[pkg-opensc-commit] [opensc] annotated tag upstream/0.17.0_rc1 created (now e9a5044)
Eric Dorland
eric at moszumanska.debian.org
Sat Jun 24 21:12:02 UTC 2017
This is an automated email from the git hooks/post-receive script.
eric pushed a change to annotated tag upstream/0.17.0_rc1
in repository opensc.
at e9a5044 (tag)
tagging 1ba1e6bdd37d6833952fe6399f21a3a895644ccf (commit)
replaces upstream/0.16.0
tagged by Eric Dorland
on Wed Jun 21 19:57:59 2017 -0400
- Log -----------------------------------------------------------------
Upstream version 0.17.0~rc1
CardContact Systems GmbH (1):
Allow tools to enable card lock (#875)
Christoph Müllner (1):
pkcs11-tool: Add feature to get random data. (#995)
David von Oheimb (1):
pkcs11-tool: various improvements, extensions, fixes, cleanup
Doug Engert (20):
Compile from a separate build directory
PIV and PIV-Want-To-Be Issues
reader-pcsc: improved logging and handling of reset
piv: logout place holder
libopensc: fix reopen SM after reader reconnect
libopensc: introduce 'reader_lock_obtained' card operation
piv: add a piv_card_reader_lock_obtained function
Use OpenSSL versions OpenSSL-0.9.7 to 1.1.0a for OpenSC
Add support for LibreSSL compatability as well as OpenSSL-1.1.0
Move include for internal.h from aux-date.h to aux-data.c (#888)
prkey_fixup_rsa changes for OpenSSL-1.1.0
Pkcs11-tool.c changes to accommodate ECDH operations using SoftHSM. (#901)
piv: use cert keyUsage to set PKCS#11 key attributes
pkcs15-cert: fix double free issue, memory leak and comment
Pkcs11-tool.c -t fails to for RSA-X-509 verification
PKCS#11 does not define a CKA_VALUE for public keys and is missused
Add new attribute CKA_SPKI for CKO_PUBLIC_KEY
Make sure it is an SPKI
piv-tool loops when using OpenSSL-1.1
gids-tool loops when using OpenSSL-1.1
Eric Dorland (1):
New upstream version 0.17.0~rc1
Feitian Technologies (2):
Solve #871 #731 #730
card-epass2003: Fixed plaintext communication and ATR mask (#967)
Frank Morgner (102):
avoid using an uninitialized buffer
use a user defined PKG_CONFIG_PATH
Merge pull request #694 from germanblanco/dnie_memory_leaks_and_sm_wrapping
Merge pull request #714 from dengert/fix-Makefile.am
removed unused variable
simplyfied netkey-tool
Merge pull request #790 from nunojpg/master
Merge pull request #793 from michaelansel/patch-1
fixed incompatible types ('DWORD *' to 'size_t *')
fixed possible loss of data
remove unused `scconf_entry`
added parameter checking to `sc_right_trim`
compile zlib with -MT instead of -MD
don't use a def file for PKCS#11 modules
added cardos ATRs to minidriver installation
fixed and cleaned up nmake Makefiles
Merge pull request #772 from vletoux/gids_maintenance
Merge pull request #789 from jasp00/dnie-ui
libsm: fixed out of bounds write
Merge pull request #732 from metsma/P11Label
Merge pull request #743 from Jakuje/jjelen-truncate-ecdsa-signature
use sc_pkcs15_get_pin_info in C_GetTokenInfo
EF.ATR: removed IAS/ECC workaround
parse Extended Length Information in EF.ATR/INFO
card-starcos: use transceive length from EF.ATR
libopensc: fetch card's UID
libopensc: cache EF.ODF and EF.TokenInfo
pkcs15: don't require-L for file caching
sc-hsm: use PKCS#15 file cache
sc-hsm: cache certificates
PKCS#11: Don't use ':' in the token name
Initialize PIN logged_in field for default PKCS#15 data
sc-hsm: fixed parsing EF.TokenInfo (#865)
pkcs15-tool: don't unconditionally lock the card
winconfig.h: use more values from configure.ac
sc-hsm-tool: hide --print-dkek-share from the user
Merge pull request #864 from maciejsszmigiero/openpgp-fixes-small
exclude DNIe 3.0 from supported cards
Documented reader's max_recv_size/max_send_size
added compatibility function for VC14
AppVeyor: Build on as many platforms as we can
AppVeyor: Use static names for artifacts
AppVeyor: use Github as zlib download mirror
pkcs15-tool: implemented --clear-cache (#873)
only build opensc when needed
ignore some more generated files
hex_to_bin: don't strip leading null-bytes
pkcs15init: explicitly lock the card
pkcs15-tool: workaround for Apple stupidity
pkcs11-tool: fixed missing newline in test output
config: added disable_popups for internal UI
remove all login states when the token was removed
pkcs11: don't shrink the number of slots
pkcs15-init: Fixed segfault
card-cardos: Support PIN queries for CardOS 5
iso7816: propagate the PIN status on verify/change
silence warning about not logging in
macOS: Use a better Uninstaller
macOS: Simplyfy installer
travis-ci: fixed mingw cross compile build
travis: always kill services.exe
travis: synchronize coverity_scan with master
correctly include pthread flags
Added (external) card driver for German ID card
Added support for PIN commands via escape commands
card-npa: moved to internal card drivers
Added information about debugging
fixed compiler warnings
log exit of sc_single_transmit in case of SM
pkcs15-tool: documentated `--clear-cache`
win32 installer: skip license agreement
recognize T=0 limitation of sending 255 bytes
macOS: added support for access via CryptoTokenKit
Coverity fixes (#1012)
Avoid dnie_transmit_apdu in the dnie driver (#970) (#1013)
pkcs11-tool: fixed RSA-X-509 corner case test
replace assert with error handling
reader-pcsc: removed cardmod driver
fixed more coverity issues
removed obsolete comment
Fix missing error handling of memory allocation (#1020)
Fixed ssh's pkcs11 usage on macOS
Force T=1 for contactless cards
fixed import of multiple symbols
sc-hsm: Add support for SoC
minidriver: added support for session pin
pkcs15-tool: added test for session PIN
sc-hsm: fixed forcing a card driver via opensc.conf
added compatibility with WiX 3.11
removed BUILD_ON/BUILD_FOR variable
AppVeyor: Updated OpenSSL version
AppVeyor: cache zlib build
AppVeyor: cache openpace build
sc-hsm: add GoID ATRs
sc-hsm: fixed using GoID with unknown ATR
fixed bad memory access
prevent integer overflow
avoid logically dead code
fixed ressource leak
Revert "pkcs11-tool: always authenticate when pinpad is in use"
fixed Coverity issues
0.17.0 version bump
German Blanco (1):
DNIe. Removing all memory leaks and using SM wrapping and unwrapping.
HAMANO Tsukasa (5):
New: jpki card driver
JPKI: fix prkey usage
login state preservation for JPKI card
md: integrate JPKI (#964)
MD: add and read msroots file
Hannu Honkanen (5):
myeid: fix to ECDH implementation
myeid: added card capabilities check to ...
card-dnie: Fix to dnie_ask_user_consent. Undefined flag caused a compilation error.
Added a check to sc_pkcs15_verify_pin to find out if the access condition is already open on card. This check is performed only if this function is called with empty data. This change fixes a problem with pinpad readers, when PIN cache is disabled and prevents unnecessary PIN queries.
Improved creation of key files so that the correct security attributes are set and keys can be created under specific PINs. Previously keys were always created under PIN 1. Changed description of myeid_create_key function.
Ian Young (2):
Don't free file if pointer is null (#858)
Make pkcs15-tool --dump object formatting consistent (#867)
Jakub Jelen (21):
Truncate data for ECDSA signature to the size of the key
[p15dump] Error message with a reason for missing unusedSpace file
libopensc: generic parse of certificate extensions
Add Coolkey driver
Restore blocking WaitForSlotEvent functionality for recent PCSC-Lite versions
libpkcs11: Prevent double-free when the dlopen fails
coolkey: Update to new API, use simplified log functions
coolkey: Improve return values logging in init_ex() function
Prevent leaking memory from PIV readers
Fix Coolkey memory management around SimCLists
mcrd: Clean up drv_data in case of failure during initialization (partly resolves #943)
coolkey: Properly initialize serial length (partially resolves #943)
Add ATR to detect CardOS 5.3
iso7816: Parse TL using ASN1 parser to avoid (possibly) wrong assumptions about length of both parts
pkcs11-tool: Do not allow to write PEM encoded certificates to cards
pkcs11-tool: Polish rough edges of --attr-from use case to verify and convert in all cases
Make sure the lock is released when returning
pkcs11-tool: Do not use unitialized data when C_GetTokenInfo() failed
pkcs11-tool: Set CKA_PRIVATE=false for new public keys
Restore the functionality of CAC usage flags deriving from X509 certificates
Do not use the hardcoded magic numbers in PIV
Jakuje (6):
Get rid of misleading indentation warnings (GCC6 -Wmisleading-indentation) (#859)
Fix Coverity remarks (#876)
adding a CAC support into OpenSC (#841)
License clarification (#988)
Make CardOS 5.3 working with OpenSC (#1003)
If the underlying PKCS#15 structure does not provide label for a cert… (#1045)
Javier Serrano Polo (1):
Fixed interaction with DNIe UI
Leonardo Brondani Schenkel (2):
openssl: allow building against libressl (#878)
libopensc: allow setting driver via OPENSC_DRIVER environment variable (#882)
Ludovic Rousseau (5):
MacOSX: fix OpenSSL check in build-package.in
src/tests/Makefile.am: fix compilation with OpenSSL
MacOSX/build-package: fix build for make multi jobs
pkcs11-tool.c: fix compiler warning
pkcs15-tool: Fix compiler warning
Maciej S. Szmigiero (24):
Make OpenPGP card user/signature PIN order match PKCS#11 framework
OpenPGP card doesn't support raw RSA so don't set such algo flag
Code files don't need execute permission
Improve handling of OpenPGP card PIN change and unblock commands
Initialize PIN logged_in field for cards that do not support PIN info
Set PIN-PUK association for cards that don't have it set
Print size_t variables on properly on Windows
Make minidriver installer custom action library optional
Make minidriver buildable again on mingw
Fix most of warnings shown when building on Linux and mingw
Move SM test in configure.ac after LIB_PRE and DYN_LIB_EXT assignment
Add session handle uniqueness check to PKCS#11 C_OpenSession()
Add reset operation to opensc-tool
Add ptrdiff_t (pointer difference) printf length modifier
Remove logprintf() mingw hack in minidriver
Support PIN unblocking in minidriver via PUK as response to challenge
Add GCC format checking attributes to log functions
Fix log messages format and parameter issues flagged by GCC
Fix cases of log function format strings not being a string literal
Use built-in formatted output functions on mingw
Add GCC format checking attributes to minidriver logging function
Fix minidriver log messages format and parameter issues flagged by GCC
Minidriver CardGetChallenge() parameters are output only
Minidriver CardReadFile() parameters are optional
Martin Paljak (3):
opensc-tool: only show the card name if present, to avoid "(null)"
pkcs11-tool: show the PIN lengths from token info
Add the final NUL to the CN used for token label
Michael Ansel (1):
Relax XML parsing regexes for bash_completion
Michał Trojnara (1):
NULL parameter check moved to sc_file_free()
Mouse (2):
Fix CAC-introduced bug that broke access to certificates (@dengert found it) (#1032)
Fix bug in pkcs11-tool.c that prevented it from displaying CKA_DERIVE key usage for EC public keys
Nguyễn Hồng Quân (2):
PKCS15-OpenPGP: Change error log
pkcs15-openpgp: Change sprintf to snprintf.
Nikos Mavrogiannopoulos (2):
install opensc.pc
src/libopensc/Makefile.am: add missing header (#895)
Nuno Goncalves (24):
fix #788 pkcs15-tool --read-ssh-key crash
pkcs11-tool: use CKF_{SO,USER}_PIN_* flags to provide alerts to the user
pkcs11-tool: re-login if pincache is disabled or expired
pkcs11-tool: Simplify PIN warnings messages logic
card-gemsafeV1: fix driver name
card-gemsafeV1: use iso7816 pin_cmd implementation
pkcs15-pteid: new implementation
pkcs15-tool: make --list* messages consistent
pkcs15-tool: add --list-info option
pkcs15-tool: add compact output format
Improve format in compact format
Do not print data to terminal when output file is given.
pteid: support iso7816 logged_in
pkcs11-tool: small format fix (#950)
pkcs15-init,pkcs15-tool: reword --no-prompt to --use-pinpad (close #944) (#957)
Revert "pkcs11-tool: re-login if pincache is disabled or expired"
pkcs11-tool: make login checks consistent in all test functions
pkcs11-tool: always authenticate when pinpad is in use
Fix tools interpretation of util_getpass return value
Validate PIN before verification
Improve pinpad use detection
pkcs11: remove redundant validation of PIN length
pteid: order objects by address (supersede #949) (#954)
pkcs15-tool: cast size_t to unsigned long (fix #965) (#966)
Peter Popovec (1):
opensc-explorer: show tag 0x82 for unknown files
Pieter Naaijkens (1):
Add missing comma to fix segfault when pkcs11-tool is called without arguments
Raul Metsma (3):
Move PIN type label front of description
pkcs15-esteid: remove openssl dependency (#863)
Use $(xcrun --sdk macosx --show-sdk-path) to parse SDK_PATH
Remy (1):
add dkek share hex print
Sid-Ali TEIR (1):
pkcs11-tool: fixed --id for C_GenerateKey, DES and DES3 keygen mechanism
Timo Teräs (19):
pkcs15init: use flag symbolic names
pkcs15: fix and simplify object type class comparisons
pkcs15: fix commit 76d59158 auth object regressions
build fix for libressl 2.5.3
Add _sc_card_add_generic for registering secret key algorithms
pkcs15init: generalize key compatibility checking helpers
pkcs15init: handle secret key in generic helper functions
add AES algorithm ID
Imporve SKDF decoding and implement encoding
pkcs15-tool: fix secret key dumping
pkcs15init: prepare sc_pkcs15init_skeyargs for proper secret key support
pkcs15-init: include secret keys in generic object handling code
pkcs15: allow struct sc_pkcs15_prkey to contain secret key
pkcs15init: add support for secret key upload and generation
Support SKDF and secret key upload for MyEID cards
pkcs15-init: support secret key upload and generation
add algorithm references for AES keys
pkcs15init: use random id for secret key
pkcs15-tool: add documentation for secret key options
Viktor Tarasov (14):
pkcs11-tool: generate secret key
pkcs11-tool: no error when getting sensitive attr. value
piv: change driver's short name to 'PIV-II'
pkcs15: no PIN cache update in pincache-revalidate
piv: coding style, use short log calls
pkcs11-tool: for WIN32 define STDOUT_FILENO
libopensc: no cache for the zero length PIN
pkcs15init: fix using PINPAD to verify PIN
travis for OCX: fix missing 'sed'
pkcs15-tool: remove overall card unlock
sm: no SHA256 for OpenSSL version < 0.9.8
travis: allow failed cross-builds
tools: fix segfault with verbose log into 'stderr'
asn1: print in log part of raw data to decode
carblue (1):
pkcs11-tool: in 4rd test use other signature keys
konstantinpersidskiy (2):
card-rtecp: Fix rtecp_change_reference_data (#958)
pkcs11-tool: add GOSTR3410 keypair generation (#997)
ricky (8):
dnie: changes to include DNIe 3.0 (PIN channel)
cwa-14890: force to re-establish the SM when disconnected by another process.
cwa-14890: little issue in cwa_external_auth
dnie: lost change in the previous pull request ...
dnie: force caching of pin if DNIe is version 3.0
cwa-dnie is empty if openssl not defined
Disable dnie if not defined ENABLE_SM (issue #927)
Avoid warning because no dnie_match_card
rickyepoderi (4):
Use struct sm_cwa_session from sm.h in dnie (#955)
Add dnie_free_apdu_buffers into dnie_sm_free_wrapped_apdu.
Use sc_hex_dump instead of cwa_hexdump.
Disable the secure channel at logout (#1048)
vletoux (1):
gids bux fixing
-----------------------------------------------------------------------
This annotated tag includes the following new commits:
new 1dd501a DNIe. Removing all memory leaks and using SM wrapping and unwrapping.
new 82a8411 Compile from a separate build directory
new 22f9ad7 Move PIN type label front of description
new 04825d8 avoid using an uninitialized buffer
new c524930 use a user defined PKG_CONFIG_PATH
new 192c3f6 Merge pull request #694 from germanblanco/dnie_memory_leaks_and_sm_wrapping
new a1fbf46 Merge pull request #714 from dengert/fix-Makefile.am
new 587a29b Truncate data for ECDSA signature to the size of the key
new b9cefa6 removed unused variable
new 9066d8f simplyfied netkey-tool
new eee4d74 Fixed interaction with DNIe UI
new d97ee79 fix #788 pkcs15-tool --read-ssh-key crash
new f52f6bb [p15dump] Error message with a reason for missing unusedSpace file
new 6b27d73 Merge pull request #790 from nunojpg/master
new da4446a Relax XML parsing regexes for bash_completion
new 2746a7f Merge pull request #793 from michaelansel/patch-1
new 9983c41 fixed incompatible types ('DWORD *' to 'size_t *')
new 72dda66 fixed possible loss of data
new 836842a remove unused `scconf_entry`
new 050c62f added parameter checking to `sc_right_trim`
new 84d4b06 compile zlib with -MT instead of -MD
new 25b52f6 don't use a def file for PKCS#11 modules
new ab2a65e added cardos ATRs to minidriver installation
new 0898d06 fixed and cleaned up nmake Makefiles
new 0ae4b4a gids bux fixing
new 072ec98 Merge pull request #772 from vletoux/gids_maintenance
new 97b8bf4 Merge pull request #789 from jasp00/dnie-ui
new 3dbcc0b pkcs11-tool: generate secret key
new 76e0e19 pkcs11-tool: no error when getting sensitive attr. value
new 4441efa pkcs11-tool: various improvements, extensions, fixes, cleanup
new e98315a libsm: fixed out of bounds write
new 1c661ca Merge pull request #732 from metsma/P11Label
new 14b57ff Merge pull request #743 from Jakuje/jjelen-truncate-ecdsa-signature
new 91fc129 PKCS15-OpenPGP: Change error log
new 46d8264 pkcs15-openpgp: Change sprintf to snprintf.
new 1198197 pkcs11-tool: use CKF_{SO,USER}_PIN_* flags to provide alerts to the user
new 2f10de4 use sc_pkcs15_get_pin_info in C_GetTokenInfo
new 33a16b4 New: jpki card driver
new cb1da56 JPKI: fix prkey usage
new 9a325fc EF.ATR: removed IAS/ECC workaround
new 2909ba2 parse Extended Length Information in EF.ATR/INFO
new b232c9b card-starcos: use transceive length from EF.ATR
new edf24d0 PIV and PIV-Want-To-Be Issues
new 0d6fc02 reader-pcsc: improved logging and handling of reset
new cee092a piv: change driver's short name to 'PIV-II'
new 60f2d06 libopensc: fetch card's UID
new 21fd6f0 libopensc: cache EF.ODF and EF.TokenInfo
new 8efca4d pkcs15: don't require-L for file caching
new c5a95d4 sc-hsm: use PKCS#15 file cache
new 49a4eaa pkcs15: no PIN cache update in pincache-revalidate
new 1ab99f3 pkcs11-tool: in 4rd test use other signature keys
new 9c7f673 piv: logout place holder
new eb21c41 piv: coding style, use short log calls
new 1bc09dd pkcs11-tool: re-login if pincache is disabled or expired
new 1e82dbe libopensc: fix reopen SM after reader reconnect
new ff335fe sc-hsm: cache certificates
new 6ad229e pkcs11-tool: Simplify PIN warnings messages logic
new 6cd28cf myeid: fix to ECDH implementation
new 84a69ce libopensc: introduce 'reader_lock_obtained' card operation
new bb2d863 piv: add a piv_card_reader_lock_obtained function
new 64ba32f pkcs11-tool: for WIN32 define STDOUT_FILENO
new 01c92fe pkcs11-tool: fixed --id for C_GenerateKey, DES and DES3 keygen mechanism
new 98568fe libopensc: no cache for the zero length PIN
new f64c71d Don't free file if pointer is null (#858)
new 952fb7c Get rid of misleading indentation warnings (GCC6 -Wmisleading-indentation) (#859)
new ce82e56 pkcs15init: fix using PINPAD to verify PIN
new e4f5f84 libopensc: generic parse of certificate extensions
new 0a6c1c4 Make OpenPGP card user/signature PIN order match PKCS#11 framework
new 3e3528b OpenPGP card doesn't support raw RSA so don't set such algo flag
new 80f5c8b Code files don't need execute permission
new dc476a9 Improve handling of OpenPGP card PIN change and unblock commands
new 526ae18 PKCS#11: Don't use ':' in the token name
new d84ee6c Initialize PIN logged_in field for cards that do not support PIN info
new cda3a2b Initialize PIN logged_in field for default PKCS#15 data
new 73ed21a sc-hsm: fixed parsing EF.TokenInfo (#865)
new 14a5e62 pkcs15-esteid: remove openssl dependency (#863)
new 678f2bb Make pkcs15-tool --dump object formatting consistent (#867)
new 905d780 Allow tools to enable card lock (#875)
new c6db68f pkcs15-tool: don't unconditionally lock the card
new 2059f79 install opensc.pc
new abd1595 winconfig.h: use more values from configure.ac
new a6dff51 add dkek share hex print
new d42aab1 sc-hsm-tool: hide --print-dkek-share from the user
new 8d67adb Merge pull request #864 from maciejsszmigiero/openpgp-fixes-small
new 96ef5c0 exclude DNIe 3.0 from supported cards
new 7b9bd60 openssl: allow building against libressl (#878)
new 0f22c0f travis for OCX: fix missing 'sed'
new 30261ce pkcs15-tool: remove overall card unlock
new 3b352d5 sm: no SHA256 for OpenSSL version < 0.9.8
new 6dc6d4c Documented reader's max_recv_size/max_send_size
new 28958af added compatibility function for VC14
new b32d1e8 AppVeyor: Build on as many platforms as we can
new 84ba7dd AppVeyor: Use static names for artifacts
new 1893dcf AppVeyor: use Github as zlib download mirror
new 44694a0 pkcs15-tool: implemented --clear-cache (#873)
new 5fb4db6 Use OpenSSL versions OpenSSL-0.9.7 to 1.1.0a for OpenSC
new c6dba96 Add support for LibreSSL compatability as well as OpenSSL-1.1.0
new 12f4026 Fix Coverity remarks (#876)
new 426f266 Solve #871 #731 #730
new 0f69949 MacOSX: fix OpenSSL check in build-package.in
new a3bf2ef src/tests/Makefile.am: fix compilation with OpenSSL
new b1aa790 MacOSX/build-package: fix build for make multi jobs
new 8b761b8 pkcs11-tool.c: fix compiler warning
new fad79ac pkcs15-tool: Fix compiler warning
new 0362439 Move include for internal.h from aux-date.h to aux-data.c (#888)
new c0196b4 src/libopensc/Makefile.am: add missing header (#895)
new c4a9951 only build opensc when needed
new 83934db ignore some more generated files
new 51c27f5 hex_to_bin: don't strip leading null-bytes
new de7aaa4 pkcs15init: explicitly lock the card
new 790ed5f Add Coolkey driver
new 16591d4 prkey_fixup_rsa changes for OpenSSL-1.1.0
new 68cbc28 card-gemsafeV1: fix driver name
new b2f6abd card-gemsafeV1: use iso7816 pin_cmd implementation
new dc07311 pkcs15-pteid: new implementation
new 6cbc57a pkcs15-tool: make --list* messages consistent
new a16aaed pkcs15-tool: add --list-info option
new a25a248 pkcs15-tool: add compact output format
new 3ff7309 Pkcs11-tool.c changes to accommodate ECDH operations using SoftHSM. (#901)
new 67ea96d piv: use cert keyUsage to set PKCS#11 key attributes
new 65090e8 pkcs15-cert: fix double free issue, memory leak and comment
new 1d051db dnie: changes to include DNIe 3.0 (PIN channel)
new e6dca49 cwa-14890: force to re-establish the SM when disconnected by another process.
new 282632f cwa-14890: little issue in cwa_external_auth
new 3cb24eb Restore blocking WaitForSlotEvent functionality for recent PCSC-Lite versions
new c7007b0 libopensc: allow setting driver via OPENSC_DRIVER environment variable (#882)
new 2434606 libpkcs11: Prevent double-free when the dlopen fails
new 365e29c coolkey: Update to new API, use simplified log functions
new f432caf coolkey: Improve return values logging in init_ex() function
new e80a95b Improve format in compact format
new 9e6dddb pkcs15-tool: workaround for Apple stupidity
new 13463e2 Add missing comma to fix segfault when pkcs11-tool is called without arguments
new dce379b pkcs11-tool: fixed missing newline in test output
new f6a5885 travis: allow failed cross-builds
new f0f4537 tools: fix segfault with verbose log into 'stderr'
new e1b4bf4 dnie: lost change in the previous pull request ...
new 0629256 dnie: force caching of pin if DNIe is version 3.0
new b97efe1 cwa-dnie is empty if openssl not defined
new e7f118d config: added disable_popups for internal UI
new 539c89e opensc-explorer: show tag 0x82 for unknown files
new 27c9dae opensc-tool: only show the card name if present, to avoid "(null)"
new 7598c82 myeid: added card capabilities check to ...
new cd62153 card-dnie: Fix to dnie_ask_user_consent. Undefined flag caused a compilation error.
new b4cfb14 asn1: print in log part of raw data to decode
new b3f0476 Prevent leaking memory from PIV readers
new ebf0a8b Do not print data to terminal when output file is given.
new 39f619f Disable dnie if not defined ENABLE_SM (issue #927)
new 42a9df3 Avoid warning because no dnie_match_card
new 7e6dc25 remove all login states when the token was removed
new 24b7507 pkcs11: don't shrink the number of slots
new 2c6dadf Fix Coolkey memory management around SimCLists
new 645780e NULL parameter check moved to sc_file_free()
new 5a9d7e1 pkcs15-init: Fixed segfault
new b577e8e card-cardos: Support PIN queries for CardOS 5
new 81d16fc iso7816: propagate the PIN status on verify/change
new 4b93f44 pteid: support iso7816 logged_in
new 9fd8a60 mcrd: Clean up drv_data in case of failure during initialization (partly resolves #943)
new 6aa52ce coolkey: Properly initialize serial length (partially resolves #943)
new bb905ec pkcs11-tool: small format fix (#950)
new 7033510 Add ATR to detect CardOS 5.3
new 92765f6 iso7816: Parse TL using ASN1 parser to avoid (possibly) wrong assumptions about length of both parts
new 68f8f0b pkcs15-init,pkcs15-tool: reword --no-prompt to --use-pinpad (close #944) (#957)
new c906c5e Use struct sm_cwa_session from sm.h in dnie (#955)
new 37844fc Revert "pkcs11-tool: re-login if pincache is disabled or expired"
new b6cb10f pkcs11-tool: make login checks consistent in all test functions
new 423375c pkcs11-tool: always authenticate when pinpad is in use
new 9eb706b Fix tools interpretation of util_getpass return value
new c6a9201 Validate PIN before verification
new ccc7e2f Improve pinpad use detection
new 3635dbe pkcs11: remove redundant validation of PIN length
new 76a5245 login state preservation for JPKI card
new 9d5fe78 silence warning about not logging in
new 4202ea2 pteid: order objects by address (supersede #949) (#954)
new f1f96a6 pkcs15-tool: cast size_t to unsigned long (fix #965) (#966)
new 2a68395 Pkcs11-tool.c -t fails to for RSA-X-509 verification
new a087082 card-rtecp: Fix rtecp_change_reference_data (#958)
new 25f785e macOS: Use a better Uninstaller
new e8b5dcf macOS: Simplyfy installer
new 777e2a3 adding a CAC support into OpenSC (#841)
new aa0592f travis-ci: fixed mingw cross compile build
new 1226462 pkcs11-tool: show the PIN lengths from token info
new 890d978 Use $(xcrun --sdk macosx --show-sdk-path) to parse SDK_PATH
new 51ba288 md: integrate JPKI (#964)
new 32dd37f travis: always kill services.exe
new 6850ec7 travis: synchronize coverity_scan with master
new 45e1732 card-epass2003: Fixed plaintext communication and ATR mask (#967)
new 0bbead5 correctly include pthread flags
new dae323e License clarification (#988)
new a4f64d9 Added (external) card driver for German ID card
new 40acedc Added support for PIN commands via escape commands
new 45a7ea9 card-npa: moved to internal card drivers
new 638a69a MD: add and read msroots file
new 111ba6f Add the final NUL to the CN used for token label
new 4b99169 Added information about debugging
new c77cb51 pkcs11-tool: Add feature to get random data. (#995)
new 74c6494 pkcs11-tool: Do not allow to write PEM encoded certificates to cards Resolves #834
new 2031735 pkcs11-tool: Polish rough edges of --attr-from use case to verify and convert in all cases
new 1168ca0 Set PIN-PUK association for cards that don't have it set
new b646a30 Print size_t variables on properly on Windows
new 64f56b8 Make minidriver installer custom action library optional
new 1b4c626 Make minidriver buildable again on mingw
new 7f778cc Fix most of warnings shown when building on Linux and mingw
new 20f781d Move SM test in configure.ac after LIB_PRE and DYN_LIB_EXT assignment
new df35d73 Add session handle uniqueness check to PKCS#11 C_OpenSession()
new 1479c4c Add reset operation to opensc-tool
new 5877fd2 Add ptrdiff_t (pointer difference) printf length modifier
new f91fc3d Remove logprintf() mingw hack in minidriver
new 1c40426 Support PIN unblocking in minidriver via PUK as response to challenge
new 2e75198 Add GCC format checking attributes to log functions
new 62cbda6 Fix log messages format and parameter issues flagged by GCC
new 58c4de2 Fix cases of log function format strings not being a string literal
new da6815d Use built-in formatted output functions on mingw
new 1a073d5 Add GCC format checking attributes to minidriver logging function
new 56f8806 Fix minidriver log messages format and parameter issues flagged by GCC
new d203ad7 Minidriver CardGetChallenge() parameters are output only
new 428b134 Minidriver CardReadFile() parameters are optional
new 0a254dc fixed compiler warnings
new 752e5af log exit of sc_single_transmit in case of SM
new 8da29d4 pkcs15-tool: documentated `--clear-cache`
new f21fe1d win32 installer: skip license agreement
new 7031351 recognize T=0 limitation of sending 255 bytes
new 013bdcb macOS: added support for access via CryptoTokenKit
new c5e4012 Coverity fixes (#1012)
new d757db2 Avoid dnie_transmit_apdu in the dnie driver (#970) (#1013)
new c2fa66f pkcs11-tool: fixed RSA-X-509 corner case test
new e7915ec replace assert with error handling
new 8f33305 Make CardOS 5.3 working with OpenSC (#1003)
new 4eaaa79 pkcs15init: use flag symbolic names
new 76d5915 pkcs15: fix and simplify object type class comparisons
new 7214516 Make sure the lock is released when returning
new 1ca09b8 pkcs11-tool: Do not use unitialized data when C_GetTokenInfo() failed
new c496af1 pkcs11-tool: Set CKA_PRIVATE=false for new public keys
new e6f7373 Added a check to sc_pkcs15_verify_pin to find out if the access condition is already open on card. This check is performed only if this function is called with empty data. This change fixes a problem with pinpad readers, when PIN cache is disabled and prevents unnecessary PIN queries.
new 8cf68bc Improved creation of key files so that the correct security attributes are set and keys can be created under specific PINs. Previously keys were always created under PIN 1. Changed description of myeid_create_key function.
new fcc8ea5 reader-pcsc: removed cardmod driver
new 9d15326 fixed more coverity issues
new 74f11a3 removed obsolete comment
new ac091b7 Add dnie_free_apdu_buffers into dnie_sm_free_wrapped_apdu.
new 741add2 Use sc_hex_dump instead of cwa_hexdump.
new 6bfb394 Fix missing error handling of memory allocation (#1020)
new 13f61ee Fix CAC-introduced bug that broke access to certificates (@dengert found it) (#1032)
new 0cb91fd Fix bug in pkcs11-tool.c that prevented it from displaying CKA_DERIVE key usage for EC public keys
new 2114dea pkcs15: fix commit 76d59158 auth object regressions
new f5aa3f5 build fix for libressl 2.5.3
new d48f438 PKCS#11 does not define a CKA_VALUE for public keys and is missused
new 4049283 Add new attribute CKA_SPKI for CKO_PUBLIC_KEY
new 35bae65 Make sure it is an SPKI
new 20e3836 Restore the functionality of CAC usage flags deriving from X509 certificates
new 427c175 Do not use the hardcoded magic numbers in PIV
new d9d247e Disable the secure channel at logout (#1048)
new e23960f Fixed ssh's pkcs11 usage on macOS
new 7cff9c2 Force T=1 for contactless cards
new c7ed71c piv-tool loops when using OpenSSL-1.1
new 0ec8994 gids-tool loops when using OpenSSL-1.1
new 77f6e94 fixed import of multiple symbols
new 74ec7b0 sc-hsm: Add support for SoC
new 7c3bb44 minidriver: added support for session pin
new a0e8689 pkcs15-tool: added test for session PIN
new b7de588 sc-hsm: fixed forcing a card driver via opensc.conf
new 0e70c59 If the underlying PKCS#15 structure does not provide label for a cert… (#1045)
new eb19691 added compatibility with WiX 3.11
new 2536365 removed BUILD_ON/BUILD_FOR variable
new 74d5eee AppVeyor: Updated OpenSSL version
new ad451bd AppVeyor: cache zlib build
new fb8fccd AppVeyor: cache openpace build
new 3131282 sc-hsm: add GoID ATRs
new 3e5fc89 sc-hsm: fixed using GoID with unknown ATR
new 083cec8 pkcs11-tool: add GOSTR3410 keypair generation (#997)
new 7e5afad fixed bad memory access
new 888215c prevent integer overflow
new 32aa51a avoid logically dead code
new 35c5eb0 fixed ressource leak
new 0576ccc Add _sc_card_add_generic for registering secret key algorithms
new 048e703 pkcs15init: generalize key compatibility checking helpers
new fe88222 pkcs15init: handle secret key in generic helper functions
new becd243 add AES algorithm ID
new 2632b61 Imporve SKDF decoding and implement encoding
new 8f53133 pkcs15-tool: fix secret key dumping
new e2e1cbd pkcs15init: prepare sc_pkcs15init_skeyargs for proper secret key support
new 7e99cf7 pkcs15-init: include secret keys in generic object handling code
new 576e70b pkcs15: allow struct sc_pkcs15_prkey to contain secret key
new 3d8cf27 pkcs15init: add support for secret key upload and generation
new 9497380 Support SKDF and secret key upload for MyEID cards
new e23190d pkcs15-init: support secret key upload and generation
new 023216c add algorithm references for AES keys
new 137c630 pkcs15init: use random id for secret key
new 00a710b pkcs15-tool: add documentation for secret key options
new e894bd1 Revert "pkcs11-tool: always authenticate when pinpad is in use"
new 4c65460 fixed Coverity issues
new 3a299eb 0.17.0 version bump
new 1ba1e6b New upstream version 0.17.0~rc1
The 291 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "adds" were already present in the repository and have only
been added to this reference.
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-opensc/opensc.git
More information about the pkg-opensc-commit
mailing list