Unnecessarily strict regex was failing for some unknown reason on OS X. Easier to just relax the regex than understand what's wrong (and then relax the regex).
Fixes#782
Add a comment field to the ssh key output if a label is set on the key. Add RFC4716 compliant key output for the new breed of modern (mobile) SSH clients.
VTA: use short form of log call in iso7816
Experienced a problem with dnie-tool where I would receive a warning with the content of /etc/bash_completion.d/dnie-tool.
The cause of the error was a missing case label which in turn was caused by the formatting of the dnie-tool.1.xml.
Options were formatted like <term><option--xarg, -x</option></term> which were not handled by the sed regular expression in the makefiles.
Modified the dnie-tool.1.xml file to be consistent with the other doc files and to generate the dnie-tool file correctly.
This generates the scripts that lets bash do completion per specific tool.
It gets the options from the documentation XML files that are also the
source for the man pages and HTML.
'PACE' is extremely card specific protocol and has not to be ostensibly
present in the common part of OpenSC:
* currently in OpenSC there is no card driver that supports or uses this protocol;
* amazing content of the common 'sc_perform_pace' -- beside the verbose logs
the only substantial action is to call the card/reader specific handler.
According to the current sources and the pull request 83
this 'common' procedure is called by the card driver or
card specific tool/operation.
* currently the 'PACE' can be thouroghly tested only by one person (Frank Morgner),
and only using the OpenSSL patched with the PACE specific patch.
So, at least a dedicated configuration option could be introduced when comiting PACE to the common part.
* common 'sc_perfom_pace' has the same role as the 'initialize-SM' handler of the existing SM framework
and can be implemented as card specific SM, as the others cards do.
This confirmed by Frank Morgner, the author of PACE commits and nPA card driver, himself.
(https://github.com/OpenSC/OpenSC/pull/83)
'Id' option in the pkcs15-init commands to import/generate a new key
is deprecated. Better s to let the MW to derive an identifier from
the key material.
In VERIFY, allow the user to enter the PIN unteractively if it was not given
on the command line, and if the card reader does not support PIN input.
If it was not given on the command line and the card reader supports PIN input,
then the bahaviour is unchanged: enter PIN via card reader.
openpgp-tool: PIN verfication support.
openpgp-tool: Add notification in case of error.
openpgp-tool: Add manual for key generation and PIN verification.