Re: [opensc-devel] new libopensc containing scconf, libopensc, libpkcs15init
Andreas Jellinghaus wrote: > This patch creates a new libopensc containing those three libraries. > The export list contains all symbols exported by those three. > > common/libcompat.la is also linked into libopensc, but not exported. > The tools thus link common/libcompat.la themself. > > Is this the way we want to go? Shall I appy it? > Nice intention, for me it works. Will the same be done with the windows version? > Regards, Andreas > > > > ___ > opensc-devel mailing list > opensc-devel@lists.opensc-project.org > http://www.opensc-project.org/mailman/listinfo/opensc-devel -- Viktor Tarasov ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] new libopensc containing scconf, libopensc, libpkcs15init
On Feb 1, 2010, at 10:27 , Viktor TARASOV wrote: > Andreas Jellinghaus wrote: >> This patch creates a new libopensc containing those three libraries. >> The export list contains all symbols exported by those three. >> >> common/libcompat.la is also linked into libopensc, but not exported. >> The tools thus link common/libcompat.la themself. >> >> Is this the way we want to go? Shall I appy it? >> > > Nice intention, for me it works. > > Will the same be done with the windows version? Do you mean the native build? Should be done. I'm afraid there's no active native windows maintainer at the moment... -- Martin Paljak http://martin.paljak.pri.ee +3725156495 ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] new libopensc containing scconf, libopensc, libpkcs15init
Martin Paljak wrote: > On Feb 1, 2010, at 10:27 , Viktor TARASOV wrote: > >> Andreas Jellinghaus wrote: >> >>> This patch creates a new libopensc containing those three libraries. >>> The export list contains all symbols exported by those three. >>> >>> common/libcompat.la is also linked into libopensc, but not exported. >>> The tools thus link common/libcompat.la themself. >>> >>> Is this the way we want to go? Shall I appy it? >>> >>> >> Nice intention, for me it works. >> >> Will the same be done with the windows version? >> > > Do you mean the native build? Should be done. I'm afraid there's no active > native windows maintainer at the moment... > Yes - native build. Probably I'm not fully conscious of the term 'active native windows maintainer' contents, but I can try to do it later. -- Viktor Tarasov ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] new libopensc containing scconf, libopensc, libpkcs15init
Hi, I did not understand: -lib_LTLIBRARIES = libopensc.la +noinst_LTLIBRARIES = libopensc.la why not installing the libopensc? if you don't a copy of the library will exist in every tool and other library. Alon. On Mon, Feb 1, 2010 at 9:14 AM, Andreas Jellinghaus wrote: > > This patch creates a new libopensc containing those three libraries. > The export list contains all symbols exported by those three. > > common/libcompat.la is also linked into libopensc, but not exported. > The tools thus link common/libcompat.la themself. > > Is this the way we want to go? Shall I appy it? > > Regards, Andreas > > ___ > opensc-devel mailing list > opensc-devel@lists.opensc-project.org > http://www.opensc-project.org/mailman/listinfo/opensc-devel ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] Error with opensc in Windows
Thank you very much for you answer. I've downloaded the last 32 bit compiled version of opensc project http://www.opensc-project.org/files/build/opensc-i686-w64-mingw32-008-base.tar.bz2 With these tools, pkcs15-init seems to work properly. However, pkcs11-tool shows the error below: / / /error: Failed to load pkcs11 module/ /Aborting/ I have already set the variable debug=9, in opensc.conf file. But, I haven´t gotten more information about the error. Could somebody help me with this error please? Thanks in advance Kind regards. El 30/01/2010 18:01, Alon Bar-Lev escribió: > You can use mingw in order to compile OpenSC for Windows. > You have maintained build environment at [1]. > > [1] http://opensc-project.org/build > > On Thu, Jan 28, 2010 at 6:17 PM, evalues wrote: > >> Hello, >> >> It's the first I'm using opensc libraries and i have found some problems >> compiling the opensc project for Windows OS. >> >> I've downloaded the last opensc version 0.11.12, and I'm using Visual >> Studio 2005 to compile the project. To do it, I've linked with Libtool >> libltdl3 (version 1.5.26) and OpenSSL (version 0.9.8.11). I've run the >> command below to carry out the compile process in the Visual Studio 2005 >> Command Prompt: >> >> nmake /f Makefile.mak >> >> This process ends succesfully, but some of the tools generated don't >> work. For example: when I invoke the pkcs15-init.exe I get the error below: >> >> "No se encuentra el punto de entrada del procedimiento >> sc_pkcs15_find_data_object_by_name en la biblioteca de vínculos >> dinámicos opensc.d" >> >> This error in english is: >> >> "Not Found The procedure entry point sc_pkcs15_find_data_object_by_name >> in dynamic link library opensc.dll" >> >> I've been looking for a similar thread in this list, but I haven't found >> how to solve my problem. I don't want to bother anybody asking the same >> questions that other people have done. So, if somebody knows about a >> thread which solve similar problems, please mail it to me. >> >> >> >> ___ >> opensc-devel mailing list >> opensc-devel@lists.opensc-project.org >> http://www.opensc-project.org/mailman/listinfo/opensc-devel >> >> ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] new libopensc containing scconf, libopensc, libpkcs15init
Am Montag 01 Februar 2010 11:16:42 schrieb Alon Bar-Lev: > Hi, > > I did not understand: > -lib_LTLIBRARIES = libopensc.la > +noinst_LTLIBRARIES = libopensc.la > > why not installing the libopensc? > if you don't a copy of the library will exist in every tool and other > library. there is a new "libopensc" in pkcs15init/ directory. it is build from the source in libopensc/ scconf/ and libpkcs15init/ (and common/). thus we only export one shared library (libopensc.so), but it has the symbols from all three libraries, and exports those symbols to the tools and opensc-pkcs11.so. tools and opensc-pkcs11.so now don't link with libopensc/libopensc.la or scconf/libscconf.la, but only link with pkcs15init/libopensc.la/so. note: libopensc.so contain the code from common/ too, but doesn't export those symbols. thus opensc-pkcs11.so and tools both include the source from common/ themself. that creates a few extra bytes in the runtimes, but shouldn't hurt otherwise. Good? Regards, Andreas ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] Error with opensc in Windows
Am Montag 01 Februar 2010 11:53:52 schrieb evalues: > With these tools, pkcs15-init seems to work properly. However, > pkcs11-tool shows the error below: try pkcs11-tool --module path\to\opensc-pkcs11.dll and see if that helps. Regards, Andreas ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] new libopensc containing scconf, libopensc, libpkcs15init
slightly updated version with build fixes (top_srcdir vs. top_builddir and compile libcompat into opensc-pkcs11.so too). Andreas diff -udrNPp --exclude=.svn opensc.orig/src/libopensc/Makefile.am opensc/src/libopensc/Makefile.am --- opensc.orig/src/libopensc/Makefile.am 2010-02-01 08:03:26.0 +0100 +++ opensc/src/libopensc/Makefile.am 2010-02-01 10:58:54.0 +0100 @@ -1,12 +1,10 @@ include $(top_srcdir)/win32/ltrc.inc -MAINTAINERCLEANFILES = \ - $(srcdir)/Makefile.in $(srcdir)/versioninfo.rc -CLEANFILES = versioninfo.rc +MAINTAINERCLEANFILES = $(srcdir)/Makefile.in EXTRA_DIST = Makefile.mak bin_SCRIPTS = opensc-config -lib_LTLIBRARIES = libopensc.la +noinst_LTLIBRARIES = libopensc.la openscinclude_HEADERS = \ opensc.h pkcs15.h \ cardctl.h asn1.h log.h ui.h \ @@ -46,33 +44,4 @@ libopensc_la_SOURCES = \ pkcs15-tcos.c pkcs15-esteid.c pkcs15-postecert.c pkcs15-gemsafeGPK.c \ pkcs15-actalis.c pkcs15-atrust-acos.c pkcs15-tccardos.c pkcs15-piv.c \ pkcs15-esinit.c p15emu-westcos.c pkcs15-pteid.c \ - compression.c p15card-helper.c \ - \ - libopensc.exports -if WIN32 -libopensc_la_SOURCES += versioninfo.rc -else -dist_noinst_DATA = versioninfo.rc -endif -libopensc_la_LIBADD = $(OPTIONAL_OPENSSL_LIBS) $(OPTIONAL_OPENCT_LIBS) \ - $(OPTIONAL_ZLIB_LIBS) $(OPTIONAL_ICONV_LIBS) $(LTLIB_LIBS) \ - $(top_builddir)/src/scconf/libscconf.la \ - $(top_builddir)/src/common/libcompat.la -if WIN32 -libopensc_la_LIBADD += -lws2_32 -endif -libopensc_la_LDFLAGS = $(AM_LDFLAGS) \ - -version-info @OPENSC_LT_CURRENT@:@OPENSC_LT_REVISION@:@OPENSC_LT_AGE@ \ - -export-symbols "$(srcdir)/libopensc.exports" \ - -no-undefined - -versioninfo.rc: - sed 's/@@FILE_DESCRIPTION@@/OpenSC Core Library/g' \ - "$(top_builddir)/win32/versioninfo.rc.in" > versioninfo.rc - -if WIN32 -# def file required for MS users to build library -mylibdir=$(libdir) -mylib_DATA=.libs/@win_libpre...@opensc-@opensc_lt_old...@.dll.def -.libs/@win_libpre...@opensc-@opensc_lt_old...@.dll.def: libopensc.la -endif + compression.c p15card-helper.c diff -udrNPp --exclude=.svn opensc.orig/src/libopensc/libopensc.exports opensc/src/libopensc/libopensc.exports --- opensc.orig/src/libopensc/libopensc.exports 2010-02-01 08:03:26.0 +0100 +++ opensc/src/libopensc/libopensc.exports 1970-01-01 01:00:00.0 +0100 @@ -1,214 +0,0 @@ -_sc_asn1_decode -_sc_asn1_encode -_sc_debug -sc_append_file_id -sc_append_path -sc_append_path_id -sc_append_record -sc_asn1_clear_algorithm_id -sc_asn1_decode -sc_asn1_decode_algorithm_id -sc_asn1_decode_bit_string -sc_asn1_decode_bit_string_ni -sc_asn1_decode_choice -sc_asn1_decode_integer -sc_asn1_decode_object_id -sc_asn1_encode -sc_asn1_encode_algorithm_id -sc_asn1_find_tag -sc_asn1_print_tags -sc_asn1_put_tag -sc_asn1_skip_tag -sc_asn1_verify_tag -sc_base64_decode -sc_base64_encode -sc_bin_to_hex -sc_build_pin -sc_cancel -sc_card_ctl -sc_card_valid -sc_change_reference_data -sc_check_sw -sc_compare_oid -sc_compare_path -sc_compare_path_prefix -sc_compute_signature -sc_concatenate_path -sc_connect_card -sc_context_create -sc_copy_asn1_entry -sc_create_file -sc_ctx_detect_readers -sc_ctx_get_reader -sc_ctx_get_reader_by_id -sc_ctx_get_reader_by_name -sc_ctx_get_reader_count -sc_decipher -sc_delete_file -sc_delete_record -sc_der_clear -sc_der_copy -sc_detect_card_presence -sc_disconnect_card -sc_do_log -sc_do_log_va -sc_enum_apps -sc_establish_context -sc_file_add_acl_entry -sc_file_clear_acl_entries -sc_file_dup -sc_file_free -sc_file_get_acl_entry -sc_file_new -sc_file_set_prop_attr -sc_file_set_sec_attr -sc_file_set_type_attr -sc_file_valid -sc_find_app_by_aid -sc_find_pkcs15_app -sc_format_apdu -sc_format_asn1_entry -sc_format_oid -sc_format_path -sc_free_apps -sc_get_cache_dir -sc_get_challenge -sc_get_conf_block -sc_get_data -sc_get_mf_path -sc_get_version -sc_hex_dump -sc_dump_hex -sc_hex_to_bin -sc_list_files -sc_lock -sc_logout -sc_make_cache_dir -sc_mem_clear -sc_path_print -sc_path_set -sc_pin_cmd -sc_pkcs15_add_df -sc_pkcs15_add_object -sc_pkcs15_add_unusedspace -sc_pkcs15_bind -sc_pkcs15_bind_synthetic -sc_pkcs15_cache_file -sc_pkcs15_card_clear -sc_pkcs15_card_free -sc_pkcs15_card_new -sc_pkcs15_change_pin -sc_pkcs15_compare_id -sc_pkcs15_compute_signature -sc_pkcs15_decipher -sc_pkcs15_decode_aodf_entry -sc_pkcs15_decode_cdf_entry -sc_pkcs15_decode_dodf_entry -sc_pkcs15_decode_enveloped_data -sc_pkcs15_decode_prkdf_entry -sc_pkcs15_decode_prkey -sc_pkcs15_decode_pubkey -sc_pkcs15_decode_pubkey_dsa -sc_pkcs15_decode_pubkey_rsa -sc_pkcs15_decode_pubkey_gostr3410 -sc_pkcs15_decode_pukdf_entry -sc_pkcs15_encode_aodf_entry -sc_pkcs15_encode_cdf_entry -sc_pkcs15_encode_df -sc_pkcs15_encode_dodf_entry -sc_pkcs15_encode_enveloped_data -sc_pkcs15_encode_odf -sc_pkcs15_encode_prkdf_entry -sc_pkcs15_encode_prkey -sc_pkcs15_encode_pubkey -sc_pkcs15_encode_pubkey_dsa -sc_pkcs15_encode_pubkey_rsa -sc_pkcs15_encode_pubkey_gostr3410 -sc_pkcs15_encode_pukdf_entry -sc_pkcs15_encode_tokeninfo -sc_pkcs15_encode_unuse
Re: [opensc-devel] new libopensc containing scconf, libopensc, libpkcs15init
Won't it be simpler to leave libopensc as-is and encapsulate the pkcs15init? Having two libopensc is quite confusing... Anyway, there are problems with the patch, I don't have time right now to go over this, please don't commit yet. Examples: 1. src/pkcs15init/Makefile.am, still need to rename libpkcs15init.la to something else at def dependency. 2. src/tests/pintest.c:61: undefined reference to `_getpass' On Mon, Feb 1, 2010 at 1:04 PM, Andreas Jellinghaus wrote: > > slightly updated version with build fixes > (top_srcdir vs. top_builddir and compile libcompat > into opensc-pkcs11.so too). > > Andreas > > ___ > opensc-devel mailing list > opensc-devel@lists.opensc-project.org > http://www.opensc-project.org/mailman/listinfo/opensc-devel ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] new libopensc containing scconf, libopensc, libpkcs15init
On Feb 1, 2010, at 14:04 , Alon Bar-Lev wrote: > Having two libopensc is quite confusing... Same here... -- Martin Paljak http://martin.paljak.pri.ee +3725156495 ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] new libopensc containing scconf, libopensc, libpkcs15init
Am Montag 01 Februar 2010 13:15:00 schrieb Martin Paljak: > On Feb 1, 2010, at 14:04 , Alon Bar-Lev wrote: > > Having two libopensc is quite confusing... > > Same here... don't you like the change in content? i.e. new libopensc.so (installed) = old libopensc.so plus libscconf.so plus libpkcs15init.so? or are you confused by libopensc/Makefile.am containing "libopensc.la" and pkcs15init/Makefile.am containing "libopensc.la" too? we could rename libopensc/ to "static-archive-for-linking.la" or whatever (I don't have a good name). we could also move all pkcs15init/ source code to libopensc/ directory, if you prefer to have one directory will all that source code instead. these are the options I see. which do you prefer? or any other idea how to handle this? or don't you like the merger of libopensc/scconf/pkcs15init? Regards, Andreas ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
[opensc-devel] Looking for Aventra MyEID PKI card.
Hi, actually this card is the only one that partly uses the Old pkcs15init API. I would like to migrate it to the New API. Aventure Ltd. webshop do not propose this card . Do you know, where can I get it, please? Kind wishes, Viktor. -- Viktor Tarasov ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] new libopensc containing scconf, libopensc, libpkcs15init
Am Montag 01 Februar 2010 13:04:57 schrieb Alon Bar-Lev: > Won't it be simpler to leave libopensc as-is and encapsulate the > pkcs15init? hmm, I thought you need to compile libopensc first and then compile pkcs15init. if you think the other way would work too, yes, the final "libopensc.so" can be created in libopensc/ too. then we need a dummy noinst_ libpkcs15init.la again, and incoporate that in opensc/. > Anyway, there are problems with the patch, I don't have time right now > to go over this, please don't commit yet. can you share what kind of problems you saw? maybe we can fix them ourself? > Examples: > 1. src/pkcs15init/Makefile.am, still need to rename libpkcs15init.la > to something else at def dependency. there is no "libpkcs15init" left after my patch. (oops, some reference for the windows only "mylib" section, but I can fix that). > 2. src/tests/pintest.c:61: undefined reference to `_getpass' need to link with common/libcompat.la too. strange, why didn't my "make distcheck" catch that? anything else? I can fix those easily. Regards, Andreas ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] Problems developing with Starcos 2.3
are you trying to get new blank card initialized with opensc to work, or are you trying to get cards with that vendors software to work with opensc? if that vendor did not implement PKCS#15 on the cards, the resulting card might not be compatible with opensc. opensc is supposed to be compatible with some vendors software such as A.E.S., but while users report success, their strange license actualy forbids using cards initialized with their software with opensc. not sure if such a clause is valid, I guess not at all. to initialize a blank card with opensc see the wiki (QuickStart). for a basic check of opensc first: does opensc find your reader? opensc-tool -r should tell you. does opensc find the card? opensc-tool -a should show the atr. is your card supported by opensc? I guess so, the atr you mentioned is old and well known. so if pkcs11-tool only shows empty slots (I guess without --module option / thus with opensc-pkcs11.dll), then your card is most likely empty or initialized in an incompatible (i.e. not PKCS#15) way. if you want to use a blank card with opensc, then initialize it first (at least the first pkcs15-init --create call,maybe best with onepin profile), and then you should be able to use the card with pkcs11-tool. if you want to try pkcs11-tool, but with your vendors pkcs#11 module, use the "--module" option. if you want to use pkcs11-spy.dll with your application (with either module), you need to set some environment variables of course. see the wiki or google for details. > I've configured the debug=9 in other to get more information. You can find > the log attached to this mail "pkcs11_test_login.txt". looks fine to me. but the card has only a security officer, but no normal user pin. that won't work fine with opensc-pkcs11.so. try to init it with "onepin" option, or use "pkcs15-init" to create a pin, rsa key, store a certifcate etc. and then try again. > > > My problems begin when I try to invoke the function C_GetSlotList of > > > the opensc-pcks11.dll library. I'm not able to find a slot with > > > information. All the slot available seem to be empty. The code I'm > > > trying to execute can be find below: > > > > pkcs11-tool should show some slots. if it does, the problem is most > > likely in your application. if it does not, something is wrong with > > opensc or its configuration. > > pkcs11-tool -L show me the slots but they are always empty. the only card found in the log file is empty (except for a security officer pin), so I guess that is the problem. if you want to create a "security officer"-pin and a normal pin, and then create keys/certificates/... via pkcs#11 api, that usualy doesn't work well (pkcs#11 is not designed for several PINs needed for some action). so I suggest to use the "onepin" profile with your card, thus you have only one PIN (plus an optional unblocking PIN (PUK) if you want), and pkcs#11 works much easier with that. > I've used my > application with the manufacturer libraries and it works appropriately. So > I think my problem could be related to my opensc configuration. I didn't > modify the opensc.conf file because i'm using a usual card supported by > opensc, Do I have to modify it? I don't think so, at least it looks to me like there is no problem. > Opensc-tool -a show the next information about my > ATR: 3b:b7:94:00:81:31:fe:65:53:50:4b:32:33:90:00:d1 > > I think it is the common ATR for starcos 2.3, besides I've found this ATR > code in the sources of opensc project into /libopensc/card-starcos.c. yes, looks like a well known and supported card. I hope you have a "test" version of the card, otherwise you can't erase it. (starcos "feature" - nothing we can do about...) > When I link the pkcs11-spy into my example program i get the next message: > General error. > I'm afraid it is not very helpful. did you set the environment variables? see the wiki page or google for details. Hope this helps. good luck! Regards, Andreas ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] Looking for Aventra MyEID PKI card.
Am Montag 01 Februar 2010 14:07:28 schrieb Viktor TARASOV: > Hi, > > actually this card is the only one that partly uses the Old pkcs15init API. > > I would like to migrate it to the New API. > > Aventure Ltd. webshop do not propose this card . > > Do you know, where can I get it, please? try contacting aventra directly, they posted patches for myeid on the devel list in the past. not sure what happened to them, they told me their driver works, and later send me a card, but it turned out it didn't work at all. not sure which functions they tested, but I can't run a regression test on the card. or pkcs11-tool --test --login. since I reported that back, I haven't heard of them at all. also I think so far they only want to sell card initialized with their software, not plain card for initializing with opensc. but not sure about that, at least I only got pre-initialized cards. Regards, Andreas ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
[opensc-devel] MyeID card in OpenSC
Hello. On Feb 1, 2010, at 15:07 , Viktor TARASOV wrote: > actually this card is the only one that partly uses the Old pkcs15init API. This card was added just recently (September 2009) so there should not be many (if any) public users and the developer should be reachable (added to Cc just in case). > I would like to migrate it to the New API. I suggest to make a best effort try and if it fails, it will be reported. -- Martin Paljak http://martin.paljak.pri.ee +3725156495 ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] new libopensc containing scconf, libopensc, libpkcs15init
Am Montag 01 Februar 2010 13:15:00 schrieb Martin Paljak: > On Feb 1, 2010, at 14:04 , Alon Bar-Lev wrote: > > Having two libopensc is quite confusing... > > Same here... > ok, new version. pkcs15init is build before libopensc/ directory, and the shared library is now created in libopensc/ as it was before - except it includes pkcs15init and scconf (and libcompat) internaly. thus only one shared library left instead of three. better? also I addressed the issues alon mentioned. good? Andreas diff -udrNPp --exclude=.svn opensc.orig/src/Makefile.am opensc/src/Makefile.am --- opensc.orig/src/Makefile.am 2010-02-01 08:03:26.0 +0100 +++ opensc/src/Makefile.am 2010-02-01 14:42:37.0 +0100 @@ -2,5 +2,5 @@ MAINTAINERCLEANFILES = $(srcdir)/Makefil EXTRA_DIST = Makefile.mak # Order IS important -SUBDIRS = common include scconf libopensc pkcs15init pkcs11 \ - tests tools openssh +SUBDIRS = common include scconf pkcs15init libopensc pkcs11 \ + tools tests openssh diff -udrNPp --exclude=.svn opensc.orig/src/Makefile.mak opensc/src/Makefile.mak --- opensc.orig/src/Makefile.mak 2005-12-29 13:36:30.0 +0100 +++ opensc/src/Makefile.mak 2010-02-01 14:42:13.0 +0100 @@ -2,7 +2,7 @@ TOPDIR = .. !INCLUDE $(TOPDIR)\win32\Make.rules.mak -SUBDIRS = include common scconf libopensc tests pkcs15init pkcs11 tools +SUBDIRS = include common scconf pkcs15init libopensc pkcs11 tools tests all:: diff -udrNPp --exclude=.svn opensc.orig/src/libopensc/Makefile.am opensc/src/libopensc/Makefile.am --- opensc.orig/src/libopensc/Makefile.am 2010-02-01 08:03:26.0 +0100 +++ opensc/src/libopensc/Makefile.am 2010-02-01 14:57:52.0 +0100 @@ -1,8 +1,6 @@ include $(top_srcdir)/win32/ltrc.inc -MAINTAINERCLEANFILES = \ - $(srcdir)/Makefile.in $(srcdir)/versioninfo.rc -CLEANFILES = versioninfo.rc +MAINTAINERCLEANFILES = $(srcdir)/Makefile.in EXTRA_DIST = Makefile.mak bin_SCRIPTS = opensc-config @@ -47,7 +45,6 @@ libopensc_la_SOURCES = \ pkcs15-actalis.c pkcs15-atrust-acos.c pkcs15-tccardos.c pkcs15-piv.c \ pkcs15-esinit.c p15emu-westcos.c pkcs15-pteid.c \ compression.c p15card-helper.c \ - \ libopensc.exports if WIN32 libopensc_la_SOURCES += versioninfo.rc @@ -55,24 +52,26 @@ else dist_noinst_DATA = versioninfo.rc endif libopensc_la_LIBADD = $(OPTIONAL_OPENSSL_LIBS) $(OPTIONAL_OPENCT_LIBS) \ - $(OPTIONAL_ZLIB_LIBS) $(OPTIONAL_ICONV_LIBS) $(LTLIB_LIBS) \ - $(top_builddir)/src/scconf/libscconf.la \ - $(top_builddir)/src/common/libcompat.la +$(OPTIONAL_ZLIB_LIBS) $(OPTIONAL_ICONV_LIBS) $(LTLIB_LIBS) \ +$(top_builddir)/src/pkcs15init/libpkcs15init.la \ +$(top_builddir)/src/scconf/libscconf.la \ +$(top_builddir)/src/common/libcompat.la if WIN32 libopensc_la_LIBADD += -lws2_32 endif libopensc_la_LDFLAGS = $(AM_LDFLAGS) \ - -version-info @OPENSC_LT_CURRENT@:@OPENSC_LT_REVISION@:@OPENSC_LT_AGE@ \ - -export-symbols "$(srcdir)/libopensc.exports" \ - -no-undefined +-version-info @OPENSC_LT_CURRENT@:@OPENSC_LT_REVISION@:@OPENSC_LT_AGE@ \ +-export-symbols "$(srcdir)/libopensc.exports" \ +-no-undefined versioninfo.rc: sed 's/@@FILE_DESCRIPTION@@/OpenSC Core Library/g' \ - "$(top_builddir)/win32/versioninfo.rc.in" > versioninfo.rc +"$(top_builddir)/win32/versioninfo.rc.in" > versioninfo.rc if WIN32 # def file required for MS users to build library mylibdir=$(libdir) -mylib_DATA=.libs/@win_libpre...@opensc-@opensc_lt_old...@.dll.def -.libs/@win_libpre...@opensc-@opensc_lt_old...@.dll.def: libopensc.la +# not sure what to put here as mylib_DATA ? +mylib_DATA=.libs/@win_libpre...@libopensc-@opensc_lt_old...@.dll.def endif + diff -udrNPp --exclude=.svn opensc.orig/src/libopensc/libopensc.exports opensc/src/libopensc/libopensc.exports --- opensc.orig/src/libopensc/libopensc.exports 2010-02-01 08:03:26.0 +0100 +++ opensc/src/libopensc/libopensc.exports 2010-02-01 07:47:52.0 +0100 @@ -1,3 +1,32 @@ +scconf_block_add +scconf_block_copy +scconf_block_destroy +scconf_find_block +scconf_find_blocks +scconf_find_list +scconf_free +scconf_get_bool +scconf_get_int +scconf_get_str +scconf_item_add +scconf_item_copy +scconf_item_destroy +scconf_list_add +scconf_list_array_length +scconf_list_copy +scconf_list_destroy +scconf_list_strdup +scconf_list_strings_length +scconf_list_toarray +scconf_new +scconf_parse +scconf_parse_entries +scconf_parse_string +scconf_put_bool +scconf_put_int +scconf_put_str +scconf_write +scconf_write_entries _sc_asn1_decode _sc_asn1_encode _sc_debug @@ -212,3 +241,61 @@ sc_wait_for_event sc_write_binary sc_write_record sc_get_iso7816_driver +sc_keycache_find_named_pin +sc_keycache_forget_key +sc_keycache_get_key +sc_keycache_get_pin +sc_keycache_get_pin_name +sc_keycache_put_key +sc_keycache_put_pin +sc_keycache_set_pin_name +sc_pkcs15init_add_app +sc_pkcs15init_authenticate +sc_pkcs15init_bind +sc_pkcs15init_change_attrib +sc_pkcs15init_create_file +sc_pkcs15init_dele
[opensc-devel] pkcs15init: API question
Hi, I propose to change slightly the prototypes of the sc_pkcs15init_operations procedures, (excluding maybe 'erase_card', 'init_card', ), and to pass the 'sc_pkcs15_card' argument instead of 'sc_card' . For ex. to change int (*create_key)(sc_profile_t *, sc_card_t *, sc_pkcs15_object_t *) for int (*create_key)(sc_profile_t *, sc_pkcs15_card_t *, sc_pkcs15_object_t *) . The motivations are: - the card specific pkcs15init part will get access to the total pkcs15 contents and will be able to do more of the card specific non-pkcs15 tasks (in perspective the pkcs15init emulation); - it will help to replace the existing static sc_keycache system by the cache in 'sc_pkcs15_card' (as Martin proposed); - imho, it's quite logical: to pass 'sc_card' at libopensc level, and 'sc_pkcs15_card' at the pkcs15init; - it will not harm the existing card drivers. Sure, one can tell that card specific part can access the sc_pkcs15_card through the profile->p15_spec, but, imho, direct manner looks better. Kind wishes, Viktor. -- Viktor Tarasov ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] new libopensc containing scconf, libopensc, libpkcs15init
OK. This compiles now. But why did you touch: -mylib_DATA=.libs/@win_libpre...@opensc-@opensc_lt_old...@.dll.def -.libs/@win_libpre...@opensc-@opensc_lt_old...@.dll.def:libopensc.la +# not sure what to put here as mylib_DATA ? +mylib_DATA=.libs/@win_libpre...@libopensc-@opensc_lt_old...@.dll.def The original is good, please revert this hank into original. We install the def file with the library so people may use the MSC lib command to produce .lib in order to link against the binaries. Alon. On Mon, Feb 1, 2010 at 4:14 PM, Andreas Jellinghaus wrote: > Am Montag 01 Februar 2010 13:15:00 schrieb Martin Paljak: >> On Feb 1, 2010, at 14:04 , Alon Bar-Lev wrote: >> > Having two libopensc is quite confusing... >> >> Same here... >> > ok, new version. pkcs15init is build before libopensc/ directory, > and the shared library is now created in libopensc/ as it was before - > except it includes pkcs15init and scconf (and libcompat) internaly. > thus only one shared library left instead of three. better? > > also I addressed the issues alon mentioned. > > good? > > Andreas > ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] pkcs15init: API question
Am Montag 01 Februar 2010 15:10:05 schrieb Viktor TARASOV: > Sure, one can tell that card specific part can access the sc_pkcs15_card > through the profile->p15_spec, > but, imho, direct manner looks better. fine with me. btw: if you need to touch pkcs11/ for that, maybe you know the code best: IIRC there are several frameworks (so that in theory we could implement alternatives to pkcs#15). maybe that option is no longer interesting and can go. but I'm no expert on that, it seems so far we have a "pkcs15" and a "pkcs15init" implementation of that framework structure, so no idea if we can simplify the code there or not. Regards, Andreas ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] new libopensc containing scconf, libopensc, libpkcs15init
Am Montag 01 Februar 2010 15:28:30 schrieb Alon Bar-Lev: > OK. > This compiles now. > > But why did you touch: oops, leftover. reverted. thanks, I commited the changes so far. Regards, Andreas ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] pkcs15init: API question
On Feb 1, 2010, at 17:07 , Andreas Jellinghaus wrote: > Am Montag 01 Februar 2010 15:10:05 schrieb Viktor TARASOV: >> Sure, one can tell that card specific part can access the sc_pkcs15_card >> through the profile->p15_spec, >> but, imho, direct manner looks better. > > fine with me. > > btw: if you need to touch pkcs11/ for that, maybe you know the > code best: IIRC there are several frameworks (so that in theory > we could implement alternatives to pkcs#15). maybe that option > is no longer interesting and can go. but I'm no expert on that, > it seems so far we have a "pkcs15" and a "pkcs15init" implementation > of that framework structure, so no idea if we can simplify the > code there or not. In real life the two frameworks are deeply interconnected and interdependent for now. It looks like a logical move to me. -- Martin Paljak http://martin.paljak.pri.ee +3725156495 ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] new libopensc containing scconf, libopensc, libpkcs15init
Am Montag 01 Februar 2010 09:27:11 schrieb Viktor TARASOV: > Andreas Jellinghaus wrote: > > This patch creates a new libopensc containing those three libraries. > > The export list contains all symbols exported by those three. > > > > common/libcompat.la is also linked into libopensc, but not exported. > > The tools thus link common/libcompat.la themself. > > > > Is this the way we want to go? Shall I appy it? > > Nice intention, for me it works. > > Will the same be done with the windows version? I started to hack on it, but I have little clue and can't test. maybe you want to give it a try? note: I saw some bugs in the Makefile.mak system: in tools/, tests/ and pkcs11/ you should not link with scconf/scconf.lib pkcs15init/pkcs15init.lib and libopensc/libopensc.lib, but instead with libopensc/libopensc.dll which has all the code from those three directories. not sure how you specify that you want to linkg against a dll with windows makefiles. do you need a special *.lib file for that? (i.e. one that does not contain the code for static linking, but only glue code for linking with the dll)? or do you use the *.def file alon mentioned (with mingw building)? also the windows makefile.mak files are not consistent: some include the central rules first, some last etc. and there is this central versioninfo.rc file in win32. but src/libopensc/ has a versioninfo.rc code in Makefile.am too. strange. and some apps are linked with versioninfo.rc, but not all (test, scconf, common, ... might be missing the code to do that). but with little clue about windows build (mingw or visual studio), I can't help much here. I saw some builddir vs. sourcedir bugs, will fix them. Andreas ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] new libopensc containing scconf, libopensc, libpkcs15init
Am Montag 01 Februar 2010 16:28:46 schrieb Andreas Jellinghaus: > there is this central > versioninfo.rc file in win32. but src/libopensc/ has a versioninfo.rc > code in Makefile.am too. strange. and some apps are linked with > versioninfo.rc, but not all (test, scconf, common, ... might be > missing the code to do that). > > but with little clue about windows build (mingw or visual studio), > I can't help much here. > > I saw some builddir vs. sourcedir bugs, will fix them. nah, I better don't as I don't understand the code. libopensc/Makefile.am for example: for win32 the versioninfo.rc is part of _SOURCES. Thus it is generated with the rule at the end, placed in *.tar.gz files (also on linux via the dist_noinst_DATA hook). and it is cleaned up on maintainer-clean from $srcdir. fine so far. but what about CLEANFILES? it would clean the versioninfo.rc from builddir? but if builddir == srcdir, it would clean it there too? why? and the versioninfo.rc: code creates the file in builddir? shouldn't it be created in srcdir instead? or both? I'm confused as you can see, not sure what the intention with the file exactly is. Alon, can you help? Regards, Andreas ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] new libopensc containing scconf, libopensc, libpkcs15init
I distribute the .rc file in the tarball in order for the MSC build system to be able to use it. Had we supported only one build system (autoconf) we could have avoided this and produce much cleaner solution. I can remove all the generated files from the tarball if they are not used anywhere. On Mon, Feb 1, 2010 at 5:34 PM, Andreas Jellinghaus wrote: > Am Montag 01 Februar 2010 16:28:46 schrieb Andreas Jellinghaus: >> there is this central >> versioninfo.rc file in win32. but src/libopensc/ has a versioninfo.rc >> code in Makefile.am too. strange. and some apps are linked with >> versioninfo.rc, but not all (test, scconf, common, ... might be >> missing the code to do that). >> >> but with little clue about windows build (mingw or visual studio), >> I can't help much here. >> >> I saw some builddir vs. sourcedir bugs, will fix them. > > nah, I better don't as I don't understand the code. > > libopensc/Makefile.am for example: for win32 the > versioninfo.rc is part of _SOURCES. Thus it is generated > with the rule at the end, placed in *.tar.gz files > (also on linux via the dist_noinst_DATA hook). and it > is cleaned up on maintainer-clean from $srcdir. > fine so far. > > but what about CLEANFILES? it would clean the versioninfo.rc > from builddir? but if builddir == srcdir, it would clean it > there too? why? and the versioninfo.rc: code creates the > file in builddir? shouldn't it be created in srcdir instead? > or both? > > I'm confused as you can see, not sure what the intention > with the file exactly is. Alon, can you help? > > Regards, Andreas > ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] new libopensc containing scconf, libopensc, libpkcs15init
On Feb 1, 2010, at 17:39 , Alon Bar-Lev wrote: > I distribute the .rc file in the tarball in order for the MSC build > system to be able to use it. > Had we supported only one build system (autoconf) we could have > avoided this and produce much cleaner solution. > I can remove all the generated files from the tarball if they are not > used anywhere. .rc files, used by windows build tools, are useful. The whole native build process might not be the easiest, but I know it is used. So don't remove them. -- Martin Paljak http://martin.paljak.pri.ee +3725156495 ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] pkcs15init: API question
Am Montag 01 Februar 2010 16:26:09 schrieb Martin Paljak: > In real life the two frameworks are deeply interconnected and > interdependent for now. > > It looks like a logical move to me. so is this something that needs to be kept that way, to support both read-only/emulated cards and cards with pkcs15init support? or is it so connected that it could be merged to simplify the code? I only remember that this extra layer of abstraction made debugging harder, so not sure if we can simplify things here or better keep it as is. Regards, Andreas ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] new libopensc containing scconf, libopensc, libpkcs15init
Am Montag 01 Februar 2010 16:39:42 schrieb Alon Bar-Lev: > I distribute the .rc file in the tarball in order for the MSC build > system to be able to use it. > Had we supported only one build system (autoconf) we could have > avoided this and produce much cleaner solution. > I can remove all the generated files from the tarball if they are not > used anywhere. hmm, is the file always the same? then we could generate and include it in win32/ directory, and link to that. or can't you have "../../win32/versioninfo.rc" in SOURCES_ ? and why do we have versioninfo.rc, versioninfo.rc.in and versioninfo.rc.in.in? which is created when? sorry, still confused. shall we keep everything as is, or is there a way to simplify the situation? Regards, Andreas ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] new libopensc containing scconf, libopensc, libpkcs15init
One more thing Viktor: I saw Makefile.mak and Make.rules etc. container /machine:ix86. Is that the microsoft code for 32bit dll? should we continue to hard code that, or allow compiling 64bit too? no idea what is best. I guess firefox and most apps are still 32bit, so creating a 32bit pkcs#11 module is best. but maybe both is needed long term? Regards, Andreas ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] pkcs15init: API question
Andreas Jellinghaus wrote: > Am Montag 01 Februar 2010 15:10:05 schrieb Viktor TARASOV: > >> Sure, one can tell that card specific part can access the sc_pkcs15_card >> through the profile->p15_spec, >> but, imho, direct manner looks better. >> > > fine with me. > > btw: if you need to touch pkcs11/ for that, maybe you know the > code best: IIRC there are several frameworks (so that in theory > we could implement alternatives to pkcs#15). maybe that option > is no longer interesting and can go. but I'm no expert on that, > it seems so far we have a "pkcs15" and a "pkcs15init" implementation > of that framework structure, so no idea if we can simplify the > code there or not. > Personally, I do not understand utility of the 'pkcs15init' framework. The 'pkcs15' framework includes (can include) the 'initializing' facilities: gen_key, create_object, ... . As for alternative to pkcs#15 -- I don't feel what for. (One can say that the alternative to pkcs#15 is already realized by the OpenSC itself -- with its emulators for the non-pkcs15 cards . ) Maybe someone else can give the usage cases of the 'pkcs15init' framework and multi-framework system, As for me, it can be dropped. > Regards, Andreas > Kind wishes, Viktor. -- Viktor Tarasov ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] pkcs15init: API question
Martin Paljak wrote: > On Feb 1, 2010, at 17:07 , Andreas Jellinghaus wrote: > >> Am Montag 01 Februar 2010 15:10:05 schrieb Viktor TARASOV: >> >>> Sure, one can tell that card specific part can access the sc_pkcs15_card >>> through the profile->p15_spec, >>> but, imho, direct manner looks better. >>> >> fine with me. >> >> btw: if you need to touch pkcs11/ for that, maybe you know the >> code best: IIRC there are several frameworks (so that in theory >> we could implement alternatives to pkcs#15). maybe that option >> is no longer interesting and can go. but I'm no expert on that, >> it seems so far we have a "pkcs15" and a "pkcs15init" implementation >> of that framework structure, so no idea if we can simplify the >> code there or not. >> > > In real life the two frameworks are deeply interconnected and interdependent > for now. > Do you mean two frameworks in pkcs11: 'framework-pkcs15' and 'framework-pkcs15init' ? Do we really use the second one? > It looks like a logical move to me. > > -- Viktor Tarasov ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] new libopensc containing scconf, libopensc, libpkcs15init
On Feb 1, 2010, at 17:51 , Andreas Jellinghaus wrote: > One more thing Viktor: > > I saw Makefile.mak and Make.rules etc. container /machine:ix86. > Is that the microsoft code for 32bit dll? > should we continue to hard code that, or allow compiling 64bit too? > > no idea what is best. I guess firefox and most apps are still 32bit, > so creating a 32bit pkcs#11 module is best. but maybe both is needed > long term? To make it 64bit one needs to compile the dependet things as well separately. The libtool link from gnuwin32 was last time only 64bit. -- Martin Paljak http://martin.paljak.pri.ee +3725156495 ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] pkcs15init: API question
Am Montag 01 Februar 2010 17:51:28 schrieb Viktor TARASOV: > As for alternative to pkcs#15 -- I don't feel what for. > > (One can say that the alternative to pkcs#15 is already realized by the > OpenSC itself -- with its emulators for the non-pkcs15 cards . ) > > Maybe someone else can give the usage cases of the 'pkcs15init' > framework and multi-framework system, > As for me, it can be dropped. I guess it is one of the historic left-overs. many years ago, the situation wasn't that clear. but I see noone trying to use opensc without pkcs#15 (real or emulated), so if it is easy to throw out this mid-layer, now would be a good time. Regards, Andreas ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
