46303a640a
build: new 'disable-optimization' configure option
2014-02-09 18:49:58 +01:00
72bf7a8593
pkcs15init: NULL 'store-key' hahdle
...
Card driver can not define 'store-key' init handle
2014-02-09 18:49:58 +01:00
032a3ece20
pkcs15init: ignore if no TokenInfo file to update
2014-02-09 11:59:26 +01:00
c5c49e3fd4
sc_pkcs15_encode_pubkey_as_spki depends on DER encoded RAW key
...
Make sure the sc_pkcs15_pubkey structure contains the DER endoding
of the RAW public key before trying to produce the SPKI version.
2014-01-19 19:30:04 +01:00
46c86fcb66
coding style: use short form of debug macros
2014-01-19 19:19:17 +01:00
3f023d3342
pkcs15: PIN value not validated in pkcs15-verify
...
In pkcs15-verify the value of PIN is not more validated for conformity with PIN policy,
value is only checked for maximal allowed length.
So that, no more need of 'ignore-pin-length' configuration option - now it's default behavior of common framework.
2014-01-19 19:19:17 +01:00
0efe1ec05e
coding style: remove trailing spaces
2014-01-19 19:19:17 +01:00
085f971f95
pkcs15init: iasecc: fix uncomplete merge
...
prototype of sc_pkcs15_get_object_guid has been changed
2014-01-19 19:19:17 +01:00
9f90cfae7d
macosx: inlude all files needed to build the installer from distribution.
...
There was a typo in the makefile...
2014-01-14 16:35:12 +00:00
5437f87d4b
pkcs15: encode public key algorithm (issue 202)
...
coding style: use linux style line break
2014-01-13 13:02:08 +01:00
3d3592ab28
pkcs15-tool: remove unused 'pubkey_pem_encode()'
...
used instead the sc_pkcs15_encode_pubkey_as_spki()
2014-01-13 12:48:16 +01:00
3dba84714f
Merge pull request #204 from CardContact/master
...
SmartCard-HSM improved token, PIN and EC key support
2014-01-12 12:32:57 -08:00
67dc60f707
sc-hsm: Added support for persistent EC public keys generated from certificate signing requests
2014-01-09 21:41:12 +01:00
9e54756e1b
sc-hsm: Added support to unblock PIN using C_InitPIN()
2014-01-08 19:32:53 +01:00
d1ba6164ad
sc-hsm: Added support for token label to be set via C_InitToken or sc-hsm-tool
2014-01-08 16:07:13 +01:00
abb48c8ba7
reader-pcsc: fix compiler warning
...
Add a missing "const" for a constant C-string
reader-pcsc.c: In function `detect_reader_features':
reader-pcsc.c:926:20: warning: initialization discards `const' qualifier from pointer target type [enabled by default]
2014-01-06 15:36:50 +01:00
c6d3b3b086
reader-pcsc: fix verify/modify pinpad commands
...
The PC/SC v2 part 10 commands for PIN verify and modify were wrong after
a change in pcsc-lite.
See a similar change in http://lists.alioth.debian.org/pipermail/pcsclite-cvs-commit/2013-December/006364.html
Should fix issue #199
2014-01-06 15:28:22 +01:00
4ebc506897
macosx: Ignore the configure-changed distribution.xml file in git.
2014-01-04 16:44:13 +00:00
4c31128bef
macosx: add "graphical uninstaller" to distribution DMG.
...
This allows to uninstall the software by people who don't use Terminal.
2014-01-04 16:43:36 +00:00
ab814380cf
Adds support for a Swedish eID card
2014-01-01 20:22:17 +01:00
034cff91d8
pkcs15: unify error codes of 'internal' and 'syntetic' binds
...
if no valid PKCS#15 file system found
'internal' bind procedure returns 'non-supported-card' error
the same as 'syntetic' bind procedure.
this return code is used by pkcs11 framework to accept non-binded cards
some codding style issues
2014-01-01 18:21:06 +01:00
3ab84b3b35
log: no format for the short arrays in 'hex-dump'
2014-01-01 18:21:05 +01:00
0fa475ee5f
build: define in configure.ac.in the common fields of version-info
2013-12-30 10:31:21 +01:00
b3baf9e75d
build: delete 'configure.ac', bootstrap creates it from 'configure.ac.in'
...
'configure.ac' has to be with the context related information,
as 'fix number', 'release number', fields of MSDN version-info, ...
Using supplied (or not) options,
bootstrap will create the working 'configure.ac' as a modified version of 'configure.ac.in'.
2013-12-30 10:30:03 +01:00
aec6f99ff4
win32: build: add 'VarFileInfo' block to version-info
2013-12-29 22:00:29 +01:00
53ed5dc502
win32: build: 'version-info' resource for each target
2013-12-29 22:00:29 +01:00
b928e814e5
build: bootstrap can be used with options
...
'branch', 'revision' and 'suffix'
2013-12-29 22:00:29 +01:00
1d45eea907
md: implement 'CardChangeAuthenticator'
2013-12-29 22:00:29 +01:00
f72c6fe625
md: implement CardUnblockPin
2013-12-29 22:00:28 +01:00
1dc5a26a8d
md: implement CardGetChallenge
2013-12-29 22:00:28 +01:00
5564b9973b
md: when PIN blocked ensure that 0 returned as "tries left"
2013-12-29 22:00:28 +01:00
89523a99ce
md: use "ignore PIN length" configuration option
...
With this option in 'true' the short PINs will not be ignored by
pkcs#15 framework and applied to card
2013-12-29 22:00:28 +01:00
15f694f85d
pkcs11: introduce 'ignore-pin-length' config option
...
When doing C_Login default behavior is to ignore the applied PINs with lengths less
then value of PKCS#15 PIN attribure 'min-length'. Such a PINs are not
really verified by card.
With 'ignore-pin-length' option in 'true' all applied PINs are verified by card.
2013-12-29 22:00:28 +01:00
0761a5ea02
pkcs11: use 'ignore-pin-length' config option
...
When doing C_Login default behavior is to ignore the applied PINs with lengths less
then value of PKCS#15 PIN attribure 'min-length'. Such a PINs are not
really verified by card.
With 'ignore-pin-length' option in 'true' all applied PINs are verified by card.
2013-12-29 22:00:28 +01:00
b1a5ebfac7
pkcs15init: introduce 'max-unblocks' PIN init parameter
2013-12-29 22:00:28 +01:00
784f0b8227
pkcs15init: refactoring -- do not use temporary variable
2013-12-29 22:00:28 +01:00
687fdf2a60
pkcs11-tool: more token flags to display
2013-12-29 22:00:28 +01:00
77bed45283
pkcs11: implement generic 'init-token' procedure
2013-12-29 22:00:28 +01:00
161c83ff8b
pkcs11: allow bind of non-recognized cards
...
To prepare C_InitToken of the non-initialized cards
allow bind of the non-recognized card
2013-12-29 22:00:28 +01:00
98333e56df
pkcs11: excessif check of return value
...
tiny coding style fix
2013-12-29 22:00:28 +01:00
01ed00dd66
pkcs15init: warning unused variable
2013-12-29 22:00:28 +01:00
4d5b80fd3f
libopensc: general usage method to allocate generalized time
2013-12-29 22:00:12 +01:00
13d1b8e9f2
pkcs15init: file 'content' and 'prop-attrs' in the card profile
...
Now it's possible to describe in the card profile
the 'prop-attr' and 'encoded-content' data of the file to create
2013-12-29 20:05:35 +01:00
51262f00ac
pkcs15init: in profile more AC operations are parsed, ...
...
new AC-OP 'pin-use'
2013-12-29 20:05:35 +01:00
024cd3b96a
pkcs15init: more of the debug messages and macros
2013-12-29 20:05:35 +01:00
075ff22890
md: generic procedure to get bool config option
2013-12-29 20:05:35 +01:00
aaa4489b7f
md: configuration options to refuse create-container mechanism
...
used rather for the debug -- allows to refuse, for example,
'key-import' create container mechanism and to compel the application (IE)
to generate key on card (rather then generate key by soft and then import it onto card).
2013-12-29 20:05:35 +01:00
f7a9ac90e8
md: config option 'use GUID as crypto object's label'
2013-12-29 20:05:35 +01:00
f71e241f03
md: config option 'GUID as ID'
...
allows to set the container's GUID value as ID of the key and certificate PKCS#15 objects.
2013-12-29 20:05:35 +01:00
692791e8ed
md: set length of container GUID
2013-12-29 20:05:35 +01:00
Viktor Tarasov
Doug Engert
Martin Paljak
Andreas Schwier
Ludovic Rousseau
Jonathan Süssemilch Poulain