- last minute changes before the new release
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@194 c6295689-39f2-0310-b995-f0e70906c6a9
This commit is contained in:
parent
e6ccf518da
commit
17332ea10e
@ -2,7 +2,7 @@
|
|||||||
|
|
||||||
SUBDIRS = . aclocal src
|
SUBDIRS = . aclocal src
|
||||||
|
|
||||||
EXTRA_DIST = bootstrap
|
EXTRA_DIST = bootstrap README.Cryptoflex
|
||||||
|
|
||||||
# require automake 1.5
|
# require automake 1.5
|
||||||
AUTOMAKE_OPTIONS = 1.5
|
AUTOMAKE_OPTIONS = 1.5
|
||||||
|
10
NEWS
10
NEWS
@ -1,5 +1,15 @@
|
|||||||
NEWS for OpenSC -- History of user visible changes
|
NEWS for OpenSC -- History of user visible changes
|
||||||
|
|
||||||
|
New in 0.5.0; 2002-01-24; Juha Yrjölä:
|
||||||
|
* PKCS #15 generation support
|
||||||
|
* PKCS #11 module almost completely rewritten
|
||||||
|
* Implemented opensc-explorer; a tool for browsing and modifying
|
||||||
|
the card file system
|
||||||
|
* Almost complete support for Cryptoflex 16k; implemented cryptoflex-tool
|
||||||
|
* Started writing some API documentation using Doxygen
|
||||||
|
* Much improved object handling code in PKCS #15 framework
|
||||||
|
* Lots of bugs fixed, lots of new ones introduced
|
||||||
|
|
||||||
New in 0.4.0; 2001-12-29; Juha Yrjölä:
|
New in 0.4.0; 2001-12-29; Juha Yrjölä:
|
||||||
* Finished migrating to Autotools
|
* Finished migrating to Autotools
|
||||||
* Rewritten ASN.1 decoder (should work better on all PKCS #15 cards)
|
* Rewritten ASN.1 decoder (should work better on all PKCS #15 cards)
|
||||||
|
@ -14,7 +14,9 @@ WARNING: You should be using a very safe terminal when issuing the
|
|||||||
|
|
||||||
0. If you don't have a Cryptoflex 16k, you will have to add the ATR of
|
0. If you don't have a Cryptoflex 16k, you will have to add the ATR of
|
||||||
your card manually to the flex_atrs structure at the top of card-flex.c.
|
your card manually to the flex_atrs structure at the top of card-flex.c.
|
||||||
The ATR can be found with 'opensc-tool -a' command.
|
The ATR can be found with 'opensc-tool -a' command. You should mail
|
||||||
|
the ATR string to <juha.yrjola@iki.fi>, so it can be added in the
|
||||||
|
official distribution.
|
||||||
|
|
||||||
1. Verify the AAK key and CHV2:
|
1. Verify the AAK key and CHV2:
|
||||||
|
|
||||||
|
@ -30,10 +30,32 @@
|
|||||||
void sc_pkcs15_print_prkey_info(const struct sc_pkcs15_prkey_info *prkey)
|
void sc_pkcs15_print_prkey_info(const struct sc_pkcs15_prkey_info *prkey)
|
||||||
{
|
{
|
||||||
int i;
|
int i;
|
||||||
|
const char *usages[] = {
|
||||||
|
"encrypt", "decrypt", "sign", "signRecover",
|
||||||
|
"wrap", "unwrap", "verify", "verifyRecover",
|
||||||
|
"derive", "nonRepudiation"
|
||||||
|
};
|
||||||
|
const int usage_count = sizeof(usages)/sizeof(usages[0]);
|
||||||
|
const char *access_flags[] = {
|
||||||
|
"sensitive", "extract", "alwaysSensitive",
|
||||||
|
"neverExtract", "local"
|
||||||
|
};
|
||||||
|
const int af_count = sizeof(access_flags)/sizeof(access_flags[0]);
|
||||||
|
|
||||||
printf("Private RSA Key [%s]\n", prkey->com_attr.label);
|
printf("Private RSA Key [%s]\n", prkey->com_attr.label);
|
||||||
printf("\tFlags : %X\n", prkey->com_attr.flags);
|
printf("\tCom. Flags : %X\n", prkey->com_attr.flags);
|
||||||
printf("\tUsage : %X\n", prkey->usage);
|
printf("\tUsage : [0x%X]", prkey->usage);
|
||||||
printf("\tAccessFlags : %X\n", prkey->access_flags);
|
for (i = 0; i < usage_count; i++)
|
||||||
|
if (prkey->usage & (1 << i)) {
|
||||||
|
printf(", %s", usages[i]);
|
||||||
|
}
|
||||||
|
printf("\n");
|
||||||
|
printf("\tAccess Flags: [0x%X]", prkey->access_flags);
|
||||||
|
for (i = 0; i < af_count; i++)
|
||||||
|
if (prkey->access_flags & (1 << i)) {
|
||||||
|
printf(", %s", access_flags[i]);
|
||||||
|
}
|
||||||
|
printf("\n");
|
||||||
printf("\tModLength : %d\n", prkey->modulus_length);
|
printf("\tModLength : %d\n", prkey->modulus_length);
|
||||||
printf("\tKey ref : %d\n", prkey->key_reference);
|
printf("\tKey ref : %d\n", prkey->key_reference);
|
||||||
printf("\tNative : %s\n", prkey->native ? "yes" : "no");
|
printf("\tNative : %s\n", prkey->native ? "yes" : "no");
|
||||||
|
@ -461,6 +461,7 @@ struct sc_pkcs15_card * sc_pkcs15_card_new()
|
|||||||
memset(p15card, 0, sizeof(struct sc_pkcs15_card));
|
memset(p15card, 0, sizeof(struct sc_pkcs15_card));
|
||||||
for (i = 0; i < SC_PKCS15_DF_TYPE_COUNT; i++)
|
for (i = 0; i < SC_PKCS15_DF_TYPE_COUNT; i++)
|
||||||
p15card->df[i].type = i;
|
p15card->df[i].type = i;
|
||||||
|
p15card->magic = SC_PKCS15_CARD_MAGIC;
|
||||||
return p15card;
|
return p15card;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -468,6 +469,7 @@ void sc_pkcs15_card_free(struct sc_pkcs15_card *p15card)
|
|||||||
{
|
{
|
||||||
int i, j;
|
int i, j;
|
||||||
|
|
||||||
|
assert(p15card != NULL && p15card->magic == SC_PKCS15_CARD_MAGIC);
|
||||||
for (j = 0; j < SC_PKCS15_DF_TYPE_COUNT; j++)
|
for (j = 0; j < SC_PKCS15_DF_TYPE_COUNT; j++)
|
||||||
for (i = 0; i < p15card->df[j].count; i++) {
|
for (i = 0; i < p15card->df[j].count; i++) {
|
||||||
struct sc_pkcs15_object *p;
|
struct sc_pkcs15_object *p;
|
||||||
@ -482,6 +484,7 @@ void sc_pkcs15_card_free(struct sc_pkcs15_card *p15card)
|
|||||||
p = p2;
|
p = p2;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
p15card->magic = 0;
|
||||||
free(p15card->label);
|
free(p15card->label);
|
||||||
free(p15card->serial_number);
|
free(p15card->serial_number);
|
||||||
free(p15card->manufacturer_id);
|
free(p15card->manufacturer_id);
|
||||||
@ -600,7 +603,7 @@ int sc_pkcs15_detect(struct sc_card *card)
|
|||||||
|
|
||||||
int sc_pkcs15_unbind(struct sc_pkcs15_card *p15card)
|
int sc_pkcs15_unbind(struct sc_pkcs15_card *p15card)
|
||||||
{
|
{
|
||||||
assert(p15card != NULL);
|
assert(p15card != NULL && p15card->magic == SC_PKCS15_CARD_MAGIC);
|
||||||
SC_FUNC_CALLED(p15card->card->ctx, 1);
|
SC_FUNC_CALLED(p15card->card->ctx, 1);
|
||||||
sc_pkcs15_card_free(p15card);
|
sc_pkcs15_card_free(p15card);
|
||||||
return 0;
|
return 0;
|
||||||
|
@ -22,7 +22,8 @@ int sc_test_init(int *argc, char *argv[])
|
|||||||
printf("sc_establish_context() failed (%d)\n", i);
|
printf("sc_establish_context() failed (%d)\n", i);
|
||||||
return i;
|
return i;
|
||||||
}
|
}
|
||||||
ctx->use_std_output = 1;
|
ctx->error_file = stderr;
|
||||||
|
ctx->debug_file = stdout;
|
||||||
i = sc_detect_card(ctx, 0);
|
i = sc_detect_card(ctx, 0);
|
||||||
printf("Card %s.\n", i == 1 ? "present" : "absent");
|
printf("Card %s.\n", i == 1 ? "present" : "absent");
|
||||||
if (i < 0) {
|
if (i < 0) {
|
||||||
|
@ -1116,42 +1116,51 @@ int create_pkcs15()
|
|||||||
|
|
||||||
memset(&cert, 0, sizeof(cert));
|
memset(&cert, 0, sizeof(cert));
|
||||||
strcpy(cert.com_attr.label, "Authentication certificate");
|
strcpy(cert.com_attr.label, "Authentication certificate");
|
||||||
sc_pkcs15_format_id("41", &cert.id);
|
sc_pkcs15_format_id("45", &cert.id);
|
||||||
sc_format_path("3F0050154301", &cert.path);
|
sc_format_path("3F0050154301", &cert.path);
|
||||||
add_object(p15card, &p15card->df[SC_PKCS15_CDF], file_no,
|
add_object(p15card, &p15card->df[SC_PKCS15_CDF], file_no,
|
||||||
SC_PKCS15_TYPE_CERT_X509, &cert, sizeof(cert)),
|
SC_PKCS15_TYPE_CERT_X509, &cert, sizeof(cert)),
|
||||||
|
|
||||||
strcpy(cert.com_attr.label, "Non-repudiation certificate");
|
strcpy(cert.com_attr.label, "Non-repudiation certificate");
|
||||||
sc_pkcs15_format_id("42", &cert.id);
|
sc_pkcs15_format_id("46", &cert.id);
|
||||||
sc_format_path("3F0050154302", &cert.path);
|
sc_format_path("3F0050154302", &cert.path);
|
||||||
add_object(p15card, &p15card->df[SC_PKCS15_CDF], file_no,
|
add_object(p15card, &p15card->df[SC_PKCS15_CDF], file_no,
|
||||||
SC_PKCS15_TYPE_CERT_X509, &cert, sizeof(cert)),
|
SC_PKCS15_TYPE_CERT_X509, &cert, sizeof(cert)),
|
||||||
|
|
||||||
memset(&prkey, 0, sizeof(prkey));
|
memset(&prkey, 0, sizeof(prkey));
|
||||||
prkey.modulus_length = 1024;
|
prkey.modulus_length = opt_mod_length;
|
||||||
|
prkey.com_attr.flags = 1;
|
||||||
|
prkey.native = 1;
|
||||||
|
|
||||||
strcpy(prkey.com_attr.label, "Authentication key");
|
strcpy(prkey.com_attr.label, "Authentication key");
|
||||||
sc_pkcs15_format_id("41", &prkey.id);
|
sc_pkcs15_format_id("45", &prkey.id);
|
||||||
sc_pkcs15_format_id("01", &prkey.com_attr.auth_id);
|
sc_pkcs15_format_id("01", &prkey.com_attr.auth_id);
|
||||||
sc_format_path("0012", &prkey.path);
|
sc_format_path("0012", &prkey.path);
|
||||||
prkey.key_reference = 0;
|
prkey.key_reference = 0;
|
||||||
|
prkey.usage = SC_PKCS15_PRKEY_USAGE_SIGN;
|
||||||
|
prkey.access_flags = 0x1D;
|
||||||
add_object(p15card, &p15card->df[SC_PKCS15_PRKDF], file_no,
|
add_object(p15card, &p15card->df[SC_PKCS15_PRKDF], file_no,
|
||||||
SC_PKCS15_TYPE_PRKEY_RSA, &prkey, sizeof(prkey)),
|
SC_PKCS15_TYPE_PRKEY_RSA, &prkey, sizeof(prkey)),
|
||||||
|
|
||||||
strcpy(prkey.com_attr.label, "Non-repudiation key");
|
strcpy(prkey.com_attr.label, "Non-repudiation key");
|
||||||
sc_pkcs15_format_id("42", &prkey.id);
|
sc_pkcs15_format_id("46", &prkey.id);
|
||||||
sc_pkcs15_format_id("02", &prkey.com_attr.auth_id);
|
sc_pkcs15_format_id("02", &prkey.com_attr.auth_id);
|
||||||
sc_format_path("3F004B020012", &prkey.path);
|
sc_format_path("3F004B020012", &prkey.path);
|
||||||
prkey.key_reference = 0;
|
prkey.key_reference = 0;
|
||||||
|
prkey.usage = SC_PKCS15_PRKEY_USAGE_NONREPUDIATION;
|
||||||
|
prkey.access_flags = 0x1D;
|
||||||
add_object(p15card, &p15card->df[SC_PKCS15_PRKDF], file_no,
|
add_object(p15card, &p15card->df[SC_PKCS15_PRKDF], file_no,
|
||||||
SC_PKCS15_TYPE_PRKEY_RSA, &prkey, sizeof(prkey)),
|
SC_PKCS15_TYPE_PRKEY_RSA, &prkey, sizeof(prkey)),
|
||||||
|
|
||||||
memset(&pin, 0, sizeof(pin));
|
memset(&pin, 0, sizeof(pin));
|
||||||
|
pin.com_attr.flags = 0x03;
|
||||||
pin.magic = SC_PKCS15_PIN_MAGIC;
|
pin.magic = SC_PKCS15_PIN_MAGIC;
|
||||||
|
|
||||||
strcpy(pin.com_attr.label, "Authentication PIN");
|
strcpy(pin.com_attr.label, "Authentication PIN");
|
||||||
sc_pkcs15_format_id("01", &pin.auth_id);
|
sc_pkcs15_format_id("01", &pin.auth_id);
|
||||||
sc_format_path("3F005015", &pin.path);
|
sc_format_path("3F005015", &pin.path);
|
||||||
pin.reference = 1;
|
pin.reference = 1;
|
||||||
|
pin.flags = 0x32;
|
||||||
pin.min_length = 4;
|
pin.min_length = 4;
|
||||||
pin.stored_length = 8;
|
pin.stored_length = 8;
|
||||||
pin.pad_char = 0x00;
|
pin.pad_char = 0x00;
|
||||||
@ -1163,6 +1172,7 @@ int create_pkcs15()
|
|||||||
sc_pkcs15_format_id("02", &pin.auth_id);
|
sc_pkcs15_format_id("02", &pin.auth_id);
|
||||||
sc_format_path("3F004B02", &pin.path);
|
sc_format_path("3F004B02", &pin.path);
|
||||||
pin.reference = 1;
|
pin.reference = 1;
|
||||||
|
pin.flags = 0x32;
|
||||||
pin.min_length = 4;
|
pin.min_length = 4;
|
||||||
pin.stored_length = 8;
|
pin.stored_length = 8;
|
||||||
pin.pad_char = 0x00;
|
pin.pad_char = 0x00;
|
||||||
|
Loading…
Reference in New Issue
Block a user