Hannu Honkanen
ee8c80af4f
Implemented handling of CKA_ALWAYS_AUTHENTICATE attribute when importing and generating keys, mapping it to pkcs#15 userConsent field. Added command line options to pkcs11-tool and pkcs15-init tool to use the feature.
2018-12-05 12:10:42 +01:00
Hannu Honkanen
edd48b3200
pkcs15init:
...
- Added session_object flag to sc_pkcs15init_skeyargs to enable on-card session objects.
- Corrections to handling native and extractable flags
- Allow creating an empty secret key EF for receiving an unwrapped key later.
2018-10-31 10:24:19 +02:00
Hannu Honkanen
5f51d5d315
Added implementation of C_UnwrapKey all the way from PKCS#11 interface to the card driver level.
...
Not yet complete, but can be run with CKA_TOKEN=FALSE set in the target object. Currently unwrapping emulated
with a decrypt operation in card-myeid.c. To be improved.
2018-10-31 10:22:16 +02:00
konstantinpersidskiy
0c3412bb37
Fix C_SetAttributeValue for CKA_VALUE for data obj
2018-09-25 10:51:10 +02:00
Peter Marschall
5abe99d228
fix typos
...
Mass-typo fixing, almost exclusively in comments and text strings.
While at it also fixed a few (very few) grammar errors.
2018-04-15 09:34:45 +02:00
Timo Teräs
3d8cf274ff
pkcs15init: add support for secret key upload and generation
2017-06-13 10:40:36 +02:00
Timo Teräs
e2e1cbd10f
pkcs15init: prepare sc_pkcs15init_skeyargs for proper secret key support
2017-06-13 10:40:36 +02:00
Jakuje
dae323ea50
License clarification ( #988 )
...
* License clarification: Olaf Kirch
> Please refresh my memory; what is the license of the other files in
> pkcs15init and the pkcs11 code that I authored? Any files missing
> license information should use the same.
https://sourceforge.net/p/opensc/mailman/message/35704660/
* License clarificaiton: Vincent Le Toux
> Do whatever you want with it ;-)
https://sourceforge.net/p/opensc/mailman/message/35704731/
* License clarification: Ludovic Rousseau
> So the license should be the same as for pcsc-lite i.e. 3-clause BSD
> license as in, the original,
> https://github.com/LudovicRousseau/PCSC/blob/master/src/PCSC/winscard.h
> I added a license in the strlcpycat.h file for pcsc-lite. See
> https://github.com/LudovicRousseau/PCSC/blob/master/src/strlcpycat.h
https://sourceforge.net/p/opensc/mailman/message/35705399/
2017-03-14 22:47:13 +01:00
Frank Morgner
c6db68fdee
pkcs15-tool: don't unconditionally lock the card
2016-09-19 23:55:41 +02:00
LE TOUX Vincent
6a243449a0
First support for GIDS card
...
- minidriver included by default in Windows
- GIDS Applet is available here https://github.com/vletoux/GidsApplet
- some informative technical information is available here
http://www.mysmartlogon.com/knowledge-base/generic-identity-device-specification-gids-kb/
closes https://github.com/OpenSC/OpenSC/pull/651
2016-02-19 00:12:16 +01:00
Frank Morgner
baab26d871
pkcs15-lib.c: fixed potential resource leak
2015-10-30 12:15:06 +01:00
Olaf Kirch
f42a1c2563
Replace outdated address okir@lst.de -> okir@suse.de
...
Signed-off-by: Olaf Kirch <okir@suse.de>
2015-10-05 14:07:28 +02:00
Viktor Tarasov
e0aec3764a
pkcs15init: 'store-or-update' certificate option
2015-05-10 14:35:41 +02:00
Philip Wendland
48bd6b0964
Add support for the IsoApplet (Java Card applet)
...
The IsoApplet can be found here:
https://github.com/philipWendland/IsoApplet
Add read/write support for this applet, including RSA and
ECC support.
2015-02-20 21:55:26 +01:00
Viktor Tarasov
96265e6d08
pkcs15init: superpluous 'ec-params' in init data
...
Pkcs15init data, used to import/generate key objects, includes twice the same EC parameters data:
- explicit 'params' data
- part of sc_pkcs15_pubkey/sc_pkcs15_prkey
Explicit 'ec-params' data is removed.
2015-02-07 20:00:41 +01:00
Viktor Tarasov
dd5115bc02
pkcs15: use 'direct' public key value
...
pkcs15: in pubkey-info data
* introduced new 'direct' 'raw' and 'spki' members
* removed 'encoded der data' member
* in 'read-public-key' try firstly SPKI direct value
pkcs11:
'direct' data used when getting CKA_VALUE attribute of public key
pkcs15init:
* initialize 'raw' and 'spki' direct public key value
2014-02-09 18:49:58 +01:00
Viktor Tarasov
7853d67c12
pkcs15init: no const values in private key create/generate data
2013-12-29 19:47:45 +01:00
Viktor Tarasov
0dc39c1125
pkcs15: use value/length pair to hold the object's GUID
...
GUID can be presented by non-printable string
2013-12-29 19:47:42 +01:00
Viktor Tarasov
04fbf6ad08
pkcs15init: externalize and change name of select_intrinsic_id()
2013-12-29 17:33:36 +01:00
Andreas Schwier
72786abe1f
sc-hsm: Added write support for RSA and ECC keys, certificates and data objects
2012-10-01 13:09:02 +02:00
Nguyễn Hồng Quân
ed0e2be305
Add pkcs15init-binding for OpenPGP
2012-07-29 12:09:56 +02:00
Viktor Tarasov
78fe16654e
pkcs15init: iasecc: create objects for minidriver support
...
- Create/delete the PKCS#15 'DATA' objects destinated to supply support of minidriver. For a while only 'Gemalto' style of such support is implemented.
- Declare epass2003 pkcs15init operations.
- include into OpenSC configuration the SM related sections
2012-06-08 20:17:36 +02:00
Viktor Tarasov
9c5dbea883
pkcs11: ECHD and secret keys support from Douglas
...
This support were initially proposed by Douglas (https://github.com/dengert/OpenSC/commits/ecdh ) and
then merged into SM branch (https://github.com/viktorTarasov/OpenSC-SM/tree/secure-messaging ).
2012-05-28 20:06:23 +02:00
Viktor Tarasov
b432e9767f
pkcs15init: add 'minidriver-style' profile option
...
The on-card support of minidriver could need some MD specific pkcs#15 (DATA) objects.
There is no standard for these objects.
New option will allow to choose one of the possible implementations.
2012-05-26 09:36:49 +02:00
Viktor Tarasov
10e1ad001d
pkcs15init: change sc_pkcs15init_bind() prototype
...
Add new argument 'application-info',
that will allow to select the on-card application to by binded with.
pkcs11: use sc_pkcs15init_bind with 'AID' argument
Prototype of sc_pkcs15init_bind() has been changed to add argument with
AID of the on-card application to be binded with.
2012-05-26 09:36:25 +02:00
Viktor Tarasov
e57d443e86
pkcd15init: remove trailing whitespaces
...
inspired by
http://www.opensc-project.org/pipermail/opensc-devel/2012-March/017883.html
Change-Id: I817f903e67965942d9cc0c30931dbaea0c5f736e
2012-04-02 23:40:05 +02:00
vtarasov
d888b3fd55
pkcs15: use general 'AuthenticationObject' instead of 'PinObject'
...
now the attributes of the previous 'pin-info' data type are included
as the sub-type attributes of the general 'auth-info' data .
It will allow to include support of the 'biometricTemplate' and 'authKey' authentication types.
http://www.opensc-project.org/pipermail/opensc-devel/2011-May/016655.html
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5550 c6295689-39f2-0310-b995-f0e70906c6a9
2011-06-05 15:46:25 +00:00
martin
2d43c601e9
Remove unused code: sc_pkcs15init_get_label()
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5511 c6295689-39f2-0310-b995-f0e70906c6a9
2011-05-28 22:14:14 +00:00
martin
215c133ba0
libopensc: remove more traces of software token/non-native private key related code.
...
pkcs15-wrap.c can be removed. Clarified/changed the meaning of "insecure" flag to pkcs15-init tool,
which will be needed to explicitly enforce the creation of a key which does not require a PIN.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5510 c6295689-39f2-0310-b995-f0e70906c6a9
2011-05-28 22:14:07 +00:00
vtarasov
78d90c4765
EC support: introduce data type dedicated to EC parameters ...
...
EC parameters can be presented in a three forms: namedCurve, OID and implicit data.
This new data type will facilitate manipulation of ec-parameters in the OpenSC tools and library.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5386 c6295689-39f2-0310-b995-f0e70906c6a9
2011-04-22 13:08:45 +00:00
andre
261d5269e5
pkcs15-init.h: Avoid warning:
...
pkcs15-init.c:1473: warning: assignment discards qualifiers from pointer target type
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5362 c6295689-39f2-0310-b995-f0e70906c6a9
2011-04-19 09:12:17 +00:00
vtarasov
8de6b57882
pkcs15init: different possible kinds of EC generate key parameters ...
...
named curve, oid and der
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5357 c6295689-39f2-0310-b995-f0e70906c6a9
2011-04-17 18:48:12 +00:00
vtarasov
d673e5f109
pkcs15init myEID: in profile increase size of xDF files, also ...
...
during initialization add the all xxDF to the ODF
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5344 c6295689-39f2-0310-b995-f0e70906c6a9
2011-04-15 17:11:38 +00:00
vtarasov
614e9fa566
pkcs15init: sipmlify the 'delete-object' callaback prototype ...
...
now it takes 'sc_pkcs15_object' argument instead of two arguments - object's type and object's data.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5343 c6295689-39f2-0310-b995-f0e70906c6a9
2011-04-15 16:50:04 +00:00
vtarasov
2fecaa73bd
pkcs15init: introduce EC key generation parameters
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5332 c6295689-39f2-0310-b995-f0e70906c6a9
2011-04-12 11:36:40 +00:00
vtarasov
69b7f200eb
IAS/ECC: include support of the IAS/ECC v1.0.1 cards ...
...
http://www.opensc-project.org/pipermail/opensc-devel/2011-January/015756.html
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5198 c6295689-39f2-0310-b995-f0e70906c6a9
2011-02-16 10:59:10 +00:00
vtarasov
4c183b2b38
pkcs15init: function to finalize profile when binding to the application of the multi-application PKCS#15 card.
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5100 c6295689-39f2-0310-b995-f0e70906c6a9
2011-01-17 16:28:44 +00:00
vtarasov
4c57c899b3
pkcs15init: add 'aid' argument to prototype of sc_pkcs15init_erase_card() ...
...
used to indicate application to erase
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5086 c6295689-39f2-0310-b995-f0e70906c6a9
2011-01-11 16:50:30 +00:00
vtarasov
a7c75182a1
pkcs15-init: no more 'SPLIT-KEY' flag ...
...
more of debug messages
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5019 c6295689-39f2-0310-b995-f0e70906c6a9
2011-01-02 13:55:03 +00:00
vtarasov
1a58c429cb
'AuthentIC': basic support of Oberthur's 'COSMO.v7/AuthentIC.v3.2' ...
...
it's the natively PKCS#15 card
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5006 c6295689-39f2-0310-b995-f0e70906c6a9
2010-12-30 14:40:28 +00:00
vtarasov
891f98363b
pkcs15init: new 'emulation-store-data' operation ...
...
the first usage is to update the public key PKCS#15 object attributes
and to encode it's direct value.
(support of the Oberthur's AuthentIC V3.2 card)
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@5001 c6295689-39f2-0310-b995-f0e70906c6a9
2010-12-30 12:50:35 +00:00
viktor.tarasov
ae14336221
pkcs15init: create frame to implement card specific 'sanity check' procedure
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4508 c6295689-39f2-0310-b995-f0e70906c6a9
2010-07-02 14:26:29 +00:00
viktor.tarasov
2883c17b15
pkcs15init: homogenize argument order of pkcs15init operations
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4507 c6295689-39f2-0310-b995-f0e70906c6a9
2010-07-02 13:46:13 +00:00
martin
d1d47d44c5
Fix #198 : set correct access flags to private keys
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4193 c6295689-39f2-0310-b995-f0e70906c6a9
2010-04-01 14:16:43 +00:00
viktor.tarasov
7d6739feb2
pkcs15init: in pkcs15-init.h don't use parameters name in the function declarations
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4133 c6295689-39f2-0310-b995-f0e70906c6a9
2010-03-18 09:49:49 +00:00
viktor.tarasov
ecbe32f778
pkcs15init: fix pkcs15-init.h
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4132 c6295689-39f2-0310-b995-f0e70906c6a9
2010-03-18 09:46:35 +00:00
viktor.tarasov
8419f95f76
pkcs15init: in pkcs15-init.h, for the function prototypes, homogenize using 'struct *' vs. '*_t'; do not use paramters name
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4131 c6295689-39f2-0310-b995-f0e70906c6a9
2010-03-18 09:39:16 +00:00
viktor.tarasov
e214ba206c
pkcs15init: emulation API
...
Four method are added to the 'sc_pkcs15init_operations':
emu_update_dir -- create or not the DIR file;
emu_update_any_df -- update the non-pkcs15 descriptors that are equivalents to pkcs15 xDF files;
emu_update_tokeninfo -- update analog of tokenInfo;
emu_write_info -- to not create OPENSC-INFO file;
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4128 c6295689-39f2-0310-b995-f0e70906c6a9
2010-03-18 09:10:51 +00:00
viktor.tarasov
fb45d8925b
pkcs15init: simplify internal API
...
; do not pad PIN in pkcs15init. It's already done in libopensc/pkcs15-pin;
; the 'do_verify_pin()', 'sc_pkcs15init_verify_key()' and 'do_get_and_verify_secret()' are replaced by unique 'sc_pkcs15init_verify_secret()'; edit debug messages;
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4123 c6295689-39f2-0310-b995-f0e70906c6a9
2010-03-17 16:26:07 +00:00
viktor.tarasov
aff7b5523c
pkcs15init: homegenize pin reference type in a different structures; remove unused parameters in the internal procedures;
...
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@4088 c6295689-39f2-0310-b995-f0e70906c6a9
2010-03-05 10:37:11 +00:00