Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: opensc | Distribution: SUSE Linux Framework One |
Version: 0.24.0 | Vendor: SUSE LLC <https://www.suse.com/> |
Release: slfo.1.1.7 | Build date: Wed Aug 21 17:54:26 2024 |
Group: Productivity/Security | Build host: h01-armsrv3 |
Size: 4808225 | Source RPM: opensc-0.24.0-slfo.1.1.7.src.rpm |
Packager: https://www.suse.com/ | |
Url: https://github.com/OpenSC/OpenSC/wiki | |
Summary: Smart Card Utilities |
OpenSC provides a set of utilities to access smart cards. It mainly focuses on cards that support cryptographic operations. It facilitates their use in security applications such as mail encryption, authentication, and digital signature. OpenSC implements the PKCS#11 API. Applications supporting this API, such as Mozilla Firefox and Thunderbird, can use it. OpenSC implements the PKCS#15 standard and aims to be compatible with every software that does so, too. Before purchasing any cards, please read carefully documentation on the web pageonly some cards are supported. Not only card type matters, but also card version, card OS version and preloaded applet. Only subset of possible operations may be supported for your card. Card initialization may require third party proprietary software.
LGPL-2.1-or-later
* Sun Feb 25 2024 martin.schreiner@suse.com - Add CVE-2024-1454.patch. Fix for CVE-2024-1454 / bsc#1219868. * Wed Dec 13 2023 otto.hollmann@suse.com - Update to OpenSC 0.24.0: * Security - CVE-2023-40660: Fix Potential PIN bypass (#2806, frankmorgner/OpenSCToken#50, #2807) - CVE-2023-40661: Important dynamic analyzers reports - CVE-2023-4535: Out-of-bounds read in MyEID driver handling encryption using symmetric keys (f1993dc) * General improvements - Fix compatibility of EAC with OpenSSL 3.0 (#2674) - Enable use_file_cache by default (#2501) - Use custom libctx with OpenSSL >= 3.0 (#2712, #2715) - Fix record-based files (#2604) - Fix several race conditions (#2735) - Run tests under Valgrind (#2756) - Test signing of data bigger than 512 bytes (#2789) - Update to OpenPACE 1.1.3 (#2796) - Implement logout for some of the card drivers (#2807) - Fix wrong popup position of opensc-notify (#2901) - Fixed various issues reported by OSS-Fuzz and Coverity regarding card drivers, PKCS#11 and PKCS#15 init * PKCS#11 - Check card presence state in C_GetSessionInfo (#2740) - Remove onepin-opensc-pkcs11 module (#2681) - Do not use colons in the token info label (#2760) - Present profile objects in all slots with the CKA_TOKEN attribute to resolve issues with NSS (#2928, #2924) - Use secure memory for PUK (#2906) - Don't logout to preserve concurrent access from different processes (#2907) - Add more examples to manual page (#2936) - Present profile objects in all virtual slots (#2928) - Provide CKA_TOKEN attribute for profile objects (#2924) - Improve --slot parameter documentation (#2951) * PKCS#15 - Honor cache offsets when writing file cache (#2858) - Prevent needless amount of PIN prompts from pkcs15init layer (#2916) - Propagate CKA_EXTRACTABLE and SC_PKCS15_PRKEY_ACCESS_SENSITIVE from and back to PKCS#11 (#2936) * Minidriver - Fix for private keys that do not need a PIN (#2722) - Unbreak decipher when the first null byte of PKCS#1.5 padding is missing (#2939* * pkcs11-tool - Fix RSA key import with OpenSSL 3.0 (#2656) - Add support for attribute filtering when listing objects (#2687) - Add support for --private flag when writing certificates (#2768) - Add support for non-AEAD ciphers to the test mode (#2780) - Show CKA_SIGN attribute for secret keys (#2862) - Do not attempt to read CKA_ALWAYS_AUTHENTICATE on secret keys (#2864, #2913) - Show Sign/VerifyRecover attributes (#2888) - Add option to import generic keys (#2955) * westcos-tool - Generate 2k RSA keys by default (b53fc5c) * pkcs11-register - Disable autostart on Linux by default (#2680) * IDPrime - Add support for IDPrime MD 830, 930 and 940 (#2666) - Add support for SafeNet eToken 5110 token (#2812) - Process index even without keyrefmap and use correct label for second PIN (#2878) - Add support for Gemalto IDPrime 940C (#2941) * EPass2003 - Change of PIN requires verification of the PIN (#2759) - Fix incorrect CMAC computation for subkeys (#2759, issue #2734) - Use true random number for mutual authentication for SM (#2766) - Add verification of data coming from the token in the secure messaging mode (#2772) - Avoid success when using unsupported digest and fix data length for RAW ECDSA signatures (#2845) * OpenPGP - Fix select data command (#2753, issue #2752) - Unbreak ed/curve25519 support (#2892) * eOI - Add support for Slovenian eID card (eOI) (#2646) * Italian CNS - Add support for IDEMIA (Oberthur) tokens (#2483) * PIV - Add support for Swissbit iShield FIDO2 Authenticator (#2671) - Implement PIV secure messaging (#2053) * SkeID - Add support for Slovak eID cards (#2672) * isoApplet - Support ECDSA with off-card hashing (#2642) * MyEID - Fix WRAP operation when using T0 (#2695) - Identify changes on the card and enable use_file_cache (#2798) - Workaround for unwrapping using 2K RSA key (#2921) * SC-HSM - Add support for opensc-tool --serial (#2675) - Fix unwrapping of 4096 keys with handling reader limits (#2682) - Indicate supported hashes and MGF1s (#2827) - Remove patches: * opensc-CVE-2023-40660-1of2.patch * opensc-CVE-2023-40660-2of2.patch * opensc-CVE-2023-40661-1of12.patch * opensc-CVE-2023-40661-2of12.patch * opensc-CVE-2023-40661-3of12.patch * opensc-CVE-2023-40661-4of12.patch * opensc-CVE-2023-40661-5of12.patch * opensc-CVE-2023-40661-6of12.patch * opensc-CVE-2023-40661-7of12.patch * opensc-CVE-2023-40661-8of12.patch * opensc-CVE-2023-40661-9of12.patch * opensc-CVE-2023-40661-10of12.patch * opensc-CVE-2023-40661-11of12.patch * opensc-CVE-2023-40661-12of12.patch * opensc-CVE-2023-4535.patch * opensc-CVE-2023-2977.patch * opensc-NULL_pointer_fix.patch * Fri Oct 06 2023 otto.hollmann@suse.com - Security Fix: [CVE-2023-40661, bsc#1215761] * opensc: multiple memory issues with pkcs15-init (enrollment tool) * Add patches: - opensc-CVE-2023-40661-1of12.patch - opensc-CVE-2023-40661-2of12.patch - opensc-CVE-2023-40661-3of12.patch - opensc-CVE-2023-40661-4of12.patch - opensc-CVE-2023-40661-5of12.patch - opensc-CVE-2023-40661-6of12.patch - opensc-CVE-2023-40661-7of12.patch - opensc-CVE-2023-40661-8of12.patch - opensc-CVE-2023-40661-9of12.patch - opensc-CVE-2023-40661-10of12.patch - opensc-CVE-2023-40661-11of12.patch - opensc-CVE-2023-40661-12of12.patch * Thu Oct 05 2023 otto.hollmann@suse.com - Security Fix: [CVE-2023-4535, bsc#1215763] * Add patches: - opensc-CVE-2023-4535.patch - opensc-NULL_pointer_fix.patch * Wed Oct 04 2023 otto.hollmann@suse.com - Security Fix: [CVE-2023-40660, bsc#1215762] * opensc: PIN bypass when card tracks its own login state * Add patches: - opensc-CVE-2023-40660-1of2.patch - opensc-CVE-2023-40660-2of2.patch * Thu Jun 01 2023 otto.hollmann@suse.com - Security Fix: [CVE-2023-2977, bsc#1211894] * opensc: out of bounds read in pkcs15 cardos_have_verifyrc_package() * Add opensc-CVE-2023-2977.patch * Tue Nov 29 2022 michael@stroeder.com - Update to OpenSC 0.23.0: * General improvements - Support signing of data with a length of more than 512 bytes (#2314) - By default, disable support for old card drivers (#2391) and remove support for old drivers MioCOS and JCOP (#2374) - Bump minimal required OpenSSL version to 1.1.1 and add support for OpenSSL 3.0 (#2438, #2506) - Compatibility with LibreSSL (#2495, #2595) - Remove support for DSA (#2503) - Extend p11test to support symmetric keys (#2430) - Notice detached reader on macOS (#2418) - Support for OAEP padding (#2475, #2484) - Fix for PSS salt length (#2478) - Improve fuzzing by adding new tests (#2417, #2500, #2520, #2550, #2637) - Fixed various issues reported by OSS-Fuzz and Coverity regarding card drivers, PKCS#11 and PKCS#15 init - Fix issues with OpenPACE (#2472) - Containers support for local testing - Add support for encryption and decryption using symmetric keys (#2473, #2607) - Stop building support for Gost algorithms with OpenSSL 3.0 as they require deprecated API (#2586) - Fix detection of disconnected readers in PCSC (#2600) - Add configuration option for on-disk caching of private data (#2588) - Skip building empty binaries when dependencies are missing and remove needless linking (#2617) - Define arm64 as a supported architecture in the Installer package (#2610) * PKCS#11 - Implement C_CreateObject for EC keys and fix signature verification for CKM_ECDSA_SHAx cards (#2420) * pkcs11-tool - Add more elliptic curves (#2301) - Add support for symmetric encrypt and decrypt, wrap and unwrap operations, and initialization vector (#2268) - Fix consistent handling of secret key attributes (#2497) - Add support for signing and verifying with HMAC (#2385) - Add support for SHA3 (#2467) - Make object selectable via label (#2570) - Do not require an R/W session for some operations and add --session-rw option (#2579) - Print more information: CKA_UNIQUE_ID attribute, SHA3 HMACs and serial number for certificates (#2644, #2643, #2641) - Add new option --undestroyable to create keys with CKA_DESTROYABLE=FALSE (#2645) * sc-hsm-tool - Add options for public key authentication (#2301) * Minidriver - Fix reinit of the card (#2525) - Add an entry for Italian CNS (e) (#2548) - Fix detection of ECC mechanisms (#2523) - Fix ATRs before adding them to the windows registry (#2628) * NQ-Applet - Add support for the JCOP4 Cards with NQ-Applet (#2425) * ItaCNS - Add support for ItaCMS v1.1 (key length 2048) (#2371) * Belpic - Add support for applet v1.8 (#2455) * Starcos - Add ATR for V3.4 (#2464) - Add PKCS#15 emulator for 3.x cards with eSign app (#2544) * ePass2003 - Fix PKCS#15 initialization (#2403) - Add support for FIPS (#2543) - Fix matching with newer versions and tokens initialized with OpenSC (#2575) * MyEID - Support logout operation (#2557) - Support for symmetric encryption and decryption (#2473, #2607) * GIDS - Fix decipher for TPM (#1881) * OpenPGP - Get the list of supported algorithms from algorithm information on the card (#2287) - Support for 3 certificates with OpenPGP 3+ (#2103) * nPA - Fix card detection (#2463) * Rutoken - Fix formatting rtecp cards (#2599) * PIV - Add new PIVKey ATRs for current cards (#2602) * Mon Oct 04 2021 daniel.donisa@suse.com - Update to OpenSC 0.22.0: * Removed changes in opensc-gcc11.patch already present in upstream. - See https://github.com/OpenSC/OpenSC/pull/2241/commits/e549e9c62eb4fcd2260800e2665071e4dd9bbbda * Removed some false positives from the openrc-rpmlintrc file. * Use standard paths for file cache on Linux (#2148) and OSX (#2214) * Various issues of memory/buffer handling in legacy drivers mostly reported by oss-fuzz and coverity (tcos, oberthur, isoapplet, iasecc, westcos, gpk, flex, dnie, mcrd, authentic, belpic) * Add threading test to `pkcs11-tool` (#2067) * Add support to generate generic secret keys (#2140) * `opensc-explorer`: Print information about LCS (Life cycle status byte) (#2195) * Add support for Apple's arm64 (M1) binaries, removed TokenD. A seperate installer with TokenD (and without arm64 binaries) will be available (#2179). * Support for gcc11 and its new strict aliasing rules (#2241, #2260) * Initial support for building with OpenSSL 3.0 (#2343) * pkcs15-tool: Write data objects in binary mode (#2324) * Avoid limited size of log messages (#2352) * Support for ECDSA verification (#2211) * Support for ECDSA with different SHA hashes (#2190) * Prevent issues in p11-kit by not returning unexpected return codes (#2207) * Add support for PKCS#11 3.0: The new interfaces, profile objects and functions (#2096, #2293) * Standardize the version 2 on 2.20 in the code (#2096) * Fix CKA_MODIFIABLE and CKA_EXTRACTABLE (#2176) * Copy arguments of C_Initialize (#2350) * Fix RSA-PSS signing (#2234) * Fix DO deletion (#2215) * Add support for (X)EdDSA keys (#1960) * Add support for applet version 3 and fix RSA-PSS mechanisms (#2205) * Add support for applet version 4 (#2332) * New configuration option for opensc.conf to disable pkcs1_padding (#2193) * Add support for ECDSA with different hashes (#2190) * Enable more mechanisms (#2178) * Fixed asking for a user pin when formatting a card (#1737) * Added support for French CPx Healthcare cards (#2217) * Added ATR for new CardOS 5.4 version (#2296) * Fixes security issues: * tcos: use after return (bsc#1192005, CVE-2021-42780) * oberthur: use after free (bsc#1191992, CVE-2021-42779) * oberthur: multiple heap buffer overflows (bsc#1192000, CVE-2021-42781) * multiple stack buffer overflow issues (bsc#1191957, CVE-2021-42782) * Sun Jun 27 2021 predivan@mts.rs - Fix build on GCC11 * Add opensc-gcc11.patch from Fedora (https://github.com/OpenSC/OpenSC/pull/2241/) * Fri Mar 12 2021 dmueller@suse.com - move licenses to licensedir * Fri Nov 27 2020 andreas.stieger@gmx.de - OpenSC 0.21.0: * CVE-2020-26571: stack-based buffer overflow in the gemsafe GPK smart card software driver (boo#1177380) * CVE-2020-26572: stack-based buffer overflow in the TCOS smart card software driver (boo#1177378) * CVE-2020-26570: heap-based buffer overflow in the Oberthur smart card software driver (boo#1177364) * CardOS 5.x support boo#1179291 * Support for OAEP encryption, make SHA256 default * New separate debug level for PIN commands * Fix handling of card/reader insertion/removal events in pcscd * Fixes of removed readers handling * Fix Firefox crash because of invalid pcsc context * PKCS#11: Return CKR_TOKEN_NOT_RECOGNIZED for not recognized cards * Propagate ignore_user_content to PKCS#11 layer not to confuse applications * Minidriver: Fix check of ATR length (2-to 33 characters inclusive) * pkcs11-tool: allow using SW tokens * opensc-explorer asn1 accepts offsets and decode records * opensc-explorer cat accepts records * OpenPGP: Add new ec curves supported by GNUK * First steps supporting OpenPGP 3.4 * OpenPGP: Add support for EC key import * Rutoken: Add ATR for Rutoken ECP SC NFC * Improve detection of various CardOS 5 configurations * DNIe: Add new DNIe CA structure for the secure channel * ePass2003: Improve ECC support * ePass2003: Fix erase sequence * IAS-ECC: Fix support for Idemia Cosmo cards * IAS-ECC: PIN padding settings are now used from PKCS#15 info when available * IAS-ECC: Added PIN-pad support for PIN unblock * New driver for Gemalto IDPrime (only some types) * eDo: New driver with initial support for Polish eID card (e-dowód, eDO) * MCRD: Remove unused and broken RSA EstEID support * TCOS: Add missing encryption certificates * PIV: Add ATR of DOD Yubikey * fixed PIV global pin bug * CAC1: Support changing PIN with CAC Alt tokens - includes changes from 0.20.0 * CVE-2019-6502: memory leak in libopensc (boo#1122756) * CVE-2019-15946: out-of-bounds access of an ASN.1 Octet string (boo#1149747) * CVE-2019-15945: out-of-bounds access of an ASN.1 Bitstring (boo#1149746) * CVE-2019-19479: incorrect read operation during parsing of a SETCOS file attribute (boo#1158256) * CVE-2019-19480: improper free operation in sc_pkcs15_decode_prkdf_entry (boo#1158307) * CVE-2019-20792: double free in coolkey_free_private_dat (bsc#1170809) * Support RSA-PSS signature mechanisms using RSA-RAW * Added memory locking for secrets * added support for terminal colors * PC/SC driver: Fixed error handling in case of changing or removing the card reader * rename md_read_only to read_only and use it for PKCS#11 and Minidriver * allow global use of ignore_private_certificate * PKCS#11: Implement write protection (CKF_WRITE_PROTECTED) based on the card profile * PKCS#11: Add C_WrapKey and C_UnwrapKey implementations * PKCS#11: Handle CKA_ALWAYS_AUTHENTICATE when creating key objects * PKCS#11: Truncate long PKCS#11 labels with ... * PKCS#11: Fixed recognition of a token when being unplugged and reinserted * Minidriver: Register for CardOS5 cards * Minidriver: Add support for RSA-PSS * tools: Harmonize the use of option -r/--reader * goid-tool: GoID personalization with fingerprint * openpgp-tool: replace the options -L/--key-length with -t/--key-type * openpgp-tool: add options -C/--card-info and -K/--key-info * opensc-explorer: add command pin_info, extend random * pkcs11-register: Auto-configuration of applications for use of OpenSC PKCS#11 * pkcd11-register: Autostart * opensc-tool: Show ATR also for cards not recognized by OpenSC * pkcs11-spy: parse CKM_AES_GCM, EC Derive parameters * pkcs11-spy: Add support for CKA_OTP_* and CKM_*_PSS values * pkcs11-tool: Support for signature verification via --verify * pkcs11-tool: Add object type secrkey for --type option * pkcs11-tool: Implement Secret Key write object * pkcs11-tool: Add GOSTR3410-2012 support * pkcs11-tool: Add support for testing CKM_RSA_PKCS_OAEP * pkcs11-tool: Add extractable option to key import * pkcs11-tool: list more key access flags when listing keys * pkcs11-tool: Add support for CKA_ALLOWED_MECHANISMS when creating new objects and listing keys * pkcs15-crypt: *Handle keys with user consent * New separate CAC1 driver using the old CAC specification (#1502) * CardOS: Add support for 4K RSA keys in CardOS 5 * CardOS: Fixed decryption with CardOS 5 * Enable CoolKey driver to handle 2048-bit keys * EstEID: add support for a minimalistic, small and fast card profile based on IAS-ECC issued since December 2018 * GIDS Decipher fix (#1881) * GIDS: Allow RSA 4K support * MICARDO: Remove long expired EstEID 1.0/1.1 card support * MyEID: Add support for unwrapping a secret key with an RSA key or secret key * MyEID Add support for wrapping a secret key with a secret key * Support for MyEID 4K RSA * Support for OsEID * Gemalto GemSafe: add new PTeID ATRs, add support for 4K RSA keys * OpenPGP Card v3 ECC support * Add Rutoken ECP SC * Add Rutoken Lite * Add SmartCard-HSM 4K ATR * Add missing secp384r1 curve parameter * Stacros: Fix decipher with 2.3 * Stacros: Add ATR for 2nd gen. eGK * Stacros: Add new ATR for 3.5 * Stacros: Detect and allow Globalplatform PIN encoding * Fix TCOS IDKey support * TCOS: add encryption certificate for IDKey * Infocamere, Postecert, Cnipa: Remove profiles * Remove incomplete acos5 driver - drop patches now upstream: * opensc-0.19.0-piv_card_matching.patch * opensc-0.19.0-redundant_logging.patch * opensc-0.19.0-rsa-pss.patch * Sun Aug 18 2019 jsikes@suse.com - added opensc-0.19.0-piv_card_matching.patch * Improve Card Matching for Dual CAC/PIV and PIVKEY cards. * sourced from https://github.com/OpenSC/OpenSC/pull/1549 * Tue Jul 30 2019 jsikes@suse.de - added opensc-0.19.0-rsa-pss.patch * Fixes the pkcs11-tool example * Added missing CKM_SHA224_RSA_PKCS_PSS * Add support for PSS padding to RSA signatures * Support for signature verification in pkcs11-tool * Switch cleanup steps to avoid segfaults on errors and more sanity checking - added opensc-0.19.0-redundant_logging.patch * Remove redundant debug output * Tue Jul 23 2019 code@bnavigator.de - add explicit BuildRequires: zlib-devel * Thu Sep 13 2018 kbabioch@suse.com - Update to version 0.19.0 * Fixed multiple security problems (out of bound writes/reads): * bsc#1104812 * CVE-2018-16391 (bsc#1106998) * CVE-2018-16392 (bsc#1106999) * CVE-2018-16393 (bsc#1108318) * CVE-2018-16418 (bsc#1107039) * CVE-2018-16419 (bsc#1107107) * CVE-2018-16420 (bsc#1107097) * CVE-2018-16421 (bsc#1107049) * CVE-2018-16422 (bsc#1107038) * CVE-2018-16423 (bsc#1107037) * CVE-2018-16424 (bsc#1107036) * CVE-2018-16425 (bsc#1107035) * CVE-2018-16426 (bsc#1107034) * CVE-2018-16427 (bsc#1107033) * Workaround cards returning short signatures without leading zeroes * Distribute minimal opensc.conf * `pkcs11_enable_InitToken made` global configuration option * Modify behavior of `OPENSC_DRIVER` environment variable to restrict driver list instead of forcing one driver and skipping vital parts of configuration * Removed configuration options `zero_ckaid_for_ca_certs`, `force_card_driver`, `reopen_debug_file`, `paranoid-memory` * Generalized configuration option `ignored_readers` * If card initialization fails, continue card detection with other card drivers * reader-pcsc: allow fixing the length of a PIN * fixed crash during `C_WaitForSlotEvent` * Allow cancelling the PIN pad prompt before starting the reader transaction. Whether to start the transaction immediately or not is user-configurable for each application * opensc-notify * add Exit button to tray icon * User better description (GenericName) and a generic application icon * Do not display in the application list - Removed patches included upstream now: * opensc-desktop.patch * opensc-desktop2.patch * opensc-bash-completions.patch - Applied spec-cleaner * Tue Jul 10 2018 sbrabec@suse.com - Update to version 0.18.0: * Further improvements of PIN support. * Large number of improvements and fixes (boo#1097951, boo#1100501). * See /usr/share/doc/packages/opensc/NEWS for complete list. - Add opensc-desktop.patch, opensc-desktop2.patch and opensc-bash-completions.patch. * Mon Jan 01 2018 michael@stroeder.com - update to version 0.17.0: * support for new cards * PIN support enhancemets * added .pc file * builds with OpenSSL 1.1.0 (1074799) * See /usr/share/doc/packages/opensc/NEWS for complete list. * Tue Jul 18 2017 tchvatal@suse.com - Switch to tarball fetching from github - Few small cleanups * Tue Nov 22 2016 sbrabec@suse.com - Add baselibs.conf to provide 32-bit PKCS11 plugins (bsc#996047). - Drop opensc-ADVISORIES. There is no new advisory since 2009. * Tue Jul 05 2016 t.gruner@katodev.de - update to version 0.16.0 - remove fix (issue 505) - clean up spec-file * Thu Jul 30 2015 bwachter-pkg@lart.info - update to version 0.15.0 - register with p11-kit (https://www.opensc-project.org/opensc/ticket/390) * Mon Feb 16 2015 michael@stroeder.com - update to version 0.14.0 * Tue Dec 03 2013 luizluca@tre-sc.gov.br - update to version 0.13.0 * Tue Jun 12 2012 mgorse@suse.com - make needed directories before running make install * Thu Sep 29 2011 lmedinas@opensuse.org - Updated to version 0.12.2: * Builds are now silent by default when OpenSC is built from source on Unix. * Using --wait with command line tools works with 64bit Linux again. * Greatly improved OpenPGP card support, including OpenPGP 2.0 cards like the one found in German Privacy Foundation CryptoStick. * Fixed support for FINeID cards issued after 01.03.2011 with 2048bit keys. * #256: Fixed support for TCOS cards (broken since 0.12.0). * Added support for IDKey-cards to TCOS3 driver. * #361: Improved PC/SC driver to fetch the maximum PIN sizes from the open source CCID driver. This fixes the issue for Linux/OSX with recent driver. * Fix FINeID cards for organizations. * Several smaller bugs and compiler warnings fixed - Updated to version 0.12.1: * IAS-ECC 1.0.1 * Support for cards with multiple PKCS#15 applications * New card driver: IAS/ECC 1.0.1 * rutoken-tool has been deprecated and removed. * eidenv and piv-tool utilities now have manual pages. * pkcs11-tool now requires the use of --module parameter. * All tools can now use an ATR as an argument to --reader, to skip to the card with given ATR. * opensc-tool -l with -v now shows information about the inserted cards. * Creating files have an enforced upper size limit, 64K * Support for multiple PKCS#15 applications with different AID-s. PKCS#15 applications can be listed with pkcs15-tool - -list-applications. Binding to a specific AID with PKCS#15 tools can be done with --aid. * Hex strings (like card ATR or APDU-s) can now be separated by space, in addition to colons. * Pinpad readers known to be bogus are now ignored by OpenSC. At the moment only "HP USB Smart Card Keyboard" is disabled. * Numerous compiler warnings, unused code and internal bugs have been eliminated. * Fri Jan 07 2011 sbrabec@suse.cz - Updated to version 0.12.0: * Security fix (bnc#660109, CVE-2010-4523). * Only one backend is supported. openSUSE will use pcsc-lite. * libopensc made private, library should not be used by other applications. Please use generic PKCS#11 interface instead. * Signer plugin discontinued. Please use openssl engine_pkcs11. * No more depends on libassuan. * New card drivers. * Support for CardOS enhanced. * More changes and enhancements. - libopensc merged back to the main package, as it is private now. * Mon Aug 23 2010 sbrabec@suse.cz - Fixed broken opensc-fix-gcc-warnings.patch (bnc#627619). - Simplified plugin installation. * Tue Apr 13 2010 puzel@novell.com - update to version 0.11.13 * Modify Rutoken S binary interfaces by Aktiv Co. * Muscle driver fixed (acl reading issue) * Many small fixes (e.g. mem leaks) * Compiling with openssl 1.0.0-beta fixed * Document integer problem in OpenSC and implement workaround * Improve entersafe profile to support private data objects - Require pinentry - add opensc-libassuan-2.patch - add opensc-fix-gcc-warnings.patch * Fri Jan 01 2010 jengelh@medozas.de - package baselibs.conf * Wed Aug 05 2009 sbrabec@suse.cz - Updated to version 0.11.9: * New rutoken_ecp driver * Allow more keys/certificates/files etc. with entersafe tokens * Updates pkcs11.h from scute fixing warnings * Small fixes in rutoken driver * Major update for piv driver with increased compatibility * Thu Jul 30 2009 sbrabec@suse.cz - libopensc2 should not require opensc (bnc#466430). * Thu May 07 2009 sbrabec@suse.cz - Updated to version 0.11.8: * Fix security problem in pkcs11-tool gen_keypair (PublicExponent 1) (bnc#501726) See http://en.opensuse.org/Smart_Cards/Advisories for more. * updated and improve entersafe driver. FTCOS/PK-01C cards are supported now, compatible with cards writen by Feitian's software on windows. * Thu Apr 09 2009 sbrabec@suse.cz - Fixed undefined code (bnc#440853). - Don't call autoreconf on older products. * Tue Mar 17 2009 sbrabec@suse.cz - Updated to version 0.11.7: * hide_empty_slots now on by default? small logic change? * ruToken driver was updated. * openct virtual readers reduced to 2 by default. * Security issue: Fix private data support. (bnc#480262, CVE-2009-0368) See http://en.opensuse.org/Smart_Cards/Advisories for more. * Enable lock_login by default. * Disable allow_soft_keygen by default. * Wed Dec 10 2008 olh@suse.de - use Obsoletes: -XXbit only for ppc64 to help solver during distupgrade (bnc#437293) * Thu Oct 30 2008 olh@suse.de - obsolete old -XXbit packages (bnc#437293) * Wed Sep 10 2008 sbrabec@suse.cz - Updated to version 0.11.6: * New support for Feitian ePass3000. * GemSafeV1 improved to handle key_ref other than 3. * Build system rewritten. * ruToken now supported. * Allow specifying application name for data objects. * Basic reader hotplug support. * PC/SC library is dynamically linked. * PKCS#11 provider is now installed at LIBDIR/pkcs11. * PKCS#11 - Number of virtual slots moved into configuration. * PKCS#11 - Fix fork() compliance. * make sign_with_decrypt hack configureable for siemens cards. * Mon Sep 01 2008 sbrabec@suse.cz - Check validity of SSL certificates for all Siemens CardOS M4 cards (SCA and SCB are affected as well, bnc#413496#c6). * Thu Jul 31 2008 sbrabec@suse.cz - Fixed initialization access rights for Siemens CardOS M4, added a security check to pkcs15-tool (bnc#413496, CVE-2008-2235) * Thu Apr 10 2008 ro@suse.de - added baselibs.conf file to build xxbit packages for multilib support * Thu Feb 07 2008 sbrabec@suse.cz - Updated to version 0.11.4: * Browser plugin support * Support Siemens CardOS initialized cards (signing with decryption) * Add Siemens CardOS M4.2B support (experimental) * Support for AKIS cards added (partial) * Thu Jul 26 2007 sbrabec@suse.cz - Updated to version 0.11.3: * make lots of internal functions and variables static. * fix 0 vs NULL in many places. fix ansi c style (void). * avoid variable names used also as glibc function (random etc.). * new code for deleting objects. * special hack for firefox. * suport for Athena APCOS cards added. * piv driver now supports bigger rsa keys too. * enabled pin caching by default. * use max_send_size 255 / max_recv_size 256 bytes by default. * increase pin buffer size to allow longer pin codes. * Added --read-ssk-key option to pkcs15-tool * use pkg-config for finding openct * use strlcpy function * use new pkcs11.h from scute with an open source license * add support for sha2 to pkcs15-crypt * add piv-tool for managing piv cards * add muscle driver * improved oberthur driver * add support for pcsc v2 part10 * convert source files to utf-8 - Split package according to shared library packaging policy. * Tue Feb 27 2007 mvaner@suse.cz - Fixing dodgy use of sizeof (#238660) - sizeof.patch * Mon Oct 02 2006 sbrabec@suse.cz - Updated to version 0.11.1: * Update for piv pkcs#15 emulation * Improved TCOS driver for Uni Giesen Card * Handle size_t printf with "%lu" and (unsigned long) cast * Add support for d-trust cards / improve micardo 2.1 driver * Thu May 25 2006 sbrabec@suse.cz - Fixed build for old SuSE Linux versions. * Thu May 11 2006 sbrabec@suse.cz - Fixed devel dependencies. * Wed May 10 2006 sbrabec@suse.cz - Updated to version 0.11.0. * Wed Jan 25 2006 mls@suse.de - converted neededforbuild to BuildRequires * Thu Jan 05 2006 ro@suse.de - added unpackaged so-links to devel filelist * Tue Oct 25 2005 rhafer@suse.de - added LDAP_DEPRECATED to CFLAGS to build correctly with· OpenLDAP 2.3 * Fri Sep 02 2005 okir@suse.de - Removed +x permissions on opensc.conf (#114849) * Thu Jul 14 2005 okir@suse.de - Updated to latest upstream version - Added missing documentation files (#75425) * Fri Mar 04 2005 meissner@suse.de - fixed gcc4 compilation. * Fri Jan 21 2005 okir@suse.de - Updated to latest upstream version (0.9.4) * Thu Nov 18 2004 ro@suse.de - use kerberos-devel-packages * Mon Jul 19 2004 adrian@suse.de - fix file list * Mon Jul 12 2004 adrian@suse.de - update to version 0.8.1 * Fri Mar 19 2004 okir@suse.de - Fixed permissions and path names of some include files (#36432) * Fri Jan 16 2004 kukuk@suse.de - Add pam-devel to neededforbuild * Sat Jan 10 2004 adrian@suse.de - add %run_ldconfig and %defattr * Mon Aug 04 2003 okir@suse.de - Build fixes for x86_64/ppc64 - use a version string other than "CVS" (#28423) * Fri Aug 01 2003 okir@suse.de - Updated to most recent upstream snapshot * Thu Jun 12 2003 kukuk@suse.de - Fix filelist and permissions * Tue Jun 03 2003 ro@suse.de - added rest of static libs to devel filelist - remove unpackaged files from buildroot * Wed Jan 15 2003 ro@suse.de - use sasl2 * Thu Dec 05 2002 okir@suse.de - fixed x86_64 build problem - updated to latest upstream * Fri Nov 29 2002 okir@suse.de - updated to current CVS snapshot * Fri Aug 09 2002 okir@suse.de - added missing libs to files list * Thu Jul 04 2002 ro@suse.de - added heimdal-devel to neededforbuild to make libtool happy * Fri Jun 28 2002 schwab@suse.de - Fix bootstrap script. - Use correct libtool macros. * Mon May 27 2002 sf@suse.de - @libdir@ added to Makefile.am to use correct dirs for * /lib */lib64 * Tue Apr 30 2002 okir@suse.de - Initial check-in
/etc/opensc.conf /etc/pkcs11 /etc/pkcs11/modules /etc/pkcs11/modules/opensc.module /usr/bin/cardos-tool /usr/bin/cryptoflex-tool /usr/bin/dnie-tool /usr/bin/egk-tool /usr/bin/eidenv /usr/bin/gids-tool /usr/bin/goid-tool /usr/bin/iasecc-tool /usr/bin/netkey-tool /usr/bin/openpgp-tool /usr/bin/opensc-asn1 /usr/bin/opensc-explorer /usr/bin/opensc-tool /usr/bin/piv-tool /usr/bin/pkcs11-register /usr/bin/pkcs11-tool /usr/bin/pkcs15-crypt /usr/bin/pkcs15-init /usr/bin/pkcs15-tool /usr/bin/sc-hsm-tool /usr/bin/westcos-tool /usr/lib64/libopensc.la /usr/lib64/libopensc.so.8 /usr/lib64/libopensc.so.8.2.1 /usr/lib64/libsmm-local.la /usr/lib64/libsmm-local.so /usr/lib64/libsmm-local.so.8 /usr/lib64/libsmm-local.so.8.2.1 /usr/lib64/onepin-opensc-pkcs11.so /usr/lib64/opensc-pkcs11.la /usr/lib64/opensc-pkcs11.so /usr/lib64/pkcs11 /usr/lib64/pkcs11-spy.la /usr/lib64/pkcs11-spy.so /usr/lib64/pkcs11/onepin-opensc-pkcs11.so /usr/lib64/pkcs11/opensc-pkcs11.so /usr/lib64/pkcs11/pkcs11-spy.so /usr/lib64/pkgconfig/opensc-pkcs11.pc /usr/share/applications/org.opensc.notify.desktop /usr/share/bash-completion/completions/cardos-tool /usr/share/bash-completion/completions/cryptoflex-tool /usr/share/bash-completion/completions/dnie-tool /usr/share/bash-completion/completions/egk-tool /usr/share/bash-completion/completions/eidenv /usr/share/bash-completion/completions/gids-tool /usr/share/bash-completion/completions/goid-tool /usr/share/bash-completion/completions/iasecc-tool /usr/share/bash-completion/completions/netkey-tool /usr/share/bash-completion/completions/npa-tool /usr/share/bash-completion/completions/openpgp-tool /usr/share/bash-completion/completions/opensc-asn1 /usr/share/bash-completion/completions/opensc-explorer /usr/share/bash-completion/completions/opensc-notify /usr/share/bash-completion/completions/opensc-tool /usr/share/bash-completion/completions/piv-tool /usr/share/bash-completion/completions/pkcs11-register /usr/share/bash-completion/completions/pkcs11-tool /usr/share/bash-completion/completions/pkcs15-crypt /usr/share/bash-completion/completions/pkcs15-init /usr/share/bash-completion/completions/pkcs15-tool /usr/share/bash-completion/completions/sc-hsm-tool /usr/share/bash-completion/completions/westcos-tool /usr/share/doc/packages/opensc /usr/share/doc/packages/opensc/NEWS /usr/share/doc/packages/opensc/README /usr/share/doc/packages/opensc/files.html /usr/share/doc/packages/opensc/opensc.conf /usr/share/doc/packages/opensc/tools.html /usr/share/licenses/opensc /usr/share/licenses/opensc/COPYING /usr/share/man/man1/cardos-tool.1.gz /usr/share/man/man1/cryptoflex-tool.1.gz /usr/share/man/man1/dnie-tool.1.gz /usr/share/man/man1/egk-tool.1.gz /usr/share/man/man1/eidenv.1.gz /usr/share/man/man1/gids-tool.1.gz /usr/share/man/man1/goid-tool.1.gz /usr/share/man/man1/iasecc-tool.1.gz /usr/share/man/man1/netkey-tool.1.gz /usr/share/man/man1/npa-tool.1.gz /usr/share/man/man1/openpgp-tool.1.gz /usr/share/man/man1/opensc-asn1.1.gz /usr/share/man/man1/opensc-explorer.1.gz /usr/share/man/man1/opensc-notify.1.gz /usr/share/man/man1/opensc-tool.1.gz /usr/share/man/man1/piv-tool.1.gz /usr/share/man/man1/pkcs11-register.1.gz /usr/share/man/man1/pkcs11-tool.1.gz /usr/share/man/man1/pkcs15-crypt.1.gz /usr/share/man/man1/pkcs15-init.1.gz /usr/share/man/man1/pkcs15-tool.1.gz /usr/share/man/man1/sc-hsm-tool.1.gz /usr/share/man/man1/westcos-tool.1.gz /usr/share/man/man5/opensc.conf.5.gz /usr/share/man/man5/pkcs15-profile.5.gz /usr/share/opensc /usr/share/opensc/asepcos.profile /usr/share/opensc/authentic.profile /usr/share/opensc/cardos.profile /usr/share/opensc/cyberflex.profile /usr/share/opensc/entersafe.profile /usr/share/opensc/epass2003.profile /usr/share/opensc/flex.profile /usr/share/opensc/gids.profile /usr/share/opensc/gpk.profile /usr/share/opensc/ias_adele_admin1.profile /usr/share/opensc/ias_adele_admin2.profile /usr/share/opensc/ias_adele_common.profile /usr/share/opensc/iasecc.profile /usr/share/opensc/iasecc_admin_eid.profile /usr/share/opensc/iasecc_generic_oberthur.profile /usr/share/opensc/iasecc_generic_pki.profile /usr/share/opensc/incrypto34.profile /usr/share/opensc/isoApplet.profile /usr/share/opensc/muscle.profile /usr/share/opensc/myeid.profile /usr/share/opensc/oberthur.profile /usr/share/opensc/openpgp.profile /usr/share/opensc/pkcs15.profile /usr/share/opensc/rutoken.profile /usr/share/opensc/rutoken_ecp.profile /usr/share/opensc/rutoken_lite.profile /usr/share/opensc/sc-hsm.profile /usr/share/opensc/setcos.profile /usr/share/opensc/starcos.profile /usr/share/opensc/westcos.profile
Generated by rpm2html 1.8.1
Fabrice Bellet, Wed Oct 23 00:06:56 2024