Menu
▾
▴
opensc-commits — commit notifications
You can subscribe to this list here.
| 2013 |
Jan
(18) |
Feb
(20) |
Mar
(15) |
Apr
(5) |
May
(7) |
Jun
(3) |
Jul
(4) |
Aug
(20) |
Sep
(10) |
Oct
(12) |
Nov
(12) |
Dec
(7) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2014 |
Jan
(12) |
Feb
(8) |
Mar
(3) |
Apr
(7) |
May
(12) |
Jun
(19) |
Jul
(1) |
Aug
(5) |
Sep
(9) |
Oct
(11) |
Nov
(13) |
Dec
(20) |
| 2015 |
Jan
(12) |
Feb
(25) |
Mar
(33) |
Apr
(37) |
May
(36) |
Jun
(2) |
Jul
(18) |
Aug
(31) |
Sep
(98) |
Oct
(50) |
Nov
(25) |
Dec
(34) |
| 2016 |
Jan
(95) |
Feb
(35) |
Mar
(78) |
Apr
(12) |
May
(11) |
Jun
(20) |
Jul
(28) |
Aug
(21) |
Sep
(30) |
Oct
(29) |
Nov
(15) |
Dec
(15) |
| 2017 |
Jan
(29) |
Feb
(17) |
Mar
(34) |
Apr
(28) |
May
(12) |
Jun
(25) |
Jul
(39) |
Aug
(14) |
Sep
(12) |
Oct
(38) |
Nov
(28) |
Dec
(6) |
| 2018 |
Jan
(15) |
Feb
(22) |
Mar
(27) |
Apr
(71) |
May
(78) |
Jun
(47) |
Jul
(24) |
Aug
(63) |
Sep
(43) |
Oct
(34) |
Nov
(27) |
Dec
(18) |
| 2019 |
Jan
(51) |
Feb
(17) |
Mar
(48) |
Apr
(46) |
May
(25) |
Jun
(9) |
Jul
(14) |
Aug
(46) |
Sep
(18) |
Oct
(25) |
Nov
(26) |
Dec
(25) |
| 2020 |
Jan
(28) |
Feb
(30) |
Mar
(20) |
Apr
(69) |
May
(40) |
Jun
(16) |
Jul
(13) |
Aug
(9) |
Sep
(17) |
Oct
(40) |
Nov
(55) |
Dec
(6) |
| 2021 |
Jan
(44) |
Feb
(13) |
Mar
(33) |
Apr
(31) |
May
(32) |
Jun
(10) |
Jul
(9) |
Aug
(27) |
Sep
(33) |
Oct
(7) |
Nov
(14) |
Dec
(17) |
| 2022 |
Jan
(25) |
Feb
(11) |
Mar
(42) |
Apr
(14) |
May
(18) |
Jun
(3) |
Jul
(10) |
Aug
(41) |
Sep
(12) |
Oct
(13) |
Nov
(18) |
Dec
(9) |
| 2023 |
Jan
(10) |
Feb
(18) |
Mar
(25) |
Apr
(27) |
May
(16) |
Jun
(26) |
Jul
(9) |
Aug
(29) |
Sep
(17) |
Oct
(24) |
Nov
(18) |
Dec
(16) |
| 2024 |
Jan
(23) |
Feb
(55) |
Mar
(40) |
Apr
(17) |
May
(15) |
Jun
(12) |
Jul
(12) |
Aug
(6) |
Sep
(15) |
Oct
(16) |
Nov
(29) |
Dec
(26) |
| 2025 |
Jan
(29) |
Feb
(37) |
Mar
(24) |
Apr
(35) |
May
(38) |
Jun
(20) |
Jul
(7) |
Aug
(10) |
Sep
|
Oct
|
Nov
|
Dec
|
|
From: Frank M. <no...@gi...> - 2021-01-26 12:49:00
|
Branch: refs/heads/tokend Home: https://github.com/OpenSC/OpenSC |
|
From: Frank M. <no...@gi...> - 2021-01-26 12:47:55
|
Branch: refs/heads/mac-package Home: https://github.com/OpenSC/OpenSC |
|
From: Frank M. <no...@gi...> - 2021-01-26 12:46:03
|
Branch: refs/heads/PKCS11-SLOTS-2 Home: https://github.com/OpenSC/OpenSC |
|
From: Frank M. <no...@gi...> - 2021-01-26 12:44:43
|
Branch: refs/heads/test Home: https://github.com/OpenSC/OpenSC |
|
From: Frank M. <no...@gi...> - 2021-01-26 12:44:43
|
Branch: refs/heads/slotinfo Home: https://github.com/OpenSC/OpenSC |
|
From: Frank M. <no...@gi...> - 2021-01-26 12:44:33
|
Branch: refs/heads/reset-transmit Home: https://github.com/OpenSC/OpenSC |
|
From: Frank M. <no...@gi...> - 2021-01-26 12:44:33
|
Branch: refs/heads/esteid-2018 Home: https://github.com/OpenSC/OpenSC |
|
From: Frank M. <no...@gi...> - 2021-01-26 12:44:33
|
Branch: refs/heads/macinstaller Home: https://github.com/OpenSC/OpenSC |
|
From: Frank M. <no...@gi...> - 2021-01-26 12:44:28
|
Branch: refs/heads/fix-1734 Home: https://github.com/OpenSC/OpenSC |
|
From: Frank M. <no...@gi...> - 2021-01-26 12:44:21
|
Branch: refs/heads/cardos5-md Home: https://github.com/OpenSC/OpenSC |
|
From: Frank M. <no...@gi...> - 2021-01-26 12:44:18
|
Branch: refs/heads/frankmorgner-patch-1 Home: https://github.com/OpenSC/OpenSC |
|
From: Frank M. <no...@gi...> - 2021-01-26 12:43:31
|
Branch: refs/heads/speedup Home: https://github.com/OpenSC/OpenSC |
|
From: Frank M. <no...@gi...> - 2021-01-26 12:42:53
|
Branch: refs/heads/macinst Home: https://github.com/OpenSC/OpenSC |
|
From: Frank M. <no...@gi...> - 2021-01-26 12:42:29
|
Branch: refs/heads/read-binary-empty-response-fix Home: https://github.com/OpenSC/OpenSC |
|
From: Frank M. <no...@gi...> - 2021-01-26 12:42:29
|
Branch: refs/heads/goid Home: https://github.com/OpenSC/OpenSC |
|
From: Frank M. <no...@gi...> - 2021-01-26 12:42:23
|
Branch: refs/heads/piv Home: https://github.com/OpenSC/OpenSC |
|
From: Frank M. <no...@gi...> - 2021-01-26 12:42:17
|
Branch: refs/heads/acos5 Home: https://github.com/OpenSC/OpenSC |
|
From: Frank M. <no...@gi...> - 2021-01-26 12:41:58
|
Branch: refs/heads/frankmorgner-patch-2 Home: https://github.com/OpenSC/OpenSC |
|
From: Raul M. <no...@gi...> - 2021-01-26 12:10:44
|
Branch: refs/heads/arm64 Home: https://github.com/OpenSC/OpenSC Commit: 2602ebc68f79b2950e653073d4f6ebfdea58e123 https://github.com/OpenSC/OpenSC/commit/2602ebc68f79b2950e653073d4f6ebfdea58e123 Author: Raul Metsma <ra...@me...> Date: 2020-12-08 (Tue, 08 Dec 2020) Changed paths: M MacOSX/build-package.in Log Message: ----------- Build arm64 on macOS with Xcode 12.2 Signed-off-by: Raul Metsma <ra...@me...> |
|
From: Doug E. <no...@gi...> - 2021-01-26 11:51:14
|
Branch: refs/heads/master Home: https://github.com/OpenSC/OpenSC Commit: 1b4e9f1d4aea2ac1c29b821505e4c03872e46650 https://github.com/OpenSC/OpenSC/commit/1b4e9f1d4aea2ac1c29b821505e4c03872e46650 Author: Doug Engert <dee...@gm...> Date: 2021-01-26 (Tue, 26 Jan 2021) Changed paths: M src/pkcs11/pkcs11-global.c Log Message: ----------- C_Initialize may be called by multiple threads While trying to setup an OpenSC context, the global_locking and detect cards, it is possible that multiple threads may call C_Initialize. The current code tries to prevent this using "if (context == NULL)" but this is not a mutex, and multiple threads may endup overwrite contexts and global locking and cause additional problems, with pcsc and segfault. FireFox appears to do this see #2032 The PR adds a mutex or Critical section to make sure only one thread creates the context sets the global_locking and does the initial detect cards, etc. This allows the global_lock (if requested) to be setup which is then used for other calls. All but the first call to C_Initialize will return with CKR_OK, others will return CKR_CRYPTOKI_ALREADY_INITIALIZED. Date: Mon Jan 11 12:47:12 2021 -0600 Changes to be committed: modified: src/pkcs11/pkcs11-global.c Commit: f704e4f23e1c3b8accd1bfb11cf1dfc5dce3ffe6 https://github.com/OpenSC/OpenSC/commit/f704e4f23e1c3b8accd1bfb11cf1dfc5dce3ffe6 Author: Doug Engert <dee...@gm...> Date: 2021-01-26 (Tue, 26 Jan 2021) Changed paths: M doc/tools/pkcs11-tool.1.xml M src/tools/Makefile.am M src/tools/pkcs11-tool.c Log Message: ----------- Pkcs11-tool changes to test a modules ability to use threads Option --use-locking has C_Initialize pass in parameters with the CKF_OS_LOCKING_OK to tell module to use threads. The default is it passes NULL which says threads are not needed. The following is not designed to be used by the general user. There are for debugging and test scripts and only compiled if the system has threads. Option --test-threads <arg> can be passed multiple times. Each one starts a thread. <arg> is a list of 2 byte commands seperated by ":". The thread will execute these. Current commands are: IN - C_Initialize(NULL) IL - C_Initialize with CKF_OS_LOCKING_OK Pn - Pause for n seconds GI - C_GetInfo SL - C_GetSlotList Tn - C_GetTokenInfo from slot_index n These are just enough calls to see if threads are working in the module. Output is written to stderr. Changes to be committed: modified: doc/tools/pkcs11-tool.1.xml modified: src/tools/Makefile.am modified: src/tools/pkcs11-tool.c Commit: b5ddaf6e021ecda74f35784a46eb874fb22e4019 https://github.com/OpenSC/OpenSC/commit/b5ddaf6e021ecda74f35784a46eb874fb22e4019 Author: Doug Engert <dee...@gm...> Date: 2021-01-26 (Tue, 26 Jan 2021) Changed paths: M tests/Makefile.am A tests/test-pkcs11-tool-test-threads.sh Log Message: ----------- Add tests of pkcs11-tool --test-threads These should run when a PR is submitted. Changes to be committed: modified: tests/Makefile.am new file: tests/test-pkcs11-tool-test-threads.sh Compare: https://github.com/OpenSC/OpenSC/compare/d369965a7fd2...b5ddaf6e021e |
|
From: Doug E. <no...@gi...> - 2021-01-26 11:34:55
|
Branch: refs/heads/master Home: https://github.com/OpenSC/OpenSC Commit: d369965a7fd238d983864d42bb1609e2408dd187 https://github.com/OpenSC/OpenSC/commit/d369965a7fd238d983864d42bb1609e2408dd187 Author: Doug Engert <dee...@gm...> Date: 2021-01-26 (Tue, 26 Jan 2021) Changed paths: M doc/tools/pkcs11-tool.1.xml M src/tools/pkcs11-tool.c Log Message: ----------- pkcs11-tool support key-gen for GENERIC secret key Fixes #2139 Added code to support mechanism GENERIC-SECRET-KEY-GEN. Improved --help and doc/tools/pkcs11-tool.1.xml because key gen of symmetric keys pass CKA_VALUE_LEN which is length of key in bytes. Tested with: ./pkcs11-tool --module /usr/lib/x86_64-linux-gnu/softhsm/libsofthsm2.so \ --login --label generic-64 --keygen --key-type GENERIC:64 \ --mechanism GENERIC-SECRET-KEY-GEN ./pkcs11-tool --module /usr/lib/x86_64-linux-gnu/softhsm/libsofthsm2.so --login -O |
|
From: Jakub J. <no...@gi...> - 2021-01-26 09:54:02
|
Branch: refs/heads/master Home: https://github.com/OpenSC/OpenSC Commit: a6ed34bbb5cbd10b3a8f92494271f2e1a428ee28 https://github.com/OpenSC/OpenSC/commit/a6ed34bbb5cbd10b3a8f92494271f2e1a428ee28 Author: Jakub Jelen <jj...@re...> Date: 2021-01-26 (Tue, 26 Jan 2021) Changed paths: M src/libopensc/card-idprime.c M src/libopensc/cards.h M src/libopensc/pkcs15-idprime.c Log Message: ----------- Add support for Gemalto IDPrime OS version 3 (padded pin to 16 bytes with zeroes) Fixes #2202 Commit: ac8176430873e92c5b2f242adbd08f97f836a8d8 https://github.com/OpenSC/OpenSC/commit/ac8176430873e92c5b2f242adbd08f97f836a8d8 Author: Jakub Jelen <jj...@re...> Date: 2021-01-26 (Tue, 26 Jan 2021) Changed paths: M src/libopensc/card-idprime.c Log Message: ----------- idprime: Try to use different key_reference for V3 Commit: edaf921eb6ff7bb866bd07b984e7dd5bc3a91427 https://github.com/OpenSC/OpenSC/commit/edaf921eb6ff7bb866bd07b984e7dd5bc3a91427 Author: Jakub Jelen <jj...@re...> Date: 2021-01-26 (Tue, 26 Jan 2021) Changed paths: M src/libopensc/card-idprime.c Log Message: ----------- idprime: Support V3 key references Commit: 44d429c3ad060fd4322729cce9a3341faf29afe4 https://github.com/OpenSC/OpenSC/commit/44d429c3ad060fd4322729cce9a3341faf29afe4 Author: Jakub Jelen <jj...@re...> Date: 2021-01-26 (Tue, 26 Jan 2021) Changed paths: M src/libopensc/padding.c Log Message: ----------- padding: Pass the MGF1 information to the card driver for RSA-PSS mechanism Commit: e1c8361ff355b560aa98adffb988a68fb6ec4c31 https://github.com/OpenSC/OpenSC/commit/e1c8361ff355b560aa98adffb988a68fb6ec4c31 Author: Jakub Jelen <jj...@re...> Date: 2021-01-26 (Tue, 26 Jan 2021) Changed paths: M src/libopensc/card-idprime.c Log Message: ----------- idprime: Create algorithme reference based on the MGF1 flags as the HASH flags are no longer present for RSA-PSS mechanism Compare: https://github.com/OpenSC/OpenSC/compare/26adaf519c55...e1c8361ff355 |
|
From: Peter P. <no...@gi...> - 2021-01-26 09:52:18
|
Branch: refs/heads/master Home: https://github.com/OpenSC/OpenSC Commit: 26adaf519c557c609eac0868b257a2045255f35c https://github.com/OpenSC/OpenSC/commit/26adaf519c557c609eac0868b257a2045255f35c Author: Peter Popovec <pop...@gm...> Date: 2021-01-26 (Tue, 26 Jan 2021) Changed paths: M doc/tools/pkcs15-init.1.xml Log Message: ----------- man page update, info about generating EC keys modified: doc/tools/pkcs15-init.1.xml |
|
From: Peter P. <no...@gi...> - 2021-01-25 23:28:17
|
Branch: refs/heads/master Home: https://github.com/OpenSC/OpenSC Commit: a3ca7613cd4e1bca8068e1e64aed57399b93b9ed https://github.com/OpenSC/OpenSC/commit/a3ca7613cd4e1bca8068e1e64aed57399b93b9ed Author: Peter Popovec <pop...@gm...> Date: 2021-01-26 (Tue, 26 Jan 2021) Changed paths: M doc/files/opensc.conf.5.xml.in M src/libopensc/card-myeid.c Log Message: ----------- MyEID: opensc.conf - option to disable PKCS1 padding in card. config option for MyEID: "disable_hw_pkcs1_padding" If user set this option to non zero, OpenSC is forced to calculate padding in software. This will allow users to use RSA 1024 with SHA512. |
|
From: Doug E. <no...@gi...> - 2021-01-24 22:48:33
|
Branch: refs/heads/master Home: https://github.com/OpenSC/OpenSC Commit: 6049cb926c980754e18b16794e365a9370f4403e https://github.com/OpenSC/OpenSC/commit/6049cb926c980754e18b16794e365a9370f4403e Author: Peter Popovec <pop...@gm...> Date: 2021-01-24 (Sun, 24 Jan 2021) Changed paths: M .travis.yml M src/libopensc/card-myeid.c M src/libopensc/pkcs15-sec.c M src/pkcs11/framework-pkcs15.c Log Message: ----------- ECDSA-SHA1: Apply SHA1 to input data before PSO compute signature. CKM_ECDSA and CKM_ECDSA_SHA1 cannot be registered in the same way. We need to use sc_pkcs11_register_sign_and_hash_mechanism () for CKM_ECDSA_SHA1. This fix also enables more ECDSA-SHAxxx mechanisms in framework-pkcs15.c Tested: MyEID 4.0.1 (secp256r1 with SHA1, SHA224, SHA256, SHA384, SHA512) CI tests (Travis + OsEID) for ECDSA-SHAxxx mechanisms are also enabled. Commit: 285db1ef298bb7d78ccf16cbb644a0e6b79584e6 https://github.com/OpenSC/OpenSC/commit/285db1ef298bb7d78ccf16cbb644a0e6b79584e6 Author: Doug Engert <dee...@gm...> Date: 2021-01-24 (Sun, 24 Jan 2021) Changed paths: M src/libopensc/card-myeid.c M src/libopensc/pkcs15-sec.c M src/pkcs11/framework-pkcs15.c M src/pkcs11/openssl.c Log Message: ----------- ECDSA Signatures with hashes This PR is based on discussion with @popovec in https://github.com/OpenSC/OpenSC/issues/2181 and https://github.com/OpenSC/OpenSC/pull/2187 which was cherry-picked as 5e5300816c8 This has been tested with PIV, MyEID and Smartcard-HSM. with ECDSA keys. The main fixes include : - Setting "flags" in card drivers - added code to sc_pkcs15-compute-signature for handle ECDSA with hashes - code in framework-pkcs15.c Signatures made by pkcs11-tool -sigm verify with openssl but pkcs11-tool --verify does not work with ECDSA but does with RSA I suspect it has to do with: and some then creating the wrong PKCS11 mechanisms It should work with the epass2003 which does hashes in the driver. Commit: 521d420c4274cf4b6b97f80f8d56d38dee339ea4 https://github.com/OpenSC/OpenSC/commit/521d420c4274cf4b6b97f80f8d56d38dee339ea4 Author: Doug Engert <dee...@gm...> Date: 2021-01-24 (Sun, 24 Jan 2021) Changed paths: M src/pkcs11/openssl.c Log Message: ----------- pkcs11 ECDSA verify need rs converted to sequence The --signature-format openssl in pkcs11-tool does the correct operation to convert the OpenSSL formated signature to rs for PKCS11 This commit modifies pkcs11/openssl.c to convert back to sequence for EVP_VerifyFinal Without this mod the signature file was passed unmodified to PKCS11, then to EVP_VerifyFinal but this violates PKCS11 standard. On branch ECDSA-flags Changes to be committed: modified: openssl.c Commit: 0b0deae4be680a180b818c0013237718c45602dc https://github.com/OpenSC/OpenSC/commit/0b0deae4be680a180b818c0013237718c45602dc Author: Doug Engert <dee...@gm...> Date: 2021-01-24 (Sun, 24 Jan 2021) Changed paths: M src/pkcs11/framework-pkcs15.c Log Message: ----------- unused code removed On branch ECDSA-flags Changes to be committed: modified: framework-pkcs15.c Compare: https://github.com/OpenSC/OpenSC/compare/5f16ffae848e...0b0deae4be68 |
