { CKK_DES3, "CKK_DES3" }, +- { CKK_CAST, "CKK_CAST" }, +- { CKK_CAST3, "CKK_CAST3" }, +- { CKK_CAST128, "CKK_CAST128" }, +- { CKK_IDEA, "CKK_IDEA" }, +- { CKK_AES, "CKK_AES" }, +- {0,0} ++ { CKK_RSA, "CKK_RSA", 0 }, ++ { CKK_DSA, "CKK_DSA", 0 }, ++ { CKK_DH, "CKK_DH", 0 }, ++ { CKK_ECDSA, "CKK_ECDSA", 0 }, ++ { CKK_EC, "CKK_EC", 0 }, ++ { CKK_RC2, "CKK_RC2", 0 }, ++ { CKK_RC4, "CKK_RC4", 0 }, ++ { CKK_RC5, "CKK_RC5", 0 }, ++ { CKK_DES, "CKK_DES", 0 }, ++ { CKK_DES3, "CKK_DES3", 0 }, ++ { CKK_CAST, "CKK_CAST", 0 }, ++ { CKK_CAST3, "CKK_CAST3", 0 }, ++ { CKK_CAST128, "CKK_CAST128", 0 }, ++ { CKK_IDEA, "CKK_IDEA", 0 }, ++ { CKK_AES, "CKK_AES", 0 }, ++ {0,0,0} + }; + + static P11_MAP_TYPE const P11_ATTR_TYPES[]= { +@@ -159,7 +159,7 @@ + { CKA_RESET_ON_INIT, "CKA_RESET_ON_INIT", 0 }, + { CKA_HAS_RESET, "CKA_HAS_RESET", 0 }, + { CKA_VENDOR_DEFINED, "CKA_VENDOR_DEFINED", 0 }, +- {0,0} ++ {0,0,0} + }; + + diff --git a/security/libbeid/pkg-descr b/security/libbeid/pkg-descr new file mode 100644 index 000000000000..14edf1f9ebab --- /dev/null +++ b/security/libbeid/pkg-descr @@ -0,0 +1,4 @@ +Support libraries for Belgian government-issued electronic identity cards. +A PKCS #11 module is included that can be used with Mozilla Firefox. + +WWW: https://code.google.com/p/eid-mw/ diff --git a/security/libbeid/pkg-message b/security/libbeid/pkg-message new file mode 100644 index 000000000000..67763ce3f3f6 --- /dev/null +++ b/security/libbeid/pkg-message @@ -0,0 +1,19 @@ +WARNING: +The private keys on the eID cards are created by the Belgian government and +not by the citizens. You should assume that the government can forge digital +signatures and decrypt encrypted content. + +The procfs file system must be mounted on /proc for these libraries to work +correctly. + +To use your eID in Firefox you can add libbeidpkcs11.so as a security module: +- Make sure you have installed a pcsc-lite driver for your card reader (such + as devel/libccid) and that pcscd is running (add pcscd_enable="YES" to + /etc/rc.conf and start the service by running "service pcscd start"). +- Connect your card reader. +- In Firefox go to Edit->Preferences->Advanced->Certificates and press + "Security Devices", then "Load". +- Enter a name such as "Belgian eID" and browse for libbeidpkcs11.so. Then + close the two windows by pressing "OK" twice. +- If all went well you can now plug in your eID card and see your certificates + listed under "View Certificates->Your Certificates". diff --git a/security/libbeid/pkg-plist b/security/libbeid/pkg-plist new file mode 100644 index 000000000000..9c0073d4071a --- /dev/null +++ b/security/libbeid/pkg-plist @@ -0,0 +1,14 @@ +lib/libbeidcardlayer.so +lib/libbeidcommon.so +lib/libbeidcommon.so.0 +lib/libbeidcommon.so.0.0.0 +lib/libbeiddialogs.so +lib/libbeidpkcs11.so +lib/libbeidpkcs11.so.0 +lib/libbeidpkcs11.so.0.0.0 +libexec/beid-askaccess +libexec/beid-askpin +libexec/beid-badpin +libexec/beid-changepin +libexec/beid-spr-askpin +libexec/beid-spr-changepin |