Viktor Tarasov
df959efab5
md: install minidriver by default
2014-09-07 21:08:54 +02:00
William Roberts
3a0ca5aa7d
Remove hardcodes from Mutual Authenticate
...
Support nonces that are not only 8 bytes in
Mutual Authenticate. Use the witness length
to determine the nonce size, thus existing
systems using 8 bytes will continue to use 8
bytes. However, with AES 256, the nonces could
be a single block size of 16 bytes or greater.
2014-09-03 10:53:30 -07:00
Doug Engert
b84a1c9a90
Merge branch 'master' of github.com:OpenSC/OpenSC
2014-09-02 16:37:45 -05:00
Doug Engert
3260ca3eab
Merge pull request #270 from shootingatshadow/aes-support
...
Add AES support for PIV General Authenticate
adds new routine sc_right_trim in sc.c and opensc.h. It is used by PIV card driver when using the piv-tool.
2014-09-02 16:29:57 -05:00
Frank Morgner
87d430f300
iso7816: propagate the length of the computed signature
2014-08-26 21:21:26 +02:00
Doug Engert
2de38a1230
pkcs11-tool sets CKA_DECRYPT=true rather then CKA_DERIVE=true when generating EC keys ( #277 )
...
RSA and EC keys have different usage attributes. Appropriate attributes are set
When using --keypairgen the user can use the --usage-sign, --usage-decrypt,
and --usage-derive. to get finer control.
Changes to be committed:
modified: tools/pkcs11-tool.c
2014-08-26 09:59:40 -05:00
William Roberts
295c523e4e
Add AES support for PIV General Authenticate
...
This adds algorithm IDs 0xA, 0xA, 0xC which as documented
by the NIST PIV specification is algorithms AES-128, AES-192
and AES-256 respectively.
This patch also addresses some of the hardcodes that prevented
nonces greater than the single byte TLV length tags would allow.
It was explicitly tested with AES-256 and 256 byte nonces.
Signed-off-by: William Roberts <w2.roberts@samsung.com>
2014-08-25 18:27:13 -07:00
Sumedha Widyadharma
d13549600d
openpgp-tool: Return EXIT_SUCCESS if no error occurs
...
exit_status is either set directly or a function return is ORed with it,
in which case EXIT_SUCCESS can never be returned if the initial value is !=
0;
2014-08-20 21:53:25 +02:00
Andreas Schwier
5279bfa2d1
sc-hsm: Prevent double-free crash if key generation fails
...
Fixes #262 (SEGV when reader does not support extended length ADPU)
2014-07-09 14:27:08 +02:00
Frank Morgner
bb92019e53
iso7816: allow extended length APDUs
2014-06-27 08:26:35 +02:00
Viktor Tarasov
db60f8da59
release 0.14.0
2014-06-26 19:15:33 +02:00
Andreas Schwier
440289a091
sc-hsm: reduce indicated maximum PIN length to 15
...
Fix bogus minimum PIN length to support more PIN pad readers
2014-06-26 17:57:26 +02:00
Raul Metsma
cd7fbe3f8c
MacOSX: Build fat binaries i386...
...
revert part of 6e255a95
Chrome is still 32 bit only
This allows plugins running in Chrome (32bit) to use OpenSC PKCS#11, which would otherwise be only 64bit. Tokend "hides" the cpu architecture issue otherwise.
2014-06-26 17:56:09 +02:00
Viktor Tarasov
852a4719cf
release: OpenSC-0.14.0 RTM
2014-06-09 16:34:06 +02:00
Frank Morgner
35b74f3923
fixed warning unused variable
2014-06-09 16:03:14 +02:00
Frank Morgner
359660c454
dnie: removed dead and untested SM wrapping code
2014-06-09 15:48:20 +02:00
Raul Metsma
55bb8e9ff8
New generation card-s don't have issues with T1 and 3.5 card with same ATR has issues with T0 (recursive GET BINARY/GET DATA)
2014-06-09 15:46:13 +02:00
Andreas Schwier
072dfeb71c
sc-hsm-tool: Fixed SEGV if no or invalid card in reader
2014-06-09 15:05:42 +02:00
Henryk Plötz
b1b5a39ffa
Use sc_pkcs15_find_pin_by_auth_id() in asepcos_create_key() to correctly set the newly created key up for use with the configured PIN.
2014-06-06 18:46:48 +02:00
Nikos Mavrogiannopoulos
77d8fa390d
base64 decoding: Do not assume that char is signed.
...
In the systems where char is unsigned by default the base64 decoding
would crash.
2014-06-06 11:06:09 +02:00
Joachim Bauch
2f6b5174a8
Support "D-TRUST card 2.4 2ce".
2014-06-06 10:25:24 +02:00
Viktor Tarasov
3f13f571c0
openpgp-tool: issue-220: read and display OpenPGP data
2014-06-01 19:42:01 +02:00
Emanuele Pucciarelli
ee0566af09
pkcs11: pr-239: PKCS15 pubkey release fix
2014-06-01 18:55:56 +02:00
Raul Metsma
77c71be833
Don't depend configuration default value
2014-05-31 21:15:19 +02:00
Raul Metsma
ccf6da2dbe
Add windows onepin makefile
2014-05-31 21:15:19 +02:00
Raul Metsma
8e13acf51e
Restore pkcs11 onepin module for Firefox usage
2014-05-31 21:15:19 +02:00
Viktor Tarasov
f87a364ddc
release: candidate for the next stable version
2014-05-31 20:06:30 +02:00
Viktor Tarasov
cfc9461fe5
Update NEWS for opensc-0.13.1
2014-05-16 16:51:01 +02:00
Viktor Tarasov
612c7fe43a
git: ignore version.m4.ci
2014-05-16 16:50:27 +02:00
Viktor Tarasov
3418e9c146
OpenSC 0.13.1 rc1
2014-05-16 09:18:17 +02:00
Henrik Andersson
de6d61405b
Dont use sha256 if openssl is older than 0.9.8.
2014-05-14 22:11:31 +02:00
Henrik Andersson
1df8570a66
Add fence against using EVP_sha256 mech.
...
Which is only available in >=0.9.8
2014-05-14 22:11:25 +02:00
Viktor Tarasov
e41d94ca1a
md: fix return code in 'CardGetContainerInfo'
2014-05-13 18:34:18 +02:00
Viktor Tarasov
808fff2246
pkcs11: take pubkey CKA_VALUE from pub_data
2014-05-13 18:34:09 +02:00
Viktor Tarasov
b6ad7a92f5
pkcs11: more of debug messages
2014-05-13 18:33:58 +02:00
Viktor Tarasov
7dcb4359ff
build: put PACKAGE_VERSION_REVISION into version.m4
2014-05-12 07:27:04 +02:00
Viktor Tarasov
24fa9d8cc2
build: by default enable SM support
2014-05-11 17:44:34 +02:00
Viktor Tarasov
7b1e2e5dd3
build: uninstall-hook for opensc.conf
2014-05-11 17:44:34 +02:00
Viktor Tarasov
d4195e297c
build: bootstrap script has expected content
...
added CI specific 'bootstrap' script version: with parameters it creates the 'm4.version.ci' -- CI specific 'm4.version'
2014-05-11 09:15:27 +02:00
Viktor Tarasov
4bed397fbc
build: return to standard use of 'autoconf'
...
Following http://sourceforge.net/p/opensc/mailman/message/32009859/
* 'configure.ac' is not mored created by bootstrap script, but present in source
* 'version.m4' is introduced and contains the 'volatile' package settings:
settings that can be changed for the needs of particular build (ex. change PACKAGE_SUFFIX using the Git 'describe' or 'commit' data)
* 'bootstrap' script facilitate change of the package setting during the 'autoconf' phase
2014-05-07 09:53:08 +02:00
Frank Morgner
5f45739ecb
fixed one more warning
2014-05-03 22:24:06 +02:00
Frank Morgner
e1fd9d2a4c
cardos,incrypto34: restored semantics of select_pin_reference
2014-05-03 22:24:06 +02:00
Frank Morgner
511c8e6382
dnie: dont ignore error on sm free operation
...
Signed-off-by: Frank Morgner <morgner@informatik.hu-berlin.de>
2014-05-03 22:24:06 +02:00
Frank Morgner
b483d1d27d
westcos: fixed initialization of driver data
...
Signed-off-by: Frank Morgner <morgner@informatik.hu-berlin.de>
Updated by Viktor Tarasov
2014-05-03 22:23:40 +02:00
Frank Morgner
3b50ccc0ea
fixed incompatible function usage
...
Signed-off-by: Frank Morgner <morgner@informatik.hu-berlin.de>
2014-05-03 21:54:40 +02:00
Frank Morgner
a64326e768
fixed compiler warnings (partially submitted)
...
Signed-off-by: Frank Morgner <morgner@informatik.hu-berlin.de>
PR-222: commit 0b567dbaa8
partially submitted by Viktor Tarasov
2014-05-03 21:47:15 +02:00
Viktor Tarasov
883d42b1f8
libopensc: export 'iasecc_sdo_encode_update_field'
...
used by 'local SMM' module
2014-05-02 13:43:10 +02:00
Martin Paljak
8d000774df
EstEID: match card only based on presence of application.
...
Contact cards have ATR-s, contactless not. Only contact
cards should be broken so that they answer 0x9000 to application
selection, so this should be failsafe.
2014-04-21 21:05:11 +02:00
Nikos Mavrogiannopoulos
ba66459f33
When setting pointers to a template, ensure they do not get out of scope prior of being used.
...
This was causing issues when using pkcs11-tool with opencryptoki:
https://bugzilla.redhat.com/show_bug.cgi?id=1062307
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
2014-04-21 20:47:39 +02:00
Frank Morgner
46b0bed93f
fixed PUK handling
...
Note that
`SC_PKCS15_PIN_AUTH_TYPE_PIN` is used for `sc_pkcs15_auth_info_t.auth_type`
`SC_PKCS15_TYPE_AUTH_PIN` is used for `sc_pkcs15_object_t.type`
2014-04-21 20:43:41 +02:00