OpenSSL-1.1.0 was released 8/25/2016
OpenSSL-1.1.0a was released 9/22/2016
https://www.openssl.org/news/openssl-1.1.0-notes.html
Changes to allow the OpenSC code base to work with OpenSSL versions from
0.9.7 to 1.1.0 with few changes.
This is an update and rebased version of my prep-openssl-1.1.0-pre6 branch.
No attempt was made to back port any OpenSSL features. These changes
just allow an updated OpenSC code base to use what is in the various OpenSSL
releases.
A new header libopensc/sc-ossl-compat.h contains extra defines
to reduce the need for so many #if OPENSSL_VERSION_NUMBER statements
in the source code.
The OpenSC source can now use the OpenSSL 1.1 API. The libopensc/sc-ossl-compat.h
has defines for the new API for use with older versions of OpenSSL.
sc-ossl-compat.h is included by libopensc/internal.h so all OpenSC
library routines can take advantage of it. For the tools, which do not use
libopensc/internal.h, libopensc/sc-ossl-compat.h is included by the tools.
The OpenSC source has been modified to use OpenSSL functions to access
hidden structures, such X509, BIGNUM, EVP_CIPHER_CTX, and use XXX_new
functions to allocate structures which must use pointer such as
BIGNUM and EVP_CIPHER_CTX.
For backward compatability sc-ossl-compat.h now defines inline routines
to emulate the RSA and DSA access routines in OpenSSL-1.1.0. Thus
the same OpenSC source code can be used with openSSL versions from
0.9.7 to 1.1.0.
Inline routines were chosen, because using macros does not work on all platforms.
Having OpenSC versions of these routines in libopensc would be a posibility,
but they are only used for older version of OpenSSL, and could be removed in
the future.
Changes to be committed:
modified: src/libopensc/card-entersafe.c
modified: src/libopensc/card-epass2003.c
modified: src/libopensc/card-gids.c
modified: src/libopensc/card-gpk.c
modified: src/libopensc/card-oberthur.c
modified: src/libopensc/card-piv.c
modified: src/libopensc/card-westcos.c
modified: src/libopensc/cwa-dnie.c
modified: src/libopensc/cwa14890.c
modified: src/libopensc/internal.h
modified: src/libopensc/p15card-helper.c
modified: src/libopensc/pkcs15-itacns.c
modified: src/libopensc/pkcs15-prkey.c
modified: src/libopensc/pkcs15-pubkey.c
new file: src/libopensc/sc-ossl-compat.h
modified: src/pkcs11/openssl.c
modified: src/pkcs15init/pkcs15-lib.c
modified: src/pkcs15init/pkcs15-oberthur-awp.c
modified: src/pkcs15init/pkcs15-oberthur.c
modified: src/pkcs15init/pkcs15-oberthur.h
modified: src/pkcs15init/pkcs15-westcos.c
modified: src/tools/cryptoflex-tool.c
modified: src/tools/gids-tool.c
modified: src/tools/netkey-tool.c
modified: src/tools/piv-tool.c
modified: src/tools/pkcs11-tool.c
modified: src/tools/pkcs15-init.c
modified: src/tools/sc-hsm-tool.c
modified: src/tools/westcos-tool.c
To hold the raw certificate blob in 'sc_pkcs15_cert' data use the 'sc_pkcs15_der' data type.
also:
; in 'pkcs15-cert.c' use short call of the debug messages;
; in 'destroy-object' pkcs15 framework handler take into account the multi-application cards:
-- when binding card use the application info;
-- when finalizing profile use the application ID.
* Print out warning when mlock fails, and continue.
* The warning required a ctx to be passed in, so that means
changing a few function signatures.
https://www.opensc-project.org/opensc/ticket/389
pkcs15-oberthur-awp.c:143:3: warning: Value stored to 'desc' is never read
desc = "Oberthur AWP container list";
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
pkcs15-oberthur-awp.c:138:3: warning: Value stored to 'desc' is never read
desc = "Oberthur AWP private object list";
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
pkcs15-oberthur-awp.c:133:3: warning: Value stored to 'desc' is never read
desc = "Oberthur AWP public object list";
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
pkcs15-oberthur-awp.c:128:3: warning: Value stored to 'desc' is never read
desc = "Oberthur AWP token info";
^ ~~~~~~~~~~~~~~~~~~~~~~~~~
pkcs15-oberthur-awp.c:122:3: warning: Value stored to 'desc' is never read
desc = "Oberthur AWP private data object info";
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
pkcs15-oberthur-awp.c:117:3: warning: Value stored to 'desc' is never read
desc = "Oberthur AWP data object info";
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
pkcs15-oberthur-awp.c:112:3: warning: Value stored to 'desc' is never read
desc = "Oberthur AWP public key info";
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
pkcs15-oberthur-awp.c:106:3: warning: Value stored to 'desc' is never read
desc = "Oberthur AWP private key info";
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
pkcs15-oberthur-awp.c💯3: warning: Value stored to 'desc' is never read
desc = "Oberthur AWP certificate info";
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
pkcs15-oberthur-awp.c:338:2: warning: Value stored to 'rec_offs' is never read
rec_offs = 0;
^ ~
pkcs15-oberthur-awp.c:1369:2: warning: Value stored to 'offs' is never read
offs += len;
^ ~~~
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5150 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-oberthur-awp.c: In function ‘awp_encode_data_info’:
pkcs15-oberthur-awp.c:1211: warning: implicit declaration of function ‘sc_asn1_encode_object_id’
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4205 c6295689-39f2-0310-b995-f0e70906c6a9
pkcs15-oberthur-awp.c: In function ‘awp_new_container_entry’:
pkcs15-oberthur-awp.c:241: warning: declaration of ‘rand’ shadows a global declaration
/usr/include/stdlib.h:176: warning: shadowed declaration is here
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4204 c6295689-39f2-0310-b995-f0e70906c6a9
Now the native Oberthur card format is supported for emulation of pkcs15 and pkcs15init.
It means that card personalized with OpenSC and the obejcts created with OpenSC
will be usable with the native Oberthur's middleware
and vice-versa.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4137 c6295689-39f2-0310-b995-f0e70906c6a9