opensc: update to version 0.25.1

* New in 0.25.1; 2024-04-05 ** General improvements * Add missing file to dist tarball to build documentation (#3063) ** minidriver * Fix RSA decryption with PKCS#1 v1.5 padding (#3077) * Fix crash when app is not set (#3084) * New in 0.25.0; 2024-03-06 ** Security * [CVE-2023-5992](https://github.com/OpenSC/OpenSC/wiki/CVE-2023-5992): Side-channel leaks while stripping encryption PKCS#1.5 padding in OpenSC (#2948) * [CVE-2024-1454](https://github.com/OpenSC/OpenSC/wiki/CVE-2024-1454): Potential use-after-free in AuthentIC driver during card enrollment in pkcs15init (#2962) ** General improvements * Update OpenSSL 1.1.1 to 3.0 in MacOS build (#2930) * Remove support for old card drivers Akis, GPK, Incrypto34 and Westcos, disable Cyberflex driver (#2885) * Fix 64b to 32b conversions (#2993) * Improvements for the p11test (#2991) * Fix reader initialization without SCardControl (#3007) * Make RSA PKCS#1 v1.5 depadding constant-time (#2948) * Add option for disabling PKCS#1 v1.5 depadding (type 01 and 02) on the card (#2975) * Enable MSI signing via Signpath CI integration for Windows (#2799) * Fixed various issues reported by OSS-Fuzz and Coverity in drivers, PKCS#11 and PKCS#15 layer ** minidriver * Fix wrong hash selection (#2932) ** pkcs11-tool * Simplify printing EC keys parameters (#2960) * Add option to import GENERIC key (#2955) * Add support for importing Ed25518/448 keys (#2985) ** drust-tool * Add tool for D-Trust cards (#3026, #3051) ** IDPrime * Support uncompressed certificates on IDPrime 940 (#2958) * Enhance IDPrime logging (#3003) * Add SafeNet 5110+ FIPS token support (#3048) ** D-Trust Signature Cards * Add support for RSA D-Trust Signature Card 4.1 and 4.4 (#2943) ** EstEID * Remove expired EstEID 3.* card support (#2950) ** ePass2003 * Allow SW implementation with more SHA2 hashes and ECDSA (#3012) * Fix EC key generation (#3045) ** SmartCard-HSM * Fix SELECT APDU command (#2978) ** MyEID * Update for PKCS#15 profile (#2965) ** Rutoken * Support for RSA 4096 key algorithm (#3011) ** OpenPGP Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2024-06-05 02:09:21 +01:00 · 2024-06-05 02:09:21 +01:00 · 49eb8e86b9
parent 3c12042eda
commit 49eb8e86b9
2 changed files with 42 additions and 7 deletions
--- a/utils/opensc/Makefile
+++ b/utils/opensc/Makefile
@ -8,9 +8,9 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=opensc
-PKG_VERSION:=0.24.0
+PKG_VERSION:=0.25.1
 PKG_RELEASE:=1
-PKG_HASH:=24d03c69287291da32a30c4c38a304ad827f56cb85d83619e1f5403ab6480ef8
+PKG_HASH:=23cbaae8bd7c8eb589b68c0a961dfb0d02007bea3165a3fc5efe2621d549b37b

 PKG_LICENSE:=LGPL-2.1-or-later
 PKG_LICENSE_FILES:=COPYING
@ -108,6 +108,7 @@ TOOLS:= \
 	cardos-tool \
 	cryptoflex-tool \
 	dnie-tool \
+	dtrust-tool \
 	egk-tool \
 	eidenv \
 	gids-tool \
@ -115,8 +116,9 @@ TOOLS:= \
 	iasecc-tool \
 	netkey-tool \
 	openpgp-tool \
-	opensc-tool \
+	opensc-asn1 \
 	opensc-explorer:+libncurses:+libreadline \
+	opensc-tool \
 	piv-tool \
 	pkcs11-register \
 	pkcs11-tool \
@ -135,7 +137,6 @@ PROFILES:= \
 	epass2003 \
 	flex \
 	gids \
-	gpk \
 	ias_adele_admin1 \
 	ias_adele_admin2 \
 	ias_adele_common \
@ -143,7 +144,6 @@ PROFILES:= \
 	iasecc_generic_oberthur \
 	iasecc_generic_pki \
 	iasecc \
-	incrypto34 \
 	isoApplet \
 	muscle \
 	myeid \
@ -155,8 +155,7 @@ PROFILES:= \
 	rutoken \
 	sc-hsm \
 	setcos \
-	starcos \
-	westcos
+	starcos

 $(foreach file,$(TOOLS),$(eval $(call ToolGen,$(file))))
 $(foreach file,$(PROFILES),$(eval $(call ProfileGen,$(file))))
--- a/utils/opensc/patches/001-fix-build.patch
+++ b/utils/opensc/patches/001-fix-build.patch
@ -0,0 +1,36 @@
+--- a/src/libopensc/pkcs15-din-66291.c
+++ b/src/libopensc/pkcs15-din-66291.c
+@@ -23,12 +23,12 @@
+ #include <config.h>
+ #endif
+ 
+#include <stdlib.h>
+#include <string.h>
+ #include "internal.h"
+ #include "common/compat_strlcpy.h"
+ #include "log.h"
+ #include "pkcs15.h"
+-#include <stdlib.h>
+-#include <string.h>
+ 
+ static const unsigned char aid_CIA[] = {0xE8, 0x28, 0xBD, 0x08, 0x0F,
+     0xA0, 0x00, 0x00, 0x01, 0x67, 0x45, 0x53, 0x49, 0x47, 0x4E};
+--- a/src/libopensc/pkcs15-starcos-esign.c
+++ b/src/libopensc/pkcs15-starcos-esign.c
+@@ -23,14 +23,14 @@
+ #include <config.h>
+ #endif
+ 
+#include <stdlib.h>
+#include <string.h>
+ #include "common/compat_strlcpy.h"
+ #include "internal.h"
+ #include "log.h"
+ #include "pkcs15.h"
+ #include "cards.h"
+ 
+-#include <stdlib.h>
+-#include <string.h>
+ 
+ /* compile time option: define ENABLE_ESIGN_ISSUER_CONTAINERS to enable containers holding the issuer certificates */
+