v0.4.0

Features

• Add support for RSA 3072 bits (#116)
• Support use of external storage (#[117][])
• Encrypt data on the external storage (#134, #135, #136, #137, #138, #139, #127)

Changes

• Use trussed-rsa-backend (#116)
• Use trussed-auth for pin authentication (#125)

Development

• Rename "virtual" to "vpicc" (#132)
• Rename make check to make lint (#120)
• Add usbip runner and test against the gnuk test suite (#105)

v0.3.0

Features

• Ensure gpg can factory reset the card even when corrupted ([#103][])
• Add mechanism to run tests against a real card (#97 and #108)

Bugfixes

• Fix OpenSC compatibility (#96)
• Fix crash when attempting to sign large payloads with RSA (nitrokey/trussed/#11)

Developement

• Use fully qualified path to CI base docker image (#109)
• Documentation improvements (#95, #98, #107)
• Fix version of patched dependencies (#101)

v0.2.0

Features

• Support using authentication keys for decryption and vice-versa with MANAGE SECURITY ENVIRONMENT (#60)
• Support PIN resets using a resetting code (#63)
• Support AES encryption/decryption (#64)
• Support RSA 2048 and 4096 bit key usage and generation (#94)

Bugfixes

• Fix the length of the Digital signature counter DO 0x93 (#76)
• PSO:CDS: Increment the signature counter (#78)
• Fix endianness of curve25519 key import (#89)

v0.1.0

This initial release contains support for the basic OpenPGP Card functionality (key generation, key import, signing, decrypting, card administration) for Curve25519 and NIST P-256.

⚠️ This is alpha software and should currently not be used outside of testing. Updates may lead to data loss and the security of the keys and PINs is not guaranteed.

See the user guide for information on how to run and test opcard.