diff --git a/doc/files/files.html b/doc/files/files.html
index ea5aa865..12684cd9 100644
--- a/doc/files/files.html
+++ b/doc/files/files.html
@@ -775,8 +775,8 @@ app application
{
builtin_emulators = emulators
;
List of the builtin pkcs15 emulators to test
- (Default: westcos, openpgp, infocamere,
- starcert, tcos, esteid, itacns, postecert,
+ (Default: westcos, openpgp,
+ starcert, tcos, esteid, itacns,
PIV-II, cac, gemsafeGPK, gemsafeV1, actalis,
atrust-acos, tccardos, entersafe, pteid,
oberthur, sc-hsm, dnie, gids, iasecc, jpki,
diff --git a/doc/files/opensc.conf.5.xml.in b/doc/files/opensc.conf.5.xml.in
index df908808..33ac08bb 100644
--- a/doc/files/opensc.conf.5.xml.in
+++ b/doc/files/opensc.conf.5.xml.in
@@ -1178,8 +1178,8 @@ app application {
List of the builtin pkcs15 emulators to test
- (Default: westcos, openpgp, infocamere,
- starcert, tcos, esteid, itacns, postecert,
+ (Default: westcos, openpgp,
+ starcert, tcos, esteid, itacns,
PIV-II, cac, gemsafeGPK, gemsafeV1, actalis,
atrust-acos, tccardos, entersafe, pteid,
oberthur, sc-hsm, dnie, gids, iasecc, jpki,
diff --git a/etc/opensc.conf.example.in b/etc/opensc.conf.example.in
index dc3b5bd8..3d54098f 100644
--- a/etc/opensc.conf.example.in
+++ b/etc/opensc.conf.example.in
@@ -904,7 +904,7 @@ app default {
# enable_builtin_emulation = no;
#
# List of the builtin pkcs15 emulators to test
- # Default: esteid, openpgp, tcos, starcert, itacns, infocamere, postecert, actalis, atrust-acos, gemsafeGPK, gemsafeV1, tccardos, PIV-II;
+ # Default: esteid, openpgp, tcos, starcert, itacns, actalis, atrust-acos, gemsafeGPK, gemsafeV1, tccardos, PIV-II;
# builtin_emulators = openpgp;
# additional settings per driver
diff --git a/src/libopensc/Makefile.am b/src/libopensc/Makefile.am
index e1e23cba..3044f675 100644
--- a/src/libopensc/Makefile.am
+++ b/src/libopensc/Makefile.am
@@ -51,8 +51,8 @@ libopensc_la_SOURCES_BASE = \
card-isoApplet.c card-masktech.c card-gids.c card-jpki.c \
card-npa.c \
\
- pkcs15-openpgp.c pkcs15-infocamere.c pkcs15-starcert.c \
- pkcs15-tcos.c pkcs15-esteid.c pkcs15-postecert.c pkcs15-gemsafeGPK.c \
+ pkcs15-openpgp.c pkcs15-starcert.c \
+ pkcs15-tcos.c pkcs15-esteid.c pkcs15-gemsafeGPK.c \
pkcs15-actalis.c pkcs15-atrust-acos.c pkcs15-tccardos.c pkcs15-piv.c \
pkcs15-cac.c pkcs15-esinit.c pkcs15-westcos.c pkcs15-pteid.c \
pkcs15-oberthur.c pkcs15-itacns.c pkcs15-gemsafeV1.c pkcs15-sc-hsm.c \
diff --git a/src/libopensc/Makefile.mak b/src/libopensc/Makefile.mak
index c4982304..08b6d6f3 100644
--- a/src/libopensc/Makefile.mak
+++ b/src/libopensc/Makefile.mak
@@ -30,8 +30,8 @@ OBJECTS = \
card-masktech.obj card-gids.obj card-jpki.obj \
card-npa.obj \
\
- pkcs15-openpgp.obj pkcs15-infocamere.obj pkcs15-starcert.obj \
- pkcs15-tcos.obj pkcs15-esteid.obj pkcs15-postecert.obj pkcs15-gemsafeGPK.obj \
+ pkcs15-openpgp.obj pkcs15-starcert.obj \
+ pkcs15-tcos.obj pkcs15-esteid.obj pkcs15-gemsafeGPK.obj \
pkcs15-actalis.obj pkcs15-atrust-acos.obj pkcs15-tccardos.obj pkcs15-piv.obj \
pkcs15-cac.obj pkcs15-esinit.obj pkcs15-westcos.obj pkcs15-pteid.obj pkcs15-din-66291.obj \
pkcs15-oberthur.obj pkcs15-itacns.obj pkcs15-gemsafeV1.obj pkcs15-sc-hsm.obj \
diff --git a/src/libopensc/card-cardos.c b/src/libopensc/card-cardos.c
index 3de45ffd..73b496d4 100644
--- a/src/libopensc/card-cardos.c
+++ b/src/libopensc/card-cardos.c
@@ -45,13 +45,6 @@ static struct sc_card_driver cardos_drv = {
static const struct sc_atr_table cardos_atrs[] = {
/* 4.0 */
{ "3b:e2:00:ff:c1:10:31:fe:55:c8:02:9c", NULL, NULL, SC_CARD_TYPE_CARDOS_GENERIC, 0, NULL },
- /* Italian eID card, postecert */
- { "3b:e9:00:ff:c1:10:31:fe:55:00:64:05:00:c8:02:31:80:00:47", NULL, NULL, SC_CARD_TYPE_CARDOS_CIE_V1, 0, NULL },
- /* Italian eID card, infocamere */
- { "3b:fb:98:00:ff:c1:10:31:fe:55:00:64:05:20:47:03:31:80:00:90:00:f3", NULL, NULL, SC_CARD_TYPE_CARDOS_GENERIC, 0, NULL },
- /* Another Italian InfocamereCard */
- { "3b:fc:98:00:ff:c1:10:31:fe:55:c8:03:49:6e:66:6f:63:61:6d:65:72:65:28", NULL, NULL, SC_CARD_TYPE_CARDOS_GENERIC, 0, NULL },
- { "3b:f4:98:00:ff:c1:10:31:fe:55:4d:34:63:76:b4", NULL, NULL, SC_CARD_TYPE_CARDOS_GENERIC, 0, NULL},
/* cardos m4.2 and above */
{ "3b:f2:18:00:ff:c1:0a:31:fe:55:c8:06:8a", "ff:ff:0f:ff:00:ff:00:ff:ff:00:00:00:00", NULL, SC_CARD_TYPE_CARDOS_M4_2, 0, NULL },
/* CardOS 4.4 */
diff --git a/src/libopensc/pkcs15-infocamere.c b/src/libopensc/pkcs15-infocamere.c
deleted file mode 100644
index 6cb00d36..00000000
--- a/src/libopensc/pkcs15-infocamere.c
+++ /dev/null
@@ -1,816 +0,0 @@
-/*
- * PKCS15 emulation layer for 1202, 1203 and 1400 Infocamere card.
- * To see how this works, run p15dump on your Infocamere card.
- *
- * Copyright (C) 2005, Sirio Capizzi
- * Copyright (C) 2004, Antonino Iacono
- * Copyright (C) 2003, Olaf Kirch
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
- */
-
-#if HAVE_CONFIG_H
-#include "config.h"
-#endif
-
-#include
-#include
-#include
-#ifdef ENABLE_ZLIB
-#include
-#endif
-
-#include "common/compat_strlcpy.h"
-#include "pkcs15.h"
-#include "log.h"
-
-int sc_pkcs15emu_infocamere_init_ex(sc_pkcs15_card_t *, struct sc_aid *aid,
- sc_pkcs15emu_opt_t *);
-
-static int (*set_security_env) (sc_card_t *, const sc_security_env_t *,
- int);
-
-static int set_sec_env(sc_card_t * card, const sc_security_env_t * env,
- int se_num)
-{
- sc_security_env_t tenv = *env;
- if (tenv.operation == SC_SEC_OPERATION_SIGN)
- tenv.operation = SC_SEC_OPERATION_DECIPHER;
- return set_security_env(card, &tenv, se_num);
-}
-
-static int do_sign(sc_card_t * card, const u8 * in, size_t inlen, u8 * out,
- size_t outlen)
-{
- return card->ops->decipher(card, in, inlen, out, outlen);
-}
-
-static void set_string(char **strp, const char *value)
-{
- if (*strp)
- free(*strp);
- *strp = value ? strdup(value) : NULL;
-}
-
-#if 1
-/* XXX: temporary copy of the old pkcs15emu functions,
- * to be removed */
-static int sc_pkcs15emu_add_pin(sc_pkcs15_card_t *p15card,
- const sc_pkcs15_id_t *id, const char *label,
- const sc_path_t *path, int ref, int type,
- unsigned int min_length,
- unsigned int max_length,
- int flags, int tries_left, const char pad_char, int obj_flags)
-{
- sc_pkcs15_auth_info_t info;
- sc_pkcs15_object_t obj;
-
- memset(&info, 0, sizeof(info));
- memset(&obj, 0, sizeof(obj));
-
- info.auth_type = SC_PKCS15_PIN_AUTH_TYPE_PIN;
- info.auth_id = *id;
- info.attrs.pin.min_length = min_length;
- info.attrs.pin.max_length = max_length;
- info.attrs.pin.stored_length = max_length;
- info.attrs.pin.type = type;
- info.attrs.pin.reference = ref;
- info.attrs.pin.flags = flags;
- info.attrs.pin.pad_char = pad_char;
- info.tries_left = tries_left;
- info.logged_in = SC_PIN_STATE_UNKNOWN;
-
- if (path)
- info.path = *path;
- if (type == SC_PKCS15_PIN_TYPE_BCD)
- info.attrs.pin.stored_length /= 2;
-
- strlcpy(obj.label, label, sizeof(obj.label));
- obj.flags = obj_flags;
-
- return sc_pkcs15emu_add_pin_obj(p15card, &obj, &info);
-}
-
-static int sc_pkcs15emu_add_prkey(sc_pkcs15_card_t *p15card,
- const sc_pkcs15_id_t *id,
- const char *label,
- int type, unsigned int modulus_length, int usage,
- const sc_path_t *path, int ref,
- const sc_pkcs15_id_t *auth_id, int obj_flags)
-{
- sc_pkcs15_prkey_info_t info;
- sc_pkcs15_object_t obj;
-
- memset(&info, 0, sizeof(info));
- memset(&obj, 0, sizeof(obj));
-
- info.id = *id;
- info.modulus_length = modulus_length;
- info.usage = usage;
- info.native = 1;
- info.key_reference = ref;
-
- if (path)
- info.path = *path;
-
- obj.flags = obj_flags;
- strlcpy(obj.label, label, sizeof(obj.label));
- if (auth_id != NULL)
- obj.auth_id = *auth_id;
-
- return sc_pkcs15emu_add_rsa_prkey(p15card, &obj, &info);
-}
-
-static int sc_pkcs15emu_add_cert(sc_pkcs15_card_t *p15card,
- int type, int authority, const sc_path_t *path,
- const sc_pkcs15_id_t *id, const char *label, int obj_flags)
-{
- /* const char *label = "Certificate"; */
- sc_pkcs15_cert_info_t info;
- sc_pkcs15_object_t obj;
-
- memset(&info, 0, sizeof(info));
- memset(&obj, 0, sizeof(obj));
-
- info.id = *id;
- info.authority = authority;
- if (path)
- info.path = *path;
-
- strlcpy(obj.label, label, sizeof(obj.label));
- obj.flags = obj_flags;
-
- return sc_pkcs15emu_add_x509_cert(p15card, &obj, &info);
-}
-#endif
-
-static int infocamere_1200_init(sc_pkcs15_card_t * p15card)
-{
- const int prkey_usage = SC_PKCS15_PRKEY_USAGE_NONREPUDIATION;
- const int authprkey_usage = SC_PKCS15_PRKEY_USAGE_SIGN
- | SC_PKCS15_PRKEY_USAGE_SIGNRECOVER
- | SC_PKCS15_PRKEY_USAGE_ENCRYPT
- | SC_PKCS15_PRKEY_USAGE_DECRYPT;
-
- sc_card_t *card = p15card->card;
- sc_path_t path;
- sc_pkcs15_id_t id, auth_id;
- char serial[256];
- unsigned char certlen[2];
- int authority, change_sign = 0;
- struct sc_pkcs15_cert_info cert_info;
- struct sc_pkcs15_object cert_obj;
-
- const char *label = "User Non-repudiation Certificate";
- const char *calabel = "CA Certificate";
- const char *authlabel = "User Authentication Certificate";
-
- const char *infocamere_cert_path[2] = {
- "DF01C000",
- "3F00000011111A02"
- };
-
- const char *infocamere_auth_certpath[2] = {
- "11111A02",
- "000011111B02"
- };
-
- const char *infocamere_cacert_path[2] = {
- "DF01C008",
- "000011114101"
- };
-
- const char *infocamere_auth_path[2] = {
- "3F001111",
- "3F0000001111"
- };
-
- const char *infocamere_nrepud_path[2] = {
- "3F00DF01",
- "3F0000001111"
- };
-
- const int infocamere_idpin_auth_obj[2] = {
- 0x95,
- 0x81
- };
-
- const int infocamere_idpin_nrepud_obj[2] = {
- 0x99,
- 0x81
- };
-
- const int infocamere_idprkey_auth_obj[2] = {
- 0x9B,
- 0x01
- };
-
- const int infocamere_idprkey_nrepud_obj[2] = {
- 0x84,
- 0x01
- };
-
- const char *authPIN = "Authentication PIN";
- const char *nonrepPIN = "Non-repudiation PIN";
-
- const char *authPRKEY = "Authentication Key";
- const char *nonrepPRKEY = "Non repudiation Key";
-
- const int flags = SC_PKCS15_PIN_FLAG_CASE_SENSITIVE |
- SC_PKCS15_PIN_FLAG_INITIALIZED |
- SC_PKCS15_PIN_FLAG_NEEDS_PADDING;
-
- int r;
-
- unsigned char chn[8];
- size_t chn_len = sizeof chn;
- sc_serial_number_t iccsn;
- iccsn.len = sizeof iccsn.value;
-
-
- r = sc_parse_ef_gdo(card, iccsn.value, &iccsn.len, chn, &chn_len);
- if (r < 0)
- return r;
-
- if (!iccsn.len || chn_len < 2 || chn_len > 8) {
- return SC_ERROR_WRONG_CARD;
- }
-
- sc_bin_to_hex(iccsn.value, iccsn.len, serial, sizeof(serial), 0);
-
- if (!
- (chn[0] == 0x12
- && (chn[1] == 0x02 || chn[1] == 0x03))) {
- /* Not Infocamere Card */
- return SC_ERROR_WRONG_CARD;
- }
-
- set_string(&p15card->tokeninfo->serial_number, serial);
-
- if (chn[1] == 0x02)
- set_string(&p15card->tokeninfo->label, "Infocamere 1202 Card");
- else {
- set_string(&p15card->tokeninfo->label, "Infocamere 1203 Card");
- change_sign = 1;
- }
-
- set_string(&p15card->tokeninfo->manufacturer_id, "Infocamere");
-
- authority = 0;
-
- /* Get the authentication certificate length */
-
- sc_format_path(infocamere_auth_certpath[chn[1]-2], &path);
-
- r = sc_select_file(card, &path, NULL);
-
- if (r >= 0) {
-
- sc_read_binary(card, 0, certlen, 2, 0);
-
- /* Now set the certificate offset/len */
-
- path.index = 2;
- path.count = (certlen[1] << 8) + certlen[0];
-
- memset(&cert_info, 0, sizeof(cert_info));
- memset(&cert_obj, 0, sizeof(cert_obj));
-
- sc_pkcs15_format_id("01", &cert_info.id);
- cert_info.authority = authority;
- cert_info.path = path;
- strlcpy(cert_obj.label, authlabel, sizeof(cert_obj.label));
- cert_obj.flags = SC_PKCS15_CO_FLAG_MODIFIABLE;
-
- r = sc_pkcs15emu_add_x509_cert(p15card, &cert_obj, &cert_info);
- if (r < 0)
- return SC_ERROR_INTERNAL;
-
- /* XXX: the IDs for the key/pin in case of the 1203 type
- * are wrong, therefore I disable them for now -- Nils */
- if (!change_sign) {
- /* add authentication PIN */
-
- sc_format_path(infocamere_auth_path[chn[1]-2], &path);
-
- sc_pkcs15_format_id("01", &id);
- sc_pkcs15emu_add_pin(p15card, &id,
- authPIN, &path, infocamere_idpin_auth_obj[chn[1]-2],
- SC_PKCS15_PIN_TYPE_ASCII_NUMERIC,
- 5, 8, flags, 3, 0,
- SC_PKCS15_CO_FLAG_MODIFIABLE | SC_PKCS15_CO_FLAG_PRIVATE);
-
- /* add authentication private key */
-
- auth_id.value[0] = 1;
- auth_id.len = 1;
-
- sc_pkcs15emu_add_prkey(p15card, &id,
- authPRKEY,
- SC_PKCS15_TYPE_PRKEY_RSA,
- 1024, authprkey_usage,
- &path, infocamere_idprkey_auth_obj[chn[1]-2],
- &auth_id, SC_PKCS15_CO_FLAG_PRIVATE);
- }
-
- }
-
- /* Get the non-repudiation certificate length */
-
- sc_format_path(infocamere_cert_path[chn[1]-2], &path);
-
- if (sc_select_file(card, &path, NULL) < 0) {
- return SC_ERROR_INTERNAL;
- }
-
- sc_read_binary(card, 0, certlen, 2, 0);
-
- /* Now set the certificate offset/len */
- path.index = 2;
- path.count = (certlen[1] << 8) + certlen[0];
-
- memset(&cert_info, 0, sizeof(cert_info));
- memset(&cert_obj, 0, sizeof(cert_obj));
-
- sc_pkcs15_format_id("02", &cert_info.id);
-
- cert_info.authority = authority;
- cert_info.path = path;
- strlcpy(cert_obj.label, label, sizeof(cert_obj.label));
- cert_obj.flags = SC_PKCS15_CO_FLAG_MODIFIABLE;
-
- r = sc_pkcs15emu_add_x509_cert(p15card, &cert_obj, &cert_info);
- if (r < 0)
- return SC_ERROR_INTERNAL;
-
- /* Get the CA certificate length */
-
- authority = 1;
-
- sc_format_path(infocamere_cacert_path[chn[1]-2], &path);
-
- r = sc_select_file(card, &path, NULL);
-
- if (r >= 0) {
- size_t len;
-
- sc_read_binary(card, 0, certlen, 2, 0);
-
- len = (certlen[1] << 8) + certlen[0];
-
- if (len != 0) {
- /* Now set the certificate offset/len */
- path.index = 2;
- path.count = len;
-
- memset(&cert_info, 0, sizeof(cert_info));
- memset(&cert_obj, 0, sizeof(cert_obj));
-
- sc_pkcs15_format_id("03", &cert_info.id);
- cert_info.authority = authority;
- cert_info.path = path;
- strlcpy(cert_obj.label, calabel, sizeof(cert_obj.label));
- cert_obj.flags = SC_PKCS15_CO_FLAG_MODIFIABLE;
-
- r = sc_pkcs15emu_add_x509_cert(p15card, &cert_obj, &cert_info);
- if (r < 0)
- return SC_ERROR_INTERNAL;
- }
- }
-
- /* add non repudiation PIN */
-
- sc_format_path(infocamere_nrepud_path[chn[1]-2], &path);
-
- sc_pkcs15_format_id("02", &id);
- sc_pkcs15emu_add_pin(p15card, &id,
- nonrepPIN, &path, infocamere_idpin_nrepud_obj[chn[1]-2],
- SC_PKCS15_PIN_TYPE_ASCII_NUMERIC, 5, 8, flags, 3, 0,
- SC_PKCS15_CO_FLAG_MODIFIABLE | SC_PKCS15_CO_FLAG_PRIVATE);
-
-
- /* add non repudiation private key */
-
- auth_id.value[0] = 2;
- auth_id.len = 1;
-
- sc_pkcs15emu_add_prkey(p15card, &id, nonrepPRKEY,
- SC_PKCS15_TYPE_PRKEY_RSA,
- 1024, prkey_usage,
- &path, infocamere_idprkey_nrepud_obj[chn[1]-2],
- &auth_id, SC_PKCS15_CO_FLAG_PRIVATE);
-
-
- /* return to MF */
- sc_format_path("3F00", &path);
- r = sc_select_file(card, &path, NULL);
- if (r != SC_SUCCESS)
- return r;
-
- if (change_sign) {
- /* save old signature funcs */
- set_security_env = card->ops->set_security_env;
- /* set new one */
- card->ops->set_security_env = set_sec_env;
- card->ops->compute_signature = do_sign;
- }
-
- return SC_SUCCESS;
-}
-
-static int infocamere_1400_set_sec_env(struct sc_card *card,
- const struct sc_security_env *env,
- int se_num)
-{
- int r;
-
- struct sc_security_env tenv = *env;
- if (tenv.operation == SC_SEC_OPERATION_SIGN)
- tenv.operation = SC_SEC_OPERATION_DECIPHER;
-
- if ((r =
- card->ops->restore_security_env(card, 0x40)) == SC_SUCCESS)
- return set_security_env(card, &tenv, se_num);
- else
- return r;
-}
-
-#ifdef ENABLE_ZLIB
-
-static const u8 ATR_1400[] =
-{ 0x3b, 0xfc, 0x98, 0x00, 0xff, 0xc1, 0x10, 0x31, 0xfe, 0x55, 0xc8,
- 0x03, 0x49, 0x6e, 0x66, 0x6f, 0x63, 0x61, 0x6d, 0x65, 0x72, 0x65,
- 0x28
-};
-
-/* Loads certificates.
- * Certificates are stored in a ZLib compressed form with
- * a 4 byte header, so we extract, decompress and cache
- * them.
- */
-static int loadCertificate(sc_pkcs15_card_t * p15card, int i,
- const char *certPath, const char *certLabel)
-{
- unsigned char *compCert = NULL, *cert = NULL, size[2];
- unsigned long int compLen, len;
- sc_pkcs15_cert_info_t cert_info;
- sc_pkcs15_object_t cert_obj;
- sc_path_t cpath;
- sc_card_t *card = p15card->card;
- sc_pkcs15_id_t id;
- int r;
-
- memset(&cert_info, 0, sizeof(cert_info));
- memset(&cert_obj, 0, sizeof(cert_obj));
-
- sc_format_path(certPath, &cpath);
-
- if (sc_select_file(card, &cpath, NULL) != SC_SUCCESS)
- return SC_ERROR_WRONG_CARD;
-
- sc_read_binary(card, 2, size, 2, 0);
-
- compLen = (size[0] << 8) + size[1];
- compCert = malloc(compLen * sizeof(unsigned char));
- len = 4 * compLen; /*Approximation of the uncompressed size */
- cert = malloc(len * sizeof(unsigned char));
- if (!cert || !compCert) {
- free(cert);
- free(compCert);
- return SC_ERROR_OUT_OF_MEMORY;
- }
-
- sc_read_binary(card, 4, compCert, compLen, 0);
-
- if ((r = uncompress(cert, &len, compCert, compLen)) != Z_OK) {
- sc_log(p15card->card->ctx, "Zlib error: %d", r);
- return SC_ERROR_INTERNAL;
- }
-
- cpath.index = 0;
- cpath.count = len;
-
- sc_pkcs15_cache_file(p15card, &cpath, cert, len);
-
- id.len=1;
- id.value[0] = i + 1;
-
- cert_info.id = id;
- cert_info.path = cpath;
- cert_info.authority = (i == 2);
-
- strlcpy(cert_obj.label, certLabel, sizeof(cert_obj.label));
- cert_obj.flags = SC_PKCS15_CO_FLAG_MODIFIABLE;
-
- sc_pkcs15emu_add_x509_cert(p15card, &cert_obj, &cert_info);
-
- return SC_SUCCESS;
-}
-
-
-static int infocamere_1400_init(sc_pkcs15_card_t * p15card)
-{
- sc_card_t *card = p15card->card;
- sc_path_t path;
- sc_pkcs15_id_t id, auth_id;
- unsigned char serial[16];
- int flags;
- int r;
- int hasAuthCert = 0;
-
- const char *certLabel[] = { "User Non-repudiation Certificate",
- "User Authentication Certificate",
- "CA Certificate"
- };
-
- const char *certPath[] =
- { "300060000000", "300060000001", "300060000002" };
-
- const char *pinLabel[] =
- { "Non-repudiation PIN", "Authentication PIN" };
- int retries[] = { 3, -1 };
-
- const char *keyPath[] = { "30004000001", "30004000002" };
- const char *keyLabel[] =
- { "Non repudiation Key", "Authentication Key" };
- static int usage[] = { SC_PKCS15_PRKEY_USAGE_NONREPUDIATION,
- SC_PKCS15_PRKEY_USAGE_SIGN
- | SC_PKCS15_PRKEY_USAGE_SIGNRECOVER
- | SC_PKCS15_PRKEY_USAGE_ENCRYPT
- | SC_PKCS15_PRKEY_USAGE_DECRYPT
- };
-
- auth_id.len = 1;
- id.len = 1;
-
- /* OpenSC doesn't define constants to identify BSOs for
- * restoring security environment, so we overload
- * the set_security_env function to support restore_sec_env */
- set_security_env = card->ops->set_security_env;
- card->ops->set_security_env = infocamere_1400_set_sec_env;
- card->ops->compute_signature = do_sign;
- p15card->opts.use_file_cache = 1;
-
- sc_format_path("30000001", &path);
-
- r = sc_select_file(card, &path, NULL);
-
- if (r != SC_SUCCESS)
- return SC_ERROR_WRONG_CARD;
-
- sc_read_binary(card, 15, serial, 15, 0);
- serial[15] = '\0';
-
- set_string(&p15card->tokeninfo->serial_number, (char *)serial);
- set_string(&p15card->tokeninfo->label, "Infocamere 1400 Card");
- set_string(&p15card->tokeninfo->manufacturer_id, "Infocamere");
-
- if ((r = loadCertificate(p15card, 0, certPath[0], certLabel[0])) !=
- SC_SUCCESS) {
- sc_log(p15card->card->ctx, "%s", sc_strerror(r));
- return SC_ERROR_WRONG_CARD;
- }
-
- hasAuthCert =
- loadCertificate(p15card, 1, certPath[1],
- certLabel[1]) == SC_SUCCESS;
- loadCertificate(p15card, 2, certPath[2], certLabel[2]);
-
- flags = SC_PKCS15_PIN_FLAG_CASE_SENSITIVE |
- SC_PKCS15_PIN_FLAG_INITIALIZED |
- SC_PKCS15_PIN_FLAG_NEEDS_PADDING;
-
- /* adding PINs & private keys */
-
- sc_format_path("30004000", &path);
- id.value[0] = 1;
-
- sc_pkcs15emu_add_pin(p15card, &id,
- pinLabel[0], &path, 1,
- SC_PKCS15_PIN_TYPE_ASCII_NUMERIC,
- 5, 8, flags, retries[0], 0,
- SC_PKCS15_CO_FLAG_MODIFIABLE |
- SC_PKCS15_CO_FLAG_PRIVATE);
-
- sc_format_path(keyPath[0], &path);
- auth_id.value[0] = 1;
- sc_pkcs15emu_add_prkey(p15card, &id,
- keyLabel[0],
- SC_PKCS15_TYPE_PRKEY_RSA,
- 1024, usage[0],
- &path, 1,
- &auth_id, SC_PKCS15_CO_FLAG_PRIVATE);
-
-
- if (hasAuthCert) {
- sc_format_path("30004000", &path);
- id.value[0] = 2;
-
- sc_pkcs15emu_add_pin(p15card, &id,
- pinLabel[1], &path, 2,
- SC_PKCS15_PIN_TYPE_ASCII_NUMERIC,
- 5, 8, flags, retries[1], 0,
- SC_PKCS15_CO_FLAG_MODIFIABLE |
- SC_PKCS15_CO_FLAG_PRIVATE);
-
- sc_format_path(keyPath[1], &path);
- auth_id.value[0] = 2;
- sc_pkcs15emu_add_prkey(p15card, &id,
- keyLabel[1],
- SC_PKCS15_TYPE_PRKEY_RSA,
- 1024, usage[1],
- &path, 2,
- &auth_id,
- SC_PKCS15_CO_FLAG_PRIVATE);
- }
-
- /* return to MF */
- sc_format_path("3F00", &path);
- r = sc_select_file(card, &path, NULL);
- return r;
-}
-
-#endif
-
-static const u8 ATR_1600[] = { 0x3B, 0xF4, 0x98, 0x00, 0xFF, 0xC1, 0x10,
- 0x31, 0xFE, 0x55, 0x4D, 0x34, 0x63, 0x76, 0xB4
-};
-
-static int infocamere_1600_init(sc_pkcs15_card_t * p15card)
-{
- sc_card_t *card = p15card->card;
- sc_path_t path;
- sc_pkcs15_id_t id, auth_id;
- unsigned char serial[17];
- int flags;
- int r;
- int hasAuthCert = 0;
-
- const char *certLabel[] = { "User Non-repudiation Certificate",
- "User Authentication Certificate"
- };
-
- const char *certPath[] = { "200020010008", "20002001000E" };
-
- const char *pinLabel[] =
- { "Non-repudiation PIN", "Authentication PIN" };
- int retries[] = { 3, -1 };
-
- const char *keyPath[] = { "200020010004", "20002001000A" };
- const char *keyLabel[] =
- { "Non repudiation Key", "Authentication Key" };
- static int usage[] = { SC_PKCS15_PRKEY_USAGE_NONREPUDIATION,
- SC_PKCS15_PRKEY_USAGE_SIGN
- | SC_PKCS15_PRKEY_USAGE_SIGNRECOVER
- | SC_PKCS15_PRKEY_USAGE_ENCRYPT
- | SC_PKCS15_PRKEY_USAGE_DECRYPT
- };
-
- auth_id.len = 1;
- id.len = 1;
-
- /* OpenSC doesn't define constants to identify BSOs for
- * restoring security environment, so we overload
- * the set_security_env function to support restore_sec_env */
- set_security_env = card->ops->set_security_env;
- card->ops->set_security_env = infocamere_1400_set_sec_env;
- card->ops->compute_signature = do_sign;
-
- sc_format_path("200020012002", &path);
-
- r = sc_select_file(card, &path, NULL);
-
- if (r != SC_SUCCESS)
- return SC_ERROR_WRONG_CARD;
-
- sc_read_binary(card, 30, serial, 16, 0);
- serial[16] = '\0';
-
- set_string(&p15card->tokeninfo->serial_number, (char *) serial);
- set_string(&p15card->tokeninfo->label, "Infocamere 1600 Card");
- set_string(&p15card->tokeninfo->manufacturer_id, "Infocamere");
-
- /* Adding certificates.
- * Certificates are stored in a ZLib compressed form with
- * a 4 byte header, so we extract, decompress and cache
- * them.
- */
- sc_format_path(certPath[0], &path);
- if (sc_select_file(card, &path, NULL) != SC_SUCCESS)
- return SC_ERROR_WRONG_CARD;
-
- id.value[0] = 1;
-
- sc_pkcs15emu_add_cert(p15card,
- SC_PKCS15_TYPE_CERT_X509, 0,
- &path, &id, certLabel[0],
- SC_PKCS15_CO_FLAG_MODIFIABLE);
-
- sc_format_path(certPath[1], &path);
- if (sc_select_file(card, &path, NULL) == SC_SUCCESS) {
- hasAuthCert = 1;
-
- id.value[0] = 2;
-
- sc_pkcs15emu_add_cert(p15card,
- SC_PKCS15_TYPE_CERT_X509, 1,
- &path, &id, certLabel[1],
- SC_PKCS15_CO_FLAG_MODIFIABLE);
- }
-
- flags = SC_PKCS15_PIN_FLAG_CASE_SENSITIVE |
- SC_PKCS15_PIN_FLAG_INITIALIZED |
- SC_PKCS15_PIN_FLAG_NEEDS_PADDING;
-
- /* adding PINs & private keys */
- sc_format_path("2000", &path);
- id.value[0] = 1;
-
- sc_pkcs15emu_add_pin(p15card, &id,
- pinLabel[0], &path, 1,
- SC_PKCS15_PIN_TYPE_ASCII_NUMERIC,
- 5, 8, flags, retries[0], 0,
- SC_PKCS15_CO_FLAG_MODIFIABLE |
- SC_PKCS15_CO_FLAG_PRIVATE);
-
- sc_format_path(keyPath[0], &path);
- auth_id.value[0] = 1;
- sc_pkcs15emu_add_prkey(p15card, &id,
- keyLabel[0],
- SC_PKCS15_TYPE_PRKEY_RSA,
- 1024, usage[0],
- &path, 1,
- &auth_id, SC_PKCS15_CO_FLAG_PRIVATE);
-
- if (hasAuthCert) {
- id.value[0] = 2;
-
- sc_pkcs15emu_add_pin(p15card, &id,
- pinLabel[1], &path, 2,
- SC_PKCS15_PIN_TYPE_ASCII_NUMERIC,
- 5, 8, flags, retries[1], 0,
- SC_PKCS15_CO_FLAG_MODIFIABLE |
- SC_PKCS15_CO_FLAG_PRIVATE);
-
- sc_format_path(keyPath[1], &path);
- auth_id.value[0] = 2;
- sc_pkcs15emu_add_prkey(p15card, &id,
- keyLabel[1],
- SC_PKCS15_TYPE_PRKEY_RSA,
- 1024, usage[1],
- &path, 2,
- &auth_id,
- SC_PKCS15_CO_FLAG_PRIVATE);
- }
-
- /* return to MF */
- sc_format_path("3F00", &path);
- sc_select_file(card, &path, NULL);
-
- return SC_SUCCESS;
-}
-
-static int infocamere_detect_card(sc_pkcs15_card_t * p15card)
-{
- sc_card_t *card = p15card->card;
-
- /* check if we have the correct card OS */
- if (strcmp(card->name, "STARCOS")
- && strcmp(card->name, "CardOS M4"))
- return SC_ERROR_WRONG_CARD;
- return SC_SUCCESS;
-}
-
-int sc_pkcs15emu_infocamere_init_ex(sc_pkcs15_card_t * p15card,
- struct sc_aid *aid,
- sc_pkcs15emu_opt_t * opts)
-{
-
- if (!(opts && opts->flags & SC_PKCS15EMU_FLAGS_NO_CHECK)) {
- if (infocamere_detect_card(p15card))
- return SC_ERROR_WRONG_CARD;
- }
-
- if (memcmp(p15card->card->atr.value, ATR_1600, sizeof(ATR_1600)) == 0)
- return infocamere_1600_init(p15card);
-#ifdef ENABLE_ZLIB
- else if (memcmp(p15card->card->atr.value, ATR_1400, sizeof(ATR_1400)) ==
- 0)
- return infocamere_1400_init(p15card);
-#endif
- else
- return infocamere_1200_init(p15card);
-
-}
diff --git a/src/libopensc/pkcs15-postecert.c b/src/libopensc/pkcs15-postecert.c
deleted file mode 100644
index 04fcfb34..00000000
--- a/src/libopensc/pkcs15-postecert.c
+++ /dev/null
@@ -1,369 +0,0 @@
-/*
- * PKCS15 emulation layer for Postecert and Cnipa card.
- * To see how this works, run p15dump on your Postecert or Cnipa Card.
- *
- * Copyright (C) 2004, Antonino Iacono
- * Copyright (C) 2003, Olaf Kirch
- *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
- */
-
-#if HAVE_CONFIG_H
-#include "config.h"
-#endif
-
-#include
-#include
-#include
-
-#include "common/compat_strlcpy.h"
-#include "internal.h"
-#include "pkcs15.h"
-#include "log.h"
-
-int sc_pkcs15emu_postecert_init_ex(sc_pkcs15_card_t *, struct sc_aid *, sc_pkcs15emu_opt_t *);
-
-static int (*set_security_env) (sc_card_t *, const sc_security_env_t *, int);
-
-static int set_sec_env(sc_card_t * card, const sc_security_env_t *env,
- int se_num)
-{
- sc_security_env_t tenv = *env;
- if (tenv.operation == SC_SEC_OPERATION_SIGN)
- tenv.operation = SC_SEC_OPERATION_DECIPHER;
- return set_security_env(card, &tenv, se_num);
-}
-
-static int do_sign(sc_card_t * card, const u8 * in, size_t inlen, u8 * out,
- size_t outlen)
-{
- return card->ops->decipher(card, in, inlen, out, outlen);
-}
-
-static void set_string(char **strp, const char *value)
-{
- if (*strp)
- free(*strp);
- *strp = value ? strdup(value) : NULL;
-}
-
-#if 1
-/* XXX: temporary copy of the old pkcs15emu functions,
- * to be removed */
-static int sc_pkcs15emu_add_pin(sc_pkcs15_card_t *p15card,
- const sc_pkcs15_id_t *id, const char *label,
- const sc_path_t *path, int ref, int type,
- unsigned int min_length,
- unsigned int max_length,
- int flags, int tries_left, const char pad_char, int obj_flags)
-{
- sc_pkcs15_auth_info_t info;
- sc_pkcs15_object_t obj;
-
- memset(&info, 0, sizeof(info));
- memset(&obj, 0, sizeof(obj));
-
- info.auth_id = *id;
- info.auth_type = SC_PKCS15_PIN_AUTH_TYPE_PIN;
- info.attrs.pin.min_length = min_length;
- info.attrs.pin.max_length = max_length;
- info.attrs.pin.stored_length = max_length;
- info.attrs.pin.type = type;
- info.attrs.pin.reference = ref;
- info.attrs.pin.flags = flags;
- info.attrs.pin.pad_char = pad_char;
- info.tries_left = tries_left;
- info.logged_in = SC_PIN_STATE_UNKNOWN;
-
- if (path)
- info.path = *path;
- if (type == SC_PKCS15_PIN_TYPE_BCD)
- info.attrs.pin.stored_length /= 2;
-
- strlcpy(obj.label, label, sizeof(obj.label));
- obj.flags = obj_flags;
-
- return sc_pkcs15emu_add_pin_obj(p15card, &obj, &info);
-}
-
-static int sc_pkcs15emu_add_prkey(sc_pkcs15_card_t *p15card,
- const sc_pkcs15_id_t *id,
- const char *label,
- int type, unsigned int modulus_length, int usage,
- const sc_path_t *path, int ref,
- const sc_pkcs15_id_t *auth_id, int obj_flags)
-{
- sc_pkcs15_prkey_info_t info;
- sc_pkcs15_object_t obj;
-
- memset(&info, 0, sizeof(info));
- memset(&obj, 0, sizeof(obj));
-
- info.id = *id;
- info.modulus_length = modulus_length;
- info.usage = usage;
- info.native = 1;
- info.key_reference = ref;
-
- if (path)
- info.path = *path;
-
- obj.flags = obj_flags;
- strlcpy(obj.label, label, sizeof(obj.label));
- if (auth_id != NULL)
- obj.auth_id = *auth_id;
-
- return sc_pkcs15emu_add_rsa_prkey(p15card, &obj, &info);
-}
-
-static int sc_pkcs15emu_add_cert(sc_pkcs15_card_t *p15card,
- int type, int authority, const sc_path_t *path,
- const sc_pkcs15_id_t *id, const char *label, int obj_flags)
-{
- /* const char *label = "Certificate"; */
- sc_pkcs15_cert_info_t info;
- sc_pkcs15_object_t obj;
-
- memset(&info, 0, sizeof(info));
- memset(&obj, 0, sizeof(obj));
-
- info.id = *id;
- info.authority = authority;
- if (path)
- info.path = *path;
-
- strlcpy(obj.label, label, sizeof(obj.label));
- obj.flags = obj_flags;
-
- return sc_pkcs15emu_add_x509_cert(p15card, &obj, &info);
-}
-#endif
-
-static int sc_pkcs15emu_postecert_init(sc_pkcs15_card_t * p15card)
-{
- static int prkey_usage = SC_PKCS15_PRKEY_USAGE_NONREPUDIATION;
- static int authprkey_usage = SC_PKCS15_PRKEY_USAGE_SIGN
- | SC_PKCS15_PRKEY_USAGE_SIGNRECOVER
- | SC_PKCS15_PRKEY_USAGE_ENCRYPT
- | SC_PKCS15_PRKEY_USAGE_DECRYPT;
-
- sc_card_t *card = p15card->card;
- sc_path_t path;
- sc_pkcs15_id_t id, auth_id;
- unsigned char certlen[2];
- unsigned char *certi = NULL;
- int index_cert[4];
- int count_cert[4];
- int flags;
- int authority;
- size_t i, count;
- int r;
- int o = 0;
-
- const char *label = "User Non-repudiation Certificate";
- const char *calabel = "CA Certificate";
- const char *catmslabel = "CA TimeStamper Certificate";
- const char *authlabel = "User Authentication Certificate";
-
- const char *postecert_auth_cert_path = "504B0001";
-
- const char *authPIN = "Authentication PIN";
- const char *nonrepPIN = "Non-repudiation PIN";
-
- const char *authPRKEY = "Authentication Key";
- const char *nonrepPRKEY = "Non repudiation Key";
-
- memset(index_cert, 0, sizeof(index_cert));
- memset(count_cert, 0, sizeof(count_cert));
-
- /* Get the non-repudiation certificate length */
- sc_format_path(postecert_auth_cert_path, &path);
-
- if (sc_select_file(card, &path, NULL) < 0) {
- r = SC_ERROR_WRONG_CARD;
- goto failed;
- }
-
- set_string(&p15card->tokeninfo->label, "Postecert & Cnipa Card");
- set_string(&p15card->tokeninfo->manufacturer_id, "Postecert");
- set_string(&p15card->tokeninfo->serial_number, "0000");
-
- sc_read_binary(card, 0, certlen, 2, 0);
-
- /* Now set the certificate offset/len */
- count = (certlen[0] << 8) + certlen[1];
- if (count < 256)
- return SC_ERROR_INTERNAL;
-
- certi = malloc(count);
-
- if (!certi)
- return SC_ERROR_OUT_OF_MEMORY;
-
- sc_read_binary(card, 0, certi, count - 500, 0);
-
- for (i = 2; i < (count - 256); i++) {
- /* this file contain more than one certificate */
- if (*(certi + i) == 0x30 && *(certi + i + 1) == 0x82
- && *(certi + i + 4) == 0x30 && *(certi + i + 5) == 0x82
- && *(certi + i + 2) > 1 && *(certi + i + 2) < 8
- && *(certi + i + 6) <= *(certi + i + 2)) {
- index_cert[o] = i;
- count_cert[o] =
- (*(certi + i + 2) << 8) + *(certi + i + 3) + 4;
- o++;
- if (o >= 4)
- break;
- i += (*(certi + i + 2) << 8) + *(certi + i + 3);
- }
- }
-
- free(certi);
-
- path.index = index_cert[0];
- path.count = count_cert[0];
-
- id.value[0] = 1;
- id.len = 1;
-
- authority = 1;
-
- sc_pkcs15emu_add_cert(p15card,
- SC_PKCS15_TYPE_CERT_X509, authority,
- &path, &id, calabel, SC_PKCS15_CO_FLAG_MODIFIABLE);
-
- path.index = index_cert[1];
- path.count = count_cert[1];
-
- id.value[0] = 2;
- id.len = 1;
-
- authority = 1;
-
- sc_pkcs15emu_add_cert(p15card,
- SC_PKCS15_TYPE_CERT_X509, authority,
- &path, &id, catmslabel, SC_PKCS15_CO_FLAG_MODIFIABLE);
-
- path.index = index_cert[2];
- path.count = count_cert[2];
-
- id.value[0] = 3;
- id.len = 1;
-
- authority = 0;
-
- sc_pkcs15emu_add_cert(p15card,
- SC_PKCS15_TYPE_CERT_X509, authority,
- &path, &id, label, SC_PKCS15_CO_FLAG_MODIFIABLE);
-
- path.index = index_cert[3];
- path.count = count_cert[3];
-
- id.value[0] = 4;
- id.len = 1;
-
- sc_pkcs15emu_add_cert(p15card,
- SC_PKCS15_TYPE_CERT_X509, authority,
- &path, &id, authlabel, SC_PKCS15_CO_FLAG_MODIFIABLE);
-
-
- flags = SC_PKCS15_PIN_FLAG_CASE_SENSITIVE |
- SC_PKCS15_PIN_FLAG_INITIALIZED | SC_PKCS15_PIN_FLAG_NEEDS_PADDING;
-
- /* add authentication PIN */
- sc_format_path("3F00504B", &path);
- id.value[0] = 1;
- sc_pkcs15emu_add_pin(p15card, &id,
- authPIN, &path, 0x82,
- SC_PKCS15_PIN_TYPE_ASCII_NUMERIC,
- 6, 14, flags, 3, 0,
- SC_PKCS15_CO_FLAG_MODIFIABLE |
- SC_PKCS15_CO_FLAG_PRIVATE);
-
- /* add authentication private key */
- id.value[0] = 4;
- auth_id.value[0] = 1;
- auth_id.len = 1;
- sc_pkcs15emu_add_prkey(p15card, &id,
- authPRKEY,
- SC_PKCS15_TYPE_PRKEY_RSA,
- 1024, authprkey_usage,
- &path, 0x06, &auth_id, SC_PKCS15_CO_FLAG_PRIVATE);
-
- /* add non repudiation PIN */
- sc_format_path("3F00504B", &path);
- id.value[0] = 2;
- sc_pkcs15emu_add_pin(p15card, &id,
- nonrepPIN, &path, 0x82,
- SC_PKCS15_PIN_TYPE_ASCII_NUMERIC,
- 6, 14, flags, 3, 0,
- SC_PKCS15_CO_FLAG_MODIFIABLE |
- SC_PKCS15_CO_FLAG_PRIVATE);
-
-
- /* add non repudiation private key */
- id.value[0] = 3;
- auth_id.value[0] = 2;
- sc_pkcs15emu_add_prkey(p15card, &id,
- nonrepPRKEY,
- SC_PKCS15_TYPE_PRKEY_RSA,
- 1024, prkey_usage,
- &path, 0x01, &auth_id, SC_PKCS15_CO_FLAG_PRIVATE);
-
- /* return to MF */
- sc_format_path("3F00", &path);
- r = sc_select_file(card, &path, NULL);
- if (r != SC_SUCCESS)
- return r;
-
- {
- /* save old signature funcs */
- set_security_env = card->ops->set_security_env;
- /* set new one */
- card->ops->set_security_env = set_sec_env;
- card->ops->compute_signature = do_sign;
- }
- return 0;
-
-failed:
- sc_log(card->ctx,
- "Failed to initialize Postecert and Cnipa emulation: %s\n",
- sc_strerror(r));
- return r;
-}
-
-static int postecert_detect_card(sc_pkcs15_card_t * p15card)
-{
- sc_card_t *card = p15card->card;
-
- /* check if we have the correct card OS */
- if (strcmp(card->name, "CardOS M4"))
- return SC_ERROR_WRONG_CARD;
- return SC_SUCCESS;
-}
-
-int sc_pkcs15emu_postecert_init_ex(sc_pkcs15_card_t * p15card,
- struct sc_aid *aid,
- sc_pkcs15emu_opt_t * opts)
-{
- if (opts && opts->flags & SC_PKCS15EMU_FLAGS_NO_CHECK)
- return sc_pkcs15emu_postecert_init(p15card);
- else {
- int r = postecert_detect_card(p15card);
- if (r)
- return SC_ERROR_WRONG_CARD;
- return sc_pkcs15emu_postecert_init(p15card);
- }
-}
diff --git a/src/libopensc/pkcs15-pubkey.c b/src/libopensc/pkcs15-pubkey.c
index ec79d97e..775ba0a5 100644
--- a/src/libopensc/pkcs15-pubkey.c
+++ b/src/libopensc/pkcs15-pubkey.c
@@ -1625,7 +1625,7 @@ sc_pkcs15_convert_pubkey(struct sc_pkcs15_pubkey *pkcs15_key, void *evp_key)
X = BN_new();
Y = BN_new();
if (X && Y && EC_KEY_get0_group(eckey))
- r = EC_POINT_get_affine_coordinates_GFp(EC_KEY_get0_group(eckey),
+ r = EC_POINT_get_affine_coordinates_GFp(EC_KEY_get0_group(eckey),
point, X, Y, NULL);
if (r == 1) {
dst->xy.len = BN_num_bytes(X) + BN_num_bytes(Y);
diff --git a/src/libopensc/pkcs15-syn.c b/src/libopensc/pkcs15-syn.c
index ab71dcdb..3f15eeb7 100644
--- a/src/libopensc/pkcs15-syn.c
+++ b/src/libopensc/pkcs15-syn.c
@@ -37,12 +37,10 @@
struct sc_pkcs15_emulator_handler builtin_emulators[] = {
{ "westcos", sc_pkcs15emu_westcos_init_ex },
{ "openpgp", sc_pkcs15emu_openpgp_init_ex },
- { "infocamere", sc_pkcs15emu_infocamere_init_ex },
{ "starcert", sc_pkcs15emu_starcert_init_ex },
{ "tcos", sc_pkcs15emu_tcos_init_ex },
{ "esteid", sc_pkcs15emu_esteid_init_ex },
{ "itacns", sc_pkcs15emu_itacns_init_ex },
- { "postecert", sc_pkcs15emu_postecert_init_ex },
{ "PIV-II", sc_pkcs15emu_piv_init_ex },
{ "cac", sc_pkcs15emu_cac_init_ex },
{ "gemsafeGPK", sc_pkcs15emu_gemsafeGPK_init_ex },
diff --git a/src/libopensc/pkcs15-syn.h b/src/libopensc/pkcs15-syn.h
index 202711d0..9944d27e 100644
--- a/src/libopensc/pkcs15-syn.h
+++ b/src/libopensc/pkcs15-syn.h
@@ -31,11 +31,9 @@ extern "C" {
int sc_pkcs15emu_westcos_init_ex(sc_pkcs15_card_t *p15card, struct sc_aid *, sc_pkcs15emu_opt_t *opts);
int sc_pkcs15emu_openpgp_init_ex(sc_pkcs15_card_t *, struct sc_aid *, sc_pkcs15emu_opt_t *);
-int sc_pkcs15emu_infocamere_init_ex(sc_pkcs15_card_t *, struct sc_aid *, sc_pkcs15emu_opt_t *);
int sc_pkcs15emu_starcert_init_ex(sc_pkcs15_card_t *, struct sc_aid *, sc_pkcs15emu_opt_t *);
int sc_pkcs15emu_tcos_init_ex(sc_pkcs15_card_t *, struct sc_aid *, sc_pkcs15emu_opt_t *);
int sc_pkcs15emu_esteid_init_ex(sc_pkcs15_card_t *, struct sc_aid *, sc_pkcs15emu_opt_t *);
-int sc_pkcs15emu_postecert_init_ex(sc_pkcs15_card_t *, struct sc_aid *, sc_pkcs15emu_opt_t *);
int sc_pkcs15emu_piv_init_ex(sc_pkcs15_card_t *p15card, struct sc_aid *, sc_pkcs15emu_opt_t *opts);
int sc_pkcs15emu_cac_init_ex(sc_pkcs15_card_t *p15card, struct sc_aid *, sc_pkcs15emu_opt_t *opts);
int sc_pkcs15emu_gemsafeGPK_init_ex(sc_pkcs15_card_t *p15card, struct sc_aid *, sc_pkcs15emu_opt_t *opts);
diff --git a/src/libopensc/sc-ossl-compat.h b/src/libopensc/sc-ossl-compat.h
index 09e7dca0..60da619e 100644
--- a/src/libopensc/sc-ossl-compat.h
+++ b/src/libopensc/sc-ossl-compat.h
@@ -77,6 +77,11 @@ extern "C" {
#define OPENSSL_malloc_init()
#endif
+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
+#define EC_POINT_get_affine_coordinates_GFp EC_POINT_get_affine_coordinates
+#define EC_POINT_set_affine_coordinates_GFp EC_POINT_set_affine_coordinates
+#endif
+
/*
* OpenSSL-1.1.0-pre5 has hidden the RSA and DSA structures
* One can no longer use statements like rsa->n = ...
diff --git a/src/pkcs11/openssl.c b/src/pkcs11/openssl.c
index b24db41d..8233746d 100644
--- a/src/pkcs11/openssl.c
+++ b/src/pkcs11/openssl.c
@@ -32,6 +32,7 @@
#if OPENSSL_VERSION_NUMBER >= 0x10000000L
#include
#include /* for OPENSSL_NO_* */
+#include "libopensc/sc-ossl-compat.h"
#ifndef OPENSSL_NO_EC
#include
#endif /* OPENSSL_NO_EC */
@@ -401,7 +402,7 @@ static CK_RV gostr3410_verify_data(const unsigned char *pubkey, unsigned int pub
ASN1_OCTET_STRING_free(octet);
P = EC_POINT_new(group);
if (P && X && Y)
- r = EC_POINT_set_affine_coordinates_GFp(group,
+ r = EC_POINT_set_affine_coordinates_GFp(group,
P, X, Y, NULL);
BN_free(X);
BN_free(Y);
diff --git a/src/tools/piv-tool.c b/src/tools/piv-tool.c
index aee4fdeb..b95d1568 100644
--- a/src/tools/piv-tool.c
+++ b/src/tools/piv-tool.c
@@ -33,7 +33,6 @@
/* Module only built if OPENSSL is enabled */
#include
-#include "libopensc/sc-ossl-compat.h"
#if OPENSSL_VERSION_NUMBER >= 0x10000000L
#include
#include
@@ -57,6 +56,7 @@
#include "libopensc/cardctl.h"
#include "libopensc/asn1.h"
#include "util.h"
+#include "libopensc/sc-ossl-compat.h"
static const char *app_name = "piv-tool";
diff --git a/src/tools/pkcs11-tool.c b/src/tools/pkcs11-tool.c
index 8bf99a52..fe1667d5 100644
--- a/src/tools/pkcs11-tool.c
+++ b/src/tools/pkcs11-tool.c
@@ -36,7 +36,6 @@
#ifdef ENABLE_OPENSSL
#include
-#include "libopensc/sc-ossl-compat.h"
#if OPENSSL_VERSION_NUMBER >= 0x10000000L
#include
#include
@@ -62,6 +61,7 @@
#include "common/compat_strlcat.h"
#include "common/compat_strlcpy.h"
#include "util.h"
+#include "libopensc/sc-ossl-compat.h"
#ifdef _WIN32
#ifndef STDOUT_FILENO
diff --git a/win32/Make.rules.mak b/win32/Make.rules.mak
index 18ac1ff6..b6759e57 100644
--- a/win32/Make.rules.mak
+++ b/win32/Make.rules.mak
@@ -79,7 +79,7 @@ CANDLEFLAGS = -dOpenSSL="$(OPENSSL_DIR)" $(CANDLEFLAGS)
!ENDIF
-# If you want support for zlib (Used for PIV, infocamere and actalis):
+# If you want support for zlib (Used for PIV and actalis):
# - Download zlib-dll and
# - uncomment the line starting with ZLIB_DEF
# - set the ZLIB_INCL_DIR below to the zlib include lib proceeded by "/I"