card-asepcos: removed dead code
card-authentic: removed dead code
card-belpic: removed dead code
card-epass2003: removed dead code
card-flex: removed dead code
card-gpk: removed dead code
card-oberthur: removed dead code
card-piv: removed dead code
card-setcos: removed dead code
ctbcs: removed dead code
cwa14890: removed dead code
muscle: removed dead code
pkcs15-atrust-acos: removed dead code
pkcs15-gemsafeV1: removed dead code
pkcs15-skey: removed dead code
reader-ctapi: removed dead code
framework-pkcs15: removed dead code
pkcs11-object: removed dead code
pkcs15-asepcos: removed dead code
pkcs15-cardos: removed dead code
pkcs15-jcop: removed dead code
pkcs15-lib: removed dead code
pkcs15-oberthur: removed dead code
parse: removed dead code
sclex: removed dead code
sm-card-authentic: removed dead code
sm-card-iasecc: removed dead code
sm-cwa14890: removed dead code
sm-global-platform: removed dead code
sc-test: removed dead code
pkcs11-tool: removed dead code
pkcs15-tool: removed dead code
Support nonces that are not only 8 bytes in
Mutual Authenticate. Use the witness length
to determine the nonce size, thus existing
systems using 8 bytes will continue to use 8
bytes. However, with AES 256, the nonces could
be a single block size of 16 bytes or greater.
Add AES support for PIV General Authenticate
adds new routine sc_right_trim in sc.c and opensc.h. It is used by PIV card driver when using the piv-tool.
RSA and EC keys have different usage attributes. Appropriate attributes are set
When using --keypairgen the user can use the --usage-sign, --usage-decrypt,
and --usage-derive. to get finer control.
Changes to be committed:
modified: tools/pkcs11-tool.c
This adds algorithm IDs 0xA, 0xA, 0xC which as documented
by the NIST PIV specification is algorithms AES-128, AES-192
and AES-256 respectively.
This patch also addresses some of the hardcodes that prevented
nonces greater than the single byte TLV length tags would allow.
It was explicitly tested with AES-256 and 256 byte nonces.
Signed-off-by: William Roberts <w2.roberts@samsung.com>
exit_status is either set directly or a function return is ORed with it,
in which case EXIT_SUCCESS can never be returned if the initial value is !=
0;
revert part of 6e255a95
Chrome is still 32 bit only
This allows plugins running in Chrome (32bit) to use OpenSC PKCS#11, which would otherwise be only 64bit. Tokend "hides" the cpu architecture issue otherwise.
Following http://sourceforge.net/p/opensc/mailman/message/32009859/
* 'configure.ac' is not mored created by bootstrap script, but present in source
* 'version.m4' is introduced and contains the 'volatile' package settings:
settings that can be changed for the needs of particular build (ex. change PACKAGE_SUFFIX using the Git 'describe' or 'commit' data)
* 'bootstrap' script facilitate change of the package setting during the 'autoconf' phase
Contact cards have ATR-s, contactless not. Only contact
cards should be broken so that they answer 0x9000 to application
selection, so this should be failsafe.
Frank Morgner
Viktor Tarasov
William Roberts
Doug Engert
Sumedha Widyadharma
Andreas Schwier
Raul Metsma
Henryk Plötz
Nikos Mavrogiannopoulos
Joachim Bauch
Emanuele Pucciarelli
Henrik Andersson
Martin Paljak