Viktor Tarasov
3f023d3342
pkcs15: PIN value not validated in pkcs15-verify
...
In pkcs15-verify the value of PIN is not more validated for conformity with PIN policy,
value is only checked for maximal allowed length.
So that, no more need of 'ignore-pin-length' configuration option - now it's default behavior of common framework.
2014-01-19 19:19:17 +01:00
Viktor Tarasov
0efe1ec05e
coding style: remove trailing spaces
2014-01-19 19:19:17 +01:00
Viktor Tarasov
085f971f95
pkcs15init: iasecc: fix uncomplete merge
...
prototype of sc_pkcs15_get_object_guid has been changed
2014-01-19 19:19:17 +01:00
Martin Paljak
9f90cfae7d
macosx: inlude all files needed to build the installer from distribution.
...
There was a typo in the makefile...
2014-01-14 16:35:12 +00:00
Viktor Tarasov
5437f87d4b
pkcs15: encode public key algorithm (issue 202)
...
coding style: use linux style line break
2014-01-13 13:02:08 +01:00
Viktor Tarasov
3d3592ab28
pkcs15-tool: remove unused 'pubkey_pem_encode()'
...
used instead the sc_pkcs15_encode_pubkey_as_spki()
2014-01-13 12:48:16 +01:00
viktorTarasov
3dba84714f
Merge pull request #204 from CardContact/master
...
SmartCard-HSM improved token, PIN and EC key support
2014-01-12 12:32:57 -08:00
Andreas Schwier
67dc60f707
sc-hsm: Added support for persistent EC public keys generated from certificate signing requests
2014-01-09 21:41:12 +01:00
Andreas Schwier
9e54756e1b
sc-hsm: Added support to unblock PIN using C_InitPIN()
2014-01-08 19:32:53 +01:00
Andreas Schwier
d1ba6164ad
sc-hsm: Added support for token label to be set via C_InitToken or sc-hsm-tool
2014-01-08 16:07:13 +01:00
Ludovic Rousseau
abb48c8ba7
reader-pcsc: fix compiler warning
...
Add a missing "const" for a constant C-string
reader-pcsc.c: In function `detect_reader_features':
reader-pcsc.c:926:20: warning: initialization discards `const' qualifier from pointer target type [enabled by default]
2014-01-06 15:36:50 +01:00
Ludovic Rousseau
c6d3b3b086
reader-pcsc: fix verify/modify pinpad commands
...
The PC/SC v2 part 10 commands for PIN verify and modify were wrong after
a change in pcsc-lite.
See a similar change in http://lists.alioth.debian.org/pipermail/pcsclite-cvs-commit/2013-December/006364.html
Should fix issue #199
2014-01-06 15:28:22 +01:00
Martin Paljak
4ebc506897
macosx: Ignore the configure-changed distribution.xml file in git.
2014-01-04 16:44:13 +00:00
Martin Paljak
4c31128bef
macosx: add "graphical uninstaller" to distribution DMG.
...
This allows to uninstall the software by people who don't use Terminal.
2014-01-04 16:43:36 +00:00
Jonathan Süssemilch Poulain
ab814380cf
Adds support for a Swedish eID card
2014-01-01 20:22:17 +01:00
Viktor Tarasov
034cff91d8
pkcs15: unify error codes of 'internal' and 'syntetic' binds
...
if no valid PKCS#15 file system found
'internal' bind procedure returns 'non-supported-card' error
the same as 'syntetic' bind procedure.
this return code is used by pkcs11 framework to accept non-binded cards
some codding style issues
2014-01-01 18:21:06 +01:00
Viktor Tarasov
3ab84b3b35
log: no format for the short arrays in 'hex-dump'
2014-01-01 18:21:05 +01:00
Viktor Tarasov
0fa475ee5f
build: define in configure.ac.in the common fields of version-info
2013-12-30 10:31:21 +01:00
Viktor Tarasov
b3baf9e75d
build: delete 'configure.ac', bootstrap creates it from 'configure.ac.in'
...
'configure.ac' has to be with the context related information,
as 'fix number', 'release number', fields of MSDN version-info, ...
Using supplied (or not) options,
bootstrap will create the working 'configure.ac' as a modified version of 'configure.ac.in'.
2013-12-30 10:30:03 +01:00
Viktor Tarasov
aec6f99ff4
win32: build: add 'VarFileInfo' block to version-info
2013-12-29 22:00:29 +01:00
Viktor Tarasov
53ed5dc502
win32: build: 'version-info' resource for each target
2013-12-29 22:00:29 +01:00
Viktor Tarasov
b928e814e5
build: bootstrap can be used with options
...
'branch', 'revision' and 'suffix'
2013-12-29 22:00:29 +01:00
Viktor Tarasov
1d45eea907
md: implement 'CardChangeAuthenticator'
2013-12-29 22:00:29 +01:00
Viktor Tarasov
f72c6fe625
md: implement CardUnblockPin
2013-12-29 22:00:28 +01:00
Viktor Tarasov
1dc5a26a8d
md: implement CardGetChallenge
2013-12-29 22:00:28 +01:00
Viktor Tarasov
5564b9973b
md: when PIN blocked ensure that 0 returned as "tries left"
2013-12-29 22:00:28 +01:00
Viktor Tarasov
89523a99ce
md: use "ignore PIN length" configuration option
...
With this option in 'true' the short PINs will not be ignored by
pkcs#15 framework and applied to card
2013-12-29 22:00:28 +01:00
Viktor Tarasov
15f694f85d
pkcs11: introduce 'ignore-pin-length' config option
...
When doing C_Login default behavior is to ignore the applied PINs with lengths less
then value of PKCS#15 PIN attribure 'min-length'. Such a PINs are not
really verified by card.
With 'ignore-pin-length' option in 'true' all applied PINs are verified by card.
2013-12-29 22:00:28 +01:00
Viktor Tarasov
0761a5ea02
pkcs11: use 'ignore-pin-length' config option
...
When doing C_Login default behavior is to ignore the applied PINs with lengths less
then value of PKCS#15 PIN attribure 'min-length'. Such a PINs are not
really verified by card.
With 'ignore-pin-length' option in 'true' all applied PINs are verified by card.
2013-12-29 22:00:28 +01:00
Viktor Tarasov
b1a5ebfac7
pkcs15init: introduce 'max-unblocks' PIN init parameter
2013-12-29 22:00:28 +01:00
Viktor Tarasov
784f0b8227
pkcs15init: refactoring -- do not use temporary variable
2013-12-29 22:00:28 +01:00
Viktor Tarasov
687fdf2a60
pkcs11-tool: more token flags to display
2013-12-29 22:00:28 +01:00
Viktor Tarasov
77bed45283
pkcs11: implement generic 'init-token' procedure
2013-12-29 22:00:28 +01:00
Viktor Tarasov
161c83ff8b
pkcs11: allow bind of non-recognized cards
...
To prepare C_InitToken of the non-initialized cards
allow bind of the non-recognized card
2013-12-29 22:00:28 +01:00
Viktor Tarasov
98333e56df
pkcs11: excessif check of return value
...
tiny coding style fix
2013-12-29 22:00:28 +01:00
Viktor Tarasov
01ed00dd66
pkcs15init: warning unused variable
2013-12-29 22:00:28 +01:00
Viktor Tarasov
4d5b80fd3f
libopensc: general usage method to allocate generalized time
2013-12-29 22:00:12 +01:00
Viktor Tarasov
13d1b8e9f2
pkcs15init: file 'content' and 'prop-attrs' in the card profile
...
Now it's possible to describe in the card profile
the 'prop-attr' and 'encoded-content' data of the file to create
2013-12-29 20:05:35 +01:00
Viktor Tarasov
51262f00ac
pkcs15init: in profile more AC operations are parsed, ...
...
new AC-OP 'pin-use'
2013-12-29 20:05:35 +01:00
Viktor Tarasov
024cd3b96a
pkcs15init: more of the debug messages and macros
2013-12-29 20:05:35 +01:00
Viktor Tarasov
075ff22890
md: generic procedure to get bool config option
2013-12-29 20:05:35 +01:00
Viktor Tarasov
aaa4489b7f
md: configuration options to refuse create-container mechanism
...
used rather for the debug -- allows to refuse, for example,
'key-import' create container mechanism and to compel the application (IE)
to generate key on card (rather then generate key by soft and then import it onto card).
2013-12-29 20:05:35 +01:00
Viktor Tarasov
f7a9ac90e8
md: config option 'use GUID as crypto object's label'
2013-12-29 20:05:35 +01:00
Viktor Tarasov
f71e241f03
md: config option 'GUID as ID'
...
allows to set the container's GUID value as ID of the key and certificate PKCS#15 objects.
2013-12-29 20:05:35 +01:00
Viktor Tarasov
692791e8ed
md: set length of container GUID
2013-12-29 20:05:35 +01:00
Viktor Tarasov
9251d35635
pkcs15init: set key_info->guid value before calling card specific handlers
2013-12-29 20:04:03 +01:00
Viktor Tarasov
7853d67c12
pkcs15init: no const values in private key create/generate data
2013-12-29 19:47:45 +01:00
Viktor Tarasov
0dc39c1125
pkcs15: use value/length pair to hold the object's GUID
...
GUID can be presented by non-printable string
2013-12-29 19:47:42 +01:00
Viktor Tarasov
98325ab7f2
pkcs15: export 'sc_pkcs15_serialize_guid' ...
...
change name of exported 'sc_pkcs15_get_guid' to 'sc_pkcs15_get_object_guid' ;
add more 'CALLED' and 'RETURN' macros ;
2013-12-29 19:46:56 +01:00
Viktor Tarasov
d7285843f6
pkcs11 framework: more debug logs in 'login' handler
2013-12-29 19:46:56 +01:00