[AUTO-CHERRYPICK] [Medium] opensc: Fix CVE-2023-40660 and CVE-2024-1454 - branch main (#12661)

Co-authored-by: Sreenivasulu Malavathula (HCL Technologies Ltd) <v-smalavathu@microsoft.com>

Author: CBL-Mariner-Bot

SPECS/opensc/CVE-2023-40660.patch

@@ -0,0 +1,59 @@
+From 744f2647b999d0c96243acdffd95f1b7b6c6dfa0 Mon Sep 17 00:00:00 2001
+From: Sreenivasulu Malavathula <v-smalavathu@microsoft.com>
+Date: Sun, 23 Feb 2025 19:17:33 -0600
+Subject: [PATCH] Address CVE-2023-40660
+
+---
+ src/libopensc/card-authentic.c | 11 +++++++++++
+ src/libopensc/pkcs15-pin.c     | 13 -------------
+ 2 files changed, 11 insertions(+), 13 deletions(-)
+
+diff --git a/src/libopensc/card-authentic.c b/src/libopensc/card-authentic.c
+index 563210d..344c09c 100644
+--- a/src/libopensc/card-authentic.c
++++ b/src/libopensc/card-authentic.c
+@@ -2311,6 +2311,17 @@ authentic_sm_get_wrapped_apdu(struct sc_card *card, struct sc_apdu *plain, struc
+ }
+ #endif
+ 
++int authentic_logout(sc_card_t *card)
++{
++	int r = SC_ERROR_NOT_SUPPORTED;
++
++	if (card->type == SC_CARD_TYPE_OBERTHUR_AUTHENTIC_3_2) {
++		r = authentic_select_aid(card, aid_AuthentIC_3_2, sizeof(aid_AuthentIC_3_2), NULL, NULL);
++	}
++
++	return r;
++}
++
+ static struct sc_card_driver *
+ sc_get_driver(void)
+ {
+diff --git a/src/libopensc/pkcs15-pin.c b/src/libopensc/pkcs15-pin.c
+index 48e16fd..2402675 100644
+--- a/src/libopensc/pkcs15-pin.c
++++ b/src/libopensc/pkcs15-pin.c
+@@ -307,19 +307,6 @@ sc_pkcs15_verify_pin(struct sc_pkcs15_card *p15card, struct sc_pkcs15_object *pi
+ 		LOG_FUNC_RETURN(ctx, SC_ERROR_INVALID_PIN_REFERENCE);
+ 	auth_info = (struct sc_pkcs15_auth_info *)pin_obj->data;
+ 
+-	/*
+-	 * if pin cache is disabled, we can get here with no PIN data.
+-	 * in this case, to avoid error or unnecessary pin prompting on pinpad,
+-	 * check if the PIN has been already verified and the access condition
+-	 * is still open on card.
+-	 */
+-	if (pinlen == 0) {
+-	    r = sc_pkcs15_get_pin_info(p15card, pin_obj);
+-
+-	    if (r == SC_SUCCESS && auth_info->logged_in == SC_PIN_STATE_LOGGED_IN)
+-		LOG_FUNC_RETURN(ctx, r);
+-	}
+-
+ 	r = _validate_pin(p15card, auth_info, pinlen);
+ 
+ 	if (r)
+-- 
+2.45.2
+

SPECS/opensc/CVE-2024-1454.patch

@@ -0,0 +1,28 @@
+From 4d1fbfdce97b44bb4ffb991bbc481da5056c1bfe Mon Sep 17 00:00:00 2001
+From: Sreenivasulu Malavathula <v-smalavathu@microsoft.com>
+Date: Sun, 23 Feb 2025 19:04:16 -0600
+Subject: [PATCH] Address CVE-2024-1454
+
+---
+ src/pkcs15init/pkcs15-authentic.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/src/pkcs15init/pkcs15-authentic.c b/src/pkcs15init/pkcs15-authentic.c
+index c6894dd..adedd0a 100644
+--- a/src/pkcs15init/pkcs15-authentic.c
++++ b/src/pkcs15init/pkcs15-authentic.c
+@@ -858,7 +858,10 @@ authentic_emu_update_tokeninfo(struct sc_profile *profile, struct sc_pkcs15_card
+         rv = sc_select_file(p15card->card, &path, &file);
+         if (!rv)   {
+ 		rv = sc_get_challenge(p15card->card, buffer, sizeof(buffer));
+-		LOG_TEST_RET(ctx, rv, "Get challenge error");
++		if (rv < 0) {
++			sc_file_free(file);
++			LOG_TEST_RET(ctx, rv, "Get challenge error");
++		}
+ 
+ 		len = file->size > sizeof(buffer) ? sizeof(buffer) : file->size;
+ 	        rv = sc_update_binary(p15card->card, 0, buffer, len, 0);
+-- 
+2.45.2
+

SPECS/opensc/opensc.spec

@@ -3,7 +3,7 @@
 Summary:        Smart card library and applications
 Name:           opensc
 Version:        0.23.0
-Release:        3%{?dist}
+Release:        4%{?dist}
 License:        LGPLv2+
 Vendor:         Microsoft Corporation
 Distribution:   Mariner
@@ -13,6 +13,8 @@ Source1:        opensc.module
 Patch1:         opensc-0.23.0-pinpad.patch
 Patch2:         CVE-2023-4535.patch
 Patch3:         CVE-2023-5992.patch
+Patch4:         CVE-2024-1454.patch
+Patch5:         CVE-2023-40660.patch
 BuildRequires:  autoconf
 BuildRequires:  automake
 BuildRequires:  bash-completion
@@ -142,6 +144,9 @@ rm %{buildroot}%{_mandir}/man1/opensc-notify.1*
 %{_mandir}/man5/*
 
 %changelog
+* Tue Feb 25 2025 Sreeniavsulu Malavathula <v-smalavathu@microsoft.com> - 0.23.0-4
+- Patch to fix CVE-2024-1454, CVE-2023-40660
+
 * Fri Feb 21 2025 Sindhu Karri <lakarri@microsoft.com> - 0.23.0-3
 - Fix CVE-2023-5992