Fix various spelling errors, mostly in comments but also in texts displayed.
Errors found & interactively fixed using 'codespell', with additional manual
checks after the fixes.
supported by most of the card drivers and can therefore not be regarded to be
part of the public interface.
Modified the only remaining card driver that used it (authentic) to store acls
in a private variable.
Mismatch of ASN1 parsing of tokeninfo.supported_algos[n].paramters
in one place parameter was treated as a pointer to sc_object_id
and in another as inline structure. This caused segfaults
in pkcs15-tool when it tried to print the OID.
Changes to be committed:
modified: src/libopensc/opensc.h
modified: src/libopensc/pkcs15.c
- If readers are attatched, the new reader is probed for a card to check
if a notification needs to be sent
- removal of readers are not notified to the user, we assume that PC/SC
sends the correct card removal event
- The list of readers to be monitored is adjusted once a reader (dis)appears
- On macOS, without PnP notification, we always check for new/removed
readers with SCardListReaders
- fixes interrupt handling in opensc-notify on Unix
fixes https://github.com/OpenSC/OpenSC/issues/1874
Not yet complete, but can be run with CKA_TOKEN=FALSE set in the target object. Currently unwrapping emulated
with a decrypt operation in card-myeid.c. To be improved.
A card driver may declare support for computing the padding on the card,
or else the padding will be applied locally in padding.c. All five
PKCS11 PSS mechanisms are supported, for signature and verification.
There are a few limits on what we choose to support, in particular I
don't see a need for arbitrary combinations of MGF hash, data hash, and
salt length, so I've restricted it (for the user's benefit) to the only
cases that really matter, where salt_len = hash_len and the same hash is
used for the MGF and data hashing.
------------------------------------------------------------------------
Reworked and extended in 2018 by Jakub Jelen <jjelen@redhat.com> against
current OpenSC master, to actually work with existing PIV cards:
* extended of missing mechanisms (SHA224, possibility to select MGF1)
* compatibility with OpenSSL 1.1+
* Removed the ANSI padding
* Formatting cleanup, error checking
Based on the original work from
https://github.com/NWilson/OpenSC/commit/42f3199e66
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
md_pinpad_dlg_allow_cancel now defines whether or not the user is asked
before verifying the PIN on the PIN pad. This can be denied without
interaction with the PIN pad. A checkbox in the dialog allows the user
to change this setting, which is saved in the registry by the path of
the process.
This change fixes the progress bar to match the actual configured
timout. The progressbar now fills instead of running empty, which seemed
less frightening for most users.
This change also fixes some copy/paste errors in the documentation of
opensc.conf(5).
* new function sc_compacttlv_find_tag()
Add function sc_compacttlv_find_tag() to search for a tag in a
compact-TLV structure.
* OpenPGP: use sc_compacttlv_find_tag()
While doing so, fix a typo affection OpenPGP v3.x cards
Don't pretend that we're capable of performing memory locking. The
implementation of that, `sc_mem_alloc_secure()` (also removed), was
almost unused anyway.
Peter Marschall
Zoltan Kelemen
René Liebscher
Frank Morgner
Doug Engert
Jakub Jelen
Raul Metsma
Hannu Honkanen
Nicholas Wilson
Leif Erik Wagner
Peter Marschall