debian/0000775000000000000000000000000012330711026007163 5ustar debian/control0000664000000000000000000000320612265072675010610 0ustar Source: opensc Priority: extra Section: utils Maintainer: Ubuntu Developers XSBC-Original-Maintainer: Eric Dorland Build-Depends: debhelper (>= 9), dh-autoreconf, docbook-xsl, flex, libltdl3-dev, libpcsclite-dev (>= 1.2.9-beta1), libreadline-dev, libssl-dev (>= 0.9.7d-3), pkg-config, xsltproc, zlib1g-dev Standards-Version: 3.9.2 Homepage: http://www.opensc-project.org/ Vcs-Git: git://git.debian.org/git/pkg-opensc/opensc.git Vcs-Browser: http://git.debian.org/?p=pkg-opensc/opensc.git Package: opensc Section: utils Architecture: any Depends: pcscd, ${shlibs:Depends}, ${misc:Depends} Replaces: libopensc2 (<< 0.12.0) Conflicts: libopensc2 (<< 0.12.0), mozilla-opensc Description: Smart card utilities with support for PKCS#15 compatible cards OpenSC provides a set of libraries and utilities to access smart cards. It mainly focuses on cards that support cryptographic operations. It facilitates their use in security applications such as mail encryption, authentication, and digital signature. OpenSC implements the PKCS#11 API. Applications supporting this API, such as Iceweasel and Icedove, can use it. OpenSC implements the PKCS#15 standard and aims to be compatible with all software that does so as well. . Before purchasing any cards, please read carefully documentation in /usr/share/doc/opensc/html/wiki/index.html - only some cards are supported. Not only does card type matters, but also card version, card OS version and preloaded applet. Only a subset of possible operations may be supported for your card. Card initialization may require third party proprietary software. debian/opensc.NEWS0000664000000000000000000000054712171650655011173 0ustar opensc (0.10.1-1) unstable; urgency=high As of version of 0.10.0, the libopensc-openssl and libpam-opensc are not distrubted in opensc upstream anymore, and have been spun out into their own separate sources. Check the new libengine-pkcs11-openssl and libpam-p11 packages. -- Eric Dorland Wed, 11 Jan 2006 01:37:23 -0500 debian/changelog0000664000000000000000000007260612330710751011054 0ustar opensc (0.13.0-3ubuntu4.1) trusty; urgency=low * debian/patches/0003-fix-sc-hsm-rsa2048.patch: Add upstream fix to show generated RSA public keys of 2048 bits. Cherry-picking commit: - 99af6cd sc-hsm: Fixed a bug that prevents a newly generated 2048 [...] (LP: #1311921) -- Gert van Dijk Thu, 24 Apr 2014 00:21:53 +0200 opensc (0.13.0-3ubuntu4) trusty; urgency=low * debian/patches/0002-fix-epass2003-support-from-upstream.patch: Add upstream fixes for ePass2003 token. Cherry-picking commits - 4c1cafe epass2003: key generation allows stricter privkey/pubkey ACLs - b1a4775 epass2003: properly disable padding - 83dc469 epass2003: list_files implemented - ee48ea1 Fix to allow exponents other than 65537 for Feitian ePass 2003 (LP: #1176305) -- Gert van Dijk Mon, 10 Mar 2014 19:38:23 +0100 opensc (0.13.0-3ubuntu3) trusty; urgency=low * Fix regression which causes authentication failure in Firefox. (LP: #1252254) -- Jean-Louis Dupond Tue, 14 Jan 2014 09:58:27 +0100 opensc (0.13.0-3ubuntu2) trusty; urgency=medium * Use dh-autoreconf instead of autotools-dev to also fix FTBFS on ppc64el by getting new libtool macros (still updates config.{sub,guess}). -- Logan Rosen Mon, 13 Jan 2014 18:24:46 -0500 opensc (0.13.0-3ubuntu1) saucy; urgency=low * Merge from Debian. Remaining changes: - debian/control: Depend on pcscd * debian/patches/missing-libs.patch: Removed. Fixed upstream. -- Matthew Fischer Wed, 17 Jul 2013 20:42:03 -0600 opensc (0.13.0-3) unstable; urgency=low * debian/rules: Enable secure messaging support. (Closes: #694481) * debian/control, debian/rules: Use dh_autotools-dev. -- Eric Dorland Sun, 02 Jun 2013 19:18:48 -0400 opensc (0.13.0-2) unstable; urgency=low * opensc.install: Add openpgp-tool, iasecc-tool and sc-hsm-tool and manpages. * debian/control: Add misc:Pre-Depends substitution. (Closes: #702758) -- Eric Dorland Sat, 25 May 2013 21:02:03 -0400 opensc (0.13.0-1) unstable; urgency=low * New upstream release. (Closes: #703557, #694481) * debian/control: Standards-Version to 3.9.4. * debian/opensc.docs: Update the tools.html location. -- Eric Dorland Sat, 25 May 2013 04:52:07 -0400 opensc (0.12.2-3) unstable; urgency=low * debian/compat, debian/control: Upgrade to dh v9. (Closes: #656350) * debian/control: Mark package as Multi-Arch: foreign. * debian/opensc.install: Update /usr/lib paths for multi-arch. -- Eric Dorland Sun, 03 Jun 2012 18:21:39 -0400 opensc (0.12.2-2ubuntu2) quantal; urgency=low * Explicitly create debian/tmp/{etc/opensc,usr/lib/pkcs11} (fixing build failure). -- Matthias Klose Sat, 13 Oct 2012 19:04:14 +0200 opensc (0.12.2-2ubuntu1) precise; urgency=low * Merge from Debian testing. (LP: #979986) Remaining changes: - debian/patches/missing-libs.patch: Add libraries to allow opensc to build - debian/opensc.docs: include html documentation - debian/control: Depend on pcscd - debian/control: Add dh-autoreconf as build-dependency - debian/rules: Call autoreconf sequence to rebuild autotools files - debian/opensc.install: Added profiles -- Jean-Louis Dupond Sat, 14 Apr 2012 13:27:17 +0200 opensc (0.12.2-2) unstable; urgency=low * debian/opensc.install: Add westcos-tool & its man page. Thanks Peter Marschall . (Closes: #629229) * debian/opensc.install: Install *.profile files again. Thanks Peter Marschall . (Closes: #629231) -- Eric Dorland Sun, 11 Sep 2011 19:53:24 -0400 opensc (0.12.2-1) unstable; urgency=low * New upstream release. * Acknowledge NMU. (Closes: #622436, #629227, #631618) * debian/rules, debian/opensc.install: Only install the .so.* lib files, not the .la or .a files. (Closes: #633656) * debian/rules, debian/control: Enable zlib support. Thanks Peter Marschall . (Closes: #629230) * debian/rules, debian/control: Enable readline support. Thanks Peter Marschall . (Closes: #629228) -- Eric Dorland Sun, 11 Sep 2011 19:04:02 -0400 opensc (0.12.1-1.1) unstable; urgency=low * Non-maintainer upload. * Empty dependency_libs (Closes: #622436). * Drop unnecessary build dependency on libxt-dev (Closes: #629227). -- Luk Claes Sat, 25 Jun 2011 15:37:46 +0200 opensc (0.12.1-1ubuntu5) precise; urgency=low * Don't configure with --with-pcsc-provider. LP: #978974. -- Matthias Klose Wed, 11 Apr 2012 20:06:48 +0200 opensc (0.12.1-1ubuntu4) precise; urgency=low * debian/opensc.install: Added profiles (LP: #872019) -- Christopher Glass Sat, 31 Mar 2012 09:10:01 +0200 opensc (0.12.1-1ubuntu3) precise; urgency=low * missing-libs.patch: updated to fix also Makefile.in and move libs in pkcs11_tool_LDADD. This fixes a FTBFS because of missing 'lt_dlsym' symbol when linking pkcs11-tool. -- Fabrice Coutadeur Sat, 31 Mar 2012 05:32:54 +0000 opensc (0.12.1-1ubuntu2) precise; urgency=low * Add the missing Depends:pcscd (LP: #917892). FIXME: Debian needs it too. See BDO 618554. -- Martin-Éric Racine Tue, 17 Jan 2012 23:44:59 +0200 opensc (0.12.1-1ubuntu1) oneiric; urgency=low * Merge from debian unstable. Remaining changes: - debian/patches/missing-libs.patch: Add libraries to allow opensc to build (refreshed) - debian/opensc.docs: include htmld documentation (snapshot from wiki) - debian/rules: build with "--with-pcsc-provider=/lib/libpcsclite.so.1" - debian/opensc.install: added westcos-tool + manpage * Drop debian/patches/min-max.patch, debian/patches/buffer-overflow.patch, debian/patches/fix-storing-key-on-entersafe: Applied upstream * debian/control: Add dh-autoreconf as build-dependency * debian/rules: Call autoreconf sequence to rebuild autotools files -- Laurent Bigonville Fri, 10 Jun 2011 21:57:05 +0200 opensc (0.12.1-1) unstable; urgency=low * New upstream release. (Closes: #627241) * debian/control: Upgrade Standards-Version to 3.9.2. * debian/opensc.install: rutoken-tool has been removed. * debian/opensc.install: Add eidenv and piv-tool manpages. -- Eric Dorland Thu, 02 Jun 2011 01:31:38 -0400 opensc (0.12.0-1) unstable; urgency=low * New upstream release. * debian/control, debian/rules, debian/mozilla-opensc.install, debian/mozilla-opensc.links: Remove the mozilla-opensc package, as it's no longer present. * debian/control, debian/rules: Don't build with openct anymore. * debian/rules: Changelog no longer in a weird place. * debian/source/options, debian/source/patch-header: Remove unnecessary single-debian-patch setting. * debian/patches/CVE-2010-4523, debian/patches/min-max-macros, debian/patches/series: Remove now unnecessary patches. * debian/libopensc2-dev.docs, debian/libopensc2-dev.install, debian/libopensc2.examples, debian/libopensc2.install, debian/libopensc2.links, debian/libopensc2.symbols, debian/control, debian/opensc.install: Remove the lib packages since they are now "private". * debian/control: Add xsltproc and docbook-xsl build depends for documentation building. * debian/rules: Remove unneedded override_dh_strip rule. * debian/rules: Install into debian/tmp. * debian/opensc.install: Remove no longer shipped cardos-info. -- Eric Dorland Tue, 31 May 2011 03:13:29 -0400 opensc (0.11.13-1.1) unstable; urgency=high * Non-maintainer upload. * CVE-2010-4523: Protect against buffer overflow from rogue cards (closes: #607427) -- Jonathan Wiltshire Wed, 22 Dec 2010 14:20:22 +0000 opensc (0.11.13-1ubuntu5) natty; urgency=low * Drop the symlinks in legacy plugin folders - update debian/mozilla-opensc.links - update debian/mozilla-opensc.install -- Chris Coulson Tue, 22 Feb 2011 14:21:12 +0000 opensc (0.11.13-1ubuntu4) natty; urgency=low * SECURITY UPDATE: specially crafted cards may be able to execute code. - debian/patches/min-max.patch: Add MIN and MAX macros for last patch - debian/patches/buffer-overflow.patch: Fix potential buffer overflow by rogue cards. (LP: #692483) -- Torsten Spindler (Canonical) Tue, 21 Dec 2010 09:50:33 +0100 opensc (0.11.13-1ubuntu3) natty; urgency=low * debian/patches/missing-libs.patch: Add libraries to allow opensc to build from source on natty (LP: #692571) -- Torsten Spindler (Canonical) Mon, 20 Dec 2010 15:14:49 +0100 opensc (0.11.13-1ubuntu2) maverick; urgency=low * debian/patches/fix-storing-key-on-entersafe: Fix storing a RSA key on EnterSafe cards. (LP: #622319) -- Firas Kraiem Mon, 23 Aug 2010 14:43:10 +0200 opensc (0.11.13-1ubuntu1) maverick; urgency=low * Merge from debian unstable (LP: #600152), remaining changes: - debian/mozilla-opensc.links: Install links for firefox and xulrunner-addons. - debian/rules: build with "--with-pcsc-provider=/lib/libpcsclite.so.1", as this is the path of libpcsclite in jaunty and above. - debian/opensc.install: added westcos-tool + manpage - include htmld documentation (snapshot from wiki) (Closes: #575113, LP: #543334) -- Lorenzo De Liso Wed, 30 Jun 2010 12:04:58 +0200 opensc (0.11.13-1) unstable; urgency=low * New upstream release. (Closes: #570107, #505404) * libtool.m4: Delete spurious libtool.m4 that was picked up somewhere. -- Eric Dorland Mon, 01 Mar 2010 00:58:01 -0500 opensc (0.11.12-1ubuntu3) lucid; urgency=low * include htmld documentation (snapshot from wiki) (Closes: #575113, LP: #543334) -- Andreas Jellinghaus Sun, 21 Mar 2010 12:08:21 +0100 opensc (0.11.12-1ubuntu2) lucid; urgency=low [ Dominik Fischer ] * debian/rules: build with "--with-pcsc-provider=/lib/libpcsclite.so.1", as this is the path of libpcsclite in jaunty and above. * opensc.install: added westcos-tool + manpage -- Steve Langasek Thu, 18 Feb 2010 02:52:33 -0800 opensc (0.11.12-1ubuntu1) lucid; urgency=low [ Ubuntu Merge-o-Matic ] * Merge from debian testing. Remaining changes: - debian/mozilla-opensc.links: Install links for firefox and xulrunner-addons. - Fix in -2ubuntu2 (right now in karmic-proposed) can be dropped as well, already fixed upstream (LP: #519750) Thx to Andreas Jellinghaus for the bugreport -- Stephan Hermann Wed, 10 Feb 2010 16:20:55 +0000 opensc (0.11.12-1) unstable; urgency=low * New upstream release. (Closes: #563671) * debian/source/format, debian/source/options, debian/source/patch-header: Convert to v3 quilt format, with single-debian-patch. * debian/rules: Enable documentation installation. * debian/control: Update description with advice from Andreas Jellinghaus, with some editing. (Closes: #552516) * debian/libopensc2.symbols: Update for new symbols. * debian/libopensc2.shlibs: Remove in favor of the symbols file. -- Eric Dorland Sun, 10 Jan 2010 19:23:09 -0500 opensc (0.11.9-2ubuntu1) lucid; urgency=low * Merge from debian testing (LP: #490849), remaining changes: - debian/mozilla-opensc.links: Install links for firefox and xulrunner-addons. -- Bhavani Shankar Tue, 01 Dec 2009 19:59:17 +0530 opensc (0.11.9-2) unstable; urgency=low * debian/libopensc2.symbols: Add symbols file. * debian/compat: Use debhelper version 7. * debian/control: Drop build-deps on cdbs and build-depend on debhelper >= 7.0.50. * debian/rules: Convert to dh instead of debhelper. -- Eric Dorland Mon, 07 Sep 2009 19:00:53 -0400 opensc (0.11.9-1) unstable; urgency=low * New upstream release. * debian/control: Update Standards-Version to 3.8.3. -- Eric Dorland Mon, 07 Sep 2009 17:38:19 -0400 opensc (0.11.8-1ubuntu1) karmic; urgency=low * Merge from debian unstable, remaining change (LP: #396385): - debian/mozilla-opensc.links: Install links for firefox and xulrunner-addons. -- Bhavani Shankar Tue, 07 Jul 2009 11:41:27 +0530 opensc (0.11.8-1) unstable; urgency=low * New upstream release. Fixes a security problem with pkcs11-tool generating insecure public keypairs. This problem was only with the 0.11.7 release, which was only part of unstable. (Closes: #527640) -- Eric Dorland Sun, 10 May 2009 22:03:06 -0400 opensc (0.11.7-2ubuntu1) karmic; urgency=low * Merge from debian unstable, remaining changes: - debian/mozilla-opensc.links: Install links for firefox and xulrunner-addons -- Nathan Handler Tue, 28 Apr 2009 21:57:52 +0000 opensc (0.11.7-2) unstable; urgency=low * debian/rules: Explicitly enable openct and pcsc. (Closes: #522077) * debian/control: - Update Standards-Version to 3.8.1. - Add ${misc:Depends} everywhere. - Move libopensc2-dbg to the debug section. -- Eric Dorland Sat, 04 Apr 2009 17:46:05 -0400 opensc (0.11.7-1) unstable; urgency=low * New upstream release. Fixes CVE-2009-0368. * debian/rules: - New location for the ChangeLog. - Add --enable-signer to get the signer back. * debian/opensc.install: - cardos-tool.1 replaces cardos-info.1. - Install cardos-tool and rutoken-tool. * debian/opensc.docs, libopensc2-dev.docs: New html documentation location. -- Eric Dorland Sun, 29 Mar 2009 03:56:10 -0400 opensc (0.11.4-5ubuntu1) intrepid; urgency=low * Merge from debian unstable, remaining changes LP: #260257): - debian/mozilla-opensc.links: Install links for firefox and xulrunner-addons -- Nathan Handler Wed, 03 Sep 2008 20:06:26 -0500 opensc (0.11.4-5) unstable; urgency=high * src/tools/pkcs15-tool.c: Small fix to the previous security vulnerability to remove a strict check for the default card label. -- Eric Dorland Fri, 29 Aug 2008 03:14:53 -0400 opensc (0.11.4-4) unstable; urgency=high * src/libopensc/card-cardos.c, src/tools/pkcs15-tool.c: Patch to fix CVE-2008-2235 "OpenSC initializes CardOS cards with improper access rights". * debian/control: Up Standards-Version to 3.7.3. * debian/opensc.NEWS: Fix typo. -- Eric Dorland Thu, 31 Jul 2008 13:27:31 -0400 opensc (0.11.4-3) unstable; urgency=low * etc/opensc.conf.in: Document that lock_login is actually set to false by default. Thanks Mark Proehl. (Closes: #457322) * debian/mozilla-opensc.install: Don't install .a file. (Closes: #459542) -- Eric Dorland Mon, 07 Jan 2008 23:54:18 -0500 opensc (0.11.4-2ubuntu2) hardy; urgency=low * debian/mozilla-opensc.install: Don't install .a file (DBTS: #459542). * debian/mozilla-opensc.links: Install link for xulrunner-addons (LP: #202343). -- Matti Lindell Fri, 28 Mar 2008 07:28:00 +0200 opensc (0.11.4-2ubuntu1) hardy; urgency=low * Merge from debian unstable, remaining changes: - Install onepin-opensc-pkcs11.so and onepin-opensc-pkcs11.la Closes LP: #146350 - Install the links for firefox. - Update maintainer field in debian/control. -- Jonathan Riddell Wed, 21 Nov 2007 19:05:01 +0000 opensc (0.11.4-2) unstable; urgency=low * debian/libopensc2.install: Install onepin-opensc-pkcs11 signer. Thanks Laurent Bigonville. (Closes: #449219) * debian/libopensc2-dev.install: Install all the .a files. * debian/control: Remove XS- prefix from Vcs headers. -- Eric Dorland Sun, 04 Nov 2007 18:04:34 -0500 opensc (0.11.4-1) unstable; urgency=low * New upstream release. * src/signer/dialog.c: Remove spurious redefinition of PIN_ENTRY. * debian/control: Add Hompage and XS-Vcs-* headers. -- Eric Dorland Sat, 22 Sep 2007 04:13:54 -0400 opensc (0.11.3-1ubuntu2) gutsy; urgency=low * Install onepin-opensc-pkcs11.so and onepin-opensc-pkcs11.la Closes LP: #146350 -- Jonathan Riddell Thu, 04 Oct 2007 13:40:11 +0100 opensc (0.11.3-1ubuntu1) gutsy; urgency=low * Merge from Debian unstable, remaining changes: - Install the links for firefox. - Update maintainer field in debian/control. -- Michele Angrisano Sat, 21 Jul 2007 23:03:51 +0200 opensc (0.11.3-1) unstable; urgency=low * New upstream release. (Closes: #424013) * debian/control: - Use Standards-Version 3.7.2.2. - Use binary:Version instead of Source-Version. -- Eric Dorland Sat, 21 Jul 2007 01:12:13 -0400 opensc (0.11.2-1ubuntu1) gutsy; urgency=low * Merge from Debian unstable, remaining changes: - Install the links for firefox - Maintainer field in debian/control -- Luca Falavigna Thu, 17 May 2007 10:39:14 +0100 opensc (0.11.2-1) unstable; urgency=low * New upstream release. (Closes: #413470, #410195, #419680) -- Eric Dorland Thu, 17 May 2007 00:44:04 -0400 opensc (0.11.1-3ubuntu1) feisty; urgency=low * Merge from debian unstable, remaining changes: - Apply patch from http://www.opensc-project.org/opensc/changeset/3010 to fix regression with Estonian eID * debian/mozilla-opensc.links: install the links for firefox and mozilla (undo the Debian change) * Modified Maintainer values to match Debian-Maintainer-Field spec. -- Michael Bienia Mon, 12 Feb 2007 19:44:12 +0100 opensc (0.11.1-3) unstable; urgency=high * src/signer/dialog.c, debian/control: Fix path to pinentry and recommend pinentry for mozilla-opensc. Thanks Antti S. Lankila for the suggestion. (Closes: #392241) * opensc.docs: Install new and improved html docs. (Closes: #399838) * mozilla-opensc.links: Install links for iceweasel and iceape rather than firefox and mozilla. Considering who I am I should have picked up on this sooner. (Closes: #409946) * etc/opensc.conf.in: Document that lock_login is actually true by default. Thanks Antti-Juhani Kaijanaho. (Closes: #410024) -- Eric Dorland Sat, 10 Feb 2007 23:27:03 -0500 opensc (0.11.1-2ubuntu1) feisty; urgency=low * Apply patch from http://www.opensc-project.org/opensc/changeset/3010 to fix regression with Estonian eID (LP: #83767) -- Michael Bienia Wed, 7 Feb 2007 16:28:02 +0100 opensc (0.11.1-2) unstable; urgency=low * debian/libopensc2.links: Link /usr/lib/opensc/opensc-pkcs11.so to /usr/lib/opensc-pkcs11.so to help with upgrades. (Closes: #363443) * etc/opensc.conf.in: Fix small typo, thanks Clemens Orthacker. -- Eric Dorland Sat, 19 Aug 2006 13:25:31 -0400 opensc (0.11.1-1) unstable; urgency=low * New upstream release. -- Eric Dorland Sat, 10 Jun 2006 01:22:46 -0400 opensc (0.11.0-1) unstable; urgency=low * New upstream release. (Closes: #366313) * debian/control: - Fix stray 2 in the description. Thanks Ludovic Rousseau. (Closes: #354744) - Standards-Version to 3.7.2.0. - Add libopensc2-dbg package. - Upgrade debhelper dependency to >> 5, for more sane -dbg package handling. * debian/watch: Add watch file. * man/pkcs15-tool.1: Patch from Daniel Kahn Gillmor to add --unblock-pin documentation to the man page. (Closes: #350634) * debian/rules: Strip into the -dbg package. * debian/compat: Use debhelper level 5. * debian/openct.install: - There isn't anything in /usr/sbin anymore. - Install new tools and their manpages. - No more section 7 manpages. * debian/libopensc2.shlibs: Add dependency on latest version. * debian/libopensc2.install: Don't try to install non-existant .profile files in /etc. * debian/mozilla-opensc.install, debian/mozilla-opensc.links: Fix path to signer. -- Eric Dorland Sun, 28 May 2006 18:28:03 -0400 opensc (0.10.1-1) unstable; urgency=low * New upstream release. * debian/opensc.NEWS: Add a note about the package split. -- Eric Dorland Wed, 11 Jan 2006 01:44:11 -0500 opensc (0.10.0-2) unstable; urgency=low * debian/libopensc2-dev.install: Only install lib*.so, etc, not *.so. (Closes: #344591) -- Eric Dorland Fri, 23 Dec 2005 18:38:46 -0500 opensc (0.10.0-1) unstable; urgency=low * New upstream release. * debian/control: - Remove libpam-opensc, libscam1 and libopensc-openssl. - Remove gcc-3.3, libpam and libldap build dependencies. - Bump soname part of library names, and add appropriate Conflicts and Replaces. - Build depend on libltdl3-dev. - Bump Standards-Version to 3.6.2.1. * debian/libopensc-openssl.install, debian/libpam-opensc.docs, debian/libpam-opensc.install, debian/libscam1.examples, debian/libscam1.install, debian/libscam1.shlibs, debian/scldap.conf: Remove. * debian/libopensc1*: Renamed to libopensc2*. * debian/libopensc2.shlibs: Remove libpkcs11, bump other version info. * debian/libopensc2.install: New location for spy and pkcs11 modules. * debian/libopensc2-dev.install: Use *.so, *.la and *.a instead of individual listing. * debian/rules: - Try building with default gcc. - Add new upstream changelog location. * debian/copyright: UTF8ify. * debian/opensc.docs: Install new tools doc. * debian/libopensc2-dev.docs: New file, install api HTML doc. * debian/mozilla-opensc.install: Don't install /usr/lib/mozilla. * debian/mozilla-opensc.links: Install to new firefox location and make a link for mozilla plugin dir. -- Eric Dorland Wed, 21 Dec 2005 01:21:34 -0500 opensc (0.9.6-3) unstable; urgency=medium * debian/control, debian/rules: Use gcc-3.3 instead of default gcc-4.0 until #322145 can be figured out. -- Eric Dorland Wed, 31 Aug 2005 01:23:34 -0400 opensc (0.9.6-2) unstable; urgency=low * The "RTFM" release. * debian/opensc.install: Add manpages for pkcs11-tool and cardos-info. (Closes: #289751) * docs/pkcs15-init.1: Add documentation for -T switch. (Closes: #317414) * debian/opensc.docs: Install HTML and XML documentation. (Closes: #318312) -- Eric Dorland Fri, 29 Jul 2005 17:39:31 -0400 opensc (0.9.6-1) unstable; urgency=medium * New upstream release, needs to go in with new openct. * debian/control: Build-Depend on new libopenct1. * debian/libopensc1.install: Install etc/opensc.conf instead of our old empty version, because profile_dir must be set now. * debian/opensc.conf: Delete, we don't need it anymore. * debian/libopensc1.examples: Install a copy of the config file (without the example suffix) as an example. * debian/libopensc1.shlibs, debian/libscam1.shlibs: Update versions. * debian/libscam1.examples: Remove .example suffix. -- Eric Dorland Tue, 26 Apr 2005 01:16:16 -0400 opensc (0.9.4-9) unstable; urgency=high * debian/control: Remove extraneous build dependencies on libsasl, and tighten X dependency. (Closes: #304975) * debian/control: Remove uneccessarily tight dependency on libscam by libpam-opensc. -- Eric Dorland Sun, 17 Apr 2005 00:59:57 -0400 opensc (0.9.4-8) unstable; urgency=high * Still yearning for testing. * debian/libopensc1.examples, debian/libscam1.examples: Install example configuration files. (Closes: #286629) * debian/rules: Have config files under /etc/opensc. * debian/opensc.conf, debian/scldap.conf: Added barren config files that tell you to look at the examples. * debian/libopensc1.install, debian/libscam1.install: Install config files. * src/pam/pam_support.c: Fix compile problem under gcc-4.0. Thanks Andreas Jochens. (Closes: #287877) -- Eric Dorland Fri, 31 Dec 2004 21:42:53 -0500 opensc (0.9.4-7) unstable; urgency=high * Urgency high because the new openct is in testing and the borked s390 buildd is the only thing holding it back. * src/tools/pkcs11-tool.c: Apply by hand patch from Ph. Marek to fix bad --help documentation. (Closes: #284605) * debian/mozilla-opensc.links: Added, add link for mozilla-firefox plugins. -- Eric Dorland Tue, 7 Dec 2004 22:09:28 -0500 opensc (0.9.4-6) unstable; urgency=medium * The "I really need to pay more attention" release. * debian/libopensc-openssl.install: Install only the engine files, not the signer. * debian/control: Have mozilla-opensc replace libopensc-openssl. -- Eric Dorland Sat, 27 Nov 2004 14:46:40 -0500 opensc (0.9.4-5) unstable; urgency=medium * debian/libscam1.install: Allow libopensc1-dev install libscam's .la file. * debian/control: Have libopensc1-dev replace older versions of libscam because of the above. -- Eric Dorland Sat, 27 Nov 2004 14:25:43 -0500 opensc (0.9.4-4) unstable; urgency=medium * Target unstable. Urgency medium since I'd like to see this in testing. -- Eric Dorland Thu, 25 Nov 2004 23:50:05 -0500 opensc (0.9.4-3) experimental; urgency=low * debian/control: Add mozilla-opensc package. * debian/mozilla-opensc.install: Added file, install plugin files. * debian/rules: - Add AUTHORS file to all docs. - Add DEB_SHLIBDEPS_INCLUDE so we can find our own libs. * debian/libopensc1.shlibs: Add info for libpkcs11. * debian/opensc.docs: Added file, install QUICKSTART doc. * debian/libpam-opensc.docs: Added file, install PAM_README file. * debian/libscam1.install: libscam is now a full lib, install just the .so.* portions. * debian/libopensc1-dev.install: Install libscam's .so and .la. * debian/libscam1.shlibs: Add scam shlib. -- Eric Dorland Thu, 18 Nov 2004 00:57:10 -0500 opensc (0.9.4-2) experimental; urgency=low * debian/control: - Add section to source headers. - Add appropriate conflicts and replaces for the library packages. -- Eric Dorland Sat, 13 Nov 2004 12:33:03 -0500 opensc (0.9.4-1) experimental; urgency=low * New upstream release. Target experimental to give freeswan guys a chance. (Closes: #279968, #260828) * src/libopensc/reader-pcsc.c: Resolve some conflicts from previous patches, now in synch with upstream. * debian/{libopensc0-dev.install, libopensc0.install, libopensc0.shlibs, libscam0.install, libscam0.shlibs}: Renamed to change 0 to 1 to reflect new soname. * debian/control: - Change package name to reflect new soname. - Build-depend on pkg-config, for libs that use it. * debian/*.shlibs: Bump up sonames and versions. -- Eric Dorland Sat, 13 Nov 2004 00:41:51 -0500 opensc (0.8.1-7) unstable; urgency=medium * Urgency medium since this reenables pcsclite support. * {configure,configure.in}: Replace /pcsc with /PCSC for new pcsclite include location. * src/libopensc/reader-pcsc.c: Replace LPCSTR with LPCTSTR for new libpcsclite. -- Eric Dorland Tue, 20 Jul 2004 23:04:27 -0400 opensc (0.8.1-6) unstable; urgency=low * configure.in: use _pic.a instead of -pic.a, openssl changed. * configure: Rebuild. * debian/control: - Build-depend on libssl-dev (>= 0.9.7d-3) for pic.a renaming. - Build-depend on libpcsclite-dev (>= 1.2.9-beta1) for new libpcsclite1. (Closes: #247697) * src/libopensc/reader-pcsc.c: Patch for new libpcsclite1. Thanks Ludovic Rousseau. -- Eric Dorland Sat, 29 May 2004 21:07:28 -0400 opensc (0.8.1-5) unstable; urgency=low * debian/control: - Make libopensc* and libscam0 optional and everything else extra, to allow things in optional to link to the libs. I still need to resolve the dependency on libpcsc (it's in extra). - Build depend on libssl-dev (>= 0.9.7d-2) for PIC libs. - Make debhelper build dep >> 4.1. * configure.in: Use libcrypto-pic to work around build problems on architectures that need PIC libs. (Closes: #239422) * configure: Rebuild. -- Eric Dorland Sun, 16 May 2004 20:41:43 -0400 opensc (0.8.1-4) unstable; urgency=low * debian/control: Build-Depend on libassuan-dev that provides PIC libs. (Closes: #239422) -- Eric Dorland Sun, 28 Mar 2004 22:22:53 -0500 opensc (0.8.1-3) unstable; urgency=low * debian/libpam-opensc.install: Install pam modules into /lib/security rather than /usr/lib/security. (Closes: #235948) * debian/control: - libpam-opensc needs to depend on libscam0. (Closes: #235949) - Shorten libopensc0 short description. * docs/pkcs15-init.1: Add .SH NAME line. * docs/pkcs15-profile.5.in: Change the .ds line to the actual name, add .SH NAME line (half of #231535) * docs/pkcs15.7: Other half, add .ds line, add .SH NAME line (Closes: #231535) -- Eric Dorland Sat, 6 Mar 2004 19:30:54 -0500 opensc (0.8.1-2) unstable; urgency=low * debian/control: Build with libopenct0-dev. -- Eric Dorland Tue, 27 Jan 2004 23:34:43 -0500 opensc (0.8.1-1) unstable; urgency=low * Initial release. (Based loosely on the packaging by Joe Phillips ) (Closes: #157979, #187551) * Relibtoolize to fix build problem. -- Eric Dorland Mon, 29 Dec 2003 16:43:01 -0500 debian/opensc.install0000664000000000000000000000214412171650716012056 0ustar debian/tmp/usr/bin/cardos-tool debian/tmp/usr/bin/cryptoflex-tool debian/tmp/usr/bin/eidenv debian/tmp/usr/bin/iasecc-tool debian/tmp/usr/bin/netkey-tool debian/tmp/usr/bin/openpgp-tool debian/tmp/usr/bin/opensc-tool debian/tmp/usr/bin/opensc-explorer debian/tmp/usr/bin/piv-tool debian/tmp/usr/bin/pkcs11-tool debian/tmp/usr/bin/pkcs15* debian/tmp/usr/bin/sc-hsm-tool debian/tmp/usr/bin/westcos-tool debian/tmp/usr/lib/*/*.so.* debian/tmp/usr/lib/*/*.so debian/tmp/usr/share/opensc/*.profile etc/opensc.conf etc/opensc debian/tmp/usr/share/man/man5/* debian/tmp/usr/share/man/man1/cardos-tool.1 debian/tmp/usr/share/man/man1/cryptoflex-tool.1 debian/tmp/usr/share/man/man1/iasecc-tool.1 debian/tmp/usr/share/man/man1/eidenv.1 debian/tmp/usr/share/man/man1/netkey-tool.1 debian/tmp/usr/share/man/man1/openpgp-tool.1 debian/tmp/usr/share/man/man1/opensc-tool.1 debian/tmp/usr/share/man/man1/opensc-explorer.1 debian/tmp/usr/share/man/man1/piv-tool.1 debian/tmp/usr/share/man/man1/pkcs11-tool.1 debian/tmp/usr/share/man/man1/pkcs15*.1 debian/tmp/usr/share/man/man1/sc-hsm-tool.1 debian/tmp/usr/share/man/man1/westcos-tool.1 debian/source/0000775000000000000000000000000012171650655010500 5ustar debian/source/format0000664000000000000000000000001412171650655011706 0ustar 3.0 (quilt) debian/compat0000664000000000000000000000000212171650716010374 0ustar 9 debian/patches/0000775000000000000000000000000012330710736010621 5ustar debian/patches/series0000664000000000000000000000021112330710736012030 0ustar 0001-pkcs15-regression-in-e35febe-compute-cert-length.patch 0002-fix-epass2003-support-from-upstream.patch 0003-fix-sc-hsm-rsa2048.patch debian/patches/0001-pkcs15-regression-in-e35febe-compute-cert-length.patch0000664000000000000000000000675712265176005023231 0ustar From cc5a171ddcc8e49b2252135daac9ad3aa6d66ae7 Mon Sep 17 00:00:00 2001 From: Viktor Tarasov Date: Tue, 25 Dec 2012 20:05:45 +0100 Subject: [PATCH] pkcs15: regression in e35febe: compute cert length parse_x509_cert() reviewed. Now certificate's DER data are allocated and the DER data length is determined in one place. https://github.com/OpenSC/OpenSC/pull/114 https://github.com/OpenSC/OpenSC/commit/e35febe --- src/libopensc/pkcs15-cert.c | 37 +++++++++++++++++++------------------ 1 file changed, 19 insertions(+), 18 deletions(-) diff --git a/src/libopensc/pkcs15-cert.c b/src/libopensc/pkcs15-cert.c index 86bea25..9b08aac 100644 --- a/src/libopensc/pkcs15-cert.c +++ b/src/libopensc/pkcs15-cert.c @@ -34,13 +34,13 @@ #include "pkcs15.h" static int -parse_x509_cert(sc_context_t *ctx, const u8 *buf, size_t buflen, struct sc_pkcs15_cert *cert) +parse_x509_cert(sc_context_t *ctx, struct sc_pkcs15_der *der, struct sc_pkcs15_cert *cert) { int r; struct sc_algorithm_id sig_alg; - struct sc_pkcs15_pubkey * pubkey = NULL; - u8 *serial = NULL; - size_t serial_len = 0; + struct sc_pkcs15_pubkey *pubkey = NULL; + unsigned char *serial = NULL, *buf = der->value; + size_t serial_len = 0, data_len = 0, buflen = der->len; struct sc_asn1_entry asn1_version[] = { { "version", SC_ASN1_INTEGER, SC_ASN1_TAG_INTEGER, 0, &cert->version, NULL }, { NULL, 0, 0, 0, NULL, NULL } @@ -87,30 +87,32 @@ parse_x509_cert(sc_context_t *ctx, const u8 *buf, size_t buflen, struct sc_pkcs1 if (obj == NULL) LOG_TEST_RET(ctx, SC_ERROR_INVALID_ASN1_OBJECT, "X.509 certificate not found"); - cert->data.len = objlen + (obj - buf); + data_len = objlen + (obj - buf); + cert->data.value = malloc(data_len); + if (!cert->data.value) + LOG_FUNC_RETURN(ctx, SC_ERROR_OUT_OF_MEMORY); + memcpy(cert->data.value, buf, data_len); + cert->data.len = data_len; + r = sc_asn1_decode(ctx, asn1_cert, obj, objlen, NULL, NULL); LOG_TEST_RET(ctx, r, "ASN.1 parsing of certificate failed"); cert->version++; - if (pubkey) { - cert->key = pubkey; - pubkey = NULL; - } - else { + if (!pubkey) LOG_TEST_RET(ctx, SC_ERROR_INVALID_ASN1_OBJECT, "Unable to decode subjectPublicKeyInfo from cert"); - } + cert->key = pubkey; + sc_asn1_clear_algorithm_id(&sig_alg); - if (r < 0) - return r; if (serial && serial_len) { sc_format_asn1_entry(asn1_serial_number + 0, serial, &serial_len, 1); r = sc_asn1_encode(ctx, asn1_serial_number, &cert->serial, &cert->serial_len); free(serial); + LOG_TEST_RET(ctx, r, "ASN.1 encoding of serial failed"); } - return r; + return SC_SUCCESS; } @@ -125,7 +127,7 @@ sc_pkcs15_pubkey_from_cert(struct sc_context *ctx, if (cert == NULL) return SC_ERROR_OUT_OF_MEMORY; - rv = parse_x509_cert(ctx, cert_blob->value, cert_blob->len, cert); + rv = parse_x509_cert(ctx, cert_blob, cert); *out = cert->key; cert->key = NULL; @@ -158,20 +160,19 @@ sc_pkcs15_read_certificate(struct sc_pkcs15_card *p15card, const struct sc_pkcs1 return SC_ERROR_OBJECT_NOT_FOUND; } - cert = malloc(sizeof(struct sc_pkcs15_cert)); if (cert == NULL) { free(der.value); return SC_ERROR_OUT_OF_MEMORY; } memset(cert, 0, sizeof(struct sc_pkcs15_cert)); - if (parse_x509_cert(p15card->card->ctx, der.value, der.len, cert)) { + if (parse_x509_cert(p15card->card->ctx, &der, cert)) { free(der.value); sc_pkcs15_free_certificate(cert); return SC_ERROR_INVALID_ASN1_OBJECT; } + free(der.value); - cert->data = der; *cert_out = cert; return SC_SUCCESS; } -- 1.8.1 debian/patches/0003-fix-sc-hsm-rsa2048.patch0000664000000000000000000000123512330710736015302 0ustar Description: Fix to show generated RSA2048 pubkeys in PKCS#11 interface. Fixed a bug that prevents a newly generated 2048 key to show up at the PKCS#11 interface Author: Andreas Schwier Origin: upstream https://github.com/OpenSC/OpenSC/commit/99af6cd8ee78776f50bc016fc230541072c60afb --- opensc-0.13.0.orig/src/libopensc/pkcs15-sc-hsm.c +++ opensc-0.13.0/src/libopensc/pkcs15-sc-hsm.c @@ -268,7 +268,7 @@ static int sc_pkcs15emu_sc_hsm_add_pubke sc_pkcs15_pubkey_info_t pubkey_info; sc_pkcs15_object_t pubkey_obj; struct sc_pkcs15_pubkey pubkey; - u8 efbin[512]; + u8 efbin[1024]; sc_cvc_t cvc; u8 *cvcpo; size_t cvclen; debian/patches/0002-fix-epass2003-support-from-upstream.patch0000664000000000000000000001022612310072135020727 0ustar ## Description: add some description ## Origin/Author: add some origin or author ## Bug: bug URL Index: opensc-0.13.0/src/libopensc/card-epass2003.c =================================================================== --- opensc-0.13.0.orig/src/libopensc/card-epass2003.c 2012-12-04 15:43:40.000000000 +0100 +++ opensc-0.13.0/src/libopensc/card-epass2003.c 2014-03-03 21:38:17.620039138 +0100 @@ -117,8 +117,8 @@ memcpy(iv_tmp, iv, EVP_MAX_IV_LENGTH); EVP_CIPHER_CTX_init(&ctx); - EVP_CIPHER_CTX_set_padding(&ctx, 0); EVP_EncryptInit_ex(&ctx, cipher, NULL, key, iv_tmp); + EVP_CIPHER_CTX_set_padding(&ctx, 0); if (!EVP_EncryptUpdate(&ctx, output, &outl, input, length)) goto out; @@ -146,8 +146,8 @@ memcpy(iv_tmp, iv, EVP_MAX_IV_LENGTH); EVP_CIPHER_CTX_init(&ctx); - EVP_CIPHER_CTX_set_padding(&ctx, 0); EVP_DecryptInit_ex(&ctx, cipher, NULL, key, iv_tmp); + EVP_CIPHER_CTX_set_padding(&ctx, 0); if (!EVP_DecryptUpdate(&ctx, output, &outl, input, length)) goto out; @@ -1003,10 +1003,10 @@ flags = SC_ALGORITHM_ONBOARD_KEY_GEN | SC_ALGORITHM_RSA_RAW | SC_ALGORITHM_RSA_HASH_NONE; - _sc_card_add_rsa_alg(card, 512, flags, 0x10001); - _sc_card_add_rsa_alg(card, 768, flags, 0x10001); - _sc_card_add_rsa_alg(card, 1024, flags, 0x10001); - _sc_card_add_rsa_alg(card, 2048, flags, 0x10001); + _sc_card_add_rsa_alg(card, 512, flags, 0); + _sc_card_add_rsa_alg(card, 768, flags, 0); + _sc_card_add_rsa_alg(card, 1024, flags, 0); + _sc_card_add_rsa_alg(card, 2048, flags, 0); card->caps = SC_CARD_CAP_RNG | SC_CARD_CAP_APDU_EXT; @@ -1858,7 +1858,6 @@ LOG_FUNC_RETURN(card->ctx, r); } -#if 0 static int epass2003_list_files(struct sc_card *card, unsigned char *buf, size_t buflen) { @@ -1867,9 +1866,9 @@ int r; SC_FUNC_CALLED(card->ctx, SC_LOG_DEBUG_VERBOSE); - sc_format_apdu(card, &apdu, SC_APDU_CASE_2_SHORT, 0x34, 0x00, 0x00); + sc_format_apdu(card, &apdu, SC_APDU_CASE_1, 0x34, 0x00, 0x00); apdu.cla = 0x80; - apdu.le = 0x40; + apdu.le = 0; apdu.resplen = sizeof(rbuf); apdu.resp = rbuf; @@ -1887,7 +1886,6 @@ LOG_FUNC_RETURN(card->ctx, buflen); } -#endif static int @@ -2376,7 +2374,7 @@ epass2003_ops.compute_signature = epass2003_decipher; epass2003_ops.create_file = epass2003_create_file; epass2003_ops.delete_file = epass2003_delete_file; - /* epass2003_ops.list_files = epass2003_list_files; */ + epass2003_ops.list_files = epass2003_list_files; epass2003_ops.card_ctl = epass2003_card_ctl; epass2003_ops.process_fci = epass2003_process_fci; epass2003_ops.construct_fci = epass2003_construct_fci; Index: opensc-0.13.0/src/pkcs15init/pkcs15-epass2003.c =================================================================== --- opensc-0.13.0.orig/src/pkcs15init/pkcs15-epass2003.c 2012-12-04 15:43:40.000000000 +0100 +++ opensc-0.13.0/src/pkcs15init/pkcs15-epass2003.c 2014-03-03 21:38:19.084039076 +0100 @@ -507,6 +507,12 @@ sc_print_path(&file->path)); sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL, "private key_info path: %s", sc_print_path(&(key_info->path))); + + r = sc_pkcs15init_authenticate(profile, p15card, file, + SC_AC_OP_DELETE); + SC_TEST_RET(card->ctx, SC_LOG_DEBUG_NORMAL, r, + "generate key: pkcs15init_authenticate(SC_AC_OP_DELETE) failed"); + r = sc_delete_file(p15card->card, &file->path); /* create */ r = sc_pkcs15init_create_file(profile, p15card, file); @@ -558,6 +564,11 @@ r = sc_select_file(p15card->card, &pukf->path, NULL); /* if exist, delete */ if (r == SC_SUCCESS) { + r = sc_pkcs15init_authenticate(profile, p15card, pukf, + SC_AC_OP_DELETE); + SC_TEST_RET(card->ctx, SC_LOG_DEBUG_NORMAL, r, + "generate key - pubkey: pkcs15init_authenticate(SC_AC_OP_DELETE) failed"); + r = sc_pkcs15init_delete_by_path(profile, p15card, &pukf->path); if (r != SC_SUCCESS) { sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL, @@ -573,6 +584,11 @@ goto failed; } + r = sc_pkcs15init_authenticate(profile, p15card, pukf, + SC_AC_OP_UPDATE); + SC_TEST_RET(card->ctx, SC_LOG_DEBUG_NORMAL, r, + "generate key - pubkey: pkcs15init_authenticate(SC_AC_OP_UPDATE) failed"); + /* generate key pair */ fidl = (file->id & 0xff) * FID_STEP; file->id = (file->id & 0xff00) + fidl; debian/opensc.docs0000664000000000000000000000013112171657732011337 0ustar doc/tools/tools.html doc/nonpersistent/wiki.out/*.html doc/nonpersistent/wiki.out/*.css debian/copyright0000664000000000000000000000121512171650655011132 0ustar This package was debianized by Eric Dorland on Mon, 22 Dec 2003 23:23:29 -0500. It was downloaded from http://www.opensc.org/ Upstream Authors: OpenSC developers Juha Yrjölä Antti Tapaninen Timo Teräs Olaf Kirch Copyright (C) 2001, 2002 Juha Yrj, Timo Teras, Antti Tapaninen, Olaf Kirch You are free to distribute this software under the terms of the GNU Lesser General Public License. On Debian systems, the complete text of the GNU Lesser General Public License can be found in the file `/usr/share/common-licenses/LGPL'. debian/watch0000664000000000000000000000012012171650655010222 0ustar version=3 http://www.opensc-project.org/files/opensc/opensc-([\d\.]+)\.tar\.gz debian/rules0000775000000000000000000000057212265072663010265 0ustar #!/usr/bin/make -f %: dh $@ --with autoreconf override_dh_auto_configure: dh_auto_configure -- --sysconfdir=/etc/opensc \ --enable-pcsc \ --enable-doc \ --enable-readline \ --enable-sm \ --enable-zlib \ --htmldir=/usr/share/doc/opensc/html override_dh_auto_install: dh_auto_install --destdir=debian/tmp override_dh_installdocs: dh_installdocs -A README NEWS