- embed shake256 as NanoX bug workarround
- replace 'C' by 'C' in PIN Entry
- fix the fact cx_hash does not accept any more NULL as output buff
- add clang formatter
As described in #30 the PIN has to be verified on the host before the PIN mode can be changed on the device. Otherwise an error message is displayed which is not very helpful.
app:
- support DO 'B6'/'B8'/'A4' in get/put data for full backup.
private key are backuped encrypted with AES and a key based on the master seed
- fix missing DO 'CB' access
- fix TERMINATE_DF command: the command did not return
- fix stack corruption in ECC key generation, when key size is greater than 256bits
tools:
- add full backup/restore cli tool
misc:
- add 'make run' rules
SDK 1.4.2.x port
Add uif support
Refactor memory layout
Try to add more curve
gpg 2.2.x handle curves other than ed25519 in a such strange way
that it is very difficult to do such support.
So secp256k1, secp256r1 and brainpoolp256 seems works, but according to gpg
code it works by side effects :-/
Update user documentation for UIF
There is still an issue with ssh authentication with Ed25519. It works with NIST-P256, Brainpool256 curves
Fix PIN management
PINPAD CCID command was in conflict with new PIN get status APDU. Use class CLA=0xEF to
differenciate both case.
Fix Terminate status management
Fix RC code setting
Add MSE support
Set MSE supported in capabilities
Fix Signatrure counter: now incremented
Fix PIN status init: was not correctly initialized
Fix "only once" CDS management: PIN was not invalidated after signing
Change all return 0 by corresponding THROW error code
PIN API refacto
Features:
"PIN confirm" is now the default PIN input mode.
Add EF 01F8 for setting default RSA public exponent for key generation. Access control is PW3/Admin.
Bug fixes:
Fix Issue #2: Add explicit return after each throw.
