Releases · arekinath/PivApplet · GitHub

08 Mar 00:12

arekinath

v0.9.0 Latest

Latest

Basic support for AES admin keys, some long-standing admin auth issues fixed (#37, #38)
Structure of the APT in response-to-select now follows standards more closely (#43, #45)
Reset slot pin policies to default during INS_RESET (#41)
Pre-built CAP files without "strict contactless" feature

Assets 17

PivApplet-0.9.0-jc221-RESAaD.cap

29.8 KB 2021-03-08T00:12:24Z
PivApplet-0.9.0-jc221-RESaD.cap

26.8 KB 2021-03-08T00:12:25Z
PivApplet-0.9.0-jc221-RESLaD.cap

26.8 KB 2021-03-08T00:12:23Z
PivApplet-0.9.0-jc221-RESLD.cap

26.6 KB 2021-03-08T00:12:23Z
PivApplet-0.9.0-jc222-REAxaD.cap

29.8 KB 2021-03-08T00:12:21Z
PivApplet-0.9.0-jc222-RESAaD.cap

29.8 KB 2021-03-08T00:12:22Z
PivApplet-0.9.0-jc222-RESAxaD.cap

29.8 KB 2021-03-08T00:12:21Z
PivApplet-0.9.0-jc222-RESxLD.cap

26.6 KB 2021-03-08T00:12:20Z
PivApplet-0.9.0-jc304-EPSxLaD.cap

99.1 KB 2021-03-08T00:12:19Z
PivApplet-0.9.0-jc304-REePAxaD.cap

113 KB 2021-03-08T00:12:14Z
Source code (zip)

2021-03-08T00:07:11Z
Source code (tar.gz)

2021-03-08T00:07:11Z

28 Aug 03:31

arekinath

v0.8.2

Fix for #36 (EC key import)
Fix for JC221 sign-extended Lc problem (mentioned in #2)

Assets 12

28 May 10:37

arekinath

v0.8.1

Performance fix for GET_METADATA command (used a lot by libykcs11)
Builds for jc221

Assets 12

13 May 07:58

arekinath

v0.8.0

Implement Yubico INS_GET_METADATA
Support for ECCP384
Performance improvements

Assets 9

01 Apr 00:05

arekinath

v0.7.0

Support for building against JC3.0.4 with PIV spec compliant ECDSA support (using signPreComputedHash)
Fixes to run on some cards with lower amounts of transient memory (e.g. J3H145, JC30M48CR)
Multiple configurations:
- "default" = the stock configuration in the repository, if build is jc305 it includes spec compliant ECDSA
- "rsaonly" = ECDSA functionality disabled
- "econly" = RSA functionality disabled
- "small" = no attestation or extended length APDU support, uses CLEAR_ON_RESET transient memory for Cipher/Signature instances

Assets 8

27 Jan 21:56

arekinath

v0.6.0

Implement support for the Yubikey PIV Manager's extra configuration slot (PIVMAN_DATA / tag 5FFF00)

Assets 3

06 Jan 02:43

arekinath

v0.5.0

Bump YubicoPIV version to 5.0.0 (avoids warnings about ROCA vulnerability)
Implement remaining YubicoPIV extensions: reset after PUK blocked, set PIN/PUK retries, get serial number.

Assets 3

24 Oct 22:17

arekinath

v0.4.2

Turn off auto-gen'd self-signed attestation cert for cards without ECDSA support, and ignore certain kinds of errors during generation (fixes up support for J2A040, Feitian cards)
Clean up of SGList code (also reduces CAP size a little)

Assets 3

24 Oct 02:40

arekinath

v0.4.0

New chunked buffering scheme for large data commands (certificates up to several KB can be stored on most cards now, and a J3D081 can now sign several KB of data with ECDSA hash-on-card)
Fixes for lots of bugs, including #11, #7
Support for YubicoPIV attestation command and the F9 slot

Assets 3

06 Sep 19:57

arekinath

v0.3.1

Fix for important security issue (#10) allowing overwrite of certificate objects without authentication (no key exposure)

Assets 3