Releases: OpenSC/OpenSC
Releases · OpenSC/OpenSC
OpenSC-0.22.0-rc2
OpenSC-0.22.0-rc1
OpenSC-0.21.0
General Improvements
- fixed security problems
- Bump minimal required OpenSSL version to 1.0.1 (#1658)
- Implement basic unit tests for asn1 library, compression and simpletlv parser (#1830)
- Allow generating code coverage
- Improve fuzzing by providing corpus from real cards (#1830)
- Implement support for OAEP encryption
- New separate debug level for PIN commands (d06f23e)
- Fix handling of card/reader insertion/removal events in pcscd
- Many bugfixes reported by oss-fuzz, coverity and lgtm.com
- Fixes of removed readers handling (#1970)
- Fix Firefox crash because of invalid pcsc context (#2077)
PKCS#11
- Return CKR_TOKEN_NOT_RECOGNIZED for not recognized cards (#2030)
- Propagate ignore_user_content to PKCS#11 layer not to confuse applications (#2040)
Minidriver
- Fix check of ATR length (2-to 33 characters inclusive) (#2146)
MacOS
- Add installer signing for PR and master
- Avoid app bundle relocations after installation
- Move OpenSC to MacOS Utilities folder (#2063)
OpenSC tools
pkcs11-tool
- Make SHA256 default for OAEP encryption
- pkcs11-tool: allow using SW tokens (#2113)
opensc-explorer
OpenPGP
- Add new ec curves supported by GNUK (#1853)
- First steps supporting OpenPGP 3.4
- Add support for EC key import (#1821)
Rutoken
- Add ATR for Rutoken ECP SC NFC (#2122)
CardOS
- Improve detection of various CardOS 5 configurations (#1987)
DNIe
- Add new DNIe CA structure for the secure channel (#2109)
ePass2003
IAS-ECC (#2070):
- Fixed support for Idemia Cosmo cards with AWP middleware interoperability (previously broken).
- Added support for Idemia Cosmo v8 cards.
- PIN padding settings are now used from PKCS#15 info when available.
- Added PIN-pad support for PIN unblock.
IDPrime
- New driver for Gemalto IDPrime (only some types) (#1772)
eDo
- New driver with initial support for Polish eID card (e-dowód, eDO) (#2023)
MCRD
- Remove unused and broken RSA EstEID support (#2095)
TCOS
- Add missing encryption certificates (#2083)
PIV
CAC1
- Support changing PIN with CAC Alt tokens (#2129)
OpenSC-0.21.0-rc2
RC 2 of 0.21.0
OpenSC-0.21.0-rc1
RC 1 of 0.21.0
OpenSC-0.20.0
General Improvements
- fixed security problems
- Support RSA-PSS signature mechanisms using RSA-RAW (#1435)
- Added memory locking for secrets (#1491)
- added support for terminal colors (#1534)
- PC/SC driver: Fixed error handling in case of changing (#1537) or removing the card reader (#1615)
- macOS installer
- Configuration
- Build Environment
- Bump openssl requirement to 0.9.8 (##1459)
- Added support for fuzzing with AFL (#1580) and libFuzzer/OSS-Fuzz (#1697)
- Added CI tests for simulating GIDS, OpenPGP, PIV, IsoApplet (#1568) and MyEID (#1677) and CAC (#1757)
- Integrate clang-tidy with
make check(#1673) - Added support for reproducible builds (#1839)
PKCS#11
- Implement write protection (CKF_WRITE_PROTECTED) based on the card profile (#1467)
- Added C_WrapKey and C_UnwrapKey implementations (#1393)
- Handle CKA_ALWAYS_AUTHENTICATE when creating key objects. (#1539)
- Truncate long PKCS#11 labels with ... (#1629)
- Fixed recognition of a token when being unplugged and reinserted (#1875)
Minidriver
OpenSC tools
- Harmonize the use of option
-r/--reader(#1548) goid-tool: GoID personalization with fingerprintopenpgp-toolopensc-exploreropensc-minidriver-test.exe: Tests for Microsoft CryptoAPI (#1510)opensc-notify: Autostart on Windowspkcs11-register:opensc-tool: Show ATR also for cards not recognized by OpenSC (#1625)pkcs11-spy:- parse CKM_AES_GCM
- Add support for CKA_OTP_* and CKM_*_PSS values
- parse EC Derive parameters (#1677)
pkcs11-tool- Support for signature verification via
--verify(#1435) - Add object type
secrkeyfor--typeoption (#1575) - Implement Secret Key write object (#1648)
- Add GOSTR3410-2012 support (#1654)
- Add support for testing CKM_RSA_PKCS_OAEP (#1600)
- Add extractable option to key import (#1674)
- list more key access flags when listing keys (#1653)
- Add support for
CKA_ALLOWED_MECHANISMSwhen creating new objects and listing keys (#1628)
- Support for signature verification via
pkcs15-crypt: * Handle keys with user consent (#1529)
CAC1
New separate CAC1 driver using the old CAC specification (#1502).
CardOS
Coolkey
- Enable CoolKey driver to handle 2048-bit keys. (#1532)
EstEID
- adds support for a minimalistic, small and fast card profile based on IAS-ECC issued since December 2018 (#1635)
GIDS
MICARDO
- Remove long expired EstEID 1.0/1.1 card support (#1470)
MyEID
- Add support for unwrapping a secret key with an RSA key or secret key (#1393)
- Add support for wrapping a secret key with a secret key (#1393)
- Support for MyEID 4K RSA (#1657)
- Support for OsEID (#1677).
Gemalto GemSafe
OpenPGP
- OpenPGP Card v3 ECC support (#1506)
Rutoken
SC-HSM
Starcos
- Fixed decipher with 2.3 (#1496)
- Added ATR for 2nd gen. eGK (#1668)
- Added new ATR for 3.5 (#1882)
- Detect and allow Globalplatform PIN encoding (#1882)
TCOS
Infocamere, Postecert, Cnipa
- Removed profiles (#1584)
ACS ACOS5
- Remove incomplete acos5 driver (#1622).
OpenSC-0.20.0-rc4
Enabled extended APDU support for StarCOS 3x cards
OpenSC-0.20.0-rc3
CI: retry pushing 10 times to nightly
OpenSC-0.20.0-rc2
dir: Avoid insane allocations Resolves: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=17449
OpenSC-0.20.0-rc1
prepare 0.20.0