When getting string configuration parameter,
ignore non 'auto-configurated' in configuration file value
(ex. @SOME_VALUE_IN_OPENSC_CONF@) and return it's default value.
- Create/delete the PKCS#15 'DATA' objects destinated to supply support of minidriver. For a while only 'Gemalto' style of such support is implemented.
- Declare epass2003 pkcs15init operations.
- include into OpenSC configuration the SM related sections
With loadable secure-messaging module the SM wrapping of APDUs is performed
by entity external to the running application.
So that the SM keysets
TODO: amend detailed description
Replace the "one-trick-pony" pgp_do_iswritable() with a more generic
function returning the blob matching the passed tag.
This way we can get rid of the one-line function pgp_blob_iswritable() too.
comparisons like these can be done in the caller.
Set pin references to 0x01 - 0x03 instead of 0x81 - 0x83.
The PINs are referenced as PIN1- PIN3 (resp. PW1 - PW3) in the OpenPGP
card specification.
Technically the APDUs to verify/change the PINs contain the values OR-ed
with 0x80, but this is just a technical detail of the implementation
which the emulated file system can hide in pgp_pin_cmd().
Pros & Cons:
+ consistent PIN naming
+ no trouble entering the correct PIN names in opensc-explorer et.al.
("verify CHV1" is way better than "verify CHV129")
- manually entering the correct APDU for VERIFY is a bit more complex.
(who does this anyway, when there are better functions)
While at it, change if .. elsif ... cascade to switch statement.
The the pInitArgs argument of C_Initialize() is not NULL it is a pointer
to a CK_C_INITIALIZE_ARGS structure.
This structure contains a flags bitfield with possible values:
- CKF_LIBRARY_CANT_CREATE_OS_THREADS
- CKF_OS_LOCKING_OK
This flags parameter is now parsed and displayed.
New operations:
- 'erase-application' -- erase on-card application indicated by it's AID;
- 'update-lastupdate' -- parse tokenInfo, set 'lastUpdate' value to the current date and write back tokenInfo content;
- 'ignore-ca-certificates' -- when importing PKCS#12 ignore all CA certificates;
When reading and printing file content, do not read it by small chunks,
but read an entire file.
It allows to verify how card driver reads the data of maximal size
that is allowed for one transaction ('max_recv_size').
call sc_profile_finish() with application info data as an argument;
in delete-by-path procedure, when getting authorization to delete file, make distinction between 'DELETE' and 'DELETE-SELF';
call card specific 'store' handler updating PrKDF and PubKDF files;
deduce the private key pkcs#15 attributes (like subject) from the friend certificate;
ignore SM authentication type when getting authorisation for operation;
copy GUID from the object create data to the pkcs#15 object attributes.
Decode/encode 'subjectName' attribute from the 'CommonPubkeyAttributes'
Use macros for the size of the asn1_entry tables.
Use short call form for debug messages.
Procedure to convert the pkcs15 public key to EVP_PKEY type key.
Coding style issues.
Decoding/encoding of the 'algReference' attribute from the 'CommonKeyAttributes'.
Use macros for the size of the asn1_entry tables.
Use short call form for debug messages.
Procedure to deduce from certificate the attributes of private key PKCS#15 object.
Procedure to convert the pkcs15 private key to EVP_PKEY type key.
Coding style issues.