Menu
▾
▴
opensc-commits — commit notifications
You can subscribe to this list here.
| 2013 |
Jan
(18) |
Feb
(20) |
Mar
(15) |
Apr
(5) |
May
(7) |
Jun
(3) |
Jul
(4) |
Aug
(20) |
Sep
(10) |
Oct
(12) |
Nov
(12) |
Dec
(7) |
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 2014 |
Jan
(12) |
Feb
(8) |
Mar
(3) |
Apr
(7) |
May
(12) |
Jun
(19) |
Jul
(1) |
Aug
(5) |
Sep
(9) |
Oct
(11) |
Nov
(13) |
Dec
(20) |
| 2015 |
Jan
(12) |
Feb
(25) |
Mar
(33) |
Apr
(37) |
May
(36) |
Jun
(2) |
Jul
(18) |
Aug
(31) |
Sep
(98) |
Oct
(50) |
Nov
(25) |
Dec
(34) |
| 2016 |
Jan
(95) |
Feb
(35) |
Mar
(78) |
Apr
(12) |
May
(11) |
Jun
(20) |
Jul
(28) |
Aug
(21) |
Sep
(30) |
Oct
(29) |
Nov
(15) |
Dec
(15) |
| 2017 |
Jan
(29) |
Feb
(17) |
Mar
(34) |
Apr
(28) |
May
(12) |
Jun
(25) |
Jul
(39) |
Aug
(14) |
Sep
(12) |
Oct
(38) |
Nov
(28) |
Dec
(6) |
| 2018 |
Jan
(15) |
Feb
(22) |
Mar
(27) |
Apr
(71) |
May
(78) |
Jun
(47) |
Jul
(24) |
Aug
(63) |
Sep
(43) |
Oct
(34) |
Nov
(27) |
Dec
(18) |
| 2019 |
Jan
(51) |
Feb
(17) |
Mar
(48) |
Apr
(46) |
May
(25) |
Jun
(9) |
Jul
(14) |
Aug
(46) |
Sep
(18) |
Oct
(25) |
Nov
(26) |
Dec
(25) |
| 2020 |
Jan
(28) |
Feb
(30) |
Mar
(20) |
Apr
(69) |
May
(40) |
Jun
(16) |
Jul
(13) |
Aug
(9) |
Sep
(17) |
Oct
(40) |
Nov
(55) |
Dec
(6) |
| 2021 |
Jan
(44) |
Feb
(13) |
Mar
(33) |
Apr
(31) |
May
(32) |
Jun
(10) |
Jul
(9) |
Aug
(27) |
Sep
(33) |
Oct
(7) |
Nov
(14) |
Dec
(17) |
| 2022 |
Jan
(25) |
Feb
(11) |
Mar
(42) |
Apr
(14) |
May
(18) |
Jun
(3) |
Jul
(10) |
Aug
(41) |
Sep
(12) |
Oct
(13) |
Nov
(18) |
Dec
(9) |
| 2023 |
Jan
(10) |
Feb
(18) |
Mar
(25) |
Apr
(27) |
May
(16) |
Jun
(26) |
Jul
(9) |
Aug
(29) |
Sep
(17) |
Oct
(24) |
Nov
(18) |
Dec
(16) |
| 2024 |
Jan
(23) |
Feb
(55) |
Mar
(40) |
Apr
(17) |
May
(15) |
Jun
(12) |
Jul
(12) |
Aug
(6) |
Sep
(15) |
Oct
(16) |
Nov
(29) |
Dec
(26) |
| 2025 |
Jan
(29) |
Feb
(37) |
Mar
(24) |
Apr
(35) |
May
(38) |
Jun
(20) |
Jul
(7) |
Aug
|
Sep
|
Oct
|
Nov
|
Dec
|
|
From: Michał T. <no...@gi...> - 2025-02-10 16:44:15
|
Branch: refs/heads/master Home: https://github.com/OpenSC/libp11 Commit: 967fb1145d33739e1c578baa9e7096869a1e165e https://github.com/OpenSC/libp11/commit/967fb1145d33739e1c578baa9e7096869a1e165e Author: Rafael Junio da Cruz <raf...@pr...> Date: 2025-02-10 (Mon, 10 Feb 2025) Changed paths: M src/p11_slot.c Log Message: ----------- Return on other errors at pkcs11_get_session The `C_OpenSession` function can return several error codes, as seen in the open-source implementation of `pkcs11_api` in the OP-TEE client repository: [OP-TEE optee_client - pkcs11_api.c#L278](https://github.com/OP-TEE/optee_client/blob/e79465eea85adc18a4075529ee20a16dfa263aea/libckteec/src/pkcs11_api.c#L278) Some of these errors include: - `CKR_CRYPTOKI_NOT_INITIALIZED` - `CKR_DEVICE_ERROR` - `CKR_DEVICE_MEMORY` - `CKR_DEVICE_REMOVED` - `CKR_FUNCTION_FAILED` - `CKR_GENERAL_ERROR` - `CKR_HOST_MEMORY` - `CKR_SESSION_COUNT` - `CKR_SESSION_PARALLEL_NOT_SUPPORTED` - `CKR_SESSION_READ_WRITE_SO_EXISTS` - `CKR_SLOT_ID_INVALID` - `CKR_TOKEN_NOT_PRESENT` - `CKR_TOKEN_NOT_RECOGNIZED` - `CKR_TOKEN_WRITE_PROTECTED` - `CKR_ARGUMENTS_BAD` If any of these errors occur, the function currently does not return, causing it to be stuck at `pthread_cond_wait`, leading to a freeze in the caller process that uses the `libp11` API. This commit ensures that when these errors are encountered, the function properly returns, preventing potential deadlocks. To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/libp11/settings/notifications |
|
From: Michał T. <no...@gi...> - 2025-02-10 16:42:39
|
Branch: refs/heads/master Home: https://github.com/OpenSC/libp11 Commit: f9e8d4301b388721c9822cdccddc76c557d2e9f2 https://github.com/OpenSC/libp11/commit/f9e8d4301b388721c9822cdccddc76c557d2e9f2 Author: Michał Trojnara <Mic...@st...> Date: 2025-02-10 (Mon, 10 Feb 2025) Changed paths: M src/eng_back.c Log Message: ----------- Remove a function that is no longer used Commit: dbac58dbec6606cc8e7749d9d348a02bbcbf012f https://github.com/OpenSC/libp11/commit/dbac58dbec6606cc8e7749d9d348a02bbcbf012f Author: Michał Trojnara <Mic...@st...> Date: 2025-02-10 (Mon, 10 Feb 2025) Changed paths: M src/eng_back.c M src/util.h M src/util_uri.c Log Message: ----------- Move UI back to eng_back.c Commit: d43f8ef23c2d337204fb63c4f7b98a76c651f3ef https://github.com/OpenSC/libp11/commit/d43f8ef23c2d337204fb63c4f7b98a76c651f3ef Author: Michał Trojnara <Mic...@st...> Date: 2025-02-10 (Mon, 10 Feb 2025) Changed paths: M src/eng_back.c Log Message: ----------- Restore configured UI after loading a key Compare: https://github.com/OpenSC/libp11/compare/388b3b3fd658...d43f8ef23c2d To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/libp11/settings/notifications |
|
From: Małgorzata O. <no...@gi...> - 2025-02-10 11:27:25
|
Branch: refs/heads/master Home: https://github.com/OpenSC/libp11 Commit: 33522580b7ad4b8a7dc1bfaec89daa4bcc77168d https://github.com/OpenSC/libp11/commit/33522580b7ad4b8a7dc1bfaec89daa4bcc77168d Author: olszomal <Mal...@st...> Date: 2025-02-10 (Mon, 10 Feb 2025) Changed paths: M src/util_uri.c Log Message: ----------- Fix logging for slot description Commit: 388b3b3fd65818fbd08a02e38b2e1a20595cc3a5 https://github.com/OpenSC/libp11/commit/388b3b3fd65818fbd08a02e38b2e1a20595cc3a5 Author: olszomal <Mal...@st...> Date: 2025-02-10 (Mon, 10 Feb 2025) Changed paths: M src/eng_back.c M src/util.h M src/util_uri.c Log Message: ----------- Fix memory management and memory leak Compare: https://github.com/OpenSC/libp11/compare/7addb3c47c8e...388b3b3fd658 To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/libp11/settings/notifications |
|
From: Frank M. <no...@gi...> - 2025-02-10 02:47:11
|
Branch: refs/heads/master Home: https://github.com/OpenSC/OpenSC Commit: 891dfc772b1ec51b6aa1ee3552f7c6fdf8369916 https://github.com/OpenSC/OpenSC/commit/891dfc772b1ec51b6aa1ee3552f7c6fdf8369916 Author: Veronika Hanulíková <vha...@re...> Date: 2025-01-31 (Fri, 31 Jan 2025) Changed paths: M src/libopensc/pkcs15-sc-hsm.c Log Message: ----------- pkcs15-sc-hsm: Fix leak of sc_pkcs15_pubkey attributes Thanks Coverity CID 454838 Commit: 370b99e6813bf738892592b31d0f8915c6c65c46 https://github.com/OpenSC/OpenSC/commit/370b99e6813bf738892592b31d0f8915c6c65c46 Author: Veronika Hanulíková <vha...@re...> Date: 2025-01-31 (Fri, 31 Jan 2025) Changed paths: M src/pkcs15init/pkcs15-sc-hsm.c Log Message: ----------- pkcs15-sc-hsm: Fix leak of sc_cvc_t object Thanks Coverity CID 454837, 454834, 454831, 454828, 454826 Commit: 0d8cd4a4dab6da48593fe75ca8e2a69629b0dcda https://github.com/OpenSC/OpenSC/commit/0d8cd4a4dab6da48593fe75ca8e2a69629b0dcda Author: Veronika Hanulíková <vha...@re...> Date: 2025-01-31 (Fri, 31 Jan 2025) Changed paths: M src/libopensc/muscle.c Log Message: ----------- muscle: Fix memory leak Thanks Coverity CID 454836 Commit: 177f77f5405f4fc0e09f8f12c3a7dd512b8c03b1 https://github.com/OpenSC/OpenSC/commit/177f77f5405f4fc0e09f8f12c3a7dd512b8c03b1 Author: Veronika Hanulíková <vha...@re...> Date: 2025-01-31 (Fri, 31 Jan 2025) Changed paths: M src/libopensc/pkcs15-coolkey.c Log Message: ----------- pkcs15-coolkey: Fix memory leak of certificate value Thanks Coverity CID 454822, 454833 Commit: d337f7e039c086277942ed13acc390faa1810b4f https://github.com/OpenSC/OpenSC/commit/d337f7e039c086277942ed13acc390faa1810b4f Author: Veronika Hanulíková <vha...@re...> Date: 2025-01-31 (Fri, 31 Jan 2025) Changed paths: M src/libopensc/compression.c Log Message: ----------- compression: Fix memory leak of z_stream Thanks Coverity CID 454832 Commit: ddbaa22dd390773a246dc852affe2354bdf93aa4 https://github.com/OpenSC/OpenSC/commit/ddbaa22dd390773a246dc852affe2354bdf93aa4 Author: Veronika Hanulíková <vha...@re...> Date: 2025-01-31 (Fri, 31 Jan 2025) Changed paths: M src/common/libpkcs11.c Log Message: ----------- libpkcs11: Call sc_dlsym on handle in case of error Thanks Coverity CID 454829 Commit: 133cad9002725aed6d3067ce9259f1b0bdf5227f https://github.com/OpenSC/OpenSC/commit/133cad9002725aed6d3067ce9259f1b0bdf5227f Author: Veronika Hanulíková <vha...@re...> Date: 2025-01-31 (Fri, 31 Jan 2025) Changed paths: M src/libopensc/card-authentic.c Log Message: ----------- card-authentic: Fix memory leak in apdu Thanks Coverity CID 454827 Commit: 7cf121717c1499adada4aa0e3507d4ac5470767a https://github.com/OpenSC/OpenSC/commit/7cf121717c1499adada4aa0e3507d4ac5470767a Author: Veronika Hanulíková <vha...@re...> Date: 2025-01-31 (Fri, 31 Jan 2025) Changed paths: M src/tools/egk-tool.c Log Message: ----------- egk-tool: Free stream variable in case of error Thanks Coverity CID 454823 Commit: 10a500cc62e97766038aaef5424ed003d1bf5bc9 https://github.com/OpenSC/OpenSC/commit/10a500cc62e97766038aaef5424ed003d1bf5bc9 Author: Veronika Hanulíková <vha...@re...> Date: 2025-01-31 (Fri, 31 Jan 2025) Changed paths: M src/pkcs15init/pkcs15-lib.c Log Message: ----------- pkcs15-lib: Unload dynamic library when freeing profile Thanks Coverity CID 454835 Commit: bffc8b6fc5caf59caa6d464197af8073e40f4e53 https://github.com/OpenSC/OpenSC/commit/bffc8b6fc5caf59caa6d464197af8073e40f4e53 Author: Veronika Hanulíková <vha...@re...> Date: 2025-01-31 (Fri, 31 Jan 2025) Changed paths: M src/libopensc/card-epass2003.c M src/libopensc/iasecc-sdo.c M src/pkcs15init/pkcs15-iasecc.c M src/pkcs15init/pkcs15-lib.c Log Message: ----------- Fix spelling error with indx variable Commit: c1059df64eba72ae54b7d0a0fb13f4f92f242f25 https://github.com/OpenSC/OpenSC/commit/c1059df64eba72ae54b7d0a0fb13f4f92f242f25 Author: Veronika Hanulíková <vha...@re...> Date: 2025-02-04 (Tue, 04 Feb 2025) Changed paths: M src/tools/pkcs11-tool.c Log Message: ----------- pkcs11-tool: Fix parsing of decompressed point length Thanks Coverity CID 454830 Commit: f2a9f3a7275fac806d529d2dad43db937e11c7da https://github.com/OpenSC/OpenSC/commit/f2a9f3a7275fac806d529d2dad43db937e11c7da Author: Veronika Hanulíková <vha...@re...> Date: 2025-02-04 (Tue, 04 Feb 2025) Changed paths: M .github/codespell_ignore_words.txt Log Message: ----------- codespell: ignore german word for algorithm Commit: 8523ee5db88ed056bb3bd098485d5fb6b44a7f90 https://github.com/OpenSC/OpenSC/commit/8523ee5db88ed056bb3bd098485d5fb6b44a7f90 Author: Veronika Hanulíková <vha...@re...> Date: 2025-02-07 (Fri, 07 Feb 2025) Changed paths: M src/libopensc/card-openpgp.c Log Message: ----------- card-openpgp: Pass struct by reference not value Thanks Coverity CID 456622, 456621 Commit: 9b0313d3caf154b1506e90a03d92cd34d176b749 https://github.com/OpenSC/OpenSC/commit/9b0313d3caf154b1506e90a03d92cd34d176b749 Author: Frank Morgner <fra...@gm...> Date: 2025-02-10 (Mon, 10 Feb 2025) Changed paths: M .github/codespell_ignore_words.txt M src/common/libpkcs11.c M src/libopensc/card-authentic.c M src/libopensc/card-epass2003.c M src/libopensc/card-openpgp.c M src/libopensc/compression.c M src/libopensc/iasecc-sdo.c M src/libopensc/muscle.c M src/libopensc/pkcs15-coolkey.c M src/libopensc/pkcs15-sc-hsm.c M src/pkcs15init/pkcs15-iasecc.c M src/pkcs15init/pkcs15-lib.c M src/pkcs15init/pkcs15-sc-hsm.c M src/tools/egk-tool.c M src/tools/pkcs11-tool.c Log Message: ----------- Merge pull request #3329 from xhanulik/coverity Issues reported by coverity Compare: https://github.com/OpenSC/OpenSC/compare/3c5083832e6a...9b0313d3caf1 To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/OpenSC/settings/notifications |
|
From: Cyril D. <no...@gi...> - 2025-02-06 16:35:10
|
Branch: refs/heads/master Home: https://github.com/OpenSC/OpenSC Commit: c6e8171040d8bc299b1ebce4a9084d3872206443 https://github.com/OpenSC/OpenSC/commit/c6e8171040d8bc299b1ebce4a9084d3872206443 Author: cdanger <137...@us...> Date: 2025-02-06 (Thu, 06 Feb 2025) Changed paths: M src/tools/pkcs11-tool.c M tests/test-pkcs11-tool-unwrap-wrap-test.sh Log Message: ----------- Fixed #3293 and added corresponding test of RSA-PKCS-OAEP wrap/unwrap operations in file tests/test-pkcs11-tool-unwrap-wrap-test.sh (Parameterized the RSA-PKCSA-OAEP tests with variables so that the OAEP hash / MGF algorithms can be replaced easily in all openssl and pkcs11-tool commands used in the test.) Commit: 3c5083832e6a61039fb1024ee8ee5c49e9a1473a https://github.com/OpenSC/OpenSC/commit/3c5083832e6a61039fb1024ee8ee5c49e9a1473a Author: cdanger <137...@us...> Date: 2025-02-06 (Thu, 06 Feb 2025) Changed paths: M tests/test-pkcs11-tool-unwrap-wrap-test.sh Log Message: ----------- Fixed openssl pkeyutl command in tests/test-pkcs11-tool-unwrap-wrap-test.sh to work with libressl Compare: https://github.com/OpenSC/OpenSC/compare/f978cf6ba9b8...3c5083832e6a To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/OpenSC/settings/notifications |
|
From: Paul W. <no...@gi...> - 2025-02-06 11:40:02
|
Branch: refs/tags/pam_pkcs11-0.6.13 Home: https://github.com/OpenSC/pam_pkcs11 To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/pam_pkcs11/settings/notifications |
|
From: Paul W. <no...@gi...> - 2025-02-06 11:39:43
|
Branch: refs/heads/master Home: https://github.com/OpenSC/pam_pkcs11 Commit: 2ecba68d404c3112546a9e802e3776b9f6c50a6a https://github.com/OpenSC/pam_pkcs11/commit/2ecba68d404c3112546a9e802e3776b9f6c50a6a Author: Frank Morgner <fra...@gm...> Date: 2024-12-06 (Fri, 06 Dec 2024) Changed paths: M src/pam_pkcs11/pam_pkcs11.c Log Message: ----------- Fixed possible authentication bypass: Don't return PAM_IGNORE Starting with bac6cf8e0b242e508e8b715e7f78d52f1227840a (released with pam_pkcs11-0.6.12), return codes defaulted to PAM_IGNORE in most cases where authentication was not possible. This change has not been anticipated in PAM configurations and may lead to authentication bypasses. If pam_pkcs11 was configured as the only module which could provide authentication and would silently fail with PAM_IGNORE, then this return code may be transformed to PAM_SUCCESS by subsequent PAM modules that don't actually perform authentication. This change avoids this situation by *not* returning PAM_IGNORE by default as done in 0.6.11 and before. If pam_pkcs11 is the only module providing authentication in the PAM stack, then the following PAM configuration could be used to avoid this situation as well: auth [success=ok default=bad] pam_pkcs11.so wait_for_card card_only In the configuration above, PAM_IGNORE will lead to an authentication failure even for an unpatched pam_pkcs11-0.6.12 (note the missing `ignore=ignore`). Thanks to Matthias Gerstner (@mgerstner) and the SUSE Linux team for reporting this problem providing analysis and the workaround configuration of a possibly vulnerable PAM stack. Commit: e87fc461655e0ca9c16f25348dff0616834c1507 https://github.com/OpenSC/pam_pkcs11/commit/e87fc461655e0ca9c16f25348dff0616834c1507 Author: Paul Wolneykien <ma...@al...> Date: 2024-12-10 (Tue, 10 Dec 2024) Changed paths: M etc/pam.d_login.example.in Log Message: ----------- Move pam_securetty.so upward in the example PAM config According to its documentation pam_securetty.so should be used before sufficient modules (as it returns PAM_SUCCESS when all conditions are met). Commit: 87e18ccf60559e195de99c763343a984e5d01e92 https://github.com/OpenSC/pam_pkcs11/commit/87e18ccf60559e195de99c763343a984e5d01e92 Author: Paul Wolneykien <ma...@al...> Date: 2024-12-10 (Tue, 10 Dec 2024) Changed paths: M etc/pam_pkcs11.conf.example.in M src/pam_pkcs11/pam_pkcs11.c Log Message: ----------- Restoring the original card_only / wait_for_card behavior For historical reasons card_only means: if we are using a screen saver, and we didn't log in using a smart card drop to the next pam module (PAM_IGNORE is returned). wait_for_card means: 1) nothing if card_only isn't set; 2) if logged in, block in pam conversation until the token used for login is inserted; 3) if not logged in, block until a token that could be used for logging in is inserted. Right now, logged in means PKC11_LOGIN_TOKEN_NAME is set, but we could something else later (like set some per-user state in a PAM session module keyed off UID). Commit: ba53bab0da6564a3f7619147e783a0e5cbb0d2a2 https://github.com/OpenSC/pam_pkcs11/commit/ba53bab0da6564a3f7619147e783a0e5cbb0d2a2 Author: Andrey Cherepanov <ca...@al...> Date: 2025-01-15 (Wed, 15 Jan 2025) Changed paths: M po/ru.po Log Message: ----------- Complete Russian translation of pam_pkcs11 Thanks Max Kosmach <ma...@el...> for help Commit: a19e0f988986dc13cfeaba8bc408d35fc9d24dca https://github.com/OpenSC/pam_pkcs11/commit/a19e0f988986dc13cfeaba8bc408d35fc9d24dca Author: Alexey I. Froloff <ra...@al...> Date: 2025-01-15 (Wed, 15 Jan 2025) Changed paths: M po/ru.po Log Message: ----------- Update Russian translations. Commit: 33d13d4936440497c12812eae97cbc6c2ce010f2 https://github.com/OpenSC/pam_pkcs11/commit/33d13d4936440497c12812eae97cbc6c2ce010f2 Author: Paul Wolneykien <ma...@al...> Date: 2025-01-15 (Wed, 15 Jan 2025) Changed paths: M etc/Makefile.am A etc/pkcs11-eventmgr.service Log Message: ----------- Add pkcs11-eventmgr systemd service unit Commit: b665b287ff955bbbd9539252ff9f9e2754c3fb48 https://github.com/OpenSC/pam_pkcs11/commit/b665b287ff955bbbd9539252ff9f9e2754c3fb48 Author: Frank Morgner <fra...@gm...> Date: 2025-01-17 (Fri, 17 Jan 2025) Changed paths: M src/common/cert_vfy.h M src/pam_pkcs11/pam_config.c M src/pam_pkcs11/pam_pkcs11.c Log Message: ----------- fixed possible authentication bypass: Use signatures to verify authentication by default If cert_policy is set to none (the default value), then pam_pkcs11 will only check if the user is capable of logging into the token. An attacker may create a different token with the user's public data (e.g. the user's certificate) and a PIN known to the attacker. If no signature with the private key is required, then the attacker may now login as user with that created token. This change, by default, uses the private key to crate a signature. A new policy, `no_signature` is introduced if the module should really *not* validate the key's signature Commit: fea15692fd1c988ca6d19a8b1644e6b814b9f5ee https://github.com/OpenSC/pam_pkcs11/commit/fea15692fd1c988ca6d19a8b1644e6b814b9f5ee Author: Paul Wolneykien <ma...@al...> Date: 2025-01-19 (Sun, 19 Jan 2025) Changed paths: M ChangeLog Log Message: ----------- Updated the changelog for the next version Commit: 834ef53bf2ede80cc3769ba6c2722a483710b1c9 https://github.com/OpenSC/pam_pkcs11/commit/834ef53bf2ede80cc3769ba6c2722a483710b1c9 Author: Paul Wolneykien <ma...@al...> Date: 2025-01-19 (Sun, 19 Jan 2025) Changed paths: M po/ru.po Log Message: ----------- Merge branch 'newpatch/ru' into next Commit: 45f1cba2d7caec8ef8d44d8bc5bf2c3aaed871fa https://github.com/OpenSC/pam_pkcs11/commit/45f1cba2d7caec8ef8d44d8bc5bf2c3aaed871fa Author: Paul Wolneykien <ma...@al...> Date: 2025-01-19 (Sun, 19 Jan 2025) Changed paths: M etc/Makefile.am A etc/pkcs11-eventmgr.service Log Message: ----------- Merge branch 'newpatch/systemd' into next Commit: 3ff317fb80f3ad0dc06425badf6cde6c92c3c249 https://github.com/OpenSC/pam_pkcs11/commit/3ff317fb80f3ad0dc06425badf6cde6c92c3c249 Author: Paul Wolneykien <ma...@al...> Date: 2025-01-19 (Sun, 19 Jan 2025) Changed paths: M ChangeLog Log Message: ----------- Update the changelog for the next version with two more entries Commit: c643c88637281e3ec1cf5daf114f14358b3eb207 https://github.com/OpenSC/pam_pkcs11/commit/c643c88637281e3ec1cf5daf114f14358b3eb207 Author: Paul Wolneykien <ma...@al...> Date: 2025-01-19 (Sun, 19 Jan 2025) Changed paths: M pam_pkcs11.spec Log Message: ----------- Include pkcs11-eventmgr.service into the RPM Commit: 82a0f8b89ca1b40d1dac6266d1d079a2a3490090 https://github.com/OpenSC/pam_pkcs11/commit/82a0f8b89ca1b40d1dac6266d1d079a2a3490090 Author: Paul Wolneykien <ma...@al...> Date: 2025-02-04 (Tue, 04 Feb 2025) Changed paths: M etc/pam_pkcs11.conf.example.in Log Message: ----------- Fixed @libdir@ substantiator in "opensc" module definition Commit: 60f146f551a4a80a63ba26c7caed94540886594b https://github.com/OpenSC/pam_pkcs11/commit/60f146f551a4a80a63ba26c7caed94540886594b Author: Paul Wolneykien <ma...@al...> Date: 2025-02-04 (Tue, 04 Feb 2025) Changed paths: M src/pam_pkcs11/pam_pkcs11.c Log Message: ----------- Fix: More changes to make slot_num = 0 by default (see 6866efd) Commit: 66aeb46bddcf9c3b9c44df4d566d342cbcab58a4 https://github.com/OpenSC/pam_pkcs11/commit/66aeb46bddcf9c3b9c44df4d566d342cbcab58a4 Author: Paul Wolneykien <ma...@al...> Date: 2025-02-04 (Tue, 04 Feb 2025) Changed paths: M etc/pam_pkcs11.conf.example.in Log Message: ----------- Fix: Make "opensc" module configuration to use the currently default slot_num = 0 Commit: d9530167966a77115db6e885d459382a2e52ee9e https://github.com/OpenSC/pam_pkcs11/commit/d9530167966a77115db6e885d459382a2e52ee9e Author: Paul Wolneykien <ma...@al...> Date: 2025-02-04 (Tue, 04 Feb 2025) Changed paths: M etc/pam_pkcs11.conf.example.in M src/pam_pkcs11/pam_config.c Log Message: ----------- Update configuration files for the CVE-2025-24032 fix Added a comment on the "no_signature" value. Also, use "signature" instead of "none". Added a note, that "none" doesn't mean "no_signature". Commit: 470263258d1ac59c5eade439c4d9caba0097e6e6 https://github.com/OpenSC/pam_pkcs11/commit/470263258d1ac59c5eade439c4d9caba0097e6e6 Author: Paul Wolneykien <ma...@al...> Date: 2025-02-04 (Tue, 04 Feb 2025) Changed paths: M ChangeLog M NEWS Log Message: ----------- Updated ChangeLog and NEWS Commit: b8dbe6370d36a6a11a466d5f0ee285804103e030 https://github.com/OpenSC/pam_pkcs11/commit/b8dbe6370d36a6a11a466d5f0ee285804103e030 Author: Paul Wolneykien <ma...@al...> Date: 2025-02-04 (Tue, 04 Feb 2025) Changed paths: M configure.ac M pam_pkcs11.spec Log Message: ----------- Version 0.6.13 Compare: https://github.com/OpenSC/pam_pkcs11/compare/b41f250f4f4b...b8dbe6370d36 To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/pam_pkcs11/settings/notifications |
|
From: Michał T. <no...@gi...> - 2025-02-04 12:34:39
|
Branch: refs/heads/master Home: https://github.com/OpenSC/libp11 Commit: 7addb3c47c8e9a520881487ece28893256345a9d https://github.com/OpenSC/libp11/commit/7addb3c47c8e9a520881487ece28893256345a9d Author: Michał Trojnara <Mic...@st...> Date: 2025-02-04 (Tue, 04 Feb 2025) Changed paths: M src/util.h Log Message: ----------- Cleanup To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/libp11/settings/notifications |
|
From: Michał T. <no...@gi...> - 2025-02-04 12:23:27
|
Branch: refs/heads/master Home: https://github.com/OpenSC/libp11 Commit: 958c8e8cc57b1bed3dff9bf93055a2a33f468157 https://github.com/OpenSC/libp11/commit/958c8e8cc57b1bed3dff9bf93055a2a33f468157 Author: Michał Trojnara <Mic...@st...> Date: 2025-02-04 (Tue, 04 Feb 2025) Changed paths: M src/eng_back.c M src/util.h M src/util_uri.c Log Message: ----------- Fix debug_level for UTIL_CTX_log() To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/libp11/settings/notifications |
|
From: Michał T. <no...@gi...> - 2025-02-04 10:22:21
|
Branch: refs/heads/master Home: https://github.com/OpenSC/libp11 Commit: 1a780a01abf6cb80d7dd3bf0bfe7807fb5fab6d2 https://github.com/OpenSC/libp11/commit/1a780a01abf6cb80d7dd3bf0bfe7807fb5fab6d2 Author: Michał Trojnara <Mic...@st...> Date: 2025-02-04 (Tue, 04 Feb 2025) Changed paths: M src/eng_back.c M src/util.h M src/util_uri.c Log Message: ----------- Make UTIL_CTX opaque To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/libp11/settings/notifications |
|
From: Michał T. <no...@gi...> - 2025-02-03 18:28:53
|
Branch: refs/heads/master Home: https://github.com/OpenSC/libp11 Commit: 761ef676b39cd3a155a9f98585875fab8c814be3 https://github.com/OpenSC/libp11/commit/761ef676b39cd3a155a9f98585875fab8c814be3 Author: Michał Trojnara <Mic...@st...> Date: 2025-02-03 (Mon, 03 Feb 2025) Changed paths: M src/eng_back.c M src/eng_front.c M src/engine.h M src/util.h M src/util_uri.c Log Message: ----------- Further util_uri.c separation To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/libp11/settings/notifications |
|
From: Frank M. <no...@gi...> - 2025-01-31 08:46:06
|
Branch: refs/heads/master Home: https://github.com/OpenSC/OpenSC Commit: fe6519238fca1f26648aabd6dbb75e82a0ee63bc https://github.com/OpenSC/OpenSC/commit/fe6519238fca1f26648aabd6dbb75e82a0ee63bc Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/tools/pkcs11-tool.c Log Message: ----------- pkcs11-tool.c - CKK_GENERIC_SECRET do not have CKA_ENCRYPT or CKA_DECRYPT On branch X25519-improvements-2 Changes to be committed: modified: tools/pkcs11-tool.c Commit: 0943149947344e14d116e681d4977927d01ee802 https://github.com/OpenSC/OpenSC/commit/0943149947344e14d116e681d4977927d01ee802 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/tools/pkcs11-tool.c Log Message: ----------- pkcs11-tool.c Add derive key support for CKK_MONTGOMERY OpenSSL treats EVP_PKEY_EC, EVP_PKEY_X25519 and EVP_PKEY_X448 as different key types. Refer to the other key as a peer key. Use mech_mech as it is passed into derive_ec_key. On branch X25519-improvements-2 Changes to be committed: modified: src/tools/pkcs11-tool.c Commit: 33f87c9f36e0eb1a3b73882bb05bf1222ad8d441 https://github.com/OpenSC/OpenSC/commit/33f87c9f36e0eb1a3b73882bb05bf1222ad8d441 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/tools/pkcs11-tool.c Log Message: ----------- pkcs11-tool.c - EVP_KEY_X448 not defined in LibreSSL EVP_KEY_X25519 is defined but not EVP_KEY_X448. Test if defined. Changes to be committed: modified: src/tools/pkcs11-tool.c Commit: 591b762bb290eddd2f1a14cfb4f373a27dd78dc5 https://github.com/OpenSC/OpenSC/commit/591b762bb290eddd2f1a14cfb4f373a27dd78dc5 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/tools/pkcs11-tool.c Log Message: ----------- pkcs11-tool.c calculate size in bits for eddsa and xeddsa CKA_EC_POINT CKA_EC_POINT for eddsa and xeddsa are bit strings. Changes to be committed: modified: src/tools/pkcs11-tool.c Commit: 0827576c45b90ce62e9d3a9215c5ea5618fa3c32 https://github.com/OpenSC/OpenSC/commit/0827576c45b90ce62e9d3a9215c5ea5618fa3c32 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/tools/pkcs11-tool.c Log Message: ----------- pkcs11-tool.c - EC_POINT DER in BIT STRING or OCTET STRING Accept either encoding. On branch X25519-improvements-2 Changes to be committed: modified: src/tools/pkcs11-tool.c Commit: 62ac0c69197daeadac1931c2f6a210648b155a87 https://github.com/OpenSC/OpenSC/commit/62ac0c69197daeadac1931c2f6a210648b155a87 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/tools/pkcs11-tool.c Log Message: ----------- pkcs11-tool.c - remore wrap/unwrap from template On branch X25519-improvements-2 Changes to be committed: modified: pkcs11-tool.c Commit: 312ce3be0c7687f99885dd29d64503d21c08cd4c https://github.com/OpenSC/OpenSC/commit/312ce3be0c7687f99885dd29d64503d21c08cd4c Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/libopensc/pkcs15.h Log Message: ----------- pkcs15.h - PKCS11 ecparams are used by CKK_EC, CKK_EDWARDS and CKK_MONTGOMERY Remove redundent code for struct sc_pkcs15_prkey_eddsa eddsa. Please enter the commit message for your changes. Lines starting Commit: afe9fb49d0f813e4ae1ea49fc1b24c69c18125f3 https://github.com/OpenSC/OpenSC/commit/afe9fb49d0f813e4ae1ea49fc1b24c69c18125f3 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/libopensc/pkcs15-prkey.c M src/libopensc/pkcs15-pubkey.c M src/pkcs11/framework-pkcs15.c M src/tools/pkcs15-tool.c Log Message: ----------- pkcs15-prkey.c pkcs15-pubkey.c - Use common EC params On branch X25519-improvements-2 Changes to be committed: modified: libopensc/pkcs15-prkey.c modified: libopensc/pkcs15-pubkey.c Commit: c7ba42a0287e00c8649f71514595420318245b92 https://github.com/OpenSC/OpenSC/commit/c7ba42a0287e00c8649f71514595420318245b92 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/libopensc/card-openpgp.c Log Message: ----------- card-openpgp.c - Use common "ec_pointQ" for EC, EDDSA and XEDDSA In previous OpenSC code EC public key is called a ec_pointQ. EDDSA and XEDDSA called it public. Both are stored asvalue and len. So to simplify the code, we use the same structures. The difference comes when they are returned in pkcs11. EC is encoded in an OCTET STRING, The others are iencoded in a BIT STRING. Changes to be committed: modified: src/libopensc/card-openpgp.c Commit: 0bcca6056797194cacc0e59293f9c88ae1002367 https://github.com/OpenSC/OpenSC/commit/0bcca6056797194cacc0e59293f9c88ae1002367 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/pkcs15init/pkcs15-lib.c M src/pkcs15init/pkcs15-openpgp.c Log Message: ----------- pkcs15init/pkcs15-lib.c pkcs15init/pkcs15-openpgp.c - EDDSA and XEDDSA Improvments to allow for key generation via pkcs11 or pkcs15 Date: Sat Dec 9 18:57:26 2023 -0600 On branch X25519-improvements-2 Changes to be committed: modified: pkcs15init/pkcs15-lib.c modified: pkcs15init/pkcs15-openpgp.c Commit: 7996d340125c46c0e1f4ebd8b9310dee463a6fa5 https://github.com/OpenSC/OpenSC/commit/7996d340125c46c0e1f4ebd8b9310dee463a6fa5 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/libopensc/card-openpgp.c Log Message: ----------- card-openpgp.c - add SC_ALGORITHM_ONBOARD_KEY_GEN This will add PKCS11 key gen mechanisms. On branch X25519-improvements-2 Changes to be committed: modified: src/libopensc/card-openpgp.c Commit: 8f3b1ce959c807ce6be0f85e094472bfc4b06d90 https://github.com/OpenSC/OpenSC/commit/8f3b1ce959c807ce6be0f85e094472bfc4b06d90 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/libopensc/pkcs15-pubkey.c Log Message: ----------- pkcs15-pubkey.c update ec curves and map printable strings GnuPG says with version 5 cards, the RFC8410 OIDs can be written to the card so we will accept these and if needed use the older OpenPGP curves on older cards within the card-openpgp.c ec_params using the printablestring will be mapped to ones with OIDs if possible/ Date: Sun Dec 10 17:08:05 2023 -0600 On branch X25519-improvements-2 Changes to be committed: modified: libopensc/pkcs15-pubkey.c Commit: 4c2461f8d8b96e154550ef5ae2f35db84b5640c1 https://github.com/OpenSC/OpenSC/commit/4c2461f8d8b96e154550ef5ae2f35db84b5640c1 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/tools/pkcs15-init.c Log Message: ----------- pkcs15-init.c squash adding additional if statement Changes to be committed: modified: src/tools/pkcs15-init.c Commit: da5e8dfac527b43de7c19c075dbda0d7e74d328d https://github.com/OpenSC/OpenSC/commit/da5e8dfac527b43de7c19c075dbda0d7e74d328d Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/libopensc/pkcs15-algo.c Log Message: ----------- pkcs15-algo.c - add Ed448, X448 and openpgp oids Changes to be committed: modified: libopensc/pkcs15-algo.c Commit: 007414e39971334c60e47f99eb2e2d66546d0bd2 https://github.com/OpenSC/OpenSC/commit/007414e39971334c60e47f99eb2e2d66546d0bd2 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/libopensc/card-openpgp.c M src/libopensc/card-openpgp.h M src/pkcs15init/pkcs15-openpgp.c Log Message: ----------- OpenPGP - Move mapping of OpenPGP specifix OIDs The mapping of curve OIDs to be written to a card is moved from pkcs15init/pkcs15-openpgp.c to card-openpgp.c pkcs15init/pkcs15-openpgp and pkcs11 can then provide old or new OIDSs. The card driver will remap if needed. Date: Mon Jan 15 13:00:51 2024 -0600 Changes to be committed: modified: src/libopensc/card-openpgp.c modified: src/libopensc/card-openpgp.h modified: src/pkcs15init/pkcs15-openpgp.c Commit: 076ccccbf851c042915c6863eec621311ed41d6e https://github.com/OpenSC/OpenSC/commit/076ccccbf851c042915c6863eec621311ed41d6e Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/pkcs15init/pkcs15-openpgp.c Log Message: ----------- pkcs15init/pkcs15-opensc.c unused variable On branch X25519-improvements-2 Changes to be committed: modified: pkcs15init/pkcs15-openpgp.c Commit: 500aec716ff1faab3087faaf0d87748ae99d9f26 https://github.com/OpenSC/OpenSC/commit/500aec716ff1faab3087faaf0d87748ae99d9f26 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/tools/pkcs15-init.c Log Message: ----------- tools/pkcs15-init.c accept and case and convert to correct case Accept any case of curve names but pass corrected case to lower level routines. On branch X25519-improvements-2 Changes to be committed: modified: tools/pkcs15-init.c Commit: d3b0dbc29ae9c8392b7c150e7729b66bbfcc6f6a https://github.com/OpenSC/OpenSC/commit/d3b0dbc29ae9c8392b7c150e7729b66bbfcc6f6a Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/libopensc/card-openpgp.c M src/libopensc/card-openpgp.h Log Message: ----------- card-openpgp.c card-openpgp.h fix so will compile on mingw Date: Sat Jan 20 12:43:26 2024 -0600 Changes to be committed: modified: src/libopensc/card-openpgp.c modified: src/libopensc/card-openpgp.h Commit: 2efa25c0802522ec5afd9d9b6523bbf8279d9389 https://github.com/OpenSC/OpenSC/commit/2efa25c0802522ec5afd9d9b6523bbf8279d9389 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M doc/tools/pkcs15-init.1.xml Log Message: ----------- doc/tools/pkcs15-init.1.xml document Curve names for eddsa and xeddsa Changes to be committed: modified: doc/tools/pkcs15-init.1.xml Commit: a331060f5a113f7c4528a74a3bdc19153701ef78 https://github.com/OpenSC/OpenSC/commit/a331060f5a113f7c4528a74a3bdc19153701ef78 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/pkcs11/framework-pkcs15.c Log Message: ----------- framework-pkcs15.c - Support CKA_PUBKEY_KEY_INFO PKCS11 V2.4 and V3.0 added CKA_PUBKEY_KEY_INFO as SPKI from pubkey On branch X25519-improvements-2 Changes to be committed: modified: framework-pkcs15.c Commit: e970d538a3a38491a79c9aa1a980c629fba80265 https://github.com/OpenSC/OpenSC/commit/e970d538a3a38491a79c9aa1a980c629fba80265 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/libopensc/card-openpgp.c M src/libopensc/pkcs15-pubkey.c M src/tools/pkcs11-tool.c M src/tools/pkcs15-init.c Log Message: ----------- WIP to accept pkcs11 ec_point encoded in bit string or byte string See opensc issue #3000 On branch X25519-improvements-2 Changes to be committed: modified: libopensc/card-openpgp.c modified: libopensc/pkcs15-pubkey.c modified: tools/pkcs11-tool.c modified: tools/pkcs15-init.c Commit: 87878f08141e76996a017acb010a1b0039daabe3 https://github.com/OpenSC/OpenSC/commit/87878f08141e76996a017acb010a1b0039daabe3 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/libopensc/pkcs15-pubkey.c Log Message: ----------- pkcs15-pubkey.c make default for CKA_EC_POINT to return old OCTET STRING p11test is still using old way. On branch X25519-improvements-2 Changes to be committed: modified: pkcs15-pubkey.c Commit: 6a1b902ddea6044cb6972bbb6cd17a1dde315b9d https://github.com/OpenSC/OpenSC/commit/6a1b902ddea6044cb6972bbb6cd17a1dde315b9d Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M .github/test-oseid.sh Log Message: ----------- test-oseid.sh use restart-pcscd.sh Added github/restart-pcscd.sh On branch X25519-improvements-2 Changes to be committed: modified: test-oseid.sh Commit: 567947c3a6d0161b5d77e7fae0a3ff9b32df9da0 https://github.com/OpenSC/OpenSC/commit/567947c3a6d0161b5d77e7fae0a3ff9b32df9da0 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M .github/test-oseid.sh Log Message: ----------- Revert "test-oseid.sh use restart-pcscd.sh" This is unrelated to to the PR so if needed submit as seperate PR This reverts commit 00c4a73af5522f5c09bec1cd5cded788d0bf39ba. On branch X25519-improvements-2 Changes to be committed: modified: .github/test-oseid.sh Commit: 73f72af45abc8ee3613876d328d71c8756a25a84 https://github.com/OpenSC/OpenSC/commit/73f72af45abc8ee3613876d328d71c8756a25a84 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/libopensc/pkcs15-pubkey.c Log Message: ----------- pkcs15-pubkey.c fix bug found by fuzzer On branch X25519-improvements-2 Changes to be committed: modified: pkcs15-pubkey.c Commit: a3c609668af8933acc2b2f4dfa802c58b2f900d5 https://github.com/OpenSC/OpenSC/commit/a3c609668af8933acc2b2f4dfa802c58b2f900d5 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/libopensc/card-openpgp.c Log Message: ----------- card-openpgp.c - whitespace and code style Code style from yshui/git-clang-format-lint On branch X25519-improvements-2 Changes to be committed: modified: src/libopensc/card-openpgp.c Commit: 0118c9de82e19a18b7e19c4fe6dbf555f25082d7 https://github.com/OpenSC/OpenSC/commit/0118c9de82e19a18b7e19c4fe6dbf555f25082d7 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/pkcs11/framework-pkcs15.c Log Message: ----------- framework-pkcs15,c - whitespace and code style Code style from yshui/git-clang-format-lint On branch X25519-improvements-2 Changes to be committed: modified: src/pkcs11/framework-pkcs15.c Commit: 693b89d72a4749eab44eaccdaede8f584a078455 https://github.com/OpenSC/OpenSC/commit/693b89d72a4749eab44eaccdaede8f584a078455 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/libopensc/pkcs15-algo.c Log Message: ----------- pkcs15-alg.c whitespace and code style Code style from yshui/git-clang-format-lint On branch X25519-improvements-2 Changes to be committed: modified: src/libopensc/pkcs15-algo.c Commit: f69cd013a456037e14afce47be31ecafcb546e2a https://github.com/OpenSC/OpenSC/commit/f69cd013a456037e14afce47be31ecafcb546e2a Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/tools/pkcs15-init.c Log Message: ----------- pkcs15-init.c whitespace and code style Code style from yshui/git-clang-format-lint On branch X25519-improvements-2 Changes to be committed: modified: src/tools/pkcs15-init.c Commit: 4f03e6e8bed33dc77eb2b1d85b775a33bcc2afc8 https://github.com/OpenSC/OpenSC/commit/4f03e6e8bed33dc77eb2b1d85b775a33bcc2afc8 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M doc/tools/tools.html Log Message: ----------- files.html, tools.html - rebuild As suggeseted by .github/workflows/doc.yml On branch X25519-improvements-2 Changes to be committed: modified: files/files.html modified: tools/tools.html Commit: 5db2e2a1a133b4d6967c36c5b916c30e5cbcde70 https://github.com/OpenSC/OpenSC/commit/5db2e2a1a133b4d6967c36c5b916c30e5cbcde70 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/libopensc/pkcs15-prkey.c M src/libopensc/pkcs15-pubkey.c Log Message: ----------- pkcs15-pubkey.c - readability of mapped_string On branch X25519-improvements-2 Changes to be committed: modified: pkcs15-pubkey.c Commit: ed27016b169751f4215305175d060060c789e3c9 https://github.com/OpenSC/OpenSC/commit/ed27016b169751f4215305175d060060c789e3c9 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/libopensc/card-openpgp.c Log Message: ----------- card-openpgp.c - renove TODO comments as code was added On branch X25519-improvements-2 Changes to be committed: modified: libopensc/card-openpgp.c Commit: 7d5076689ac68b62eee75f7cb5a0fbb2a3cbfd58 https://github.com/OpenSC/OpenSC/commit/7d5076689ac68b62eee75f7cb5a0fbb2a3cbfd58 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/libopensc/pkcs15-algo.c Log Message: ----------- pkcs15-algo.c - removed comments and added asn1 calls On branch X25519-improvements-2 Changes to be committed: modified: libopensc/pkcs15-algo.c Commit: 002f8c91d12b4c750980487ec6f914743e7ffbe9 https://github.com/OpenSC/OpenSC/commit/002f8c91d12b4c750980487ec6f914743e7ffbe9 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/tools/pkcs11-tool.c Log Message: ----------- pkcs11-tool.c - formating On branch X25519-improvements-2 Changes to be committed: modified: tools/pkcs11-tool.c Commit: 3efffe553e49dd1f1c3c2955376f4ab830b8f9a5 https://github.com/OpenSC/OpenSC/commit/3efffe553e49dd1f1c3c2955376f4ab830b8f9a5 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/libopensc/pkcs15-pubkey.c Log Message: ----------- pkcs15-pubkey.c - Use sc_asn1_read_tag for printable string On branch X25519-improvements-2 Changes to be committed: modified: libopensc/pkcs15-pubkey.c Commit: 54c9618d418e15b61cd6b8d59cf3df97594435d4 https://github.com/OpenSC/OpenSC/commit/54c9618d418e15b61cd6b8d59cf3df97594435d4 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/libopensc/opensc.h M src/libopensc/pkcs15-pubkey.c Log Message: ----------- pkcs15-pubkey.c opensc.h - Add SC_ALGORITHM_* to ec_curve_info Make it easier to tell difference between EC, EDDSA and XEDDSA On branch X25519-improvements-2 Changes to be committed: modified: src/libopensc/opensc.h modified: src/libopensc/pkcs15-pubkey.c Commit: bfdf26a8f139090035d2478622552277f29d42e8 https://github.com/OpenSC/OpenSC/commit/bfdf26a8f139090035d2478622552277f29d42e8 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/libopensc/card-openpgp.c M src/libopensc/card-openpgp.h Log Message: ----------- card-openpgp.c card-openpgp.h - Add SC_ALGORITHM_* to ec_curves_openpgp* On branch X25519-improvements-2 Changes to be committed: modified: src/libopensc/card-openpgp.c modified: src/libopensc/card-openpgp.h Commit: 1c9cc1ddea5e32bdf542fb0ab70fa2da8c947ed3 https://github.com/OpenSC/OpenSC/commit/1c9cc1ddea5e32bdf542fb0ab70fa2da8c947ed3 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/libopensc/card.c Log Message: ----------- card.c - when adding an EC type alg call sc_pkcs15_fix_ec_parameters Changes to be committed: modified: libopensc/card.c Commit: 5e990bed538203852a620ad9a5ee436c04a1bf9e https://github.com/OpenSC/OpenSC/commit/5e990bed538203852a620ad9a5ee436c04a1bf9e Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/libopensc/pkcs15-pubkey.c Log Message: ----------- pkcs15-pubkey.c - FIXUP order of key_type in sc_curve_info On branch X25519-improvements-2 Changes to be committed: modified: libopensc/pkcs15-pubkey.c Commit: dc368e5f6ba4d43b7042f34ea4f4cb3feb3c56b9 https://github.com/OpenSC/OpenSC/commit/dc368e5f6ba4d43b7042f34ea4f4cb3feb3c56b9 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/libopensc/card.c Log Message: ----------- card.c - fix bug in sc_copy_ec_params Two fields were being copied from the dst the src sc_copy_ec_params is only used in pkcs15init/pkcs15-lib.c On branch X25519-improvements-2 Changes to be committed: modified: libopensc/card.c Commit: f37fecae192fc0668e45ab7616ba5beb0407534b https://github.com/OpenSC/OpenSC/commit/f37fecae192fc0668e45ab7616ba5beb0407534b Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/pkcs15init/pkcs15-lib.c Log Message: ----------- pkcs15init/pkcs15-openpgp.c - test id and ec type keys On branch X25519-improvements-2 Changes to be committed: modified: ../pkcs15init/pkcs15-lib.c Commit: e40bfcc734aa81d10d75887f19cb0133055a64f6 https://github.com/OpenSC/OpenSC/commit/e40bfcc734aa81d10d75887f19cb0133055a64f6 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/libopensc/card.c Log Message: ----------- card.c when copying sc_ec_parameters get new key_type too On branch X25519-improvements-2 Changes to be committed: modified: card.c Commit: 78db2ff3888b0a172d1360f5f3187fa0611c0de8 https://github.com/OpenSC/OpenSC/commit/78db2ff3888b0a172d1360f5f3187fa0611c0de8 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/pkcs15init/pkcs15-openpgp.c Log Message: ----------- pkcs15init/pkcs15-openpgp.c - set key_info.algorithm so EDDSA and XEDDSA work On branch X25519-improvements-2 Changes to be committed: modified: src/pkcs15init/pkcs15-openpgp.c Commit: c5d6b55b61497845b0526a7132029a5667b388cd https://github.com/OpenSC/OpenSC/commit/c5d6b55b61497845b0526a7132029a5667b388cd Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/libopensc/card-openpgp.c Log Message: ----------- card-openpgp.c - fix invalid read found by valgrind On branch X25519-improvements-2 Changes to be committed: modified: libopensc/card-openpgp.c Commit: a730f4ee0e89b100f172aed5a14460e2aaaf12dd https://github.com/OpenSC/OpenSC/commit/a730f4ee0e89b100f172aed5a14460e2aaaf12dd Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/pkcs15init/pkcs15-lib.c Log Message: ----------- pkcs15init/pkcs15-lib.c - fix double free Changes to be committed: modified: pkcs15init/pkcs15-lib.c Commit: 69466a21d651109b126c9d8116f965b9a778c6bc https://github.com/OpenSC/OpenSC/commit/69466a21d651109b126c9d8116f965b9a778c6bc Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/libopensc/cardctl.h M src/libopensc/pkcs15-prkey.c M src/pkcs15init/pkcs15-lib.c M src/pkcs15init/pkcs15-openpgp.c Log Message: ----------- cardctl.h - add key_type as SC_ALGORITHM_* to sc_cardctl_openpgp_keygen_info keytype is used to map SC_ALGORITHM_* to/from SC_OPENPGP_KEYALGO_* On branch X25519-improvements-2 Changes to be committed: modified: libopensc/cardctl.h modified: libopensc/pkcs15-prkey.c modified: pkcs15init/pkcs15-lib.c modified: pkcs15init/pkcs15-openpgp.c Commit: 34c1489c8a6d0c4cf47b3b9f9bbd242d1c4b439a https://github.com/OpenSC/OpenSC/commit/34c1489c8a6d0c4cf47b3b9f9bbd242d1c4b439a Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/libopensc/opensc.h Log Message: ----------- opensc.h - add sc_clear_ec_params sc_clear_ec_params used to free allocated menory and clear other data in struct sc_ec_parameters Commit: c2390afb0537bb77a14da29d76f9e73cb57adf16 https://github.com/OpenSC/OpenSC/commit/c2390afb0537bb77a14da29d76f9e73cb57adf16 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/tools/pkcs11-tool.c Log Message: ----------- pkcs11-tool.c - CKK_EC_EDWARDS and CKK_EC_MONTGOMERY improvements Add support write_object support for ED448 and X448 objects, but no cards current suported by OpenSC implement these. Fix bug with n_attrs in derive-ec-key. Allow read_object of an EC_POINT to be in either OCTET_STRING or BIT_STRING On branch X25519-improvements-2 Changes to be committed: modified: tools/pkcs11-tool.c Commit: 18144b5e517697b6244e055e1e0974d7115f15c7 https://github.com/OpenSC/OpenSC/commit/18144b5e517697b6244e055e1e0974d7115f15c7 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/tools/pkcs11-tool.c Log Message: ----------- pkcs11-tool.c - Accept EC_POINT as OCTET STRING or BIT STRING OpenSC has been using OCTET_STRING but PKCS11 says "DER-encoding of ANSI X9.62 ECPoint value Q" and ANSI X9.62 says the encoding is in a BIT_STRING just as in a SPKI, OpenSSL and isoApplet expects as well as every other document says. Changes to be committed: modified: tools/pkcs11-tool.c Commit: 5f3f393502c4dd411fa573119d8287bacc7288a3 https://github.com/OpenSC/OpenSC/commit/5f3f393502c4dd411fa573119d8287bacc7288a3 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/tools/pkcs11-tool.c Log Message: ----------- pkcs11-tool.c - Improved handling of versions or OpenSSL or no OpenSSL When compiled with different versions of OpenSSL, LibreSSL or no OpenSSL have different support for EVP_PKEY for different key types. evp_pkey2ck_key_type(EVP_PKEY *pkey, CK_KEY_TYPE *type, int *pk_type) takes a pkey and maps it to a PKCS11 CK_KEY_TYPE, in one place. It also returns the EVP_PKEY base id. PKCS11 treats Edwards and Montgomery keys as having 2 different EC curve names, where as OpenSSL gives every EC and Edwards and Montgomery keys their own NID. Thus the use of the CK_KEY_TYPE *type and pk_type (the NID) can be used to tell the difference. Addressed some comments in github. On branch X25519-improvements-2 Changes to be committed: modified: tools/pkcs11-tool.c Commit: c870275de73c4d094888d169cae14699c4a0bfa4 https://github.com/OpenSC/OpenSC/commit/c870275de73c4d094888d169cae14699c4a0bfa4 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/libopensc/card.c Log Message: ----------- card.c - add sc_clear_ec_params expand sc_card_find_alg sc_clear_ec_params clears an struct sc_ec_parameters by freeing allocated memory. card_find_alg will first check if info->algroithm is one that uses sc_ec_parameters and then checks that the OIDs match. then check if keylength match. On branch X25519-improvements-2 Changes to be committed: modified: libopensc/card.c Commit: cba3204196029a2f1ca31b343ddb611f7bb5b359 https://github.com/OpenSC/OpenSC/commit/cba3204196029a2f1ca31b343ddb611f7bb5b359 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/pkcs15init/pkcs15-lib.c Log Message: ----------- pkcs15init/pkcs15-lib.c - Changes for sc_clear_ec_params Fix several problems with use of sc_ec_parameters On branch X25519-improvements-2 Changes to be committed: modified: pkcs15init/pkcs15-lib.c Commit: 2c76fb5b96a954fc14a6b900bfe09c126654166c https://github.com/OpenSC/OpenSC/commit/2c76fb5b96a954fc14a6b900bfe09c126654166c Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/libopensc/card-openpgp.c M src/pkcs15init/pkcs15-openpgp.c Log Message: ----------- card-openpgp.c pkcs15init/pkcs15-openpgp.c - fixes Improvments and fixes for mem leaks and GUNK and mapping RFC8410 OIDs. When writing or generating a key add all known algs to card->algrorithms. Fix some BYTES4BITS bugs and formating. Add note about borblems trying to store RFC8410 type key. On branch X25519-improvements-2 Changes to be committed: modified: libopensc/card-openpgp.c modified: pkcs15init/pkcs15-openpgp.c Commit: ec2798551a5b4b8571b9f542bcf4fc34ccd0d28e https://github.com/OpenSC/OpenSC/commit/ec2798551a5b4b8571b9f542bcf4fc34ccd0d28e Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/libopensc/libopensc.exports Log Message: ----------- libopensc.exports - export sc_clear_ec_params On branch X25519-improvements-2 Changes to be committed: modified: libopensc/libopensc.exports Commit: cffbc1291506acc2dedcef1d91f811d03caa1235 https://github.com/OpenSC/OpenSC/commit/cffbc1291506acc2dedcef1d91f811d03caa1235 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/pkcs11/framework-pkcs15.c Log Message: ----------- framework-pkcs15.c - added support for more 448 size keys Base OIDs for EDWARDS and MONTGOMERY keys on the size of ecpointQ bewween 32 for 25519 and 56 for 448 keys. On branch X25519-improvements-2 Changes to be committed: modified: pkcs11/framework-pkcs15.c Commit: c52e504dbed091c0b6506f8a73bdc10054146900 https://github.com/OpenSC/OpenSC/commit/c52e504dbed091c0b6506f8a73bdc10054146900 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: Log Message: ----------- pkcs15-isoApplet.c - use sc_clear_ec_params On branch X25519-improvements-2 Changes to be committed: modified: pkcs15init/pkcs15-isoApplet.c Revert "pkcs15-isoApplet.c - use sc_clear_ec_params" This reverts commit 29e337a51314d9026e09b42b6f3b1b9e97beef7c. Attempt to see if this is the problem. On branch X25519-improvements-2 Changes to be committed: modified: src/pkcs15init/pkcs15-isoApplet.c Commit: cb39ba0025107fc77284810818403ea3fa57ef85 https://github.com/OpenSC/OpenSC/commit/cb39ba0025107fc77284810818403ea3fa57ef85 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/libopensc/pkcs15-algo.c M src/libopensc/pkcs15-prkey.c M src/libopensc/pkcs15-pubkey.c Log Message: ----------- pkcs15-algo.c, pkcs15-prkey.c and pkcs15-pubkey.c Various changes for RFC8410 curves On branch X25519-improvements-2 Changes to be committed: modified: libopensc/pkcs15-algo.c modified: libopensc/pkcs15-prkey.c modified: libopensc/pkcs15-pubkey.c Commit: a975c3b051b9ced5d5f370ad601fca9fdf2dd529 https://github.com/OpenSC/OpenSC/commit/a975c3b051b9ced5d5f370ad601fca9fdf2dd529 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/libopensc/pkcs15-pubkey.c Log Message: ----------- pkcs15-pubkey.c - fix SPKI decoding of EDDSA and XEDDSA EDDSA and XEDDSA public keys have a OID but no params unlike EC that has EC OID and params have the OID of the curve. EDDSA has two sub curves 25519 and 448 as does XEDDSA. The OID in the pubkey is then mapped to a ec-curve by and sc_pkcs15_fix_ec_parameters get the size of the curve. On branch X25519-improvements-2 Changes to be committed: modified: libopensc/pkcs15-pubkey.c Commit: 8da7a56cafd4585ccc0c387b99cea6a5ec009c87 https://github.com/OpenSC/OpenSC/commit/8da7a56cafd4585ccc0c387b99cea6a5ec009c87 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/libopensc/pkcs15-sec.c Log Message: ----------- pkcs15-sec.c - fix caculations of dignature size for EDDSA and XEDDSA On branch X25519-improvements-2 Changes to be committed: modified: libopensc/pkcs15-sec.c Commit: ec2c3bdbe12280ec4fcc47560acda3daeee7d171 https://github.com/OpenSC/OpenSC/commit/ec2c3bdbe12280ec4fcc47560acda3daeee7d171 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/libopensc/card-piv.c M src/libopensc/pkcs15-piv.c M src/tools/piv-tool.c Log Message: ----------- card-piv.c,pkcs15-piv.c,piv-tool.c - Support for RSA 4096 and 25519 Yubikey with firmware >= 5.7 supports RSA 4096, and EDDSA and XEDDSA which is non standard PIV. WIP Only tested with 9A key and self signed certificate created by Yubic-piv-tool. Signature created with: ./pkcs11-tool -m EDDSA --login --sign --id 01 --input-file /tmp/data.txt --output-file /tmp/YK11-9A-signature.der and signature verified via openssl 3.3.1 ./openssl pkeyutl -verify -pubin -inkey /tmp/YK11-9A-pub.pem -rawin -in /tmp/data.txt -sigfile /tmp/YK11-9A-signature.der On branch X25519-improvements-2 Changes to be committed: modified: libopensc/card-piv.c modified: libopensc/pkcs15-piv.c modified: tools/piv-tool.c Commit: 91fa8b43b60605bebbaa5538d4d23c1af30bc52c https://github.com/OpenSC/OpenSC/commit/91fa8b43b60605bebbaa5538d4d23c1af30bc52c Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/libopensc/pkcs15-pubkey.c Log Message: ----------- pkcs15-pubkey.c explain problem with EC pubkeys as OCTET STRING vs BIT STRING On branch X25519-improvements-2 Changes to be committed: modified: libopensc/pkcs15-pubkey.c Commit: f414eabffbdcccd308b035461b22caeea28e9326 https://github.com/OpenSC/OpenSC/commit/f414eabffbdcccd308b035461b22caeea28e9326 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/libopensc/pkcs15-pubkey.c Log Message: ----------- pkcs15-pubkey.c - return EC_POINT as OCTET STRING by default Removes changes that would have returned EC_POINT as BIT_STRING OpenSC has should be using BIT_STRING, as per standards. See: https://github.com/OpenSC/OpenSC/issues/3000 Solutions include: * Define new PKCS11 vendor attribute to CKA_EC_POINT_OCTET_STRING for backwards compatability. but only good with OpenSC PKCA11 module. * Environment variable. * The use of the PKCS11 V3 defines CKA_PUBLIC_KEY_INFO (which is implemented in this PR) should be encouraged. * Some how in pkcs11-tool.c determine what module cand do. The only use of sc_pkcs15_encode_pubkey_eddsa is when creating a key So it defaults to returning a BIT STRING All the routines that accept as input an EC_POINT will accept it either OCTET_STRING or BIT_STRING. Note SPKI already uses BIT_STRING. Correct decoding of length of ec_pointQ Changes to be committed: modified: src/libopensc/pkcs15-pubkey.c Commit: 118a11eff1790e256c55d4bd94cefa5eca3d809a https://github.com/OpenSC/OpenSC/commit/118a11eff1790e256c55d4bd94cefa5eca3d809a Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/pkcs15init/pkcs15-lib.c Log Message: ----------- pkcs15init/pkcs15-lib.c - Fix memory leak On branch X25519-improvements-2 Changes to be committed: modified: pkcs15init/pkcs15-lib.c Commit: 1c48cd62a3c262178932860b021ccf5d5a0cfcdb https://github.com/OpenSC/OpenSC/commit/1c48cd62a3c262178932860b021ccf5d5a0cfcdb Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/tools/pkcs15-init.c Log Message: ----------- pkcs15-init.c - fix memory leak or RSA exponent On branch X25519-improvements-2 Changes to be committed: modified: src/tools/pkcs15-init.c Commit: 1e9f821b8d4b2526dff4f2b8828d5d23c63782b6 https://github.com/OpenSC/OpenSC/commit/1e9f821b8d4b2526dff4f2b8828d5d23c63782b6 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/libopensc/card-openpgp.c M src/pkcs15init/pkcs15-openpgp.c Log Message: ----------- pkcs15-openpgp.c - clear pointers just in case Changes to be committed: modified: pkcs15init/pkcs15-openpgp.c Commit: d5edb9624090c83edaf4b3557aabd4215c3505f7 https://github.com/OpenSC/OpenSC/commit/d5edb9624090c83edaf4b3557aabd4215c3505f7 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/pkcs15init/pkcs15-lib.c Log Message: ----------- pkcs15-lib.c - various fixes Log how usage was determined. Use sc_copy_ec_params and sc_clear_ec_params Avoid memory leak, fix comments Changes to be committed: modified: pkcs15-lib.c Commit: a01821a8f1c6a831978e588a1cf2c42f56a20ac4 https://github.com/OpenSC/OpenSC/commit/a01821a8f1c6a831978e588a1cf2c42f56a20ac4 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/pkcs11/pkcs11-spy.c M tests/opensc.supp Log Message: ----------- opensc.supp and pkcs11-spy.c - Suppress memory leak error with github tests SPY does not cleanup the function lists, assuming the module will not be unloaded, but when valgrind is run from github actions, this will cause the tests to fail. The real solution could include some atexit routine to cleanup the finction lists. Changes to pkcs11-spy.c in this commit try to make sure if function lists are freed there is no double free. On branch X25519-improvements-2 Changes to be committed: modified: ../src/pkcs11/pkcs11-spy.c modified: opensc.supp Commit: 52065876e0e0ceb25756b697b764816affeefe1b https://github.com/OpenSC/OpenSC/commit/52065876e0e0ceb25756b697b764816affeefe1b Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/pkcs11/framework-pkcs15.c Log Message: ----------- framework-pkcs15.c - fix memory leak On branch X25519-improvements-2 Changes to be committed: modified: pkcs11/framework-pkcs15.c Commit: c43f01d6680dc790b3dd8557e64a80ca236026cd https://github.com/OpenSC/OpenSC/commit/c43f01d6680dc790b3dd8557e64a80ca236026cd Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/minidriver/minidriver.c M src/pkcs11/framework-pkcs15.c M src/tests/fuzzing/fuzz_pkcs15init.c Log Message: ----------- fuzz_pkcs15init.c, framework-pkcs15.c, minidriver.c - erase keygen_args The caller of sc_pkcs15init_generate_key needs to clear the keygen_args when done. pkcs15-tool.c already does. framework-pkcs15.c - test for 56 bytes for ED448 and X448 framework-pkcs15.c - verify ec parameters before key generation Verify the CKA_EC_PARAMS provided are supported by OpenSC and set the keygen_args.prkey_args.key.u.ec.params On branch X25519-improvements-2 Changes to be committed: modified: minidriver/minidriver.c modified: pkcs11/framework-pkcs15.c modified: tests/fuzzing/fuzz_pkcs15init.c Commit: 38e2f504f986badd69c02dbafa1ba659bc2038bb https://github.com/OpenSC/OpenSC/commit/38e2f504f986badd69c02dbafa1ba659bc2038bb Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/pkcs15init/pkcs15-openpgp.c Log Message: ----------- pkcs15init/pkcs15-openpgp.c - fix up problems reported in github On branch X25519-improvements-2 Changes to be committed: modified: pkcs15init/pkcs15-openpgp.c Commit: bce7f374d65a3314d4e4cdc83381b9cdc429f135 https://github.com/OpenSC/OpenSC/commit/bce7f374d65a3314d4e4cdc83381b9cdc429f135 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/libopensc/card-openpgp.c Log Message: ----------- card-openpgp.c - copy ecpoint to new pubkey Fix copying of the ecpoint read from card after key gen to pubkey for EC, EDDSA and XEDDSA keys, based on ec parameters which include length need for EC ecpoint shich is diffrent then EDDSA and XEDDSA. And address comments made in github On branch X25519-improvements-2 Changes to be committed: modified: libopensc/card-openpgp.c Commit: 69d9fe80201e72b066c169ee2e8f79b41f9ca88f https://github.com/OpenSC/OpenSC/commit/69d9fe80201e72b066c169ee2e8f79b41f9ca88f Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/libopensc/card-piv.c Log Message: ----------- card-piv.c - fixup based on comments On branch X25519-improvements-2 Changes to be committed: modified: libopensc/card-piv.c Commit: e02beb68805d4fae29debcd9da82ac9bb76fcc30 https://github.com/OpenSC/OpenSC/commit/e02beb68805d4fae29debcd9da82ac9bb76fcc30 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/libopensc/pkcs15-pubkey.c Log Message: ----------- pkcs15-pubkey.c - improve sc_pkcs15_fix_ec_parameters The ec_curve_infos now store the curve OID as DER to simplify the code when caller provides the OID as DER or as printable string for experimental curves. On branch X25519-improvements-2 Changes to be committed: modified: libopensc/pkcs15-pubkey.c Commit: 41f8693dc33504fb4b71aa8762cf80baf429cb04 https://github.com/OpenSC/OpenSC/commit/41f8693dc33504fb4b71aa8762cf80baf429cb04 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/tools/pkcs11-tool.c Log Message: ----------- pkcs11-tool.c - combine Edwards and Montgomery parsing Pass RFC 8410 OIDS and work with whatever crypto lib defines. On branch X25519-improvements-2 Changes to be committed: modified: tools/pkcs11-tool.c Commit: 95422a0f9c04d046148fd95a8b22fd2e898581f6 https://github.com/OpenSC/OpenSC/commit/95422a0f9c04d046148fd95a8b22fd2e898581f6 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/tools/pkcs11-tool.c Log Message: ----------- pkcs11-tool.c - curve handling improvements The ec_curve_info entries now have static DER values for the ec_params. This improves the handling of the DER values, and the matching routines now return a pointer to a found entry. On branch X25519-improvements-2 Changes to be committed: modified: pkcs11-tool.c Commit: 175ac15c37817d0641ecd87066158365e49c6418 https://github.com/OpenSC/OpenSC/commit/175ac15c37817d0641ecd87066158365e49c6418 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M doc/tools/pkcs11-tool.1.xml M doc/tools/tools.html M src/tools/pkcs11-tool.c Log Message: ----------- pkcs11-tool.c - If module supports CKA_PUBLIC_KEY_INFO, use it The PKCS11 3.0 defines CKA_PUBLIC_KEY_INFO which is "Subject Public Key Info" as used in certiicates. If not suppoerted the older code, about 260 lines of code, will still be used. On branch X25519-improvements-2 Changes to be committed: modified: tools/pkcs11-tool.c Commit: 3a088dd212303a9cccabba584d15d19da4503bd3 https://github.com/OpenSC/OpenSC/commit/3a088dd212303a9cccabba584d15d19da4503bd3 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/libopensc/pkcs15-pubkey.c Log Message: ----------- pkcs15-pubkey.c - Fix sc_pkcs15_encode_pubkey_as_spki for EDDSA and XEDDSA Edward and Montgomery curves do not take an algorithm parameter. On branch X25519-improvements-2 Changes to be committed: modified: libopensc/pkcs15-pubkey.c Commit: 0b82b761abd6a655df9f17eeb01c0d7330facc01 https://github.com/OpenSC/OpenSC/commit/0b82b761abd6a655df9f17eeb01c0d7330facc01 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/libopensc/card-openpgp.c M src/libopensc/cardctl.h M src/pkcs15init/pkcs15-openpgp.c M src/tools/openpgp-tool.c Log Message: ----------- In OpenPGP code combine the keygen and keystore structures In PKCS11 writing key objects to a token two sepeate calls are made, one for the private key and one for the public key. The code in card-openpgp.c, pkcs15init/pkcs15-openpgp.c used two different code paths for generating a key vs storing a key. sc_cardctl_openpgp_keystore_info and sc_cardctl_openpgp_keygen_info were combined into struct sc_cardctl_openpgp_key_gen_store_info. Code was added to allow storing of the private key first followed by a second operation to store the public key. RSA does not have this problem because the modulus and exponent are part of the private key. But this in not the case with EC, Edwards or Montgomery keys. pkcs11-tool can now store EC, ED25519 and X25519 keys. On branch X25519-improvements-2 Changes to be committed: modified: libopensc/card-openpgp.c modified: libopensc/cardctl.h modified: pkcs15init/pkcs15-openpgp.c modified: tools/openpgp-tool.c Commit: dfab75cf749d931ff1a19c5d27a438da88e64d7b https://github.com/OpenSC/OpenSC/commit/dfab75cf749d931ff1a19c5d27a438da88e64d7b Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/tools/pkcs11-tool.c Log Message: ----------- pkcs11-tool.c - softhsm problem with CKM_RSA_PKCS_OAEP skip for now On branch X25519-improvements-2 Changes to be committed: modified: src/tools/pkcs11-tool.c Commit: 438ead232a2b856d343c5e89555d16a86aaa8953 https://github.com/OpenSC/OpenSC/commit/438ead232a2b856d343c5e89555d16a86aaa8953 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M tests/Makefile.am M tests/common.sh M tests/test-pkcs11-tool-sym-crypt-test.sh M tests/test-pkcs11-tool-test-threads.sh M tests/test-pkcs11-tool-test.sh M tests/test-pkcs11-tool-unwrap-wrap-test.sh Log Message: ----------- tests/Makefile.am and script so all can pass test/Makefile.am - remove the XFAILS_TESTS tests/common.sh - show version of softhsm2, and add sleep to avoid any problems with the softhsm2 programs. tests/test-pkcs11-tool-sym-crypt-test.sh and tests/test-pkcs11-tool-unwrap-wrap-test.sh - need out of source build changes tests/test-pkcs11-tool-test-threads.sh and tests/test-pkcs11-tool-test.sh - Use 'opensc-tool -a' to test for a reader with a card before trying some of thes tests. If not found skip these tests. Usefull when run from system with real toekns On branch X25519-improvements-2 On branch X25519-improvements-2 Changes to be committed: modified: Makefile.am modified: common.sh modified: test-pkcs11-tool-sym-crypt-test.sh modified: test-pkcs11-tool-test-threads.sh modified: test-pkcs11-tool-test.sh modified: test-pkcs11-tool-unwrap-wrap-test.sh Commit: d4e2023398b1254fc954c5bba21ac4893028a544 https://github.com/OpenSC/OpenSC/commit/d4e2023398b1254fc954c5bba21ac4893028a544 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M tests/Makefile.am M tests/test-pkcs11-tool-test.sh Log Message: ----------- test-pkcs11-tool-test.sh and tests/Makefile.am return 77 if opensc-tool can not be found. Only run test-pkcs11-tool-test.sh "if ENABLE_OPENSSL" On branch X25519-improvements-2 Changes to be committed: modified: Makefile.am modified: test-pkcs11-tool-test.sh Commit: afbcf77a4cc9cfb84cfb0c0f04e3c8c691df00de https://github.com/OpenSC/OpenSC/commit/afbcf77a4cc9cfb84cfb0c0f04e3c8c691df00de Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/tools/pkcs15-init.c Log Message: ----------- pkcs15-init.c - Improve parsing of keys that uses ecparms When generating or importing a key that uses ecparams, remove EdDSA, xeddsa and ECDH which are not complete. Instead support the names EC, Ed25519, Ed448, X25519, X448, edwards25519, curve25519 and cv25519. Commit: acb57007becb0e40869e020d9125fdc3bc1ba7a8 https://github.com/OpenSC/OpenSC/commit/acb57007becb0e40869e020d9125fdc3bc1ba7a8 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/pkcs15init/pkcs15-openpgp.c Log Message: ----------- pkcs15-openpgp.c - fixup spelling Commit: d070ecb4a129b2751d3d9b419e3b3e32ae2dedc7 https://github.com/OpenSC/OpenSC/commit/d070ecb4a129b2751d3d9b419e3b3e32ae2dedc7 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/tools/pkcs15-init.c Log Message: ----------- pkcs15-init.c - fixup spelling On branch X25519-improvements-2 Changes to be committed: modified: tools/pkcs15-init.c Commit: 5d1aaa14c72e92d9934bd3727502ff68ac9cfbbf https://github.com/OpenSC/OpenSC/commit/5d1aaa14c72e92d9934bd3727502ff68ac9cfbbf Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/tools/pkcs11-tool.c Log Message: ----------- pkcs11-tool.c - fixing CKM_HKDF_DERIVE and test for eckey As suggested in comments: https://github.com/OpenSC/OpenSC/pull/3090#discussion_r1822119938 reverted the test in derive_key so CKM_ECDH1_DERIVE works https://github.com/OpenSC/OpenSC/pull/3090#discussion_r1816358015 tests if eckey is not NULL and some other fixes. On branch X25519-improvements-2 Changes to be committed: modified: tools/pkcs11-tool.c Commit: eac85b20ba7bc4411787733228a1d948217d01c4 https://github.com/OpenSC/OpenSC/commit/eac85b20ba7bc4411787733228a1d948217d01c4 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/libopensc/pkcs15-pubkey.c Log Message: ----------- pkcs15-pubkey.c CKA_EC_POINT ::= OCTET STRING Remove code that falsely retuned EC POINT as BIT STRING as based on https://github.com/OpenSC/OpenSC/issues/3000 which has been withdrawn. The code will still accept an EC_POINT as either OCTET STRING or BIT STRING. The EC POINT when returned in SPKI format still uses BIT STRING. On branch X25519-improvements-2 Changes to be committed: modified: pkcs15-pubkey.c Commit: 8364cd5b21b71a7a54639635cd6d50d2e7da17cd https://github.com/OpenSC/OpenSC/commit/8364cd5b21b71a7a54639635cd6d50d2e7da17cd Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/tools/pkcs11-tool.c Log Message: ----------- pkcs11-tool.c - rewrite of show key For EC, Edwards and Montgomery keys,'show_key' now uses 'getEC_POINT' and 'getEC_PARAMS' which return DER from the PKCS11 module. The DER of each is printed in hex. 'match_ec_curve_by_params' is used to look up the curve in 'ec_curve_info' to print the common name, printable OID and key bits. if curve is not known to pkcs11,tool, but supported by the pkcs11 module, the OID parsed using SC routines and printed. in the case EC_PARAMS returns a PRINTABLE string it will attemp to print it as well. (This could be removed.) See: https://github.com/OpenSC/OpenSC/pull/3090#discussion_r1816395476 Please enter the commit message for your changes. Lines starting On branch X25519-improvements-2 Changes to be committed: modified: pkcs11-tool.c Commit: a549939610a14bd6893ff7d94d8dc131af9088bb https://github.com/OpenSC/OpenSC/commit/a549939610a14bd6893ff7d94d8dc131af9088bb Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/tools/pkcs11-tool.c Log Message: ----------- pkcs11-tool.c - bypass failure of CKM_RSA_PKCS_OAEP with pSourceData SoftHSM2 has problem with CKM_RSA_PKCS_OAEP with pSourceData. It ignores the pSourceData, which then leads to a bad decrypt. As a temporary fix so the CI test can run, the "--test" routines will skip CKM_RSA_PKCS_OAEP with pSourceData. SoftHSM2 only supports --hash-algorithm SHA-1 and --mgf MGF1-SHA1 but pkcs11-tool defaults to SHA256. On branch X25519-improvements-2 Changes to be committed: modified: pkcs11-tool.c Changes to be committed: modified: src/tools/pkcs11-tool.c Commit: 45508b561d53a3c265fbbe25603bec230aa5a31b https://github.com/OpenSC/OpenSC/commit/45508b561d53a3c265fbbe25603bec230aa5a31b Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M tests/common.sh Log Message: ----------- tests/common.sh - track down what versions of softhsm are used in CI On branch X25519-improvements-2 Changes to be committed: modified: common.sh Commit: 1dba86ea15fa3652853106c35eb15a7fb6a05e94 https://github.com/OpenSC/OpenSC/commit/1dba86ea15fa3652853106c35eb15a7fb6a05e94 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M tests/test-pkcs11-tool-test.sh Log Message: ----------- test-pkcs11-tool-test.sh - SoftHSM and CKM_RSA_PKCS_OAEP Also see pkcs11-tool SoftHSM only supports CKM_RSA_PKCS_OAEP with --hash-algorithm SHA-1 and --mgf MGF1-SHA1 On branch X25519-improvements-2 Changes to be committed: modified: ../../tests/test-pkcs11-tool-test.sh Commit: dea1fc1c380b1e67c07fab5895bea7378eaed107 https://github.com/OpenSC/OpenSC/commit/dea1fc1c380b1e67c07fab5895bea7378eaed107 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/pkcs11/pkcs11-opensc.h Log Message: ----------- pkcs11-opensc.h - Define CKK_OPENSC_UNDEFINED For internal OpenSc and PKCS11-tool.c On branch X25519-improvements-2 Changes to be committed: modified: pkcs11/pkcs11-opensc.h Commit: c5e4aa7c087250086c3e949fbbfed9671ef461dc https://github.com/OpenSC/OpenSC/commit/c5e4aa7c087250086c3e949fbbfed9671ef461dc Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/tools/pkcs11-tool.c Log Message: ----------- pkcs11-tool.c - Fix problem with writing public key object to token On branch X25519-improvements-2 Changes to be committed: modified: tools/pkcs11-tool.c Commit: a1b24985dc977aee2ba96a4626fc6596d2f43333 https://github.com/OpenSC/OpenSC/commit/a1b24985dc977aee2ba96a4626fc6596d2f43333 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M tests/test-pkcs11-tool-import.sh Log Message: ----------- test-pkcs11-tool-import.sh - Comment on adding Ed25519 test 'openssl genpkey' prior to 3.2 does not have '-outpubkey' and '-algorithm Ed25519' will only write the private key to '-out' The privete key does not contain the EC_POINT public key. With RSA the 'n' and 'e' are part of th private key and with EC both the private key and public key are written to the same file. in all cases the public key is in SPKI format. Commit: 39c54569d22bd772bb7aa05853aec20536b3c31b https://github.com/OpenSC/OpenSC/commit/39c54569d22bd772bb7aa05853aec20536b3c31b Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/tools/pkcs15-init.c Log Message: ----------- pkcs15-init.c - set default RSA key size to 3072 As recommented in comment: https://github.com/OpenSC/OpenSC/pull/3090#discussion_r1816249166 On branch X25519-improvements-2 Changes to be committed: modified: pkcs15-init.c Commit: bbb36f69db169662e1f830d1e41e681c7d181441 https://github.com/OpenSC/OpenSC/commit/bbb36f69db169662e1f830d1e41e681c7d181441 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/libopensc/card-openpgp.c Log Message: ----------- card-openpgp.c - add test for possible internal error See: https://github.com/OpenSC/OpenSC/pull/3090#discussion_r1749997143 On branch X25519-improvements-2 Changes to be committed: modified: card-openpgp.c Commit: b6c1641126140d0dd99b43ae5f0bbdc0b40fbc04 https://github.com/OpenSC/OpenSC/commit/b6c1641126140d0dd99b43ae5f0bbdc0b40fbc04 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/pkcs15init/pkcs15-openpgp.c Log Message: ----------- pkcs15init/pkcs15-openpgp.c - cleanup copied ecpointQ 'sc_cardctl_openpgp_key_gen_store_info_t' passes some pointers to to data in other structures but only does malloc for ecpointQ. See: https://github.com/OpenSC/OpenSC/pull/3090#discussion_r1816687658 On branch X25519-improvements-2 Changes to be committed: modified: pkcs15-openpgp.c Commit: 752495e0ee7a97eb52457277098a43f8abcea75b https://github.com/OpenSC/OpenSC/commit/752495e0ee7a97eb52457277098a43f8abcea75b Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/libopensc/card-openpgp.c Log Message: ----------- card-openpgp.c - remove leftover comments As suggested: https://github.com/OpenSC/OpenSC/pull/3090#discussion_r1816750718 On branch X25519-improvements-2 Changes to be committed: modified: src/libopensc/card-openpgp.c Commit: 12e8f24d633a0f0286ac270a12f6cd2c5c2cee1f https://github.com/OpenSC/OpenSC/commit/12e8f24d633a0f0286ac270a12f6cd2c5c2cee1f Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/libopensc/card-openpgp.c Log Message: ----------- card-openpgp.c - codding style On branch X25519-improvements-2 Changes to be committed: modified: src/libopensc/card-openpgp.c Commit: 00dc57f1fd641bbb9ae1ecf40ca358773afe1f47 https://github.com/OpenSC/OpenSC/commit/00dc57f1fd641bbb9ae1ecf40ca358773afe1f47 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/libopensc/cardctl.h Log Message: ----------- src/libopensc/cardctl.h - coding style On branch X25519-improvements-2 Changes to be committed: modified: src/libopensc/cardctl.h Commit: 9c71256459f930186e028796f1a2c1cafede0cd1 https://github.com/OpenSC/OpenSC/commit/9c71256459f930186e028796f1a2c1cafede0cd1 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/pkcs15init/pkcs15-openpgp.c Log Message: ----------- pkcs15-openpgp.c - coding style On branch X25519-improvements-2 Changes to be committed: modified: src/pkcs15init/pkcs15-openpgp.c Commit: 00bf6c94b8aeb31743618d83281b2f909952d945 https://github.com/OpenSC/OpenSC/commit/00bf6c94b8aeb31743618d83281b2f909952d945 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/tools/pkcs15-init.c Log Message: ----------- pkcs15-init.c - coding style On branch X25519-improvements-2 Changes to be committed: modified: src/tools/pkcs15-init.c Commit: 38b433fd2ea6fd07c2cfe51c598e97d972e37c00 https://github.com/OpenSC/OpenSC/commit/38b433fd2ea6fd07c2cfe51c598e97d972e37c00 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M tests/common.sh Log Message: ----------- tests/common.h - fixup remove debugging as suggested in PR comments On branch X25519-improvements-2 Changes to be committed: modified: common.sh Commit: efffe991db0ad35498f2332a10243eb0529e8be9 https://github.com/OpenSC/OpenSC/commit/efffe991db0ad35498f2332a10243eb0529e8be9 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/libopensc/card-openpgp.c Log Message: ----------- card-openpgp.c - moved malloc inside switch As suggested in PR comments, moved malloc ad test for NULL just before the memcpy Commit: 65eb6358569eacf93149d276b3050e224d4fd730 https://github.com/OpenSC/OpenSC/commit/65eb6358569eacf93149d276b3050e224d4fd730 Author: Doug Engert <dee...@gm...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/libopensc/card-piv.c Log Message: ----------- card-piv.c - BYTES4BITS and format cha... [truncated message content] |
|
From: Frank M. <no...@gi...> - 2025-01-31 08:38:13
|
Branch: refs/heads/master Home: https://github.com/OpenSC/OpenSC Commit: b35f5afe8ebabbc983cc7b635d467736e5311b7b https://github.com/OpenSC/OpenSC/commit/b35f5afe8ebabbc983cc7b635d467736e5311b7b Author: Frank Morgner <fra...@gm...> Date: 2025-01-31 (Fri, 31 Jan 2025) Changed paths: M src/ui/strings.c Log Message: ----------- add some debugging regarding language of user messages To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/OpenSC/settings/notifications |
|
From: Frank M. <no...@gi...> - 2025-01-31 08:35:38
|
Branch: refs/heads/master Home: https://github.com/OpenSC/OpenSC Commit: 97e590428d5edb1299a75a5d52ec4d2626410a93 https://github.com/OpenSC/OpenSC/commit/97e590428d5edb1299a75a5d52ec4d2626410a93 Author: Luka Logar <luk...@ci...> Date: 2025-01-31 (Fri, 31 Jan 2025) Changed paths: M src/libopensc/reader-pcsc.c Log Message: ----------- pkcs11: Fix C_WaitForSlotEvent() not working in Windows If there are any readers present when C_WaitForSlotEvent() is called, C_WaitForSlotEvent() returns immediately and does not wait for the card/slot event to happen. Apparently the MSDN documentation for SCardGetStatusChange() is inaccurate/incomplete and the dwCurrentState for \\?PnP?\Notification reader should contain the number of readers in it's HiWord to work properly. See https://stackoverflow.com/questions/16370909. To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/OpenSC/settings/notifications |
|
From: Doug E. <no...@gi...> - 2025-01-29 01:44:25
|
Branch: refs/heads/master Home: https://github.com/OpenSC/OpenSC Commit: 107a85153f617163e144fb68ea2c3717038ca697 https://github.com/OpenSC/OpenSC/commit/107a85153f617163e144fb68ea2c3717038ca697 Author: Doug Engert <dee...@gm...> Date: 2025-01-29 (Wed, 29 Jan 2025) Changed paths: M .github/setup-linux.sh Log Message: ----------- setup-linux.sh - get package name for debug Use the same OpenSSL package names as installed for libs. Newer versions use a different naming convention for libs. On branch github-setup Changes to be committed: modified: setup-linux.sh To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/OpenSC/settings/notifications |
|
From: Mironenko <no...@gi...> - 2025-01-29 01:37:42
|
Branch: refs/heads/master Home: https://github.com/OpenSC/OpenSC Commit: f2eb2fbe045e35765c1b5ebb315119db4fda5406 https://github.com/OpenSC/OpenSC/commit/f2eb2fbe045e35765c1b5ebb315119db4fda5406 Author: Eugene Mironenko <mir...@ru...> Date: 2025-01-29 (Wed, 29 Jan 2025) Changed paths: M src/tools/pkcs11-tool.c Log Message: ----------- pkcs11-tool: fix percent-encoding of id in pkcs11-uri Fixes #3325 To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/OpenSC/settings/notifications |
|
From: Michał T. <no...@gi...> - 2025-01-27 12:37:21
|
Branch: refs/heads/master Home: https://github.com/OpenSC/libp11 Commit: 3b80c73f3ac7a15f6009018b705cbd6b385d340c https://github.com/OpenSC/libp11/commit/3b80c73f3ac7a15f6009018b705cbd6b385d340c Author: Michał Trojnara <Mic...@st...> Date: 2025-01-27 (Mon, 27 Jan 2025) Changed paths: M src/eng_back.c Log Message: ----------- Remove dead code To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/libp11/settings/notifications |
|
From: Michał T. <no...@gi...> - 2025-01-26 15:43:10
|
Branch: refs/heads/master Home: https://github.com/OpenSC/libp11 Commit: 3c7b2cc1ddc611dd37cd827fd389bf1f25807594 https://github.com/OpenSC/libp11/commit/3c7b2cc1ddc611dd37cd827fd389bf1f25807594 Author: Michał Trojnara <Mic...@st...> Date: 2025-01-26 (Sun, 26 Jan 2025) Changed paths: M src/eng_back.c M src/engine.h M src/util.h M src/util_uri.c Log Message: ----------- Fix Windows build To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/libp11/settings/notifications |
|
From: Michał T. <no...@gi...> - 2025-01-25 21:54:51
|
Branch: refs/heads/master Home: https://github.com/OpenSC/libp11 Commit: 6dc51cfcb88551755c18ad3349f1fa0a20163a16 https://github.com/OpenSC/libp11/commit/6dc51cfcb88551755c18ad3349f1fa0a20163a16 Author: Michał Trojnara <Mic...@st...> Date: 2025-01-25 (Sat, 25 Jan 2025) Changed paths: M src/Makefile.am M src/Makefile.mak M src/eng_back.c R src/eng_parse.c M src/engine.h A src/util.h A src/util_uri.c Log Message: ----------- Initial util_uri.c separation To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/libp11/settings/notifications |
|
From: Raul M. <no...@gi...> - 2025-01-23 07:23:53
|
Branch: refs/heads/master Home: https://github.com/OpenSC/OpenSC Commit: 027c7b53b20c8ba28e038bcf1e86ad9df24a1bf4 https://github.com/OpenSC/OpenSC/commit/027c7b53b20c8ba28e038bcf1e86ad9df24a1bf4 Author: Raul Metsma <ra...@me...> Date: 2025-01-23 (Thu, 23 Jan 2025) Changed paths: M .appveyor.yml A .github/setup-wix.ps1 M .github/workflows/windows.yml M win32/Make.rules.mak M win32/Makefile.mak M win32/OpenSC.wxs.in Log Message: ----------- Convert to Wix 5 Signed-off-by: Raul Metsma <ra...@me...> Commit: db56bc2100ed8ffc40c06044fe8c397282d46630 https://github.com/OpenSC/OpenSC/commit/db56bc2100ed8ffc40c06044fe8c397282d46630 Author: Raul Metsma <ra...@me...> Date: 2025-01-23 (Thu, 23 Jan 2025) Changed paths: M .github/setup-wix.ps1 M win32/Make.rules.mak Log Message: ----------- Build Wix 5 CustomAction Signed-off-by: Raul Metsma Compare: https://github.com/OpenSC/OpenSC/compare/990fe6dc3f64...db56bc2100ed To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/OpenSC/settings/notifications |
|
From: Jakub J. <no...@gi...> - 2025-01-22 16:59:03
|
Branch: refs/heads/master Home: https://github.com/OpenSC/OpenSC Commit: 990fe6dc3f64eab5b8bf381949ade22765cb1043 https://github.com/OpenSC/OpenSC/commit/990fe6dc3f64eab5b8bf381949ade22765cb1043 Author: Gianfranco Costamagna <loc...@de...> Date: 2025-01-22 (Wed, 22 Jan 2025) Changed paths: M src/libopensc/card-atrust-acos.c M src/libopensc/card-entersafe.c M src/libopensc/card-epass2003.c Log Message: ----------- src/libopensc/card-*.c: remove bMatch assignment to avoid confusion >From Jakub Jelen <ja...@gm...> on line 437 we assert the pathlen is 2 or 4 or 6 on line 440 we assert that if pathlen is 6, the first two bytes are 0x3F00 on line 444 we extend the 2 or 4 bytes paths to 4 or 6 bytes starting with 0x3F00 the line 459 is no-operation with your change. It should be removed if it keeps working as it should This line change semantics as previously we were heading here also when we had a cache, but first two bytes of path did not match. OTOH I think this should never happen as the path should always start with 0x3F00 so I believe this change is ok. Just remove the line 459 to avoid confusion. Same in the other files, where similar construct exist. https://github.com/OpenSC/OpenSC/pull/3299/files#r1899506106 To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/OpenSC/settings/notifications |
|
From: Laurent B. <no...@gi...> - 2025-01-19 13:09:58
|
Branch: refs/heads/master Home: https://github.com/OpenSC/OpenSC Commit: a1a70d68198bd51cfc77f42ec70541c20f0fb4cd https://github.com/OpenSC/OpenSC/commit/a1a70d68198bd51cfc77f42ec70541c20f0fb4cd Author: Laurent Bigonville <bi...@bi...> Date: 2025-01-19 (Sun, 19 Jan 2025) Changed paths: M src/libopensc/card-belpic.c Log Message: ----------- Add supports for belpic applet version 1.8 This version of the applet only supports ECDSA keys Documentation of the applet can be found at: https://github.com/Fedict/eid-mw/tree/master/doc/sdk/documentation/Applet%201.8%20eID%20Cards Fixes: #3308 Commit: 90d4f8e07fe60fa31b3b368a83d5186ab9afbf61 https://github.com/OpenSC/OpenSC/commit/90d4f8e07fe60fa31b3b368a83d5186ab9afbf61 Author: Laurent Bigonville <bi...@bi...> Date: 2025-01-19 (Sun, 19 Jan 2025) Changed paths: M src/libopensc/card-belpic.c Log Message: ----------- Fix the indentation to please the tests Compare: https://github.com/OpenSC/OpenSC/compare/2fee97b35fa8...90d4f8e07fe6 To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/OpenSC/settings/notifications |
|
From: Veronika H. <no...@gi...> - 2025-01-17 12:22:49
|
Branch: refs/heads/master Home: https://github.com/OpenSC/OpenSC Commit: 205bf9f014cc44039826d81507dfe2a53577d006 https://github.com/OpenSC/OpenSC/commit/205bf9f014cc44039826d81507dfe2a53577d006 Author: Veronika Hanulíková <vha...@re...> Date: 2025-01-17 (Fri, 17 Jan 2025) Changed paths: M src/libopensc/card-epass2003.c M src/libopensc/card-piv.c Log Message: ----------- Fix length of array for string literals Commit: 2fee97b35fa8f1b51394540b259768b61e126a15 https://github.com/OpenSC/OpenSC/commit/2fee97b35fa8f1b51394540b259768b61e126a15 Author: Veronika Hanulíková <vha...@re...> Date: 2025-01-17 (Fri, 17 Jan 2025) Changed paths: M src/tests/p11test/p11test_case_wrap.c Log Message: ----------- p11test: Fix compiler warning about setting 'true' variable Compare: https://github.com/OpenSC/OpenSC/compare/89707330c7b9...2fee97b35fa8 To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/OpenSC/settings/notifications |
|
From: Jakub J. <no...@gi...> - 2025-01-17 10:00:47
|
Branch: refs/heads/master Home: https://github.com/OpenSC/OpenSC Commit: 89707330c7b9652a5cd0abd64c5b1d6e798146a4 https://github.com/OpenSC/OpenSC/commit/89707330c7b9652a5cd0abd64c5b1d6e798146a4 Author: Jakub Jelen <jj...@re...> Date: 2025-01-17 (Fri, 17 Jan 2025) Changed paths: M .github/workflows/linux.yml Log Message: ----------- ci: Update awalsh128/cache-apt-pkgs-action to v1.4.3 The latest branch was not updated and still contains the use of deprecated actions/upload-artifact@v3 which no longer works. https://github.com/awalsh128/cache-apt-pkgs-action/issues/145 Signed-off-by: Jakub Jelen <jj...@re...> To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/OpenSC/settings/notifications |
|
From: Veronika H. <no...@gi...> - 2025-01-14 15:12:11
|
Branch: refs/tags/0.26.1 Home: https://github.com/OpenSC/OpenSC To unsubscribe from these emails, change your notification settings at https://github.com/OpenSC/OpenSC/settings/notifications |
