Releases: GSA/gsa-icam-card-builder
Re-signed all card objects with final content signer key
Added Gen3 CRL and updated certs with new CRL distribution point
Gen3 certs need their own CRL DP so had to be regenerated. That includes content signing certs. Updated mkcert.sh can now create content signing certs.
Another drop with pre-signed objects (for those who don't want to sign objects) is forthcoming later tonight.
Identify deprecated CHUID tags without exiting (Interop testing)
A vendor submitted a PIV-I card with multiple deprecated containers as well as extra data at the end of the CHUID container. The previous versions of binchuid.pl and txtchuid.pl would emit an error message and exit.
Created binary objects for Card 41
In previous release, only the configuration files were changed for Card 41. This release contains the signed binary objects including the certificates.
gsa-icam-card-builder-v1.8.13.zip
gsa-icam-card-builder-devel-v1.8.13.zip
Updated Card 41 to match FASC-N and GUID of Card 46
This card was originally created for the Gen 1-2 Card 1 - Golden PIV, which had a different FASC-N than Gen 3 Card 46 - Golden PIV (for obvious reasons). It needed to be changed to match Card 46.
gsa-icam-card-builder-v1.8.12.zip
gsa-icam-card-builder-devel-v1.8.12.zip
Updated Card 38, Added Cards 41-45
Updated properties files for Card 38 to be more straighforward as to how to create the bad hash in the Security Object. Added metadata for certs and containers for Cards 41-45, created and signed the objects.
gsa-icam-card-builder-v1.8.11.zip
gsa-icam-card-builder-devel-v1.8.11.zip
Added EKU OIDs to Digital Signature Certs for LACS
SInce we did it for PIV Auth Certs for more realistic LACS usage, it only made sense to add the allowable OIDs for Digital Signature certs.
gsa-icam-card-builder-v1.8.10.zip
gsa-icam-card-builder-devel-v1.8.10.zip
EKU keyUsageId OIDs for Card 46
Fixed problem prevented Card 46's certs to be created. Also included .p12 file for signing CA.
gsa-icam-card-builder-devel-v1.8.9.zip
gsa-icam-card-builder-v1.8.9.zip
Added EKU OID to PIV Auth Certs for LACS
Added Microsoft Smartcardlogin, TLS Web Client Authentication, 1.3.6.1.5.2.3.4, 1.3.6.1.5.5.7.3.21, Any Extended Key Usage to Extended Key Usage on PIV Auth certs. Fixed bug in mkalll.sh. Updated certificate database and some more .gitignores.
gsa-icam-card-builder-devel-v1.8.8.zip
gsa-icam-card-builder-v1.8.8.zip
Renamed all Directories with Spaces (Linux hates them)
The original card object folders were created in a Windows system, so recursive processing in Linux was always quite a task. I finally got tired of changing the IFS variable when using throwaway scripts to do something on a global basis. So, the directories now use underscores (_) in lieu of spaces.