You can subscribe to this list here.
2013 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
(2) |
Aug
|
Sep
|
Oct
|
Nov
|
Dec
(1) |
---|---|---|---|---|---|---|---|---|---|---|---|---|
2014 |
Jan
|
Feb
|
Mar
|
Apr
|
May
(1) |
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
2015 |
Jan
|
Feb
|
Mar
|
Apr
|
May
(3) |
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
2016 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(1) |
Oct
|
Nov
|
Dec
|
2017 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
(1) |
Jul
(1) |
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
2018 |
Jan
|
Feb
|
Mar
|
Apr
(1) |
May
(4) |
Jun
|
Jul
|
Aug
(1) |
Sep
(2) |
Oct
|
Nov
|
Dec
|
2019 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(2) |
Oct
|
Nov
|
Dec
(1) |
2020 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
(1) |
Nov
(2) |
Dec
|
2021 |
Jan
|
Feb
|
Mar
|
Apr
(1) |
May
|
Jun
|
Jul
|
Aug
(1) |
Sep
|
Oct
|
Nov
|
Dec
|
2022 |
Jan
(1) |
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
(1) |
Nov
(5) |
Dec
|
2023 |
Jan
|
Feb
|
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
(1) |
Oct
|
Nov
(1) |
Dec
(1) |
2024 |
Jan
|
Feb
(2) |
Mar
(2) |
Apr
(1) |
May
|
Jun
|
Jul
|
Aug
|
Sep
(1) |
Oct
|
Nov
(1) |
Dec
|
2025 |
Jan
(1) |
Feb
(1) |
Mar
|
Apr
|
May
|
Jun
|
Jul
|
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
From: Frank M. <fra...@gm...> - 2025-02-21 10:39:10
|
Hello everyone! A new version of pam_pkcs11 has been released: https://github.com/OpenSC/pam_pkcs11/releases/tag/pam_pkcs11-0.6.13 This release includes two critical security fixes, so please make sure to update your installations. You can read more about the vulnerabilities here: https://github.com/OpenSC/pam_pkcs11/security/advisories Regards, Frank. |
From: Veronika H. <vha...@re...> - 2025-01-14 16:38:42
|
Hello all, We are happy to announce the latest release of OpenSC 0.26.1. You can find the full summary of changes, release tarballs, and binaries on Github: https://github.com/OpenSC/OpenSC/releases/tag/0.26.1 >From the outstanding changes, the release includes fixes for the allocation of aligned memory, fixes for crashes when spying with the C_GetInterface function and corrected reading of certificates in TCOS driver. For the full changelog, please refer to the NEWS file: https://github.com/OpenSC/OpenSC/blob/master/NEWS The Windows binaries contain signed installers provided by Signpath.io. The macOS installer is signed by Tim Wilbrink, as in previous releases. You can find SHA-256 hashes of the release artifacts below (calculated with `openssl sha256 $file`): OpenSC-0.26.1.dmg 7b66e256cefc7fdf6d9267383ac9e4763e299339aa52c99973f414b8a6a2ee05 OpenSC-0.26.1_win32-Debug.zip 15b52b21da3aa2ac22d6a99687cea8ccfea3a8093ee8fee15d4a689bafea7dca OpenSC-0.26.1_win32-Light-Debug.zip 5e9d587803018212653c9d26796ad987b3fbf4da74fac8bc1c771c441d949f14 OpenSC-0.26.1_win32-Light.msi b7e8ef7ff9c49d5a8a917d0c25f1518f19df7620b8e7d8d735e19e579a9d4b4e OpenSC-0.26.1_win32.msi fde5dbd86fd21424eb048484d7b151c0a9b2953decab44576ad54ac98366cfc7 OpenSC-0.26.1_win64-Debug.zip ec21060d336996644927f09bbb51a4d5cc01fd12c8227669270632ef85dea673 OpenSC-0.26.1_win64-Light-Debug.zip b61dc287caac3996d206e78fcb618378562d5b1ff41c6398e4059b4c8c6f4579 OpenSC-0.26.1_win64-Light.msi 2457246fa563ef112c53e13bc4de5b169ce538d35ff118ab1da5550905c9cf49 OpenSC-0.26.1_win64.msi bb2a47bd7a87617f38828c17eb7129a40fe27fe6656781882f2924fc2c9cf96e opensc-0.26.1.tar.gz f16291a031d86e570394762e9f35eaf2fcbc2337a49910f3feae42d54e1688cb Best regards, The OpenSC team |
From: Veronika H. <vha...@re...> - 2024-11-13 12:59:51
|
Hello all, We are happy to announce the latest release of OpenSC 0.26.0. You can find the full summary of changes, release tarballs, and binaries on Github: https://github.com/OpenSC/OpenSC/releases/tag/0.26.0 >From the outstanding changes, the release includes additional fixes for removing the time side-channel leakage related to RSA PKCS#1 v1.5 padding removal after decryption, unified OpenSSL logging, several features for pkcs11-tool and fixes for CVEs targeting uninitialized memory problems. For the full changelog, please refer to the NEWS file: https://github.com/OpenSC/OpenSC/blob/master/NEWS It is recommended to use the last version (or your distribution's latest maintained version) due to published PoC with Kerberos to side-channel leaking while RSA PKCS#1 v1.5 padding. Details can be found here: https://github.com/OpenSC/OpenSC/security/advisories/GHSA-h6ww-xfc2-jw4h The Windows binaries contain signed installers provided by Signpath.io. The macOS installer is signed by Tim Wilbrink, as in previous releases. You can find SHA-256 hashes of the release artifacts below (calculated with `openssl sha256 $file`): OpenSC-0.26.0.dmg 8f474d55c8b172167014a246035f38ce427207bf90de06ae6cc837ac37cc269c OpenSC-0.26.0_win32-Debug.zip e26b29c121852ddd1ebd5304cd83ccbfa1ac032a00828a1ce452028d58acb6b9 OpenSC-0.26.0_win32-Light-Debug.zip ec142bda8471f244d5b55d7f837ab96f7c60b6590f7ad3a4d851a29de16a3862 OpenSC-0.26.0_win32-Light.msi 008c2fe08735dfc15c0d2d1c8b1c13450841c885b120d2d80d12ab12abce8469 OpenSC-0.26.0_win32.msi 31f0056b06d710de1e9762e80069c2a1b3adfcff70ad4878b88c6a605dabd9ab OpenSC-0.26.0_win64-Debug.zip 106a14eb6003d4fcd4e3ef6b6f2ecffc3381741b77cbb6df8d6067ab350a41b3 OpenSC-0.26.0_win64-Light-Debug.zip 40644ad2b4dbe40aedd3edae8790dab343e52010929983f43a75e8dbf117956f OpenSC-0.26.0_win64-Light.msi 5a630cbfc353f1802d6b711122eafa6e25a8ac8283fd98db42ab48264569eca6 OpenSC-0.26.0_win64.msi 5ebfc1e0094ed8670c11c94a9e7c0decfa25ad71fded638c8cdd427a5d242639 opensc-0.26.0.tar.gz 837baead45e1505260d868871056150ede6e73d35460a470f2595a9e5e75f82b Best regards, The OpenSC team |
From: Jakub J. <jj...@re...> - 2024-09-11 17:26:38
|
Hello all, You can find a release candidate for OpenSC version 0.26.0 for testing on Github: https://github.com/OpenSC/OpenSC/releases/tag/0.26.0-rc1 >From the outstanding changes, the release includes additional fixes for removing the time side-channel leakage related to RSA PKCS#1 v1.5 padding removal after decryption, unified OpenSSL logging, several features for pkcs11-tool and fixes for CVEs targeting uninitialized memory problems. For the full changelog, please refer to the NEWS file: https://github.com/OpenSC/OpenSC/blob/master/NEWS We are looking forward to your feedback, which we may discuss via this mailing list or GitHub: https://github.com/OpenSC/OpenSC/issues/3223 Advises for systematic testing can be found here: https://github.com/OpenSC/OpenSC/wiki/Smart-Card-Release-Testing We would like to release the final version in a few weeks. After that, it is recommended to use the last version (or your distribution's latest maintained version) due to published PoC with Kerberos to side-channel leaking while RSA PKCS#1 v1.5 padding. Details can be found here: https://github.com/OpenSC/OpenSC/security/advisories/GHSA-h6ww-xfc2-jw4h The Windows binaries contain signed installers provided by Signpath.io. The macOS installer is signed by Tim Wilbrink, as in previous releases. You can find SHA-256 hashes of the release artifacts below (calculated with `openssl sha256 $file`): OpenSC-0.26.0-rc1.dmg ae4fde25be52b3e05f8722f22a2392d7881a0680cc625863d9c1c82ecc2200f7 OpenSC-0.26.0-rc1_win32-Light-Debug.zip ea1df15005bcac89ddee5b0bec37cc0d5dc2261bb11b6d9254316a5dd381c33b OpenSC-0.26.0-rc1_win32-Light.msi bd6b5ab0f25a235af96929d85073433e2a7963d2f6083fcdae2ba09ea22677f2 OpenSC-0.26.0-rc1_win32.msi 9fd4d51925ee0d01f329844c8b91aad9743dffb7493e5421d2c5acf612ff8350 OpenSC-0.26.0-rc1_win64-Debug.zip 8864278af69f84bb167af2d10c0a7825612f7f14321d4850378695e2a708386b OpenSC-0.26.0-rc1_win64-Light-Debug.zip c00d9e0d5f6e802883f54a8c6ad823306da473d822f1782505d66c02a211fc9c OpenSC-0.26.0-rc1_win64-Light.msi aa5e4bb4b98423ed23f6753af885d73fdf94ea3dbe9d0cb0b6cba843c364ac0a OpenSC-0.26.0-rc1_win64.msi fb150006e916bd1260abb6ccaf83d296b3ee800e8170aeee59d8f43612b01059 opensc-0.26.0-rc1.tar.gz f11a69a9cb07e7dc34b59cfbd7176136c05cbb4628059f21189c9f194bea54ca Best regards, The OpenSC team |
From: Veronika H. <vha...@re...> - 2024-04-05 13:30:45
|
Hello all, We are happy to announce the latest release of OpenSC 0.25.1. You can find the full summary of changes, release tarballs, and binaries on Github: https://github.com/OpenSC/OpenSC/releases/tag/0.25.1 The changes include two fixes for minidriver - corrected RSA decryption with PKCS#1 v1.5 padding and fix for crash when app is not set. It also resolves the issue of not compiling documentation from a release tarball. For the full changelog, please refer to the NEWS file: https://github.com/OpenSC/OpenSC/blob/master/NEWS The Windows binaries contain signed installers provided by Signpath.io. The macOS installer is signed by Tim Wilbrink, as in previous releases. You can find SHA-256 hashes of the release artifacts below (calculated with `openssl sha256 $file`): OpenSC-0.25.1.dmg 9679d70db011a68e99360fcd4c5538b0481bd036fb058fc309b999837e63e063 OpenSC-0.25.1_win32-Debug.zip c05c8125ac0d0dab2d4f5bf890986cd11c466baa23d6e1cbd0853a9bebef24f2 OpenSC-0.25.1_win32-Light-Debug.zip 0116ffb539d93c6ce747981ee7c8468cd488d6c71d1ffcd2201c6583ecf2d066 OpenSC-0.25.1_win32-Light.msi 47356e59c4dd143b5fedddaa5e5f55e51ca32490a56063112298cb3c13d74f0a OpenSC-0.25.1_win32.msi 77049d86c0abc15eaf34e8c0819b9ad0d1eb63868e76a2ea4be7b08253dc89aa OpenSC-0.25.1_win64-Debug.zip 64bc7fb7310929e07c6e5aa1b03b71266e047029bb019c3169ef3808183aaa3f OpenSC-0.25.1_win64-Light-Debug.zip 4e0ce676f986b3ddebee8b954112c70c16635e2254e3a5d1aa2d65c712876093 OpenSC-0.25.1_win64-Light.msi 3fd9cabdf54ad1d757e49d5b33cc5834a2186d8e67b0f4dcbd5882e02d6a3eb0 OpenSC-0.25.1_win64.msi 7a619cb3ec7286af6800ecea8aacd5df7b3f3d5eae0ffb6b3998b723095eaa5e opensc-0.25.1.tar.gz 23cbaae8bd7c8eb589b68c0a961dfb0d02007bea3165a3fc5efe2621d549b37b Regards, Veronika Hanulíková and the OpenSC team |
From: Frank M. <fra...@gm...> - 2024-03-22 19:43:10
|
Hi! The new version of pam_p11 has been released. The module now speaks Japanese. An better return code is now returned to the calling application if the PIN was entered incorrectly. https://github.com/OpenSC/pam_p11/releases/tag/pam_p11-0.6.0 Regards, Frank. |
From: Veronika H. <vha...@re...> - 2024-03-06 12:41:52
|
Hello all, We are happy to announce the latest release of OpenSC 0.25.0. You can find the full summary of changes, release tarballs, and binaries on Github: https://github.com/OpenSC/OpenSC/releases/tag/0.25.0 The notable changes include removing the time side-channel leakage related to RSA PKCS#1 v1.5 padding removal after decryption and new configuration option for disabling PKCS#1 v1.5 depadding on the card. We also implemented a fix for a potential memory security issue in the AuthentIC driver discovered by OSS-Fuzz, added support for RSA D-Trust signature cards, and removed support for some old card drivers. For the full changelog, please refer to the NEWS file: https://github.com/OpenSC/OpenSC/blob/master/NEWS The Windows binaries contain signed installers provided by Signpath.io. The macOS installer is signed by Tim Wilbrink, as in previous releases. You can find SHA-256 hashes of the release artifacts below (calculated with `openssl sha256 $file`): OpenSC-0.25.0.dmg 5417186cf88a50931b6186f2c3ade95525b683e55b418eae9d56d728c76d2e51 OpenSC-0.25.0_win32-Debug.zip 533368751a484c308fab41c794cf192d21506e824245b7729f92097c039902bb OpenSC-0.25.0_win32-Light-Debug.zip 01012f075e97898d29f8d2ffe11656dc523be7e1f9f26ebdb8bfe0777f69dea6 OpenSC-0.25.0_win32-Light.msi 4a3fff1ece26d04032b2a16fc697c365705d820bbdfbfb0faf8e6e58f77c7844 OpenSC-0.25.0_win32.msi e6542c5f56f0bedef9ab71dc0f9af0ae68d1b11b73762a9478040497ab61fae6 OpenSC-0.25.0_win64-Debug.zip 5b227438c3fb89bc57a986b240cef440809a79de2f05adcd36e295404d1117be OpenSC-0.25.0_win64-Light-Debug.zip 989a7e03aa6a2f9b874c1b8a12868901b7ea8ad0cec2b3fd4a581a3b5cb0f010 OpenSC-0.25.0_win64-Light.msi a757e3bb75d8a71279f80219a1b8fe88116d012f17d115251e91e63f7e1d0d31 OpenSC-0.25.0_win64.msi 2461ed78953e0e08cfef0cc88d6aaf01a2a5c0cf8e9b3d807a8e30e63c2c7fd7 opensc-0.25.0.tar.gz e6d7b66e2a508a377ac9d67aa463025d3c54277227be10bd08872e3407d6622f Regards, Veronika Hanulíková and the OpenSC team |
From: Frank M. <fra...@gm...> - 2024-02-27 14:42:41
|
Hello everyone, I just updated the Windows binaries for this release candidate with a signed installer, which is thankfully provided by Signpath.io. Also, the macOS installer is signed by Tim Wilbrink as in previous releases. Additionally, you can find the SHA-256 hashes of the release artifacts below (calculated with `openssl sha256 $file`): OpenSC-0.25.0-rc1.dmg 6120f2d5ecaf321b4a425ed374cea54f5bdbda9451180f43bccc732a64850efe OpenSC-0.25.0-rc1_win32-Debug.zip 1bded3d120a0673fc8ff4302ad5dd4bb3cf1dea5f72275c0b63e349309469ebb OpenSC-0.25.0-rc1_win32-Light-Debug.zip 7e0e0d2012c3642dd188718a8c0310f83f98b6d0cd52eff329d2ebdb3942c740 OpenSC-0.25.0-rc1_win32-Light.msi d3039c51f373959e462fad08308548574b8cdf6c694c00dd1e8d54664c77cd41 OpenSC-0.25.0-rc1_win32.msi 76b66e8d490efb7026a2c9dcc096f7784ff54b86cd424d809712ed3a51222c7f OpenSC-0.25.0-rc1_win64-Debug.zip ec8842ba91fc09b54e270ce07a933c5d4c28511dbff30e2432ac3d0fd83fe9f7 OpenSC-0.25.0-rc1_win64-Light-Debug.zip 27ee47eb6108b367d7d7f7977defbc884b1127a39d93c959e816827f3373f57d OpenSC-0.25.0-rc1_win64-Light.msi d5f95fbc408bd23e0a912ed42bbc224b0db45251f9532e881b57116d685a372d OpenSC-0.25.0-rc1_win64.msi e9a2d3b64aea65774ce27eabbabb6288eec9f9db066b16730728c977f129d955 opensc-0.25.0-rc1.tar.gz 57add047e2e01a7b6e8ca8920229f3395c27de53bdb12f3265ee7ed3bf158a92 Regards, Frank. Am Mo., 19. Feb. 2024 um 12:14 Uhr schrieb Veronika Hanulíková <vha...@re...>: > > Hello all, > > > You can find a release candidate for OpenSC version 0.25.0 for testing > > on Github: > > https://github.com/OpenSC/OpenSC/releases/tag/0.25.0-rc1 > > > > The changes include removing the time side-channel leakage related > to RSA PKCS#1 v1.5 padding removal after decryption and new configuration > > option for disabling PKCS#1 v1.5 depadding on the card. We also implemented > > a fix for a potential memory security issue in the AuthentIC driver > discovered by OSS-Fuzz, added support for RSA D-Trust signature cards, > and removed support for some old card drivers. > > > > For the full changelog, please refer to the NEWS file: > > https://github.com/OpenSC/OpenSC/blob/master/NEWS > > > We are looking forward to your feedback, which we may discuss via this > > mailing list or GitHub: > > https://github.com/OpenSC/OpenSC/issues/3017 > > > Advises for systematic testing can be found here: > > > https://github.com/OpenSC/OpenSC/wiki/Smart-Card-Release-Testing > > > We would like to release the final version in a few weeks. > > > Regards, > > Veronika Hanulíková > > and the OpenSC team > > _______________________________________________ > Opensc-announce mailing list > Ope...@li... > https://lists.sourceforge.net/lists/listinfo/opensc-announce |
From: Veronika H. <vha...@re...> - 2024-02-19 11:14:02
|
Hello all, You can find a release candidate for OpenSC version 0.25.0 for testing on Github: https://github.com/OpenSC/OpenSC/releases/tag/0.25.0-rc1 The changes include removing the time side-channel leakage related to RSA PKCS#1 v1.5 padding removal after decryption and new configuration option for disabling PKCS#1 v1.5 depadding on the card. We also implemented a fix for a potential memory security issue in the AuthentIC driver discovered by OSS-Fuzz, added support for RSA D-Trust signature cards, and removed support for some old card drivers. For the full changelog, please refer to the NEWS file: https://github.com/OpenSC/OpenSC/blob/master/NEWS We are looking forward to your feedback, which we may discuss via this mailing list or GitHub: https://github.com/OpenSC/OpenSC/issues/3017 Advises for systematic testing can be found here: https://github.com/OpenSC/OpenSC/wiki/Smart-Card-Release-Testing We would like to release the final version in a few weeks. Regards, Veronika Hanulíková and the OpenSC team |
From: Jakub J. <jj...@re...> - 2023-12-13 11:12:57
|
Hello all, We are happy to announce the latest release of OpenSC 0.24.0. You can find the full summary of changes, release tarballs and binaries on Github: https://github.com/OpenSC/OpenSC/releases/tag/0.24.0 The notable changes include fixes for potential PIN bypass as well as several potentially security related memory or buffer issues found by oss-fuzz. We also enabled file caching by default, improved support for several IDPrime card types, implemented Secure Messaging for PIV and added support for EC in Minidriver. For full changelog, please refer to the NEWS file: https://github.com/OpenSC/OpenSC/blob/master/NEWS Regards, Jakub Jelen and the OpenSC team |
From: Jakub J. <jj...@re...> - 2023-11-20 16:47:19
|
Hi all. the rc2 was just published with dozens of bugfixes since last rc1 (slightly more than we hoped for): https://github.com/OpenSC/OpenSC/releases/tag/0.24.0-rc2 If you have a minute, please give it a test run and let us know if you find an issue. We expect to get the final release out later this month. Thanks for patience, Jakub On Mon, Sep 25, 2023 at 1:30 PM Jakub Jelen <jj...@re...> wrote: > > Hello all, > > The time in the year has come again! > > You can find a release candidate for OpenSC version 0.24.0 for testing > on Github: > https://github.com/OpenSC/OpenSC/releases/tag/0.24.0-rc1 > > > The notable changes include potential PIN bypass in PIV driver as well > as several potentially security related memory or buffer issues found by > oss-fuzz. We also enabled file caching by default, improved support for > several IDPrime card types, implemented Secure Messaging for PIV and > added support for EC in Minidriver. > > > For full changelog, please refer to the NEWS file: > https://github.com/OpenSC/OpenSC/blob/master/NEWS > > We are looking forward to your feedback, which we may discuss via this > mailing list or github: > https://github.com/OpenSC/OpenSC/issues/2792 > > Advises for systematic testing can be found here: > > https://github.com/OpenSC/OpenSC/wiki/Smart-Card-Release-Testing > > We would like to release the final version in few weeks. > > Regards, > Jakub Jelen > and the OpenSC team |
From: Jakub J. <jj...@re...> - 2023-09-25 11:30:36
|
Hello all, The time in the year has come again! You can find a release candidate for OpenSC version 0.24.0 for testing on Github: https://github.com/OpenSC/OpenSC/releases/tag/0.24.0-rc1 The notable changes include potential PIN bypass in PIV driver as well as several potentially security related memory or buffer issues found by oss-fuzz. We also enabled file caching by default, improved support for several IDPrime card types, implemented Secure Messaging for PIV and added support for EC in Minidriver. For full changelog, please refer to the NEWS file: https://github.com/OpenSC/OpenSC/blob/master/NEWS We are looking forward to your feedback, which we may discuss via this mailing list or github: https://github.com/OpenSC/OpenSC/issues/2792 Advises for systematic testing can be found here: https://github.com/OpenSC/OpenSC/wiki/Smart-Card-Release-Testing We would like to release the final version in few weeks. Regards, Jakub Jelen and the OpenSC team |
From: Jakub J. <jj...@re...> - 2022-11-29 11:58:17
|
Hello all, We are happy to announce the latest release of OpenSC 0.23.0. You can find the full summary of changes, release tarballs and binaries on github: https://github.com/OpenSC/OpenSC/releases/tag/0.23.0 The most important changes are full support for OpenSSL 3.0, Libressl, improved support for symmetric keys, removal of DSA support and disablement of some old smart card drivers that were not touched for long time. Thanks everyone who made this release possible by reporting issues or contributing pull requests. Regards, Jakub Jelen and the OpenSC team |
From: Bjarke A. <ba...@li...> - 2022-11-23 09:13:21
|
Hi Frank, Both yes and no. OpenSC is a indirect part due to two things: 1) We have used the OpenSC P11 library to get the correct and working 😀 APDU sequence for the card communication inside the mobile app. Yes, we took the long way and did Android and iOS with APDU instead of a high level approach via a P11 library. 2) To setup the cards we are depending on the P11 library in combination with the GIDS. To put it differently. Without OpenSC the MobileID project would not be possible. Did I answer your question? /Bjarke Den 23. nov. 2022 kl. 09.25 skrev Frank Morgner <fra...@gm...>: Thanks for the information. However, none of the public code published here https://github.com/Liga-Software-ApS/ seem to be using OpenSC, am I right? Regards, Frank. Am Mi., 23. Nov. 2022 um 01:06 Uhr schrieb Bjarke Alling via Opensc-announce <ope...@li...>: > > > Hi everyone, > > We have today made our Liga MobileID project using JCOP smart cards and NFC on mobile phones fully public at our GitHub site https://github.com/liga-software-aps > > Liga MobileID (OSS) version 1.0. This is the first version of the open source edition of Liga MobileID for usage with JCOP NXP smart cards combined with the GIDS applet. > > This app brings secure authentication to mobile phones with a security stack that includes openness, guaranty, simplicity and convenience while not breaching any privacy concerns in terms of backdoors or biometric authentication technology. > > The app is made with open source components using Flutter, OpenSC, GIDS applet and in the backend SpringBoot, OpenJDK and Tomcat. > > The Liga MobileID is developed together with Alexandra Instituttet and is funded by Cyber Hub Denmark and Industriens Fond. > > I hope that others will find the project useful and hopefully will contribute to enhance the quality and functionality down the road. > > Kind regards > > /Bjarke > Liga Software ApS > Copenhagen/Denmark > > > _______________________________________________ > Opensc-announce mailing list > Ope...@li... > https://lists.sourceforge.net/lists/listinfo/opensc-announce |
From: Frank M. <fra...@gm...> - 2022-11-23 08:25:52
|
Thanks for the information. However, none of the public code published here https://github.com/Liga-Software-ApS/ seem to be using OpenSC, am I right? Regards, Frank. Am Mi., 23. Nov. 2022 um 01:06 Uhr schrieb Bjarke Alling via Opensc-announce <ope...@li...>: > > > Hi everyone, > > We have today made our Liga MobileID project using JCOP smart cards and NFC on mobile phones fully public at our GitHub site https://github.com/liga-software-aps > > Liga MobileID (OSS) version 1.0. This is the first version of the open source edition of Liga MobileID for usage with JCOP NXP smart cards combined with the GIDS applet. > > This app brings secure authentication to mobile phones with a security stack that includes openness, guaranty, simplicity and convenience while not breaching any privacy concerns in terms of backdoors or biometric authentication technology. > > The app is made with open source components using Flutter, OpenSC, GIDS applet and in the backend SpringBoot, OpenJDK and Tomcat. > > The Liga MobileID is developed together with Alexandra Instituttet and is funded by Cyber Hub Denmark and Industriens Fond. > > I hope that others will find the project useful and hopefully will contribute to enhance the quality and functionality down the road. > > Kind regards > > /Bjarke > Liga Software ApS > Copenhagen/Denmark > > > _______________________________________________ > Opensc-announce mailing list > Ope...@li... > https://lists.sourceforge.net/lists/listinfo/opensc-announce |
From: Bjarke A. <ba...@li...> - 2022-11-23 00:06:19
|
Hi everyone, We have today made our Liga MobileID project using JCOP smart cards and NFC on mobile phones fully public at our GitHub site https://github.com/liga-software-aps Liga MobileID (OSS) version 1.0. This is the first version of the open source edition of Liga MobileID for usage with JCOP NXP smart cards combined with the GIDS applet. This app brings secure authentication to mobile phones with a security stack that includes openness, guaranty, simplicity and convenience while not breaching any privacy concerns in terms of backdoors or biometric authentication technology. The app is made with open source components using Flutter, OpenSC, GIDS applet and in the backend SpringBoot, OpenJDK and Tomcat. The Liga MobileID is developed together with Alexandra Instituttet and is funded by Cyber Hub Denmark and Industriens Fond. I hope that others will find the project useful and hopefully will contribute to enhance the quality and functionality down the road. Kind regards /Bjarke Liga Software ApS Copenhagen/Denmark |
From: Jakub J. <jj...@re...> - 2022-11-14 09:47:29
|
Hi all, as you might now, I was organizing Security Devroom on Fosdem few times already and we are going to have one next year. If you have some interesting topic you would like to talk about smart cards or anything related to security, we would be glad to see your submissions. All the information is available on the github or on the official devroom page: https://github.com/security-devroom/fosdem-2023 https://fosdem.org/2023/schedule/track/security/ If you would like just to come along and say hi, it would be great to see you in person. Regards, -- Jakub Jelen Crypto Team, Security Engineering Red Hat, Inc. |
From: Jakub J. <jj...@re...> - 2022-10-11 11:45:30
|
Hello all, You can find a release candidate for version 0.23.0 for testing on Github: https://github.com/OpenSC/OpenSC/releases/tag/0.23.0-rc1 The most important changes are support for OpenSSL 3.0, Libressl, removal of DSA support and disablement of some old smart card drivers that were not touched for long time. We are looking forward about your feedback, which we may discuss via mail or here: https://github.com/OpenSC/OpenSC/issues/2426 Advices for systematic testing can be found here: https://github.com/OpenSC/OpenSC/wiki/Smart-Card-Release-Testing We would like to release the final version in few weeks. Regards, Jakub Jelen and the OpenSC team |
From: Axel H. <axe...@bl...> - 2022-01-28 23:27:17
|
Dear readers, OpenSC Release 0.22.0 I have had issues with my freshly bought devices epass2003 USB ATR: 3B 9F 95 81 31 FE 9F 00 66 46 53 05 10 04 31 71 DF 00 00 03 90 00 B5 epass2003 SmartCard and RFID ATR: 3B 9F 95 81 31 FE 9F 00 66 46 53 05 10 00 FF 71 DF 00 00 00 00 00 EC ATR: 3B 8F 80 01 00 66 46 53 05 10 00 FF 71 DF 00 00 00 00 00 39 Neither of them could be initialised by pkcs15-init -E. The initialisation procedure of Feitian has obviously changed. I sniffed the master key initalisation from the Feitisan Windows tool and got all of my tokens to work correctly with a self patched libopensc shared library with OpenSC based on commit 84152c9457fd32d5f95c4b073b59bd336b15f402 If it would be of interest, I could emit a pull request on github. Please give me an advice, how to apply a pull request correctly. To be honest, I did not understand from your wiki which commit I should use as a base for a pull request. Regards, Axel |
From: Jakub J. <jj...@re...> - 2021-08-13 13:17:09
|
Hi all, I am happy to finally announce the new release 0.22.0 of OpenSC. You can read the full summary of the changes and get the release tarballs and binaries on github: https://github.com/OpenSC/OpenSC/releases/tag/0.22.0 This release fixes many bugs reported by oss-fuzz, but adds also many new features including the long-awaited support for PKCS #11 3.0, EdDSA keys, compatiblity with new OpenSSL 3.0 and much more. Regards, Jakub Jelen |
From: Frank M. <fra...@gm...> - 2021-04-30 15:18:50
|
Hi all! You can find a release candidate for version 0.22.0 for testing on Github: https://github.com/OpenSC/OpenSC/releases/tag/0.22.0-rc1 We are looking forward about your feedback, which we may discuss via mail or here: https://github.com/OpenSC/OpenSC/issues/2247 Advices for systematic testing can be found here: https://github.com/OpenSC/OpenSC/wiki/Smart-Card-Release-Testing Regards, Frank. |
From: Frank M. <fra...@gm...> - 2020-11-24 16:42:29
|
Hi all! I'm happy to finally announce the new release 0.21.0 of OpenSC <https://github.com/OpenSC/OpenSC/releases/tag/0.21.0>. You can read a full summary of the changes and get the release binaries on GitHub. We recommend upgrading your installation, most notably for fixing CVE-2020-26570, CVE-2020-26571 and CVE-2020-26572. We've not only focused on fixing many bugs with different cards and environments from a variety of vendors. This release also adds support for two new types of tokens, Gemalto IDPrime and Polish eID card (e-dowód, eDO). Regards, Frank Morgner. |
From: Frank M. <fra...@gm...> - 2020-11-12 13:58:42
|
Hi all! You can find a second release candidate for version 0.21.0 for testing on Github https://github.com/OpenSC/OpenSC/releases/tag/0.21.0-rc2 This time, it also includes binaries for macOS, which are not (yet) notarized. In my tests, however, PKCS#11, tokend and CTK are fully functional anyway. Regards, Frank. Am Mo., 5. Okt. 2020 um 09:00 Uhr schrieb Frank Morgner < fra...@gm...>: > Hi all! > > You can find a release candidate for version 0.21.0 for testing on Github > > https://github.com/OpenSC/OpenSC/releases/tag/0.21.0-rc1 > > We are looking forward about your feedback. Advices for systematic testing > can be found here > https://github.com/OpenSC/OpenSC/wiki/Smart-Card-Release-Testing > > Regards, > Frank. > |
From: Frank M. <fra...@gm...> - 2020-10-05 07:01:13
|
Hi all! You can find a release candidate for version 0.21.0 for testing on Github https://github.com/OpenSC/OpenSC/releases/tag/0.21.0-rc1 We are looking forward about your feedback. Advices for systematic testing can be found here https://github.com/OpenSC/OpenSC/wiki/Smart-Card-Release-Testing Regards, Frank. |
From: Frank M. <fra...@gm...> - 2019-12-29 17:47:49
|
Hi all! I'm happy to finally announce the new release 0.20.0 of OpenSC. You can read a full summary of the changes and get the release binaries on GitHub <https://github.com/OpenSC/OpenSC/releases/tag/0.20.0>. We've extended our continuous testing by fuzzing the code with OSS-Fuzz <https://google.github.io/oss-fuzz>. It is running billions of tests each weak and has found around 100 unique crashes, most notable the security issues tracked as CVE-2019-6502, CVE-2019-15946, CVE-2019-15945, CVE-2019-19480, CVE-2019-19481 and CVE-2019-19479. Getting our hands on all the problems reported by the fuzzing was very challenging. Special thanks to Jakub Jelen, who spend many hours on analyzing and fixing many of the issues. Regards, Frank Morgner. |