- update code signing credentials, thanks to Tim Wilbrink
- split up large files into 50 MB chunks for Nightly to avoid Github's file size limit
- codesign tools/libs with hardened runtime and entitlements
- avoid relocation of app bundles on installation
- sign installer for distribution
Explicitly mention that this script builds the tokend and command
line tools (as it does not build the CryptoTokenKit app extension).
Add two missing packages in the list of build dependencies.
OpenSCToken (https://github.com/frankmorgner/OpenSCToken) is now a
standalone package that provides the CryptoTokenKit app extension.
It includes its own 'build-package' script, which handles building
the OpenSC library and statically linking against it.
The 'MacOSX/' directory in OpenSC itself is only used to build the
macOS tokend. Remove unused code for building a CryptoTokenKit app
extension from this directory (which no longer works). This should
help to avoid confusion when building OpenSC for macOS.
- eac: allow CA without EF.CardSecurity
- sc-hsm: implemented CA based on document PKI
- sc-hsm: adds receive limit for SoC card
- introduces dedicated card type for SoC card
- md: integrate card's PIN pad capabilities
- installer: added SC-HSM SoC card to registry
- pkcs15-tool: Added support for PIN entry on card
- change/unblock PIN: add support for PIN entry on card
- added OpenPACE to macOS build
- travis-ci: install gengetopt/help2man via brew
- sc-hsm: Cache EF.C_DevAut
- sc-hsm: Prevent unnecessary applet selection and state resets
- sc-hsm: added support for session pin
- sc-hsm: avoid multiple AID selection
- sc-hsm: Use the information from match_card for all subsequent selections of the applet
- sc-hsm: cache optional files as empty files (Decoding the files will reveal that they were not existing prior caching. This avoids selecting the file though we have already tried to cache the file before.)
- use dedicated directory for CVC trust anchors
- appveyor: added OpenPACE to windows build
If --jobs=... argument is used for make (or the equivalent MAKEFLAGS is
defined) then the command "make clean update depend" fails because the 3
actions must be done in sequence and not in parallel.
OpenSSL is configured to be installed in $PREFIX so the files should be
checked in $BUILDPATH/openssl_bin/$PREFIX/lib/pkgconfig and not
$BUILDPATH/openssl_bin/lib/pkgconfig
Frank Morgner
Raul Metsma
Jakub Jelen
David Ward
Frank Morgner
Ludovic Rousseau