OpenSC 0.11.12 Release Announcement =================================== On 2009-12-18 OpenSC 0.11.12 was released, providing compatibility with an ASN.1 Integer encoding issue in older OpenSC releases.
The problem ----------- OpenSC 0.11.4 and earlier did not encode integers properly in ASN.1 structures including the on-card format for directory files. This issue was was fixed in OpenSC 0.11.5. However in december 2009 it was discovered, that as a result some cards initialized with OpenSC 0.11.4 and earlier will not properly work with OpenSC 0.11.5 and later. So far texting showed only problems with "Starcos" cards. The integers keyReference and pinReference are read as negative numbers, instead of the positive number (value+256) they should represent. PKCS#15 dictates that both values need to be positive Integers if specified in the directory files on the card. Thus code can automatically detect the wrong (negative) values and fix the issue by adding 256. In OpenSC 0.11.12 such code was implmeneted and successfully tested. Starcos cards initialized with OpenSC 0.11.4 and earlier can now be used with OpenSC 0.11.12 and later. Cards initialized with OpenSC 0.11.5 and later continue to work fine. Changes to the code were implemented to keep the ABI compatible with earlier versions, so that applications using the internal OpenSC API such as OpenSSH do not need to be recompiled. Still the format on the Starcos cards initialited with OpenSC 0.11.4 continues to be wrong. If necessary a tool can be written to convert such old cards, please report to the OpenSC mailing lists. Creating or storing additional private keys and PIN objects will also update the directory files and thus should writte the correct ASN.1 values on the cards. Please note however that feedback on testing cards was limited, thus it can't be ruled out that other cards are affected by this issue too. Please contact us using one of the OpenSC mailing list or out email address b...@opensc-project.org if you find the same issue with further cards. Other changes ------------- The Entersafe driver in OpenSC was enhanced so it does now support private data objects. OpenSC 0.11.12 is available at http://www.opensc-project.org/files/opensc/opensc-0.11.12.tar.gz Regards, Andreas Jellinghaus _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
