opensc: bump to git codebase of 20141126 and rebase GnuK patches

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
10 years ago · 36ed0c44fc
--- a/utils/opensc/Makefile
+++ b/utils/opensc/Makefile
@ -8,7 +8,7 @@
 include $(TOPDIR)/rules.mk
 PKG_NAME:=opensc
 PKG_VERSION:=20140317
 PKG_VERSION:=20141126
 PKG_RELEASE:=1
 PKG_LICENSE:=LGPL-2.1+
 PKG_LICENSE_FILES:=COPYING
@ -19,7 +19,7 @@ PKG_RELEASE=$(PKG_SOURCE_VERSION)
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://github.com/OpenSC/OpenSC.git
 PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
 PKG_SOURCE_VERSION:=de6d61405b271e22244376e4817e16b49018e1ce
 PKG_SOURCE_VERSION:=8aadbbd678730dbafb819382da553439887499fd
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_BUILD_DEPENDS:=+libpcsclite
 PKG_FIXUP:=libtool
--- a/utils/opensc/patches/0001-OpenPGP-Detect-and-support-Gnuk-Token.patch
+++ b/utils/opensc/patches/0001-OpenPGP-Detect-and-support-Gnuk-Token.patch
@ -1,18 +1,18 @@
 From c706491fc9b08d4cc6d7b254cf936d6b8d8691bc Mon Sep 17 00:00:00 2001
 From 471b40173b73f213ee72bf05735abf3357658197 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Nguy=E1=BB=85n=20H=E1=BB=93ng=20Qu=C3=A2n?=
 <ng.hong.quan@gmail.com>
 Date: Wed, 20 Feb 2013 11:54:30 +0700
 Subject: [PATCH 01/18] OpenPGP: Detect and support Gnuk Token.
 Subject: [PATCH 01/26] OpenPGP: Detect and support Gnuk Token.
 http://www.fsij.org/gnuk/
 ---
 src/libopensc/card-openpgp.c | 61 ++++++++++++++++++++++++++++++++++----------
 src/libopensc/cards.h        |  1 +
 src/tools/openpgp-tool.c     |  9 +++++--
 3 files changed, 56 insertions(+), 15 deletions(-)
 src/tools/openpgp-tool.c     |  7 ++++-
 3 files changed, 55 insertions(+), 14 deletions(-)
 diff --git a/src/libopensc/card-openpgp.c b/src/libopensc/card-openpgp.c
 index 743e79c..716052b 100644
 index 6774fe1..c785a55 100644
 --- a/src/libopensc/card-openpgp.c
 +++ b/src/libopensc/card-openpgp.c
@@ -43,6 +43,7 @@
@ -66,7 +66,7 @@ index 743e79c..716052b 100644
 				priv->ext_caps |= EXT_CAP_SM;
 			if ((priv->bcd_version >= OPENPGP_CARD_2_0) && (blob->len >= 10)) {
@@ -1055,12 +1060,18 @@ static int
@@ -1057,12 +1062,18 @@ static int
 pgp_get_pubkey(sc_card_t *card, unsigned int tag, u8 *buf, size_t buf_len)
 {
 	sc_apdu_t	apdu;
@ -86,7 +86,7 @@ index 743e79c..716052b 100644
 	apdu.lc = 2;
 	apdu.data = ushort2bebytes(idbuf, tag);
 	apdu.datalen = 2;
@@ -1152,6 +1163,7 @@ pgp_put_data(sc_card_t *card, unsigned int tag, const u8 *buf, size_t buf_len)
@@ -1154,6 +1165,7 @@ pgp_put_data(sc_card_t *card, unsigned int tag, const u8 *buf, size_t buf_len)
 	u8 ins = 0xDA;
 	u8 p1 = tag >> 8;
 	u8 p2 = tag & 0xFF;
@ -94,7 +94,7 @@ index 743e79c..716052b 100644
 	int r;
 	LOG_FUNC_CALLED(card->ctx);
@@ -1193,13 +1205,17 @@ pgp_put_data(sc_card_t *card, unsigned int tag, const u8 *buf, size_t buf_len)
@@ -1195,13 +1207,17 @@ pgp_put_data(sc_card_t *card, unsigned int tag, const u8 *buf, size_t buf_len)
 	/* Build APDU */
 	if (buf != NULL && buf_len > 0) {
@ -114,7 +114,7 @@ index 743e79c..716052b 100644
 		apdu.datalen = buf_len;
 		apdu.lc = buf_len;
 	}
@@ -1326,6 +1342,7 @@ pgp_compute_signature(sc_card_t *card, const u8 *data,
@@ -1328,6 +1344,7 @@ pgp_compute_signature(sc_card_t *card, const u8 *data,
 	struct pgp_priv_data	*priv = DRVDATA(card);
 	sc_security_env_t	*env = &priv->sec_env;
 	sc_apdu_t		apdu;
@ -122,7 +122,7 @@ index 743e79c..716052b 100644
 	int			r;
 	LOG_FUNC_CALLED(card->ctx);
@@ -1334,14 +1351,19 @@ pgp_compute_signature(sc_card_t *card, const u8 *data,
@@ -1336,14 +1353,19 @@ pgp_compute_signature(sc_card_t *card, const u8 *data,
 		LOG_TEST_RET(card->ctx, SC_ERROR_INVALID_ARGUMENTS,
 				"invalid operation");
@ -144,7 +144,7 @@ index 743e79c..716052b 100644
 		break;
 	case 0x01:
 	default:
@@ -1350,7 +1372,7 @@ pgp_compute_signature(sc_card_t *card, const u8 *data,
@@ -1352,7 +1374,7 @@ pgp_compute_signature(sc_card_t *card, const u8 *data,
 	}
 	apdu.lc = data_len;
@ -153,7 +153,7 @@ index 743e79c..716052b 100644
 	apdu.datalen = data_len;
 	apdu.le = ((outlen >= 256) && !(card->caps & SC_CARD_CAP_APDU_EXT)) ? 256 : outlen;
 	apdu.resp    = out;
@@ -1374,6 +1396,7 @@ pgp_decipher(sc_card_t *card, const u8 *in, size_t inlen,
@@ -1376,6 +1398,7 @@ pgp_decipher(sc_card_t *card, const u8 *in, size_t inlen,
 	struct pgp_priv_data	*priv = DRVDATA(card);
 	sc_security_env_t	*env = &priv->sec_env;
 	sc_apdu_t	apdu;
@ -161,7 +161,7 @@ index 743e79c..716052b 100644
 	u8		*temp = NULL;
 	int		r;
@@ -1398,7 +1421,7 @@ pgp_decipher(sc_card_t *card, const u8 *in, size_t inlen,
@@ -1400,7 +1423,7 @@ pgp_decipher(sc_card_t *card, const u8 *in, size_t inlen,
 	case 0x01: /* Decryption key */
 	case 0x02: /* authentication key */
 		/* PSO DECIPHER */
@ -170,7 +170,7 @@ index 743e79c..716052b 100644
 		break;
 	case 0x00: /* signature key */
 	default:
@@ -1407,8 +1430,13 @@ pgp_decipher(sc_card_t *card, const u8 *in, size_t inlen,
@@ -1409,8 +1432,13 @@ pgp_decipher(sc_card_t *card, const u8 *in, size_t inlen,
 				"invalid key reference");
 	}
@ -209,10 +209,10 @@ index 743e79c..716052b 100644
 		 * sc_format_apdu() */
 		apdu_le = card->max_recv_size;
 diff --git a/src/libopensc/cards.h b/src/libopensc/cards.h
 index 0fbf9ca..01b08fd 100644
 index 7be6667..a3f3634 100644
 --- a/src/libopensc/cards.h
 +++ b/src/libopensc/cards.h
@@ -104,6 +104,7 @@ enum {
@@ -105,6 +105,7 @@ enum {
 	SC_CARD_TYPE_OPENPGP_BASE = 9000,
 	SC_CARD_TYPE_OPENPGP_V1,
 	SC_CARD_TYPE_OPENPGP_V2,
@ -221,27 +221,18 @@ index 0fbf9ca..01b08fd 100644
 	/* jcop driver */
 	SC_CARD_TYPE_JCOP_BASE = 10000,
 diff --git a/src/tools/openpgp-tool.c b/src/tools/openpgp-tool.c
 index 7058aaa..8b5e327 100644
 index f42e6d6..a24a395 100644
 --- a/src/tools/openpgp-tool.c
 +++ b/src/tools/openpgp-tool.c
@@ -32,6 +32,7 @@
 #include "libopensc/asn1.h"
@@ -33,6 +33,7 @@
 #include "libopensc/cards.h"
 #include "libopensc/cardctl.h"
 #include "libopensc/errors.h"
 +#include "libopensc/log.h"
 #include "util.h"
 #include "libopensc/log.h"
 #define	OPT_RAW		256
@@ -216,7 +217,7 @@ static void display_data(const struct ef_name_map *mapping, char *value)
 			} else {
 				const char *label = mapping->name;
 -				printf("%s:%*s%s\n", label, 10-strlen(label), "", value);
 +				printf("%s:%*s%s\n", label, 10 - (int)strlen(label), "", value);
 			}
 		}
 	}
@@ -390,6 +391,8 @@ int do_genkey(sc_card_t *card, u8 key_id, unsigned int key_len)
@@ -396,6 +397,8 @@ int do_genkey(sc_card_t *card, u8 key_id, unsigned int key_len)
 	sc_path_t path;
 	sc_file_t *file;
@ -250,7 +241,7 @@ index 7058aaa..8b5e327 100644
 	if (key_id < 1 || key_id > 3) {
 		printf("Unknown key ID %d.\n", key_id);
 		return 1;
@@ -481,8 +484,10 @@ int main(int argc, char **argv)
@@ -487,8 +490,10 @@ int main(int argc, char **argv)
 	/* check card type */
 	if ((card->type != SC_CARD_TYPE_OPENPGP_V1) &&
@ -263,5 +254,5 @@ index 7058aaa..8b5e327 100644
 		goto out;
 	}
 -- 
 1.9.3
 2.1.3
--- a/utils/opensc/patches/0002-OpenPGP-Add-Gnuk-in-pkcs15-emulation-layer.patch
+++ b/utils/opensc/patches/0002-OpenPGP-Add-Gnuk-in-pkcs15-emulation-layer.patch
@ -1,8 +1,8 @@
 From ecc6460d17147b37def27a9b776e1fc5a61408d0 Mon Sep 17 00:00:00 2001
 From 00a2c08c9125103ee0bff9af9e7ff42c5cdc14fe Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Nguy=E1=BB=85n=20H=E1=BB=93ng=20Qu=C3=A2n?=
 <ng.hong.quan@gmail.com>
 Date: Fri, 12 Apr 2013 17:24:00 +0700
 Subject: [PATCH 02/18] OpenPGP: Add Gnuk in pkcs15 emulation layer.
 Subject: [PATCH 02/26] OpenPGP: Add Gnuk in pkcs15 emulation layer.
 ---
 src/libopensc/pkcs15-openpgp.c | 6 ++++--
@ -10,10 +10,10 @@ Subject: [PATCH 02/18] OpenPGP: Add Gnuk in pkcs15 emulation layer.
 2 files changed, 5 insertions(+), 2 deletions(-)
 diff --git a/src/libopensc/pkcs15-openpgp.c b/src/libopensc/pkcs15-openpgp.c
 index d9dc074..5a8a1ca 100644
 index 4daaa98..fdf720a 100644
 --- a/src/libopensc/pkcs15-openpgp.c
 +++ b/src/libopensc/pkcs15-openpgp.c
@@ -155,7 +155,8 @@ sc_pkcs15emu_openpgp_init(sc_pkcs15_card_t *p15card)
@@ -151,7 +151,8 @@ sc_pkcs15emu_openpgp_init(sc_pkcs15_card_t *p15card)
 	u8		c4data[10];
 	u8		c5data[70];
 	int		r, i;
@ -23,7 +23,7 @@ index d9dc074..5a8a1ca 100644
 	sc_path_t path;
 	sc_file_t *file;
@@ -367,7 +368,8 @@ failed:	sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL, "Failed to initialize OpenPGP e
@@ -363,7 +364,8 @@ failed:	sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL, "Failed to initialize OpenPGP e
 static int openpgp_detect_card(sc_pkcs15_card_t *p15card)
 {
@ -34,17 +34,17 @@ index d9dc074..5a8a1ca 100644
 	else
 		return SC_ERROR_WRONG_CARD;
 diff --git a/src/libopensc/pkcs15-syn.c b/src/libopensc/pkcs15-syn.c
 index e2f6004..a9f8c0b 100644
 index ffbf642..d2c086c 100644
 --- a/src/libopensc/pkcs15-syn.c
 +++ b/src/libopensc/pkcs15-syn.c
@@ -112,6 +112,7 @@ int sc_pkcs15_is_emulation_only(sc_card_t *card)
@@ -115,6 +115,7 @@ int sc_pkcs15_is_emulation_only(sc_card_t *card)
 		case SC_CARD_TYPE_GEMSAFEV1_PTEID:
 		case SC_CARD_TYPE_OPENPGP_V1:
 		case SC_CARD_TYPE_OPENPGP_V2:
 +		case SC_CARD_TYPE_OPENPGP_GNUK:
 		case SC_CARD_TYPE_SC_HSM:
 			return 1;
 		default:
 		case SC_CARD_TYPE_DNIE_BASE:
 		case SC_CARD_TYPE_DNIE_BLANK:
 -- 
 1.9.3
 2.1.3
--- a/utils/opensc/patches/0003-OpenPGP-Include-private-DO-to-filesystem-at-driver-i.patch
+++ b/utils/opensc/patches/0003-OpenPGP-Include-private-DO-to-filesystem-at-driver-i.patch
@ -1,8 +1,8 @@
 From 5f751ba5628f9d85e9d8dca9939a93f49d2525d0 Mon Sep 17 00:00:00 2001
 From 2d348b60ab8c22791b56f291600954abd716a791 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Nguy=E1=BB=85n=20H=E1=BB=93ng=20Qu=C3=A2n?=
 <ng.hong.quan@gmail.com>
 Date: Fri, 22 Mar 2013 17:37:16 +0700
 Subject: [PATCH 03/18] OpenPGP: Include private DO to filesystem at driver
 Subject: [PATCH 03/26] OpenPGP: Include private DO to filesystem at driver
 initialization.
 In old implementation, the DOs which their access is restricted by
@ -13,7 +13,7 @@ leading to that we cannot read their data later, even if we verified PIN.
 1 file changed, 1 insertion(+), 1 deletion(-)
 diff --git a/src/libopensc/card-openpgp.c b/src/libopensc/card-openpgp.c
 index 716052b..ead07ae 100644
 index c785a55..1cc3923 100644
 --- a/src/libopensc/card-openpgp.c
 +++ b/src/libopensc/card-openpgp.c
@@ -357,7 +357,7 @@ pgp_init(sc_card_t *card)
@ -26,5 +26,5 @@ index 716052b..ead07ae 100644
 			child = pgp_new_blob(card, priv->mf, info->id, sc_file_new());
 -- 
 1.9.3
 2.1.3
--- a/utils/opensc/patches/0004-PKCS15-OpenPGP-Declare-DATA-objects.patch
+++ b/utils/opensc/patches/0004-PKCS15-OpenPGP-Declare-DATA-objects.patch
@ -1,8 +1,8 @@
 From fbf8e392db4456de97796259a62ccb972fe24df8 Mon Sep 17 00:00:00 2001
 From fda9b6dd088e734de372fc85c091f88e8607bc2e Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Nguy=E1=BB=85n=20H=E1=BB=93ng=20Qu=C3=A2n?=
 <ng.hong.quan@gmail.com>
 Date: Tue, 26 Feb 2013 17:37:16 +0700
 Subject: [PATCH 04/18] PKCS15-OpenPGP: Declare DATA objects.
 Subject: [PATCH 04/26] PKCS15-OpenPGP: Declare DATA objects.
 Begin to support read/write DATA object for PKCS-OpenPGP binding.
 This object is used by TrueCrypt.
@ -11,18 +11,18 @@ This object is used by TrueCrypt.
 1 file changed, 35 insertions(+)
 diff --git a/src/libopensc/pkcs15-openpgp.c b/src/libopensc/pkcs15-openpgp.c
 index 5a8a1ca..9f239ef 100644
 index fdf720a..fea2805 100644
 --- a/src/libopensc/pkcs15-openpgp.c
 +++ b/src/libopensc/pkcs15-openpgp.c
@@ -36,6 +36,7 @@ typedef USHORT ushort;
 #endif
@@ -32,6 +32,7 @@
 #include "log.h"
 int sc_pkcs15emu_openpgp_init_ex(sc_pkcs15_card_t *, sc_pkcs15emu_opt_t *);
 +static int sc_pkcs15emu_openpgp_add_data(sc_pkcs15_card_t *);
 #define	PGP_USER_PIN_FLAGS	(SC_PKCS15_PIN_FLAG_CASE_SENSITIVE \
@@ -45,6 +46,8 @@ int sc_pkcs15emu_openpgp_init_ex(sc_pkcs15_card_t *, sc_pkcs15emu_opt_t *);
@@ -41,6 +42,8 @@ int sc_pkcs15emu_openpgp_init_ex(sc_pkcs15_card_t *, sc_pkcs15emu_opt_t *);
 				| SC_PKCS15_PIN_FLAG_UNBLOCK_DISABLED \
 				| SC_PKCS15_PIN_FLAG_SO_PIN)
@ -31,7 +31,7 @@ index 5a8a1ca..9f239ef 100644
 typedef struct _pgp_pin_cfg {
 	const char	*label;
 	int		reference;
@@ -359,6 +362,9 @@ sc_pkcs15emu_openpgp_init(sc_pkcs15_card_t *p15card)
@@ -355,6 +358,9 @@ sc_pkcs15emu_openpgp_init(sc_pkcs15_card_t *p15card)
 			goto failed;
 	}
@ -41,7 +41,7 @@ index 5a8a1ca..9f239ef 100644
 	return 0;
 failed:	sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL, "Failed to initialize OpenPGP emulation: %s\n",
@@ -366,6 +372,35 @@ failed:	sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL, "Failed to initialize OpenPGP e
@@ -362,6 +368,35 @@ failed:	sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL, "Failed to initialize OpenPGP e
 	return r;
 }
@ -78,5 +78,5 @@ index 5a8a1ca..9f239ef 100644
 {
 	if (p15card->card->type == SC_CARD_TYPE_OPENPGP_V1 || p15card->card->type == SC_CARD_TYPE_OPENPGP_V2
 -- 
 1.9.3
 2.1.3
--- a/utils/opensc/patches/0005-OpenPGP-Support-erasing-reset-card.patch
+++ b/utils/opensc/patches/0005-OpenPGP-Support-erasing-reset-card.patch
@ -1,20 +1,20 @@
 From 4cdc5f3102f5ad93d263eea2f8206bb5e9fffc6c Mon Sep 17 00:00:00 2001
 From 6d138f0199575516bfaad18cbbafcfa2ee61e58f Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Nguy=E1=BB=85n=20H=E1=BB=93ng=20Qu=C3=A2n?=
 <ng.hong.quan@gmail.com>
 Date: Mon, 4 Mar 2013 11:28:08 +0700
 Subject: [PATCH 05/18] OpenPGP: Support erasing (reset) card.
 Subject: [PATCH 05/26] OpenPGP: Support erasing (reset) card.
 Command: openpgp-tool --erase
 ---
 src/libopensc/card-openpgp.c | 64 ++++++++++++++++++++++++++++++++++++++++++++
 src/tools/openpgp-tool.c     | 23 +++++++++++++++-
 2 files changed, 86 insertions(+), 1 deletion(-)
 src/tools/openpgp-tool.c     | 22 ++++++++++++++-
 2 files changed, 85 insertions(+), 1 deletion(-)
 diff --git a/src/libopensc/card-openpgp.c b/src/libopensc/card-openpgp.c
 index ead07ae..42a9684 100644
 index 1cc3923..7349876 100644
 --- a/src/libopensc/card-openpgp.c
 +++ b/src/libopensc/card-openpgp.c
@@ -2197,6 +2197,66 @@ out:
@@ -2195,6 +2195,66 @@ out:
 #endif /* ENABLE_OPENSSL */
@ -81,7 +81,7 @@ index ead07ae..42a9684 100644
 /* ABI: card ctl: perform special card-specific operations */
 static int pgp_card_ctl(sc_card_t *card, unsigned long cmd, void *ptr)
 {
@@ -2221,6 +2281,10 @@ static int pgp_card_ctl(sc_card_t *card, unsigned long cmd, void *ptr)
@@ -2219,6 +2279,10 @@ static int pgp_card_ctl(sc_card_t *card, unsigned long cmd, void *ptr)
 		LOG_FUNC_RETURN(card->ctx, r);
 		break;
 #endif /* ENABLE_OPENSSL */
@ -93,53 +93,52 @@ index ead07ae..42a9684 100644
 	LOG_FUNC_RETURN(card->ctx, SC_ERROR_NOT_SUPPORTED);
 diff --git a/src/tools/openpgp-tool.c b/src/tools/openpgp-tool.c
 index 8b5e327..0d360a3 100644
 index a24a395..de1c9d4 100644
 --- a/src/tools/openpgp-tool.c
 +++ b/src/tools/openpgp-tool.c
@@ -76,6 +76,7 @@ static int opt_verify = 0;
 static char *verifytype = NULL;
 static int opt_pin = 0;
@@ -78,6 +78,7 @@ static int opt_pin = 0;
 static char *pin = NULL;
 static int opt_dump_do = 0;
 static u8 do_dump_idx;
 +static int opt_erase = 0;
 static const char *app_name = "openpgp-tool";
@@ -92,6 +93,7 @@ static const struct option options[] = {
@@ -94,6 +95,7 @@ static const struct option options[] = {
 	{ "help",      no_argument,       NULL, 'h'        },
 	{ "verbose",   no_argument,       NULL, 'v'        },
 	{ "version",   no_argument,       NULL, 'V'        },
 +	{ "erase",     no_argument,       NULL, 'E'        },
 	{ "verify",    required_argument, NULL, OPT_VERIFY },
 	{ "pin",       required_argument, NULL, OPT_PIN },
 	{ NULL, 0, NULL, 0 }
@@ -110,6 +112,7 @@ static const char *option_help[] = {
 	{ "do",        required_argument, NULL, 'd' },
@@ -113,6 +115,7 @@ static const char *option_help[] = {
 /* h */	"Print this help message",
 /* v */	"Verbose operation. Use several times to enable debug output.",
 /* V */	"Show version number",
 +/* E */	"Erase (reset) the card",
 	"Verify PIN (CHV1, CHV2, CHV3...)",
 	"PIN string"
 };
@@ -228,7 +231,7 @@ static int decode_options(int argc, char **argv)
 	"PIN string",
 /* d */ "Dump private data object number <arg> (i.e. PRIVATE-DO-<arg>)"
@@ -232,7 +235,7 @@ static int decode_options(int argc, char **argv)
 {
 	int c;
 -	while ((c = getopt_long(argc, argv,"r:x:CUG:L:hwvV", options, (int *) 0)) != EOF) {
 +	while ((c = getopt_long(argc, argv,"r:x:CUG:L:hwvVE", options, (int *) 0)) != EOF) {
 -	while ((c = getopt_long(argc, argv,"r:x:CUG:L:hwvVd:", options, (int *) 0)) != EOF) {
 +	while ((c = getopt_long(argc, argv,"r:x:CUG:L:hwvVd:E", options, (int *) 0)) != EOF) {
 		switch (c) {
 		case 'r':
 			opt_reader = optarg;
@@ -288,6 +291,9 @@ static int decode_options(int argc, char **argv)
 			show_version();
 			exit(EXIT_SUCCESS);
 			break;
@@ -296,6 +299,8 @@ static int decode_options(int argc, char **argv)
 			do_dump_idx = optarg[0] - '0';
 			opt_dump_do++;
 			actions++;
 +		case 'E':
 +			opt_erase++;
 +			break;
 			break;
 		default:
 			util_print_usage_and_die(app_name, options, option_help, NULL);
 		}
@@ -446,6 +452,18 @@ int do_verify(sc_card_t *card, u8 *type, u8* pin)
@@ -452,6 +457,18 @@ int do_verify(sc_card_t *card, char *type, char *pin)
 	return r;
 }
@ -158,7 +157,7 @@ index 8b5e327..0d360a3 100644
 int main(int argc, char **argv)
 {
 	sc_context_t *ctx = NULL;
@@ -521,6 +539,9 @@ int main(int argc, char **argv)
@@ -531,6 +548,9 @@ int main(int argc, char **argv)
 		exit(EXIT_FAILURE);
 	}
@ -169,5 +168,5 @@ index 8b5e327..0d360a3 100644
 	sc_unlock(card);
 	sc_disconnect_card(card);
 -- 
 1.9.3
 2.1.3
--- a/utils/opensc/patches/0006-openpgp-tool-Support-deleting-key-in-Gnuk.patch
+++ b/utils/opensc/patches/0006-openpgp-tool-Support-deleting-key-in-Gnuk.patch
@ -1,18 +1,18 @@
 From bbbedd3b358f80a7f98df2b22cf541cb007dd62e Mon Sep 17 00:00:00 2001
 From 469b6567d9adc4af6f49fa65534162673060454d Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Nguy=E1=BB=85n=20H=E1=BB=93ng=20Qu=C3=A2n?=
 <ng.hong.quan@gmail.com>
 Date: Mon, 4 Mar 2013 18:13:03 +0700
 Subject: [PATCH 06/18] openpgp-tool: Support deleting key in Gnuk.
 Subject: [PATCH 06/26] openpgp-tool: Support deleting key in Gnuk.
 ---
 src/tools/openpgp-tool.c | 144 ++++++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 143 insertions(+), 1 deletion(-)
 src/tools/openpgp-tool.c | 142 +++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 142 insertions(+)
 diff --git a/src/tools/openpgp-tool.c b/src/tools/openpgp-tool.c
 index 0d360a3..239c86b 100644
 index de1c9d4..374819a 100644
 --- a/src/tools/openpgp-tool.c
 +++ b/src/tools/openpgp-tool.c
@@ -39,6 +39,7 @@
@@ -41,6 +41,7 @@
 #define	OPT_PRETTY	257
 #define	OPT_VERIFY	258
 #define	OPT_PIN	    259
@ -20,33 +20,31 @@ index 0d360a3..239c86b 100644
 /* define structures */
 struct ef_name_map {
@@ -77,6 +78,7 @@ static char *verifytype = NULL;
 static int opt_pin = 0;
 static char *pin = NULL;
@@ -79,6 +80,7 @@ static char *pin = NULL;
 static int opt_dump_do = 0;
 static u8 do_dump_idx;
 static int opt_erase = 0;
 +static int opt_delkey = 0;
 static const char *app_name = "openpgp-tool";
@@ -96,6 +98,7 @@ static const struct option options[] = {
 	{ "erase",     no_argument,       NULL, 'E'        },
@@ -99,6 +101,7 @@ static const struct option options[] = {
 	{ "verify",    required_argument, NULL, OPT_VERIFY },
 	{ "pin",       required_argument, NULL, OPT_PIN },
 	{ "do",        required_argument, NULL, 'd' },
 +	{ "del-key",   required_argument, NULL, OPT_DELKEY },
 	{ NULL, 0, NULL, 0 }
 };
@@ -114,7 +117,8 @@ static const char *option_help[] = {
 /* V */	"Show version number",
 /* E */	"Erase (reset) the card",
@@ -119,6 +122,7 @@ static const char *option_help[] = {
 	"Verify PIN (CHV1, CHV2, CHV3...)",
 -	"PIN string"
 +	"PIN string",
 	"PIN string",
 /* d */ "Dump private data object number <arg> (i.e. PRIVATE-DO-<arg>)"
 +	"Delete key (1, 2, 3 or all)"
 };
 static const struct ef_name_map openpgp_data[] = {
@@ -294,6 +298,14 @@ static int decode_options(int argc, char **argv)
@@ -302,6 +306,14 @@ static int decode_options(int argc, char **argv)
 		case 'E':
 			opt_erase++;
 			break;
@ -61,7 +59,7 @@ index 0d360a3..239c86b 100644
 		default:
 			util_print_usage_and_die(app_name, options, option_help, NULL);
 		}
@@ -452,6 +464,133 @@ int do_verify(sc_card_t *card, u8 *type, u8* pin)
@@ -457,6 +469,133 @@ int do_verify(sc_card_t *card, char *type, char *pin)
 	return r;
 }
@ -195,7 +193,7 @@ index 0d360a3..239c86b 100644
 int do_erase(sc_card_t *card)
 {
 	int r;
@@ -539,6 +678,9 @@ int main(int argc, char **argv)
@@ -548,6 +687,9 @@ int main(int argc, char **argv)
 		exit(EXIT_FAILURE);
 	}
@ -206,5 +204,5 @@ index 0d360a3..239c86b 100644
 		exit_status != do_erase(card);
 -- 
 1.9.3
 2.1.3
--- a/utils/opensc/patches/0007-OpenPGP-Correct-building-Extended-Header-List-when-i.patch
+++ b/utils/opensc/patches/0007-OpenPGP-Correct-building-Extended-Header-List-when-i.patch
@ -1,8 +1,8 @@
 From b6bc7a497e1fe20104f923de1092a35d137ba553 Mon Sep 17 00:00:00 2001
 From d210faa377bcec63876f84b82540b110ede16e57 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Nguy=E1=BB=85n=20H=E1=BB=93ng=20Qu=C3=A2n?=
 <ng.hong.quan@gmail.com>
 Date: Mon, 4 Mar 2013 18:14:51 +0700
 Subject: [PATCH 07/18] OpenPGP: Correct building Extended Header List when
 Subject: [PATCH 07/26] OpenPGP: Correct building Extended Header List when
 importing keys.
 ---
@ -10,10 +10,10 @@ Subject: [PATCH 07/18] OpenPGP: Correct building Extended Header List when
 1 file changed, 1 insertion(+), 1 deletion(-)
 diff --git a/src/libopensc/card-openpgp.c b/src/libopensc/card-openpgp.c
 index 42a9684..47c1938 100644
 index 7349876..91c311b 100644
 --- a/src/libopensc/card-openpgp.c
 +++ b/src/libopensc/card-openpgp.c
@@ -1978,7 +1978,7 @@ pgp_build_extended_header_list(sc_card_t *card, sc_cardctl_openpgp_keystore_info
@@ -1977,7 +1977,7 @@ pgp_build_extended_header_list(sc_card_t *card, sc_cardctl_openpgp_keystore_info
 	u8 *p = NULL;
 	u8 *components[] = {key_info->e, key_info->p, key_info->q, key_info->n};
 	size_t componentlens[] = {key_info->e_len, key_info->p_len, key_info->q_len, key_info->n_len};
@ -23,5 +23,5 @@ index 42a9684..47c1938 100644
 		"public exponent",
 		"prime p",
 -- 
 1.9.3
 2.1.3
--- a/utils/opensc/patches/0008-OpenPGP-Read-some-empty-DOs-from-Gnuk.patch
+++ b/utils/opensc/patches/0008-OpenPGP-Read-some-empty-DOs-from-Gnuk.patch
@ -1,8 +1,8 @@
 From d1b8d3588336abac4876c1d537d8e8e5e578bc02 Mon Sep 17 00:00:00 2001
 From df98874784a77c96a7a1be54412a02a53fdd3a3e Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Nguy=E1=BB=85n=20H=E1=BB=93ng=20Qu=C3=A2n?=
 <ng.hong.quan@gmail.com>
 Date: Mon, 25 Mar 2013 11:58:38 +0700
 Subject: [PATCH 08/18] OpenPGP: Read some empty DOs from Gnuk.
 Subject: [PATCH 08/26] OpenPGP: Read some empty DOs from Gnuk.
 In Gnuk, some empty DOs are returned as not exist, instead of existing with empty value.
 So, we will consider them exist in driver.
@ -11,10 +11,10 @@ So, we will consider them exist in driver.
 1 file changed, 25 insertions(+)
 diff --git a/src/libopensc/card-openpgp.c b/src/libopensc/card-openpgp.c
 index 47c1938..9b08bbb 100644
 index 91c311b..e7b25c0 100644
 --- a/src/libopensc/card-openpgp.c
 +++ b/src/libopensc/card-openpgp.c
@@ -813,6 +813,23 @@ pgp_get_blob(sc_card_t *card, struct blob *blob, unsigned int id,
@@ -815,6 +815,23 @@ pgp_get_blob(sc_card_t *card, struct blob *blob, unsigned int id,
 		}
 	}
@ -38,7 +38,7 @@ index 47c1938..9b08bbb 100644
 	return SC_ERROR_FILE_NOT_FOUND;
 }
@@ -1147,6 +1164,14 @@ pgp_get_data(sc_card_t *card, unsigned int tag, u8 *buf, size_t buf_len)
@@ -1149,6 +1166,14 @@ pgp_get_data(sc_card_t *card, unsigned int tag, u8 *buf, size_t buf_len)
 	LOG_TEST_RET(card->ctx, r, "APDU transmit failed");
 	r = sc_check_sw(card, apdu.sw1, apdu.sw2);
@ -54,5 +54,5 @@ index 47c1938..9b08bbb 100644
 	LOG_FUNC_RETURN(card->ctx, apdu.resplen);
 -- 
 1.9.3
 2.1.3
--- a/utils/opensc/patches/0009-PKCS15-OpenPGP-Do-not-show-empty-DO-in-pkcs15-emu_in.patch
+++ b/utils/opensc/patches/0009-PKCS15-OpenPGP-Do-not-show-empty-DO-in-pkcs15-emu_in.patch
@ -1,8 +1,8 @@
 From 6a4457cde65ef44f05b0689415ae7165b06fb8bf Mon Sep 17 00:00:00 2001
 From 42adc35954e18e24f253f710b16d850d1872bce5 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Nguy=E1=BB=85n=20H=E1=BB=93ng=20Qu=C3=A2n?=
 <ng.hong.quan@gmail.com>
 Date: Wed, 27 Mar 2013 11:38:42 +0700
 Subject: [PATCH 09/18] PKCS15-OpenPGP: Do not show empty DO in pkcs15
 Subject: [PATCH 09/26] PKCS15-OpenPGP: Do not show empty DO in pkcs15
 emu_init.
 ---
@ -10,10 +10,10 @@ Subject: [PATCH 09/18] PKCS15-OpenPGP: Do not show empty DO in pkcs15
 1 file changed, 18 insertions(+)
 diff --git a/src/libopensc/pkcs15-openpgp.c b/src/libopensc/pkcs15-openpgp.c
 index 9f239ef..850dd74 100644
 index fea2805..51a2032 100644
 --- a/src/libopensc/pkcs15-openpgp.c
 +++ b/src/libopensc/pkcs15-openpgp.c
@@ -385,16 +385,34 @@ sc_pkcs15emu_openpgp_add_data(sc_pkcs15_card_t *p15card)
@@ -381,16 +381,34 @@ sc_pkcs15emu_openpgp_add_data(sc_pkcs15_card_t *p15card)
 		sc_pkcs15_object_t dat_obj;
 		char name[8];
 		char path[9];
@ -49,5 +49,5 @@ index 9f239ef..850dd74 100644
 		r = sc_pkcs15emu_add_data_object(p15card, &dat_obj, &dat_info);
 	}
 -- 
 1.9.3
 2.1.3
--- a/utils/opensc/patches/0010-PKCS15-OpenPGP-Allow-to-store-data-to-pkcs15-data-ob.patch
+++ b/utils/opensc/patches/0010-PKCS15-OpenPGP-Allow-to-store-data-to-pkcs15-data-ob.patch
@ -1,8 +1,8 @@
 From 88ded8fc5802c073caa71b649cee5a3116699b2a Mon Sep 17 00:00:00 2001
 From f085e6a5f386875b5b071ef3bf115e4d9bb33bdb Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Nguy=E1=BB=85n=20H=E1=BB=93ng=20Qu=C3=A2n?=
 <ng.hong.quan@gmail.com>
 Date: Wed, 27 Mar 2013 11:39:33 +0700
 Subject: [PATCH 10/18] PKCS15-OpenPGP: Allow to store data to pkcs15 data
 Subject: [PATCH 10/26] PKCS15-OpenPGP: Allow to store data to pkcs15 data
 object.
 Only one DO is supported now.
@ -12,10 +12,10 @@ Only one DO is supported now.
 2 files changed, 38 insertions(+), 2 deletions(-)
 diff --git a/src/libopensc/pkcs15-openpgp.c b/src/libopensc/pkcs15-openpgp.c
 index 850dd74..b701041 100644
 index 51a2032..4cc1c39 100644
 --- a/src/libopensc/pkcs15-openpgp.c
 +++ b/src/libopensc/pkcs15-openpgp.c
@@ -397,7 +397,7 @@ sc_pkcs15emu_openpgp_add_data(sc_pkcs15_card_t *p15card)
@@ -393,7 +393,7 @@ sc_pkcs15emu_openpgp_add_data(sc_pkcs15_card_t *p15card)
 		 */
 		r = read_file(p15card->card, path, content, sizeof(content));
 		if (r <= 0 ) {
@ -87,5 +87,5 @@ index f3a4962..1455580 100755
 		r = SC_ERROR_NOT_IMPLEMENTED;
 	}
 -- 
 1.9.3
 2.1.3
--- a/utils/opensc/patches/0011-OpenPGP-Provide-enough-buffer-to-read-pubkey-from-Gn.patch
+++ b/utils/opensc/patches/0011-OpenPGP-Provide-enough-buffer-to-read-pubkey-from-Gn.patch
@ -1,8 +1,8 @@
 From 7231ee09bb628f0401939778decce818ef6e3665 Mon Sep 17 00:00:00 2001
 From 752f8981bed49a98d3592ead3aa50e743318dea8 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Nguy=E1=BB=85n=20H=E1=BB=93ng=20Qu=C3=A2n?=
 <ng.hong.quan@gmail.com>
 Date: Fri, 5 Apr 2013 17:18:50 +0700
 Subject: [PATCH 11/18] OpenPGP: Provide enough buffer to read pubkey from
 Subject: [PATCH 11/26] OpenPGP: Provide enough buffer to read pubkey from
 Gnuk.
 ---
@ -10,7 +10,7 @@ Subject: [PATCH 11/18] OpenPGP: Provide enough buffer to read pubkey from
 1 file changed, 23 insertions(+), 5 deletions(-)
 diff --git a/src/libopensc/card-openpgp.c b/src/libopensc/card-openpgp.c
 index 9b08bbb..8a1a270 100644
 index e7b25c0..1913eca 100644
 --- a/src/libopensc/card-openpgp.c
 +++ b/src/libopensc/card-openpgp.c
@@ -263,7 +263,12 @@ static struct do_info		pgp2_objects[] = {	/* OpenPGP card spec 2.0 */
@ -27,7 +27,7 @@ index 9b08bbb..8a1a270 100644
 #define DRVDATA(card)        ((struct pgp_priv_data *) ((card)->drv_data))
 struct pgp_priv_data {
@@ -729,6 +734,14 @@ pgp_read_blob(sc_card_t *card, struct blob *blob)
@@ -731,6 +736,14 @@ pgp_read_blob(sc_card_t *card, struct blob *blob)
 		u8 	buffer[2048];
 		size_t	buf_len = (card->caps & SC_CARD_CAP_APDU_EXT)
 				  ? sizeof(buffer) : 256;
@ -42,7 +42,7 @@ index 9b08bbb..8a1a270 100644
 		int	r = blob->info->get_fn(card, blob->id, buffer, buf_len);
 		if (r < 0) {	/* an error occurred */
@@ -1830,6 +1843,7 @@ static int pgp_gen_key(sc_card_t *card, sc_cardctl_openpgp_keygen_info_t *key_in
@@ -1828,6 +1841,7 @@ static int pgp_gen_key(sc_card_t *card, sc_cardctl_openpgp_keygen_info_t *key_in
 	u8 apdu_case;
 	u8 *apdu_data;
 	size_t apdu_le;
@ -83,5 +83,5 @@ index 9b08bbb..8a1a270 100644
 	/* Send */
 	sc_log(card->ctx, "Waiting for the card to generate key...");
 -- 
 1.9.3
 2.1.3
--- a/utils/opensc/patches/0012-OpenPGP-Support-write-certificate-for-Gnuk.patch
+++ b/utils/opensc/patches/0012-OpenPGP-Support-write-certificate-for-Gnuk.patch
@ -1,18 +1,18 @@
 From d8f63eb6fcc1441c12a44850da2fa22a6fe81634 Mon Sep 17 00:00:00 2001
 From 5110ae3ba33d165c43ea5eca8f929a82d81cb3fe Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Nguy=E1=BB=85n=20H=E1=BB=93ng=20Qu=C3=A2n?=
 <ng.hong.quan@gmail.com>
 Date: Thu, 11 Apr 2013 11:47:51 +0700
 Subject: [PATCH 12/18] OpenPGP: Support write certificate for Gnuk.
 Subject: [PATCH 12/26] OpenPGP: Support write certificate for Gnuk.
 ---
 src/libopensc/card-openpgp.c | 158 +++++++++++++++++++++++++++++++++----------
 1 file changed, 123 insertions(+), 35 deletions(-)
 diff --git a/src/libopensc/card-openpgp.c b/src/libopensc/card-openpgp.c
 index 8a1a270..d9db948 100644
 index 1913eca..7cea84f 100644
 --- a/src/libopensc/card-openpgp.c
 +++ b/src/libopensc/card-openpgp.c
@@ -725,6 +725,8 @@ pgp_iterate_blobs(struct blob *blob, int level, void (*func)())
@@ -727,6 +727,8 @@ pgp_iterate_blobs(struct blob *blob, int level, void (*func)())
 static int
 pgp_read_blob(sc_card_t *card, struct blob *blob)
 {
@ -21,7 +21,7 @@ index 8a1a270..d9db948 100644
 	if (blob->data != NULL)
 		return SC_SUCCESS;
 	if (blob->info == NULL)
@@ -735,6 +737,11 @@ pgp_read_blob(sc_card_t *card, struct blob *blob)
@@ -737,6 +739,11 @@ pgp_read_blob(sc_card_t *card, struct blob *blob)
 		size_t	buf_len = (card->caps & SC_CARD_CAP_APDU_EXT)
 				  ? sizeof(buffer) : 256;
@ -33,7 +33,7 @@ index 8a1a270..d9db948 100644
 		/* Buffer length for Gnuk pubkey */
 		if (card->type == SC_CARD_TYPE_OPENPGP_GNUK &&
 		    (blob->id == 0xa400 || blob->id == 0xb600 || blob->id == 0xb800
@@ -1190,49 +1197,75 @@ pgp_get_data(sc_card_t *card, unsigned int tag, u8 *buf, size_t buf_len)
@@ -1192,49 +1199,75 @@ pgp_get_data(sc_card_t *card, unsigned int tag, u8 *buf, size_t buf_len)
 	LOG_FUNC_RETURN(card->ctx, apdu.resplen);
 }
@ -143,7 +143,7 @@ index 8a1a270..d9db948 100644
 	/* Extended Header list (004D DO) needs a variant of PUT DATA command */
 	if (tag == 0x004D) {
@@ -1258,15 +1291,70 @@ pgp_put_data(sc_card_t *card, unsigned int tag, const u8 *buf, size_t buf_len)
@@ -1260,15 +1293,70 @@ pgp_put_data(sc_card_t *card, unsigned int tag, const u8 *buf, size_t buf_len)
 		apdu.lc = buf_len;
 	}
 	else {
@ -216,5 +216,5 @@ index 8a1a270..d9db948 100644
 	if (r == SC_ERROR_SECURITY_STATUS_NOT_SATISFIED) {
 		sc_debug(card->ctx, SC_LOG_DEBUG_VERBOSE, "Please verify PIN first.");
 -- 
 1.9.3
 2.1.3
--- a/utils/opensc/patches/0013-pkcs15-openpgp-Change-to-sc_put_data-instead-of-sc_u.patch
+++ b/utils/opensc/patches/0013-pkcs15-openpgp-Change-to-sc_put_data-instead-of-sc_u.patch
@ -1,8 +1,8 @@
 From e5c94d3f1f7e6a96a98815d6e51190498c357fb6 Mon Sep 17 00:00:00 2001
 From 7823e836e8279c8d77786d8f10ffaa83cf50bf1d Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Nguy=E1=BB=85n=20H=E1=BB=93ng=20Qu=C3=A2n?=
 <ng.hong.quan@gmail.com>
 Date: Wed, 10 Apr 2013 18:35:58 +0700
 Subject: [PATCH 13/18] pkcs15-openpgp: Change to sc_put_data instead of
 Subject: [PATCH 13/26] pkcs15-openpgp: Change to sc_put_data instead of
 sc_update_binary when writing certificate.
 ---
@ -27,5 +27,5 @@ index 1455580..be1291e 100755
 	case SC_PKCS15_TYPE_DATA_OBJECT:
 -- 
 1.9.3
 2.1.3
--- a/utils/opensc/patches/0014-OpenPGP-Overcome-the-restriction-of-even-data-length.patch
+++ b/utils/opensc/patches/0014-OpenPGP-Overcome-the-restriction-of-even-data-length.patch
@ -1,8 +1,8 @@
 From df8a78e3c8c9d9d591c0d3fa31db7e010eb2c8c2 Mon Sep 17 00:00:00 2001
 From 3ff1f7234abb4c42273adedbe06d9e7f9f3a5f9d Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Nguy=E1=BB=85n=20H=E1=BB=93ng=20Qu=C3=A2n?=
 <ng.hong.quan@gmail.com>
 Date: Thu, 11 Apr 2013 16:18:31 +0700
 Subject: [PATCH 14/18] OpenPGP: Overcome the restriction of even data length
 Subject: [PATCH 14/26] OpenPGP: Overcome the restriction of even data length
 of Gnuk.
 When write certificate with odd length to Gnuk, we add zero padding to make it even.
@ -11,10 +11,10 @@ When write certificate with odd length to Gnuk, we add zero padding to make it e
 1 file changed, 18 insertions(+), 2 deletions(-)
 diff --git a/src/libopensc/card-openpgp.c b/src/libopensc/card-openpgp.c
 index d9db948..a666163 100644
 index 7cea84f..7a77a71 100644
 --- a/src/libopensc/card-openpgp.c
 +++ b/src/libopensc/card-openpgp.c
@@ -1206,6 +1206,10 @@ static int gnuk_write_certificate(sc_card_t *card, const u8 *buf, size_t length)
@@ -1208,6 +1208,10 @@ static int gnuk_write_certificate(sc_card_t *card, const u8 *buf, size_t length)
 	sc_apdu_t apdu;
 	u8 *part;
 	size_t plen;
@ -25,7 +25,7 @@ index d9db948..a666163 100644
 	int r = SC_SUCCESS;
 	LOG_FUNC_CALLED(ctx);
@@ -1236,8 +1240,20 @@ static int gnuk_write_certificate(sc_card_t *card, const u8 *buf, size_t length)
@@ -1238,8 +1242,20 @@ static int gnuk_write_certificate(sc_card_t *card, const u8 *buf, size_t length)
 			sc_format_apdu(card, &apdu, SC_APDU_CASE_3_SHORT, 0xD6, i, 0);
 		}
 		apdu.flags |= SC_APDU_FLAGS_CHAINING;
@ -49,5 +49,5 @@ index d9db948..a666163 100644
 		r = sc_transmit_apdu(card, &apdu);
 		LOG_TEST_RET(card->ctx, r, "APDU transmit failed");
 -- 
 1.9.3
 2.1.3
--- a/utils/opensc/patches/0015-OpenPGP-Delete-key-as-file-for-Gnuk.patch
+++ b/utils/opensc/patches/0015-OpenPGP-Delete-key-as-file-for-Gnuk.patch
@ -1,18 +1,18 @@
 From 693b3ac5a53e89a0cdeab0f728d24a6e16864f5c Mon Sep 17 00:00:00 2001
 From 9af45c4cf052e3a6059a3004082f9ee3d2b3b2bf Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Nguy=E1=BB=85n=20H=E1=BB=93ng=20Qu=C3=A2n?=
 <ng.hong.quan@gmail.com>
 Date: Fri, 12 Apr 2013 15:33:31 +0700
 Subject: [PATCH 15/18] OpenPGP: Delete key as file, for Gnuk.
 Subject: [PATCH 15/26] OpenPGP: Delete key as file, for Gnuk.
 ---
 src/libopensc/card-openpgp.c | 51 +++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 50 insertions(+), 1 deletion(-)
 diff --git a/src/libopensc/card-openpgp.c b/src/libopensc/card-openpgp.c
 index a666163..19d3b04 100644
 index 7a77a71..4d0500d 100644
 --- a/src/libopensc/card-openpgp.c
 +++ b/src/libopensc/card-openpgp.c
@@ -2437,6 +2437,44 @@ static int pgp_card_ctl(sc_card_t *card, unsigned long cmd, void *ptr)
@@ -2435,6 +2435,44 @@ static int pgp_card_ctl(sc_card_t *card, unsigned long cmd, void *ptr)
 	LOG_FUNC_RETURN(card->ctx, SC_ERROR_NOT_SUPPORTED);
 }
@ -57,7 +57,7 @@ index a666163..19d3b04 100644
 /* ABI: DELETE FILE */
 static int
 pgp_delete_file(sc_card_t *card, const sc_path_t *path)
@@ -2444,6 +2482,7 @@ pgp_delete_file(sc_card_t *card, const sc_path_t *path)
@@ -2442,6 +2480,7 @@ pgp_delete_file(sc_card_t *card, const sc_path_t *path)
 	struct pgp_priv_data *priv = DRVDATA(card);
 	struct blob *blob;
 	sc_file_t *file;
@ -65,7 +65,7 @@ index a666163..19d3b04 100644
 	int r;
 	LOG_FUNC_CALLED(card->ctx);
@@ -2459,10 +2498,20 @@ pgp_delete_file(sc_card_t *card, const sc_path_t *path)
@@ -2457,10 +2496,20 @@ pgp_delete_file(sc_card_t *card, const sc_path_t *path)
 	if (blob == priv->mf)
 		LOG_FUNC_RETURN(card->ctx, SC_ERROR_NOT_SUPPORTED);
@ -88,5 +88,5 @@ index a666163..19d3b04 100644
 		/* call pgp_put_data() with zero-sized NULL-buffer to zap the DO contents */
 		r = pgp_put_data(card, file->id, NULL, 0);
 -- 
 1.9.3
 2.1.3
--- a/utils/opensc/patches/0016-OpenPGP-Correct-parameter-checking.patch
+++ b/utils/opensc/patches/0016-OpenPGP-Correct-parameter-checking.patch
@ -1,18 +1,18 @@
 From f96f7536a8c2efd0ba41fd94fe3334e5fa556854 Mon Sep 17 00:00:00 2001
 From ee23d262768e7e54ed0fc554bc0b869c65868ace Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Nguy=E1=BB=85n=20H=E1=BB=93ng=20Qu=C3=A2n?=
 <ng.hong.quan@gmail.com>
 Date: Tue, 16 Apr 2013 10:19:34 +0700
 Subject: [PATCH 16/18] OpenPGP: Correct parameter checking.
 Subject: [PATCH 16/26] OpenPGP: Correct parameter checking.
 ---
 src/libopensc/card-openpgp.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)
 diff --git a/src/libopensc/card-openpgp.c b/src/libopensc/card-openpgp.c
 index 19d3b04..196c094 100644
 index 4d0500d..beeee83 100644
 --- a/src/libopensc/card-openpgp.c
 +++ b/src/libopensc/card-openpgp.c
@@ -1221,6 +1221,8 @@ static int gnuk_write_certificate(sc_card_t *card, const u8 *buf, size_t length)
@@ -1223,6 +1223,8 @@ static int gnuk_write_certificate(sc_card_t *card, const u8 *buf, size_t length)
 		LOG_TEST_RET(card->ctx, r, "APDU transmit failed");
 		/* Check response */
 		r = sc_check_sw(card, apdu.sw1, apdu.sw2);
@ -21,7 +21,7 @@ index 19d3b04..196c094 100644
 		LOG_FUNC_RETURN(card->ctx, length);
 	}
@@ -2448,6 +2450,11 @@ gnuk_delete_key(sc_card_t *card, u8 key_id)
@@ -2446,6 +2448,11 @@ gnuk_delete_key(sc_card_t *card, u8 key_id)
 	LOG_FUNC_CALLED(ctx);
@ -33,7 +33,7 @@ index 19d3b04..196c094 100644
 	/* Delete fingerprint */
 	sc_log(ctx, "Delete fingerprints");
 	r = pgp_put_data(card, 0xC6 + key_id, NULL, 0);
@@ -2466,8 +2473,6 @@ gnuk_delete_key(sc_card_t *card, u8 key_id)
@@ -2464,8 +2471,6 @@ gnuk_delete_key(sc_card_t *card, u8 key_id)
 		data = "\x4D\x02\xB8";
 	else if (key_id == 3)
 		data = "\x4D\x02\xA4";
@ -43,5 +43,5 @@ index 19d3b04..196c094 100644
 	r = pgp_put_data(card, 0x4D, data, strlen(data) + 1);
 -- 
 1.9.3
 2.1.3
--- a/utils/opensc/patches/0017-OpenPGP-Make-code-neater.patch
+++ b/utils/opensc/patches/0017-OpenPGP-Make-code-neater.patch
@ -1,18 +1,18 @@
 From 8a69525a60391b46db4994033527d219d2adaa4e Mon Sep 17 00:00:00 2001
 From f4aec38233010953cea72c367bccc71c3687b2f1 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Nguy=E1=BB=85n=20H=E1=BB=93ng=20Qu=C3=A2n?=
 <ng.hong.quan@gmail.com>
 Date: Tue, 16 Apr 2013 16:02:17 +0700
 Subject: [PATCH 17/18] OpenPGP: Make code neater
 Subject: [PATCH 17/26] OpenPGP: Make code neater
 ---
 src/libopensc/card-openpgp.c | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)
 diff --git a/src/libopensc/card-openpgp.c b/src/libopensc/card-openpgp.c
 index 196c094..c4ef3b6 100644
 index beeee83..ca0d01b 100644
 --- a/src/libopensc/card-openpgp.c
 +++ b/src/libopensc/card-openpgp.c
@@ -1220,10 +1220,7 @@ static int gnuk_write_certificate(sc_card_t *card, const u8 *buf, size_t length)
@@ -1222,10 +1222,7 @@ static int gnuk_write_certificate(sc_card_t *card, const u8 *buf, size_t length)
 		r = sc_transmit_apdu(card, &apdu);
 		LOG_TEST_RET(card->ctx, r, "APDU transmit failed");
 		/* Check response */
@ -24,7 +24,7 @@ index 196c094..c4ef3b6 100644
 	}
 	/* Ref: gnuk_put_binary_libusb.py and gnuk_token.py in Gnuk source tree */
@@ -1260,8 +1257,7 @@ static int gnuk_write_certificate(sc_card_t *card, const u8 *buf, size_t length)
@@ -1262,8 +1259,7 @@ static int gnuk_write_certificate(sc_card_t *card, const u8 *buf, size_t length)
 		r = sc_transmit_apdu(card, &apdu);
 		LOG_TEST_RET(card->ctx, r, "APDU transmit failed");
 		/* Check response */
@ -35,5 +35,5 @@ index 196c094..c4ef3b6 100644
 		/* To next part */
 		i++;
 -- 
 1.9.3
 2.1.3
--- a/utils/opensc/patches/0018-Move-declaration-to-top-of-block.patch
+++ b/utils/opensc/patches/0018-Move-declaration-to-top-of-block.patch
@ -1,18 +1,18 @@
 From a099f951d085d3abfefeead14a4af06913cb67d2 Mon Sep 17 00:00:00 2001
 From c84c84169f7a73eab27f6a9b13b77432baa5c3f8 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Nguy=E1=BB=85n=20H=E1=BB=93ng=20Qu=C3=A2n?=
 <ng.hong.quan@gmail.com>
 Date: Wed, 8 May 2013 16:51:21 +0700
 Subject: [PATCH 18/18] Move declaration to top of block.
 Subject: [PATCH 18/26] Move declaration to top of block.
 ---
 src/libopensc/card-openpgp.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)
 diff --git a/src/libopensc/card-openpgp.c b/src/libopensc/card-openpgp.c
 index c4ef3b6..7f2006e 100644
 index ca0d01b..037ef73 100644
 --- a/src/libopensc/card-openpgp.c
 +++ b/src/libopensc/card-openpgp.c
@@ -736,6 +736,7 @@ pgp_read_blob(sc_card_t *card, struct blob *blob)
@@ -738,6 +738,7 @@ pgp_read_blob(sc_card_t *card, struct blob *blob)
 		u8 	buffer[2048];
 		size_t	buf_len = (card->caps & SC_CARD_CAP_APDU_EXT)
 				  ? sizeof(buffer) : 256;
@ -20,7 +20,7 @@ index c4ef3b6..7f2006e 100644
 		/* Buffer length for certificate */
 		if (blob->id == DO_CERT && priv->max_cert_size > 0) {
@@ -749,7 +750,7 @@ pgp_read_blob(sc_card_t *card, struct blob *blob)
@@ -751,7 +752,7 @@ pgp_read_blob(sc_card_t *card, struct blob *blob)
 			buf_len = MAXLEN_RESP_PUBKEY_GNUK;
 		}
@ -30,5 +30,5 @@ index c4ef3b6..7f2006e 100644
 		if (r < 0) {	/* an error occurred */
 			blob->status = r;
 -- 
 1.9.3
 2.1.3
--- a/utils/opensc/patches/0019-OpenPGP-Make-indentation-consistent-space-tab.patch
+++ b/utils/opensc/patches/0019-OpenPGP-Make-indentation-consistent-space-tab.patch
@ -0,0 +1,182 @@
 From c6abf7976f64be5191dc80fecdbcb07daab7a2e0 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Nguy=E1=BB=85n=20H=E1=BB=93ng=20Qu=C3=A2n?=
 <ng.hong.quan@gmail.com>
 Date: Sun, 3 Nov 2013 01:45:56 +0800
 Subject: [PATCH 19/26] OpenPGP: Make indentation consistent (space -> tab).
 ---
 src/libopensc/card-openpgp.c | 22 ++++++++---------
 src/tools/openpgp-tool.c     | 56 ++++++++++++++++++++++----------------------
 2 files changed, 39 insertions(+), 39 deletions(-)
 diff --git a/src/libopensc/card-openpgp.c b/src/libopensc/card-openpgp.c
 index 037ef73..ae40940 100644
 --- a/src/libopensc/card-openpgp.c
 +++ b/src/libopensc/card-openpgp.c
@@ -192,12 +192,12 @@ static struct do_info		pgp1_objects[] = {	/* OpenPGP card spec 1.1 */
 	{ 0x5f35, SIMPLE,      READ_ALWAYS | WRITE_PIN3,  NULL,               sc_put_data },
 	{ 0x5f50, SIMPLE,      READ_ALWAYS | WRITE_PIN3,  sc_get_data,        sc_put_data },
 	{ 0x7f49, CONSTRUCTED, READ_ALWAYS | WRITE_NEVER, NULL,               NULL        },
 -	{ 0xa400, CONSTRUCTED, READ_ALWAYS | WRITE_NEVER,  pgp_get_pubkey,     NULL        },
 -	{ 0xa401, SIMPLE,      READ_ALWAYS | WRITE_PIN3, pgp_get_pubkey_pem, NULL        },
 -	{ 0xb600, CONSTRUCTED, READ_ALWAYS | WRITE_NEVER,  pgp_get_pubkey,     NULL        },
 -	{ 0xb601, SIMPLE,      READ_ALWAYS | WRITE_PIN3, pgp_get_pubkey_pem, NULL        },
 -	{ 0xb800, CONSTRUCTED, READ_ALWAYS | WRITE_NEVER,  pgp_get_pubkey,     NULL        },
 -	{ 0xb801, SIMPLE,      READ_ALWAYS | WRITE_PIN3, pgp_get_pubkey_pem, NULL        },
 +	{ 0xa400, CONSTRUCTED, READ_ALWAYS | WRITE_NEVER, pgp_get_pubkey,     NULL        },
 +	{ 0xa401, SIMPLE,      READ_ALWAYS | WRITE_PIN3,  pgp_get_pubkey_pem, NULL        },
 +	{ 0xb600, CONSTRUCTED, READ_ALWAYS | WRITE_NEVER, pgp_get_pubkey,     NULL        },
 +	{ 0xb601, SIMPLE,      READ_ALWAYS | WRITE_PIN3,  pgp_get_pubkey_pem, NULL        },
 +	{ 0xb800, CONSTRUCTED, READ_ALWAYS | WRITE_NEVER, pgp_get_pubkey,     NULL        },
 +	{ 0xb801, SIMPLE,      READ_ALWAYS | WRITE_PIN3,  pgp_get_pubkey_pem, NULL        },
 	{ 0, 0, 0, NULL, NULL },
 };
@@ -253,11 +253,11 @@ static struct do_info		pgp2_objects[] = {	/* OpenPGP card spec 2.0 */
 	/* The 0xA401, 0xB601, 0xB801 are just symbolic, it does not represent any real DO.
 	 * However, their R/W access condition may block the process of importing key in pkcs15init.
 	 * So we set their accesses condition as WRITE_PIN3 (writable). */
 -	{ 0xa401, SIMPLE,      READ_ALWAYS | WRITE_PIN3, pgp_get_pubkey_pem, NULL        },
 -	{ 0xb600, CONSTRUCTED, READ_ALWAYS | WRITE_NEVER,  pgp_get_pubkey,     NULL        },
 -	{ 0xb601, SIMPLE,      READ_ALWAYS | WRITE_PIN3, pgp_get_pubkey_pem, NULL        },
 -	{ 0xb800, CONSTRUCTED, READ_ALWAYS | WRITE_NEVER,  pgp_get_pubkey,     NULL        },
 -	{ 0xb801, SIMPLE,      READ_ALWAYS | WRITE_PIN3, pgp_get_pubkey_pem, NULL        },
 +	{ 0xa401, SIMPLE,      READ_ALWAYS | WRITE_PIN3,  pgp_get_pubkey_pem, NULL        },
 +	{ 0xb600, CONSTRUCTED, READ_ALWAYS | WRITE_NEVER, pgp_get_pubkey,     NULL        },
 +	{ 0xb601, SIMPLE,      READ_ALWAYS | WRITE_PIN3,  pgp_get_pubkey_pem, NULL        },
 +	{ 0xb800, CONSTRUCTED, READ_ALWAYS | WRITE_NEVER, pgp_get_pubkey,     NULL        },
 +	{ 0xb801, SIMPLE,      READ_ALWAYS | WRITE_PIN3,  pgp_get_pubkey_pem, NULL        },
 	{ 0, 0, 0, NULL, NULL },
 };
 diff --git a/src/tools/openpgp-tool.c b/src/tools/openpgp-tool.c
 index 374819a..a0334ca 100644
 --- a/src/tools/openpgp-tool.c
 +++ b/src/tools/openpgp-tool.c
@@ -37,11 +37,11 @@
 #include "util.h"
 #include "libopensc/log.h"
 -#define	OPT_RAW		256
 -#define	OPT_PRETTY	257
 -#define	OPT_VERIFY	258
 -#define	OPT_PIN	    259
 -#define	OPT_DELKEY  260
 +#define OPT_RAW     256
 +#define OPT_PRETTY  257
 +#define OPT_VERIFY  258
 +#define OPT_PIN     259
 +#define OPT_DELKEY  260
 /* define structures */
 struct ef_name_map {
@@ -142,10 +142,10 @@ static const struct ef_name_map openpgp_data[] = {
 static void show_version(void)
 {
 	fprintf(stderr,
 -		"openpgp-tool - OpenPGP card utility version " PACKAGE_VERSION "\n"
 -		"\n"
 -		"Copyright (c) 2012 Peter Marschall <peter@adpm.de>\n"
 -		"Licensed under LGPL v2\n");
 +	        "openpgp-tool - OpenPGP card utility version " PACKAGE_VERSION "\n"
 +	        "\n"
 +	        "Copyright (c) 2012 Peter Marschall <peter@adpm.de>\n"
 +	        "Licensed under LGPL v2\n");
 }
@@ -176,16 +176,16 @@ static char *prettify_language(char *str)
 {
 	if (str != NULL) {
 		switch (strlen(str)) {
 -			case 8:	memmove(str+7, str+6, 1+strlen(str+6));
 +			case 8: memmove(str+7, str+6, 1+strlen(str+6));
 				str[6] = ',';
 				/* fall through */
 -			case 6:	memmove(str+5, str+4, 1+strlen(str+4));
 +			case 6: memmove(str+5, str+4, 1+strlen(str+4));
 				str[4] = ',';
 				/* fall through */
 -			case 4:	memmove(str+3, str+2, 1+strlen(str+2));
 +			case 4: memmove(str+3, str+2, 1+strlen(str+2));
 				str[2] = ',';
 				/* fall through */
 -			case 2:  return str;
 +			case 2: return str;
 		}
 	}
 	return NULL;
@@ -197,10 +197,10 @@ static char *prettify_gender(char *str)
 {
 	if (str != NULL) {
 		switch (*str) {
 -			case '0':  return "unknown";
 -			case '1':  return "male";
 -			case '2':  return "female";
 -			case '9':  return "not applicable";
 +			case '0': return "unknown";
 +			case '1': return "male";
 +			case '2': return "female";
 +			case '9': return "not applicable";
 		}
 	}
 	return NULL;
@@ -218,7 +218,7 @@ static void display_data(const struct ef_name_map *mapping, char *value)
 				char *envvar;
 				envvar = malloc(strlen(mapping->env_name) +
 -						strlen(value) + 2);
 +				                strlen(value) + 2);
 				if (envvar != NULL) {
 					strcpy(envvar, mapping->env_name);
 					strcat(envvar, "=");
@@ -346,20 +346,20 @@ static int do_userinfo(sc_card_t *card)
 		if (!count)
 			continue;
 -		if (count > (int)sizeof(buf) - 1)   {
 +		if (count > (int)sizeof(buf) - 1) {
 			fprintf(stderr, "Too small buffer to read the OpenPGP data\n");
 			return EXIT_FAILURE;
 		}
 -	
 -        	r = sc_read_binary(card, 0, buf, count, 0);
 -               	if (r < 0) {
 +
 +		r = sc_read_binary(card, 0, buf, count, 0);
 +		if (r < 0) {
 			fprintf(stderr, "%s: read failed - %s\n", openpgp_data[i].ef, sc_strerror(r));
 			return EXIT_FAILURE;
 -        	}
 -               	if (r != count) {
 -                        fprintf(stderr, "%s: expecting %d, got only %d bytes\n", openpgp_data[i].ef, count, r);
 +		}
 +		if (r != count) {
 +			fprintf(stderr, "%s: expecting %d, got only %d bytes\n", openpgp_data[i].ef, count, r);
 			return EXIT_FAILURE;
 -        	}
 +		}
 		buf[count] = '\0';
@@ -628,7 +628,7 @@ int main(int argc, char **argv)
 	r = sc_context_create(&ctx, &ctx_param);
 	if (r) {
 		util_fatal("failed to establish context: %s\n",
 -			sc_strerror(r));
 +		           sc_strerror(r));
 		return EXIT_FAILURE;
 	}
@@ -640,7 +640,7 @@ int main(int argc, char **argv)
 	r = util_connect_card(ctx, &card, opt_reader, opt_wait, verbose);
 	if (r) {
 		util_fatal("failed to connect to card: %s\n",
 -			sc_strerror(r));
 +		           sc_strerror(r));
 		return EXIT_FAILURE;
 	}
 -- 
 2.1.3
--- a/utils/opensc/patches/0020-OpenPGP-Don-t-use-sc_log-in-openpgp-tool.patch
+++ b/utils/opensc/patches/0020-OpenPGP-Don-t-use-sc_log-in-openpgp-tool.patch
@ -0,0 +1,84 @@
 From 9acf5c1ad7d8a32b472203d3bd8860ea2cbde0e7 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Nguy=E1=BB=85n=20H=E1=BB=93ng=20Qu=C3=A2n?=
 <ng.hong.quan@gmail.com>
 Date: Sun, 3 Nov 2013 02:53:35 +0800
 Subject: [PATCH 20/26] OpenPGP: Don't use sc_log in openpgp-tool.
 ---
 src/tools/openpgp-tool.c | 21 +++++++++++----------
 1 file changed, 11 insertions(+), 10 deletions(-)
 diff --git a/src/tools/openpgp-tool.c b/src/tools/openpgp-tool.c
 index a0334ca..505abd9 100644
 --- a/src/tools/openpgp-tool.c
 +++ b/src/tools/openpgp-tool.c
@@ -414,8 +414,6 @@ int do_genkey(sc_card_t *card, u8 key_id, unsigned int key_len)
 	sc_path_t path;
 	sc_file_t *file;
 -	LOG_FUNC_CALLED(card->ctx);
 -
 	if (key_id < 1 || key_id > 3) {
 		printf("Unknown key ID %d.\n", key_id);
 		return 1;
@@ -479,14 +477,14 @@ int delete_key_gnuk(sc_card_t *card, u8 key_id)
 	u8 *data = NULL;
 	/* Delete fingerprint */
 -	sc_log(ctx, "Delete fingerprints");
 +	fprintf(stdout, "Delete fingerprints");
 	r |= sc_put_data(card, 0xC6 + key_id, NULL, 0);
 	/* Delete creation time */
 -	sc_log(ctx, "Delete creation time");
 +	fprintf(stdout, "Delete creation time");
 	r |= sc_put_data(card, 0xCD + key_id, NULL, 0);
 	/* Rewrite Extended Header List */
 -	sc_log(ctx, "Rewrite Extended Header List");
 +	fprintf(stdout, "Rewrite Extended Header List");
 	if (key_id == 1)
 		data = "\x4D\x02\xB6";
@@ -534,15 +532,18 @@ int delete_key_openpgp(sc_card_t *card, u8 key_id)
 		/* Build APDU from binary array */
 		r = sc_bytes2apdu(card->ctx, buf, len0, &apdu);
 		if (r) {
 -			sc_log(ctx, "Failed to build APDU");
 -			LOG_FUNC_RETURN(ctx, SC_ERROR_INTERNAL);
 +			fprintf(stderr, "Failed to build APDU: %s\n", sc_strerror(r));
 +			return r;
 		}
 		apdu.resp = rbuf;
 		apdu.resplen = sizeof(rbuf);
 		/* Send APDU to card */
 		r = sc_transmit_apdu(card, &apdu);
 -		LOG_TEST_RET(ctx, r, "Transmiting APDU failed");
 +		if (r) {
 +			fprintf(stderr, "Transmiting APDU failed: %s\n", sc_strerror(r));
 +			return r;
 +		}
 	}
 	/* TODO: Rewrite Extended Header List.
 	 * Not support by OpenGPG v2 yet */
@@ -557,7 +558,7 @@ int delete_key(sc_card_t *card, u8 key_id)
 	LOG_FUNC_CALLED(ctx);
 	/* Check key ID */
 	if (key_id < 1 || key_id > 3) {
 -		sc_log(ctx, "Invalid key ID %d", key_id);
 +		fprintf(stderr, "Invalid key ID %d", key_id);
 		LOG_FUNC_RETURN(ctx, SC_ERROR_INVALID_ARGUMENTS);
 	}
@@ -649,7 +650,7 @@ int main(int argc, char **argv)
 	    (card->type != SC_CARD_TYPE_OPENPGP_V2) &&
 	    (card->type != SC_CARD_TYPE_OPENPGP_GNUK)) {
 		util_error("not an OpenPGP card");
 -		sc_log(card->ctx, "Card type %X", card->type);
 +		fprintf(stderr, "Card type %X\n", card->type);
 		exit_status = EXIT_FAILURE;
 		goto out;
 	}
 -- 
 2.1.3
--- a/utils/opensc/patches/0021-OpenPGP-Don-t-reimplement-gnuk_delete_key-in-openpgp.patch
+++ b/utils/opensc/patches/0021-OpenPGP-Don-t-reimplement-gnuk_delete_key-in-openpgp.patch
@ -0,0 +1,112 @@
 From 0fdbf868976172486af210accafbab163452ff78 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Nguy=E1=BB=85n=20H=E1=BB=93ng=20Qu=C3=A2n?=
 <ng.hong.quan@gmail.com>
 Date: Sun, 3 Nov 2013 11:26:25 +0800
 Subject: [PATCH 21/26] OpenPGP: Don't reimplement gnuk_delete_key in
 openpgp-tool.
 ---
 src/tools/openpgp-tool.c | 64 ++++++------------------------------------------
 1 file changed, 8 insertions(+), 56 deletions(-)
 diff --git a/src/tools/openpgp-tool.c b/src/tools/openpgp-tool.c
 index 505abd9..a7796e7 100644
 --- a/src/tools/openpgp-tool.c
 +++ b/src/tools/openpgp-tool.c
@@ -468,38 +468,6 @@ int do_verify(sc_card_t *card, char *type, char *pin)
 }
 /**
 - * Delete key, for Gnuk.
 - **/
 -int delete_key_gnuk(sc_card_t *card, u8 key_id)
 -{
 -	sc_context_t *ctx = card->ctx;
 -	int r = SC_SUCCESS;
 -	u8 *data = NULL;
 -
 -	/* Delete fingerprint */
 -	fprintf(stdout, "Delete fingerprints");
 -	r |= sc_put_data(card, 0xC6 + key_id, NULL, 0);
 -	/* Delete creation time */
 -	fprintf(stdout, "Delete creation time");
 -	r |= sc_put_data(card, 0xCD + key_id, NULL, 0);
 -
 -	/* Rewrite Extended Header List */
 -	fprintf(stdout, "Rewrite Extended Header List");
 -
 -	if (key_id == 1)
 -		data = "\x4D\x02\xB6";
 -	else if (key_id == 2)
 -		data = "\x4D\x02\xB8";
 -	else if (key_id == 3)
 -		data = "\x4D\x02\xA4";
 -	else
 -		return SC_ERROR_INVALID_ARGUMENTS;
 -
 -	r |= sc_put_data(card, 0x4D, data, strlen(data) + 1);
 -	return r;
 -}
 -
 -/**
  * Delete key, for OpenPGP card.
  * This function is not complete and is reserved for future version (> 2) of OpenPGP card.
  **/
@@ -547,32 +515,13 @@ int delete_key_openpgp(sc_card_t *card, u8 key_id)
 	}
 	/* TODO: Rewrite Extended Header List.
 	 * Not support by OpenGPG v2 yet */
 -	LOG_FUNC_RETURN(ctx, r);
 -}
 -
 -int delete_key(sc_card_t *card, u8 key_id)
 -{
 -	sc_context_t *ctx = card->ctx;
 -	int r;
 -
 -	LOG_FUNC_CALLED(ctx);
 -	/* Check key ID */
 -	if (key_id < 1 || key_id > 3) {
 -		fprintf(stderr, "Invalid key ID %d", key_id);
 -		LOG_FUNC_RETURN(ctx, SC_ERROR_INVALID_ARGUMENTS);
 -	}
 -
 -	if (card->type == SC_CARD_TYPE_OPENPGP_GNUK)
 -		r = delete_key_gnuk(card, key_id);
 -	else
 -		r = delete_key_openpgp(card, key_id);
 -
 -	LOG_FUNC_RETURN(ctx, r);
 +	return r;
 }
 int do_delete_key(sc_card_t *card, u8 key_id)
 {
 	sc_context_t *ctx = card->ctx;
 +	sc_path_t path;
 	int r = SC_SUCCESS;
 	/* Currently, only Gnuk supports deleting keys */
@@ -586,13 +535,16 @@ int do_delete_key(sc_card_t *card, u8 key_id)
 		return SC_ERROR_INVALID_ARGUMENTS;
 	}
 	if (key_id == 1 || key_id == 'a') {
 -		r |= delete_key(card, 1);
 +		sc_format_path("B601", &path);
 +		r |= sc_delete_file(card, &path);
 	}
 	if (key_id == 2 || key_id == 'a') {
 -		r |= delete_key(card, 2);
 +		sc_format_path("B801", &path);
 +		r |= sc_delete_file(card, &path);
 	}
 	if (key_id == 3 || key_id == 'a') {
 -		r |= delete_key(card, 3);
 +		sc_format_path("A401", &path);
 +		r |= sc_delete_file(card, &path);
 	}
 	return r;
 }
 -- 
 2.1.3
--- a/utils/opensc/patches/0022-OpenPGP-Use-directly-binary-array-of-APDUs-for-ERASE.patch
+++ b/utils/opensc/patches/0022-OpenPGP-Use-directly-binary-array-of-APDUs-for-ERASE.patch
@ -0,0 +1,87 @@
 From 0cd2a488d86006bb2740a4e73e7a0d859e1bf33c Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Nguy=E1=BB=85n=20H=E1=BB=93ng=20Qu=C3=A2n?=
 <ng.hong.quan@gmail.com>
 Date: Sun, 13 Jul 2014 17:37:59 +0800
 Subject: [PATCH 22/26] OpenPGP: Use directly binary array of APDUs for ERASE
 command.
 I used a string presentation before and it needed an extra conversion step.
 ---
 src/libopensc/card-openpgp.c | 47 +++++++++++++++++++++++---------------------
 1 file changed, 25 insertions(+), 22 deletions(-)
 diff --git a/src/libopensc/card-openpgp.c b/src/libopensc/card-openpgp.c
 index ae40940..724fe73 100644
 --- a/src/libopensc/card-openpgp.c
 +++ b/src/libopensc/card-openpgp.c
@@ -2347,24 +2347,27 @@ out:
 static int pgp_erase_card(sc_card_t *card)
 {
 	sc_context_t *ctx = card->ctx;
 -	u8 *apdustring[10] = {
 -		"00:20:00:81:08:40:40:40:40:40:40:40:40",
 -		"00:20:00:81:08:40:40:40:40:40:40:40:40",
 -		"00:20:00:81:08:40:40:40:40:40:40:40:40",
 -		"00:20:00:81:08:40:40:40:40:40:40:40:40",
 -		"00:20:00:83:08:40:40:40:40:40:40:40:40",
 -		"00:20:00:83:08:40:40:40:40:40:40:40:40",
 -		"00:20:00:83:08:40:40:40:40:40:40:40:40",
 -		"00:20:00:83:08:40:40:40:40:40:40:40:40",
 -		"00:e6:00:00",
 -		"00:44:00:00"
 +	/* Special series of commands to erase OpenPGP card,
 +	 * according to https://www.crypto-stick.com/en/faq
 +	 * (How to reset a Crypto Stick? question).
 +	 * Gnuk is known not to support this feature. */
 +	u8 apdu_binaries[10][13] = {
 +		{0, 0x20, 0, 0x81, 0x08, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40},
 +		{0, 0x20, 0, 0x81, 0x08, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40},
 +		{0, 0x20, 0, 0x81, 0x08, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40},
 +		{0, 0x20, 0, 0x81, 0x08, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40},
 +		{0, 0x20, 0, 0x83, 0x08, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40},
 +		{0, 0x20, 0, 0x83, 0x08, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40},
 +		{0, 0x20, 0, 0x83, 0x08, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40},
 +		{0, 0x20, 0, 0x83, 0x08, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x40},
 +		{0, 0xe6, 0, 0},
 +		{0, 0x44, 0, 0}
 	};
 +	u8 apdu_lens[10] = {13, 13, 13, 13, 13, 13, 13, 13, 4, 4};
 	u8 buf[SC_MAX_APDU_BUFFER_SIZE];
 	u8 rbuf[SC_MAX_APDU_BUFFER_SIZE];
 	sc_apdu_t apdu;
 -	size_t len0;
 -	int commandsnum = 10;
 -	int i, r;
 +	int i, l, r;
 	LOG_FUNC_CALLED(ctx);
@@ -2376,17 +2379,17 @@ static int pgp_erase_card(sc_card_t *card)
 	sc_log(ctx, "Card is OpenPGP v2. Erase card.");
 	/* Iterate over 10 commands above */
 -	for (i = 0; i < commandsnum; i++) {
 -		/* Convert the string to binary array */
 -		len0 = sizeof(buf);
 -		sc_hex_to_bin(apdustring[i], buf, &len0);
 -		printf("Sending: ");
 -		for (r = 0; r < len0; r++)
 -			printf("%02X ", buf[r]);
 +	for (i = 0; i < sizeof(apdu_lens); i++) {
 +		/* Length of the binary array of the current command */
 +		l = apdu_lens[i];
 +		/* Print the command to console */
 +		printf("Sending %d: ", i);
 +		for (r = 0; r < l; r++)
 +			printf("%02X ", apdu_binaries[i][r]);
 		printf("\n");
 		/* Build APDU from binary array */
 -		r = sc_bytes2apdu(card->ctx, buf, len0, &apdu);
 +		r = sc_bytes2apdu(card->ctx, apdu_binaries[i], l, &apdu);
 		if (r) {
 			sc_log(ctx, "Failed to build APDU");
 			LOG_FUNC_RETURN(ctx, SC_ERROR_INTERNAL);
 -- 
 2.1.3
--- a/utils/opensc/patches/0023-OpenPGP-Rename-private-blob-type-to-avoid-confusing-.patch
+++ b/utils/opensc/patches/0023-OpenPGP-Rename-private-blob-type-to-avoid-confusing-.patch
@ -0,0 +1,339 @@
 From 6f56ea4cfc52323002d818731a50a31e863b6843 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Nguy=E1=BB=85n=20H=E1=BB=93ng=20Qu=C3=A2n?=
 <ng.hong.quan@gmail.com>
 Date: Sun, 13 Jul 2014 19:41:36 +0800
 Subject: [PATCH 23/26] OpenPGP: Rename private "blob" type to avoid confusing
 with variable name.
 This name has been used for both data type and variable name of that
 type.
 ---
 src/libopensc/card-openpgp.c | 96 ++++++++++++++++++++++----------------------
 1 file changed, 49 insertions(+), 47 deletions(-)
 diff --git a/src/libopensc/card-openpgp.c b/src/libopensc/card-openpgp.c
 index 724fe73..ca3173c 100644
 --- a/src/libopensc/card-openpgp.c
 +++ b/src/libopensc/card-openpgp.c
@@ -111,9 +111,9 @@ enum _card_state {
 	CARD_STATE_ACTIVATED      = 0x05
 };
 -struct blob {
 -	struct blob *	next;	/* pointer to next sibling */
 -	struct blob *	parent;	/* pointer to parent */
 +typedef struct pgp_blob {
 +	struct pgp_blob *	next;	/* pointer to next sibling */
 +	struct pgp_blob *	parent;	/* pointer to parent */
 	struct do_info *info;
 	sc_file_t *	file;
@@ -122,8 +122,8 @@ struct blob {
 	unsigned char *	data;
 	unsigned int	len;
 -	struct blob *	files;	/* pointer to 1st child */
 -};
 +	struct pgp_blob *	files;	/* pointer to 1st child */
 +} pgp_blob_t;
 struct do_info {
 	unsigned int	id;		/* ID of the DO in question */
@@ -141,12 +141,12 @@ struct do_info {
 static int		pgp_get_card_features(sc_card_t *card);
 static int		pgp_finish(sc_card_t *card);
 -static void		pgp_iterate_blobs(struct blob *, int, void (*func)());
 +static void		pgp_iterate_blobs(pgp_blob_t *, int, void (*func)());
 -static int		pgp_get_blob(sc_card_t *card, struct blob *blob,
 -				 unsigned int id, struct blob **ret);
 -static struct blob *	pgp_new_blob(sc_card_t *, struct blob *, unsigned int, sc_file_t *);
 -static void		pgp_free_blob(struct blob *);
 +static int		pgp_get_blob(sc_card_t *card, pgp_blob_t *blob,
 +				 unsigned int id, pgp_blob_t **ret);
 +static pgp_blob_t *	pgp_new_blob(sc_card_t *, pgp_blob_t *, unsigned int, sc_file_t *);
 +static void		pgp_free_blob(pgp_blob_t *);
 static int		pgp_get_pubkey(sc_card_t *, unsigned int,
 				u8 *, size_t);
 static int		pgp_get_pubkey_pem(sc_card_t *, unsigned int,
@@ -272,8 +272,8 @@ static struct do_info		pgp2_objects[] = {	/* OpenPGP card spec 2.0 */
 #define DRVDATA(card)        ((struct pgp_priv_data *) ((card)->drv_data))
 struct pgp_priv_data {
 -	struct blob *		mf;
 -	struct blob *		current;	/* currently selected file */
 +	pgp_blob_t *		mf;
 +	pgp_blob_t *		current;	/* currently selected file */
 	enum _version		bcd_version;
 	struct do_info		*pgp_objects;
@@ -311,7 +311,7 @@ pgp_init(sc_card_t *card)
 	sc_file_t	*file = NULL;
 	struct do_info	*info;
 	int		r;
 -	struct blob 	*child = NULL;
 +	pgp_blob_t 	*child = NULL;
 	LOG_FUNC_CALLED(card->ctx);
@@ -389,7 +389,7 @@ pgp_get_card_features(sc_card_t *card)
 	unsigned char *hist_bytes = card->atr.value;
 	size_t atr_len = card->atr.len;
 	size_t i = 0;
 -	struct blob *blob, *blob6e, *blob73;
 +	pgp_blob_t *blob, *blob6e, *blob73;
 	/* parse card capabilities from historical bytes */
 	while ((i < atr_len) && (hist_bytes[i] != 0x73))
@@ -526,7 +526,7 @@ pgp_finish(sc_card_t *card)
 /* internal: fill a blob's data */
 static int
 -pgp_set_blob(struct blob *blob, const u8 *data, size_t len)
 +pgp_set_blob(pgp_blob_t *blob, const u8 *data, size_t len)
 {
 	if (blob->data)
 		free(blob->data);
@@ -620,16 +620,16 @@ pgp_attach_acl(sc_card_t *card, sc_file_t *file, struct do_info *info)
 }
 /* internal: append a blob to the list of children of a given parent blob */
 -static struct blob *
 -pgp_new_blob(sc_card_t *card, struct blob *parent, unsigned int file_id,
 +static pgp_blob_t *
 +pgp_new_blob(sc_card_t *card, pgp_blob_t *parent, unsigned int file_id,
 		sc_file_t *file)
 {
 -	struct blob *blob = NULL;
 +	pgp_blob_t *blob = NULL;
 	if (file == NULL)
 		return NULL;
 -	if ((blob = calloc(1, sizeof(struct blob))) != NULL) {
 +	if ((blob = calloc(1, sizeof(pgp_blob_t))) != NULL) {
 		struct pgp_priv_data *priv = DRVDATA (card);
 		struct do_info *info;
@@ -643,7 +643,7 @@ pgp_new_blob(sc_card_t *card, struct blob *parent, unsigned int file_id,
 		blob->parent = parent;
 		if (parent != NULL) {
 -			struct blob **p;
 +			pgp_blob_t **p;
 			/* set file's path = parent's path + file's id */
 			blob->file->path = parent->file->path;
@@ -681,11 +681,11 @@ pgp_new_blob(sc_card_t *card, struct blob *parent, unsigned int file_id,
 /* internal: free a blob including its content */
 static void
 -pgp_free_blob(struct blob *blob)
 +pgp_free_blob(pgp_blob_t *blob)
 {
 	if (blob) {
 		if (blob->parent) {
 -			struct blob **p;
 +			pgp_blob_t **p;
 			/* remove blob from list of parent's children */
 			for (p = &blob->parent->files; *p != NULL && *p != blob; p = &(*p)->next)
@@ -705,14 +705,14 @@ pgp_free_blob(struct blob *blob)
 /* internal: iterate through the blob tree, calling a function for each blob */
 static void
 -pgp_iterate_blobs(struct blob *blob, int level, void (*func)())
 +pgp_iterate_blobs(pgp_blob_t *blob, int level, void (*func)())
 {
 	if (blob) {
 		if (level > 0) {
 -			struct blob *child = blob->files;
 +			pgp_blob_t *child = blob->files;
 			while (child != NULL) {
 -				struct blob *next = child->next;
 +				pgp_blob_t *next = child->next;
 				pgp_iterate_blobs(child, level-1, func);
 				child = next;
@@ -725,7 +725,7 @@ pgp_iterate_blobs(struct blob *blob, int level, void (*func)())
 /* internal: read a blob's contents from card */
 static int
 -pgp_read_blob(sc_card_t *card, struct blob *blob)
 +pgp_read_blob(sc_card_t *card, pgp_blob_t *blob)
 {
 	struct pgp_priv_data *priv = DRVDATA (card);
@@ -772,7 +772,7 @@ pgp_read_blob(sc_card_t *card, struct blob *blob)
  * The OpenPGP card has a TLV encoding according ASN.1 BER-encoding rules.
  */
 static int
 -pgp_enumerate_blob(sc_card_t *card, struct blob *blob)
 +pgp_enumerate_blob(sc_card_t *card, pgp_blob_t *blob)
 {
 	const u8	*in;
 	int		r;
@@ -789,7 +789,7 @@ pgp_enumerate_blob(sc_card_t *card, struct blob *blob)
 		unsigned int	cla, tag, tmptag;
 		size_t		len;
 		const u8	*data = in;
 -		struct blob	*new;
 +		pgp_blob_t	*new;
 		r = sc_asn1_read_tag(&data, blob->len - (in - blob->data),
 					&cla, &tag, &len);
@@ -819,10 +819,10 @@ pgp_enumerate_blob(sc_card_t *card, struct blob *blob)
 /* internal: find a blob by ID below a given parent, filling its contents when necessary */
 static int
 -pgp_get_blob(sc_card_t *card, struct blob *blob, unsigned int id,
 -		struct blob **ret)
 +pgp_get_blob(sc_card_t *card, pgp_blob_t *blob, unsigned int id,
 +		pgp_blob_t **ret)
 {
 -	struct blob		*child;
 +	pgp_blob_t		*child;
 	int			r;
 	if ((r = pgp_enumerate_blob(card, blob)) < 0)
@@ -858,10 +858,10 @@ pgp_get_blob(sc_card_t *card, struct blob *blob, unsigned int id,
 /* Internal: search recursively for a blob by ID below a given root */
 static int
 -pgp_seek_blob(sc_card_t *card, struct blob *root, unsigned int id,
 -		struct blob **ret)
 +pgp_seek_blob(sc_card_t *card, pgp_blob_t *root, unsigned int id,
 +		pgp_blob_t **ret)
 {
 -	struct blob	*child;
 +	pgp_blob_t	*child;
 	int			r;
 	if ((r = pgp_get_blob(card, root, id, ret)) == 0)
@@ -883,11 +883,11 @@ pgp_seek_blob(sc_card_t *card, struct blob *root, unsigned int id,
 }
 /* internal: find a blob by tag - pgp_seek_blob with optimizations */
 -static struct blob *
 +static pgp_blob_t *
 pgp_find_blob(sc_card_t *card, unsigned int tag)
 {
 	struct pgp_priv_data *priv = DRVDATA(card);
 -	struct blob *blob = NULL;
 +	pgp_blob_t *blob = NULL;
 	int r;
 	/* Check if current selected blob is which we want to test*/
@@ -941,7 +941,7 @@ static int
 pgp_select_file(sc_card_t *card, const sc_path_t *path, sc_file_t **ret)
 {
 	struct pgp_priv_data *priv = DRVDATA(card);
 -	struct blob	*blob;
 +	pgp_blob_t	*blob;
 	unsigned int	path_start = 0;
 	unsigned int	n;
 	sc_path_t dummy_path;
@@ -1022,7 +1022,7 @@ static int
 pgp_list_files(sc_card_t *card, u8 *buf, size_t buflen)
 {
 	struct pgp_priv_data *priv = DRVDATA(card);
 -	struct blob	*blob;
 +	pgp_blob_t	*blob;
 	unsigned int	k;
 	int		r;
@@ -1058,7 +1058,7 @@ pgp_read_binary(sc_card_t *card, unsigned int idx,
 		u8 *buf, size_t count, unsigned long flags)
 {
 	struct pgp_priv_data *priv = DRVDATA(card);
 -	struct blob	*blob;
 +	pgp_blob_t	*blob;
 	int		r;
 	LOG_FUNC_CALLED(card->ctx);
@@ -1134,7 +1134,7 @@ static int
 pgp_get_pubkey_pem(sc_card_t *card, unsigned int tag, u8 *buf, size_t buf_len)
 {
 	struct pgp_priv_data *priv = DRVDATA(card);
 -	struct blob	*blob, *mod_blob, *exp_blob;
 +	pgp_blob_t	*blob, *mod_blob, *exp_blob;
 	sc_pkcs15_pubkey_t pubkey;
 	u8		*data;
 	size_t		len;
@@ -1329,7 +1329,7 @@ static int
 pgp_put_data(sc_card_t *card, unsigned int tag, const u8 *buf, size_t buf_len)
 {
 	struct pgp_priv_data *priv = DRVDATA(card);
 -	struct blob *affected_blob = NULL;
 +	pgp_blob_t *affected_blob = NULL;
 	struct do_info *dinfo = NULL;
 	int r;
@@ -1603,7 +1603,7 @@ static int
 pgp_update_new_algo_attr(sc_card_t *card, sc_cardctl_openpgp_keygen_info_t *key_info)
 {
 	struct pgp_priv_data *priv = DRVDATA(card);
 -	struct blob *algo_blob;
 +	pgp_blob_t *algo_blob;
 	unsigned int old_modulus_len;     /* Measured in bit */
 	unsigned int old_exponent_len;
 	const unsigned int tag = 0x00C0 | key_info->keytype;
@@ -1708,7 +1708,7 @@ pgp_calculate_and_store_fingerprint(sc_card_t *card, time_t ctime,
 	u8 *p; /* Use this pointer to set fp_buffer content */
 	size_t pk_packet_len;
 	unsigned int tag;
 -	struct blob *fpseq_blob;
 +	pgp_blob_t *fpseq_blob;
 	u8 *newdata;
 	int r;
@@ -1797,7 +1797,7 @@ pgp_update_pubkey_blob(sc_card_t *card, u8* modulus, size_t modulus_len,
                        u8* exponent, size_t exponent_len, u8 key_id)
 {
 	struct pgp_priv_data *priv = DRVDATA(card);
 -	struct blob *pk_blob;
 +	pgp_blob_t *pk_blob;
 	unsigned int blob_id;
 	sc_pkcs15_pubkey_t pubkey;
 	u8 *data = NULL;
@@ -1939,6 +1939,8 @@ static int pgp_update_card_algorithms(sc_card_t *card, sc_cardctl_openpgp_keygen
  **/
 static int pgp_gen_key(sc_card_t *card, sc_cardctl_openpgp_keygen_info_t *key_info)
 {
 +	struct pgp_priv_data *priv = DRVDATA(card);
 +	pgp_blob_t *algo_blob;
 	sc_apdu_t apdu;
 	/* Temporary variables to hold APDU params */
 	u8 apdu_case;
@@ -2132,7 +2134,7 @@ pgp_build_extended_header_list(sc_card_t *card, sc_cardctl_openpgp_keystore_info
 	};
 	size_t comp_to_add = 3;
 	size_t req_e_len = 0;     /* The exponent length specified in Algorithm Attributes */
 -	struct blob *alat_blob;
 +	pgp_blob_t *alat_blob;
 	u8 i;
 	int r;
@@ -2483,7 +2485,7 @@ static int
 pgp_delete_file(sc_card_t *card, const sc_path_t *path)
 {
 	struct pgp_priv_data *priv = DRVDATA(card);
 -	struct blob *blob;
 +	pgp_blob_t *blob;
 	sc_file_t *file;
 	u8 key_id;
 	int r;
@@ -2533,7 +2535,7 @@ pgp_update_binary(sc_card_t *card, unsigned int idx,
 		  const u8 *buf, size_t count, unsigned long flags)
 {
 	struct pgp_priv_data *priv = DRVDATA(card);
 -	struct blob *blob = priv->current;
 +	pgp_blob_t *blob = priv->current;
 	int r = SC_SUCCESS;
 	LOG_FUNC_CALLED(card->ctx);
 -- 
 2.1.3
--- a/utils/opensc/patches/0024-OpenPGP-Fix-crash-after-accessing-inexistent-file.patch
+++ b/utils/opensc/patches/0024-OpenPGP-Fix-crash-after-accessing-inexistent-file.patch
@ -0,0 +1,41 @@
 From 8a87a4ee9107f250254d5c93c6fd62224c400ce7 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Nguy=E1=BB=85n=20H=E1=BB=93ng=20Qu=C3=A2n?=
 <ng.hong.quan@gmail.com>
 Date: Mon, 14 Jul 2014 01:30:28 +0800
 Subject: [PATCH 24/26] OpenPGP: Fix crash after accessing inexistent file.
 ---
 src/libopensc/card-openpgp.c | 3 ---
 1 file changed, 3 deletions(-)
 diff --git a/src/libopensc/card-openpgp.c b/src/libopensc/card-openpgp.c
 index ca3173c..94c69ae 100644
 --- a/src/libopensc/card-openpgp.c
 +++ b/src/libopensc/card-openpgp.c
@@ -973,7 +973,6 @@ pgp_select_file(sc_card_t *card, const sc_path_t *path, sc_file_t **ret)
 			 * So we set its size to be the same as max certificate size the card supports. */
 			(*ret)->size = priv->max_cert_size;
 		}
 -		priv->current = NULL;
 		LOG_FUNC_RETURN(card->ctx, SC_SUCCESS);
 	}
@@ -990,7 +989,6 @@ pgp_select_file(sc_card_t *card, const sc_path_t *path, sc_file_t **ret)
 		/* This file ID is refered when importing key&certificate via pkcs15init, like above.
 		 * We pretend to successfully find this inexistent file. */
 		if (id == 0x4402 || id == 0x5f48) {
 -			priv->current = NULL;
 			if (ret == NULL)
 				/* No need to return file */
 				LOG_FUNC_RETURN(card->ctx, SC_SUCCESS);
@@ -1002,7 +1000,6 @@ pgp_select_file(sc_card_t *card, const sc_path_t *path, sc_file_t **ret)
 		}
 		if (r < 0) {	/* failure */
 -			priv->current = NULL;
 			LOG_FUNC_RETURN(card->ctx, r);
 		}
 	}
 -- 
 2.1.3
--- a/utils/opensc/patches/0025-Replace-hardcode.patch
+++ b/utils/opensc/patches/0025-Replace-hardcode.patch
@ -0,0 +1,148 @@
 From da70a41383e2ab81fbcc89fb1067f5a189e0fb97 Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Nguy=E1=BB=85n=20H=E1=BB=93ng=20Qu=C3=A2n?=
 <ng.hong.quan@gmail.com>
 Date: Sun, 9 Nov 2014 15:58:40 +0700
 Subject: [PATCH 25/26] Replace hardcode.
 ---
 src/libopensc/card-openpgp.c | 72 +++++++++++++++++++++++++-------------------
 1 file changed, 41 insertions(+), 31 deletions(-)
 diff --git a/src/libopensc/card-openpgp.c b/src/libopensc/card-openpgp.c
 index 94c69ae..1e6e338 100644
 --- a/src/libopensc/card-openpgp.c
 +++ b/src/libopensc/card-openpgp.c
@@ -152,6 +152,24 @@ static int		pgp_get_pubkey(sc_card_t *, unsigned int,
 static int		pgp_get_pubkey_pem(sc_card_t *, unsigned int,
 				u8 *, size_t);
 +/* The DO holding X.509 certificate is constructed but does not contain child DO.
 + * We should notice this when building fake file system later. */
 +#define DO_CERT                  0x7f21
 +/* Control Reference Template of private keys. Ref: Section 4.3.3.7 of OpenPGP card v2 spec.
 + * Here we seen it as DO just for convenient */
 +#define DO_SIGN                  0xb600
 +#define DO_ENCR                  0xb800
 +#define DO_AUTH                  0xa400
 +/* These DO does not exist. They are defined and used just for ease of implementation */
 +#define DO_SIGN_SYM              0xb601
 +#define DO_ENCR_SYM              0xb801
 +#define DO_AUTH_SYM              0xa401
 +/* Maximum length for response buffer when reading pubkey. This value is calculated with
 + * 4096-bit key length */
 +#define MAXLEN_RESP_PUBKEY       527
 +/* Gnuk only support 1 key length (2048 bit) */
 +#define MAXLEN_RESP_PUBKEY_GNUK  271
 +
 static struct do_info		pgp1_objects[] = {	/* OpenPGP card spec 1.1 */
 	{ 0x004f, SIMPLE,      READ_ALWAYS | WRITE_NEVER, NULL,               NULL        },
 	{ 0x005b, SIMPLE,      READ_ALWAYS | WRITE_PIN3,  NULL,               sc_put_data },
@@ -192,12 +210,12 @@ static struct do_info		pgp1_objects[] = {	/* OpenPGP card spec 1.1 */
 	{ 0x5f35, SIMPLE,      READ_ALWAYS | WRITE_PIN3,  NULL,               sc_put_data },
 	{ 0x5f50, SIMPLE,      READ_ALWAYS | WRITE_PIN3,  sc_get_data,        sc_put_data },
 	{ 0x7f49, CONSTRUCTED, READ_ALWAYS | WRITE_NEVER, NULL,               NULL        },
 -	{ 0xa400, CONSTRUCTED, READ_ALWAYS | WRITE_NEVER, pgp_get_pubkey,     NULL        },
 -	{ 0xa401, SIMPLE,      READ_ALWAYS | WRITE_PIN3,  pgp_get_pubkey_pem, NULL        },
 -	{ 0xb600, CONSTRUCTED, READ_ALWAYS | WRITE_NEVER, pgp_get_pubkey,     NULL        },
 -	{ 0xb601, SIMPLE,      READ_ALWAYS | WRITE_PIN3,  pgp_get_pubkey_pem, NULL        },
 -	{ 0xb800, CONSTRUCTED, READ_ALWAYS | WRITE_NEVER, pgp_get_pubkey,     NULL        },
 -	{ 0xb801, SIMPLE,      READ_ALWAYS | WRITE_PIN3,  pgp_get_pubkey_pem, NULL        },
 +	{ DO_AUTH,     CONSTRUCTED, READ_ALWAYS | WRITE_NEVER, pgp_get_pubkey,     NULL   },
 +	{ DO_AUTH_SYM, SIMPLE,      READ_ALWAYS | WRITE_PIN3,  pgp_get_pubkey_pem, NULL   },
 +	{ DO_SIGN,     CONSTRUCTED, READ_ALWAYS | WRITE_NEVER, pgp_get_pubkey,     NULL   },
 +	{ DO_SIGN_SYM, SIMPLE,      READ_ALWAYS | WRITE_PIN3,  pgp_get_pubkey_pem, NULL   },
 +	{ DO_ENCR,     CONSTRUCTED, READ_ALWAYS | WRITE_NEVER, pgp_get_pubkey,     NULL   },
 +	{ DO_ENCR_SYM, SIMPLE,      READ_ALWAYS | WRITE_PIN3,  pgp_get_pubkey_pem, NULL   },
 	{ 0, 0, 0, NULL, NULL },
 };
@@ -246,30 +264,21 @@ static struct do_info		pgp2_objects[] = {	/* OpenPGP card spec 2.0 */
 	{ 0x5f52, SIMPLE,      READ_ALWAYS | WRITE_NEVER, sc_get_data,        NULL        },
 	/* The 7F21 is constructed DO in spec, but in practice, its content can be retrieved
 	 * as simple DO (no need to parse TLV). */
 -	{ 0x7f21, SIMPLE,      READ_ALWAYS | WRITE_PIN3,  sc_get_data,        sc_put_data },
 +	{ DO_CERT, SIMPLE,      READ_ALWAYS | WRITE_PIN3,  sc_get_data,        sc_put_data },
 	{ 0x7f48, CONSTRUCTED, READ_NEVER  | WRITE_NEVER, NULL,               NULL        },
 	{ 0x7f49, CONSTRUCTED, READ_ALWAYS | WRITE_NEVER, NULL,               NULL        },
 -	{ 0xa400, CONSTRUCTED, READ_ALWAYS | WRITE_NEVER, pgp_get_pubkey,     NULL        },
 +	{ DO_AUTH,     CONSTRUCTED, READ_ALWAYS | WRITE_NEVER, pgp_get_pubkey,     NULL   },
 	/* The 0xA401, 0xB601, 0xB801 are just symbolic, it does not represent any real DO.
 	 * However, their R/W access condition may block the process of importing key in pkcs15init.
 	 * So we set their accesses condition as WRITE_PIN3 (writable). */
 -	{ 0xa401, SIMPLE,      READ_ALWAYS | WRITE_PIN3,  pgp_get_pubkey_pem, NULL        },
 -	{ 0xb600, CONSTRUCTED, READ_ALWAYS | WRITE_NEVER, pgp_get_pubkey,     NULL        },
 -	{ 0xb601, SIMPLE,      READ_ALWAYS | WRITE_PIN3,  pgp_get_pubkey_pem, NULL        },
 -	{ 0xb800, CONSTRUCTED, READ_ALWAYS | WRITE_NEVER, pgp_get_pubkey,     NULL        },
 -	{ 0xb801, SIMPLE,      READ_ALWAYS | WRITE_PIN3,  pgp_get_pubkey_pem, NULL        },
 +	{ DO_AUTH_SYM, SIMPLE,      READ_ALWAYS | WRITE_PIN3,  pgp_get_pubkey_pem, NULL   },
 +	{ DO_SIGN,     CONSTRUCTED, READ_ALWAYS | WRITE_NEVER, pgp_get_pubkey,     NULL   },
 +	{ DO_SIGN_SYM, SIMPLE,      READ_ALWAYS | WRITE_PIN3,  pgp_get_pubkey_pem, NULL   },
 +	{ DO_ENCR,     CONSTRUCTED, READ_ALWAYS | WRITE_NEVER, pgp_get_pubkey,     NULL   },
 +	{ DO_ENCR_SYM, SIMPLE,      READ_ALWAYS | WRITE_PIN3,  pgp_get_pubkey_pem, NULL   },
 	{ 0, 0, 0, NULL, NULL },
 };
 -/* The DO holding X.509 certificate is constructed but does not contain child DO.
 - * We should notice this when building fake file system later. */
 -#define DO_CERT                  0x7f21
 -/* Maximum length for response buffer when reading pubkey. This value is calculated with
 - * 4096-bit key length */
 -#define MAXLEN_RESP_PUBKEY       527
 -/* Gnuk only support 1 key length (2048 bit) */
 -#define MAXLEN_RESP_PUBKEY_GNUK  271
 -
 #define DRVDATA(card)        ((struct pgp_priv_data *) ((card)->drv_data))
 struct pgp_priv_data {
 	pgp_blob_t *		mf;
@@ -747,8 +756,9 @@ pgp_read_blob(sc_card_t *card, pgp_blob_t *blob)
 		/* Buffer length for Gnuk pubkey */
 		if (card->type == SC_CARD_TYPE_OPENPGP_GNUK &&
 -		    (blob->id == 0xa400 || blob->id == 0xb600 || blob->id == 0xb800
 -		     || blob->id == 0xa401 || blob->id == 0xb601 || blob->id == 0xb801)) {
 +		    (blob->id == DO_AUTH || blob->id == DO_SIGN || blob->id == DO_ENCR
 +		     || blob->id == DO_AUTH_SYM || blob->id == DO_SIGN_SYM
 +		     || blob->id == DO_ENCR_SYM)) {
 			buf_len = MAXLEN_RESP_PUBKEY_GNUK;
 		}
@@ -1804,11 +1814,11 @@ pgp_update_pubkey_blob(sc_card_t *card, u8* modulus, size_t modulus_len,
 	LOG_FUNC_CALLED(card->ctx);
 	if (key_id == SC_OPENPGP_KEY_SIGN)
 -		blob_id = 0xB601;
 +		blob_id = DO_SIGN_SYM;
 	else if (key_id == SC_OPENPGP_KEY_ENCR)
 -		blob_id = 0xB801;
 +		blob_id = DO_ENCR_SYM;
 	else if (key_id == SC_OPENPGP_KEY_AUTH)
 -		blob_id = 0xA401;
 +		blob_id = DO_AUTH_SYM;
 	else {
 		sc_log(card->ctx, "Unknown key id %X.", key_id);
 		LOG_FUNC_RETURN(card->ctx, SC_ERROR_INVALID_ARGUMENTS);
@@ -2501,17 +2511,17 @@ pgp_delete_file(sc_card_t *card, const sc_path_t *path)
 		LOG_FUNC_RETURN(card->ctx, SC_ERROR_NOT_SUPPORTED);
 	if (card->type != SC_CARD_TYPE_OPENPGP_GNUK &&
 -	    (file->id == 0xB601 || file->id == 0xB801 || file->id == 0xA401)) {
 +	    (file->id == DO_SIGN_SYM || file->id == DO_ENCR_SYM || file->id == DO_AUTH_SYM)) {
 		/* These tags are just symbolic. We don't really delete it. */
 		r = SC_SUCCESS;
 	}
 -	else if (card->type == SC_CARD_TYPE_OPENPGP_GNUK && file->id == 0xB601) {
 +	else if (card->type == SC_CARD_TYPE_OPENPGP_GNUK && file->id == DO_SIGN_SYM) {
 		r = gnuk_delete_key(card, 1);
 	}
 -	else if (card->type == SC_CARD_TYPE_OPENPGP_GNUK && file->id == 0xB801) {
 +	else if (card->type == SC_CARD_TYPE_OPENPGP_GNUK && file->id == DO_ENCR_SYM) {
 		r = gnuk_delete_key(card, 2);
 	}
 -	else if (card->type == SC_CARD_TYPE_OPENPGP_GNUK && file->id == 0xA401) {
 +	else if (card->type == SC_CARD_TYPE_OPENPGP_GNUK && file->id == DO_AUTH_SYM) {
 		r = gnuk_delete_key(card, 3);
 	}
 	else {
 -- 
 2.1.3
--- a/utils/opensc/patches/0026-hardcode-defines-for-DO-s.patch
+++ b/utils/opensc/patches/0026-hardcode-defines-for-DO-s.patch
@ -0,0 +1,53 @@
 From b9dae832db54b206a15bcc12e290cef50f31c3d0 Mon Sep 17 00:00:00 2001
 From: george <ggkitsas@yahoo.com>
 Date: Tue, 11 Nov 2014 16:16:15 +0100
 Subject: [PATCH 26/26] hardcode->defines for DO's
 ---
 src/libopensc/card-openpgp.c | 16 ++++++++++++++--
 1 file changed, 14 insertions(+), 2 deletions(-)
 diff --git a/src/libopensc/card-openpgp.c b/src/libopensc/card-openpgp.c
 index 1e6e338..8464914 100644
 --- a/src/libopensc/card-openpgp.c
 +++ b/src/libopensc/card-openpgp.c
@@ -164,6 +164,18 @@ static int		pgp_get_pubkey_pem(sc_card_t *, unsigned int,
 #define DO_SIGN_SYM              0xb601
 #define DO_ENCR_SYM              0xb801
 #define DO_AUTH_SYM              0xa401
 +/* Private DO's */
 +#define DO_PRIV1                 0x0101
 +#define DO_PRIV2                 0x0102
 +#define DO_PRIV3                 0x0103
 +#define DO_PRIV4                 0x0104
 +/* Cardholder information DO's */
 +#define DO_CARDHOLDER            0x65
 +#define DO_NAME                  0x5b
 +#define DO_LANG_PREF             0x5f2d
 +#define DO_SEX                   0x5f35
 +
 +
 /* Maximum length for response buffer when reading pubkey. This value is calculated with
  * 4096-bit key length */
 #define MAXLEN_RESP_PUBKEY       527
@@ -851,7 +863,7 @@ pgp_get_blob(sc_card_t *card, pgp_blob_t *blob, unsigned int id,
 	/* Special case:
 	 * Gnuk does not have default value for children of DO 65 (DOs 5B, 5F2D, 5F35)
 	 * So, if these blob was not found, we create it. */
 -	if (blob->id == 0x65 && (id == 0x5B || id == 0x5F2D || id == 0x5F35)) {
 +	if (blob->id == DO_CARDHOLDER && (id == DO_NAME || id == DO_LANG_PREF || id == DO_SEX)) {
 		sc_log(card->ctx, "Create blob %X under %X", id, blob->id);
 		child = pgp_new_blob(card, blob, id, sc_file_new());
 		if (child) {
@@ -1198,7 +1210,7 @@ pgp_get_data(sc_card_t *card, unsigned int tag, u8 *buf, size_t buf_len)
 	/* For Gnuk card, if there is no certificate, it returns error instead of empty data.
 	 * So, for this case, we ignore error and consider success */
 	if (r == SC_ERROR_DATA_OBJECT_NOT_FOUND && card->type == SC_CARD_TYPE_OPENPGP_GNUK
 -        && (tag == DO_CERT || tag == 0x0101 || tag == 0x0102 || tag == 0x0103 || tag == 0x0104)) {
 +        && (tag == DO_CERT || tag == DO_PRIV1 || tag == DO_PRIV2 || tag == DO_PRIV3 || tag == DO_PRIV4)) {
 		r = SC_SUCCESS;
 		apdu.resplen = 0;
 	}
 -- 
 2.1.3