Fix various spelling errors, mostly in comments but also in texts displayed.
Errors found & interactively fixed using 'codespell', with additional manual
checks after the fixes.
Some cards can provide supported algorithms in tokenInfo
which contain ECDSA OID, and PKCS11 mechanism
Don't know how many Algo_refs were actually read,
and a ref of 0 may be valid. print at least one Algo_refs.
Print the mechanism from PKCS11, and print operations
Use the $(top_srcdir)/src/pkcs11/pkcs11-display.c on Unix
Use the $(TOPDIR)\src\pkcs11\pkcs11-display.obj on Windows
pkcs15.tool.c treat ECDSA OID as inline
pkcs15-tool prints PKCS11 mechanisms using pkcs11-display.c
Automake now warns that the default will change, in the future
so "[subdir-objects]" is added to configure.ac
Changes to be committed:
modified: configure.ac
modified: src/tools/Makefile.am
modified: src/tools/Makefile.mak
modified: src/tools/pkcs15-tool.c
./configure --enable-code-coverage --disable-optimization
make check
make code-coverage-capture
lcov --summary OpenSC-*-coverage.info
This does not work well with Windows so on windows it should be disabled (WIP)
Recent versions of bash is leaving /etc/bash_completion.d. The correct
directory is specified by pkg-config --variable completionsdir
bash-completion.
Fixes https://github.com/OpenSC/OpenSC/issues/1403
Do not blindly override already defined variables or macros with
outdated values by including version.m4
This makes sure the definitions of variables or macros defined earlier
in configure.ac remain intact; e.g. it keeps the macro PRODUCT_BUGREPORT
set to the GitHub URL instead of pointing to a SourceForge mail address.
* Initial version of pkcs11 testsuite
* Refactor test cases to several files, clean up awful and unused stuff
* Static mechanism list based on the actual token offer
* Get rid of magic numbers
* Documentation
* License update based on the original project
* Verbose readme
* Cleanup unused code, long lines and method order
* Typo; More verbose errors
* Use fallback mechanisms
* Refactor object allocation and certificate search
* PKCS11SPY mentioned, more TODO
* add SHA mechanisms
* Do not try to Finalize already finalized cryptoki
* Add more flags and mechanisms
* Do not list table for no results
* Logical order of the tests (regression last)
* read ALWAYS_AUTHENTICATE from correct place
* ALWAYS_AUTHENTICATE for decryption
* Test EC key length signature based on the actual key length
* Shorten CKM_ list output, add keygen types detection
* Skip decrypting on non-supported mechanisms
* Fail hard if the C_Login fails
* Reorganize local FLAGS_ constants
* Test RSA Digest mechanisms
* Correct mechanisms naming, typos
* Do not attempt to do signature using empty keys
* CKM_ECDSA_SHA1 support
* Correct type cast when getting attributes
* Report failures from all mechanisms
* Standardize return values, eliminate complete fails, documentation interface
* Wait for slot event test
* Add switch to allow interaction with a card (WaitForSlotEvent)
* At least try to verify using C_Verify, if it fails, fall back to openssl
* Get rid of function_pointers
* Get rid of additional newline
* Share always_authenticate() function between the test cases
* Refactor Encrypt&decrypt test to functions
* Do not overwrite bits if they are not provided by CKA, indentation
* Cleanup and Break to more functions Sign&Verify test
* CKM_RSA_X_509 sign and verify with openssl padding
* More TODO's
* Proper abstracted padding with RSA_X_509 mechanism
* Add ongoing tasks from different TODO list
* Update instructions. Another todo
* Variables naming
* Increase mechanism list size, use different static buffers for flags and mechanism names
* nonstandard mechanism CKM_SHA224_RSA_PKCS supported by some softotkens
* Get rid of loop initial declarations
* Loop initial declaration, typos, strict warnings
* Move the p11test to the new folder to avoid problems with dynamically linked opensc.so
* Update path in README
* Possibility to validate the testsuite agains software tokens
* Add possibility to select slot ID on command-line (when there are more cards present)
* Clean up readme to reflect current options and TODOs
* Do not attempt to use keys without advertised sign&verify bits to avoid false positives
* Get and present more object attributes in readonly test; refactor table
* New test checking if the set of attributes (usage flags) is reasonable
* Test multipart signatures. There is not reasonable mechanism supporting multipart encryption
* Use PKCS#11 encryption if possible (with openssl fallback)
* Identify few more mechanisms (PSS) in the lest
* Resize table to fit new mechanisms
* Remove initial loop declaration from multipart test
* Use pkcs11-tool instead of p11tool form most of the operations (master have most of the features)
* Preparation for machine readable results
* Refactor log variables out of the main context, try to export generic data
* Do not write to non-existing FD if not logging
* Export missing data into the log file in JSON
* Store database in json
* Sanity check
* Avoid uninitialized structure fields using in state structure
* Dump always_authenticate attribute too
* Manual selection of slots with possibility to use slots without tokens
* Do not free before finalizing
* Proper cleanup of message in all cases
* Proper allocation and deallocation of messages
* Sanitize missing cases (memory leaks)
* Suppressions for testing under valgrind
* Better handling message_lengt during sign&verify (avoid invalid access)
* Suppress another PCSC error
* Do not use default PIN. Fail if none specified
* Sanitize initialization. Skip incomplete key pairs
* Add missing newline in errors
* Fix condition for certificate search
* Avoid several calls for attributes of zero length
* Handle if the private key is not present on the card
* Improve memory handling, silent GCC warning of 'unused' variable
* Fail early with missing private key, cleanup the messages
* Use correct padding for encryption
* Cache if the card supports Verify/Encrypt and avoid trying over and over again
* Loosen the condition for the Usage flags
* OpenSSL 1.1.0 compatibility
* Add missing mechanisms
* Do not require certificates on the card and pass valid data for RSA_PKCS mechanisms
* Add missing PIN argument in runtest.sh
* Add OpenSSL < 1.1 comatible bits
* Add SHA2 ECDSA mechanisms handling
* Use public key from PKCS#11 if the certificate is missing (or compare it with certificate)
* Avoid long definitions in OpenSSL compat layer
* In older OpenSSL, the header file is ecdsa.h
* Add missing config.h to apply compat OpenSSL layer
* ASN1_STRING_get0_data() is also new in 1.1.0
* Return back RSA_X_509 mechanism
* Drop bogus CKM_* in the definitions
* Drop CKM_SHA224_RSA_PKCS as it is already in pkcs11.h
* Update documentation
* Use NDEBUG as intended
* typos, cleanup
* Typos, cleanup, update copyright
* Additional check for OpenCryptoki, generate more key types on soft tokens
* Prepare for RSA-PSS and RSA-OAEP
* Use usage&result flags for the tests, gracefully ignore PSS&OAEP
* pkcs11.h: Add missing definitions for PSS
* PSS and OAEP tests
readonly: Typos, reformat
* Working version, memory leak
* Tweak message lengths for OAEP and PSS
* Skip tests that are not aplicable for tokens
* configure.ac: New switch --enable-tests
Do not attempt to build tests if cmocka is not available or
--enable-tests is provided. It makes also more lightweight release
builds out of the box (or with --disable-tests).
* travis: Install cmocka if not available
* Do not build tests on Windows and make dist pass
* Try to install cmocka from apt and from brew
* Do not require sudo (cmocka from apt and brew works)