-
Notifications
You must be signed in to change notification settings - Fork 38
/
Copy pathbuild.xml
88 lines (78 loc) · 3.48 KB
/
build.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
<?xml version="1.0" encoding="UTF-8"?>
<project name="JavaCard PIV applet" default="dist" basedir=".">
<description>Builds the project. </description>
<!-- feature controls -->
<!--
PIV_SUPPORT_*: choose whether RSA/EC family algorithms are supported.
-->
<property name="PIV_SUPPORT_RSA" value="true"/>
<property name="PIV_SUPPORT_EC" value="true"/>
<!--
PIV_SUPPORT_ECCP384: specifically allows disabling P-384 EC support since
instantiating the 384-bit EC signer (even without ever using it) on some
cards brings the applet too close to exhausting transient memory.
-->
<property name="PIV_SUPPORT_ECCP384" value="true"/>
<!--
PIV_SUPPORT_AES/3DES: allows disabling either of the two symmetric key
algorithms allowed to be used for the "admin"/"management" key in slot 9B.
Note that disabling 3DES will make the applet non-compliant with SP800.73-4
-->
<property name="PIV_SUPPORT_AES" value="true"/>
<property name="PIV_SUPPORT_3DES" value="true"/>
<!--
PIV_STRICT_CONTACTLESS: if true, strictly enforce the PIV spec requirements
around which slots and keys are allowed to be used over the contactless
interface. If false, allow anything to be used over contactless.
-->
<property name="PIV_STRICT_CONTACTLESS" value="false"/>
<!--
YKPIV_ATTESTATION: whether to build support for YubicoPIV attestation.
Without this, the attestation slots and commands will all return
unsupported errors.
-->
<property name="YKPIV_ATTESTATION" value="true"/>
<!--
APPLET_EXTLEN: build with support for extended length APDUs. This doesn't
work properly on all cards and some may need to use an applet built without
support for this (due to bugs in getOffsetCdata()).
-->
<property name="APPLET_EXTLEN" value="true"/>
<!--
APPLET_USE_RESET_MEM: use CLEAR_ON_RESET memory in cipher and signature
instances (rather than CLEAR_ON_DESELECT). Only set this if you trust other
applets on the card not to leak info left in RAM after deselect (e.g.
PivApplet is the only applet installed). Some cards are very short on
CLEAR_ON_DESELECT memory and need this to use RSA.
-->
<property name="APPLET_USE_RESET_MEM" value="false"/>
<!--
APPLET_LOW_TRANSIENT: conserve transient memory by falling back more
quickly to buffering long data in permanent memory and allowing fewer
memory segments in SGLists. This may break YKPIV_ATTESTATION. Recommended
on some cards which are short on transient memory.
-->
<property name="APPLET_LOW_TRANSIENT" value="false"/>
<target name="preprocess" description="proprocess java source">
<taskdef resource="jpp.xml" classpath="ext/jpp-1.0.3.jar"/>
<jpp destdir="src-gen" readonly="true" verbose="false">
<fileset dir="src/" includes="**/*.java"/>
</jpp>
</target>
<target name="dist" depends="preprocess" description="generate the distribution">
<tstamp/>
<ant dir="ext/ant"/>
<!-- Create the distribution directory -->
<taskdef name="javacard" classname="pro.javacard.ant.JavaCard" classpath="ext/ant/ant-javacard.jar"/>
<javacard>
<cap aid="a0:00:00:03:08:00:00:10" output="bin/PivApplet.cap" sources="src-gen" classes="bin" version="1.0">
<applet class="net.cooperi.pivapplet.PivApplet" aid="a0:00:00:03:08:00:00:10:00:01:00"/>
</cap>
</javacard>
</target>
<target name="clean" description="clean up">
<!-- Delete the built applet -->
<delete dir="bin"/>
<delete dir="src-gen"/>
</target>
</project>