Hi Viktor,
we've completed the development of write support for the SmartCard-HSM
and are in the middle of testing and bug-fixing.
The code is based on the latest version in OpenSC/staging and changes
mostly apply to our own code.
Is there a chance to get write support into the upcomin release
Il 25/09/2012 07:58, Andreas Jellinghaus ha scritto:
EMV for sure: there's an unauthenticated bit that tells the card to
authenticate the transaction without asking for the PIN...
Thats ok, it is a valid feature. If people buy something for less than a
dollar, and the transaction is
NdK wrote:
IIUC that bit is not authenticated, so a MITM attack can force both the
reader and the card think the other party doesn't support PIN auth,
making the card sign the transaction anyway, regardless the amount
involved. So IMVHO it's quite serious...
Dear all,
we've come a across a strange issue in OpenSC. When we try to generate a
key pair with parameters not supported by the card, then the framework
code still tries to allocate private/public key objects rather than
returning an error code.
The questionable code is in line 2675 of
Il 25/09/2012 11:50, Peter Stuge ha scritto:
IIUC that bit is not authenticated, so a MITM attack can force both the
reader and the card think the other party doesn't support PIN auth,
making the card sign the transaction anyway, regardless the amount
involved. So IMVHO it's quite serious...
NdK wrote:
IIUC that bit is not authenticated, so a MITM attack can force both the
reader and the card think the other party doesn't support PIN auth,
making the card sign the transaction anyway, regardless the amount
involved. So IMVHO it's quite serious...
Thunderbird 13.0.1 can now sign e-mail.
I had forgot to uncomment in opensc.conf:
pin_cache_ignore_user_consent = true;
a new feature of 0.13.0pre1
See:
http://www.opensc-project.org/pipermail/opensc-devel/2012-August/018282.html
--
Douglas E. Engert deeng...@anl.gov
Argonne National
On 9/25/2012 5:01 AM, Andreas Schwier (ML) wrote:
Dear all,
we've come a across a strange issue in OpenSC. When we try to generate a
key pair with parameters not supported by the card, then the framework
code still tries to allocate private/public key objects rather than
returning an error
Hi Douglas,
the same problem exists for RSA keys. If you specify an invalid key
size, the code tries to generate invalid objects.
Our fix ist at
https://github.com/CardContact/OpenSC/commit/a9682fd704dca5abc028b32e5ec577aa1c12ee78
Andreas
Am 25.09.2012 16:31, schrieb Douglas E. Engert:
On
Hi,
On Tue, Sep 25, 2012 at 4:39 PM, Andreas Schwier
andreas.schw...@cardcontact.de wrote:
Hi Douglas,
the same problem exists for RSA keys. If you specify an invalid key
size, the code tries to generate invalid objects.
Our fix ist at
Hi Andreas,
On Tue, Sep 25, 2012 at 9:14 AM, Andreas Schwier
andreas.schw...@cardcontact.de wrote:
we've completed the development of write support for the SmartCard-HSM
and are in the middle of testing and bug-fixing.
Fine,
what part of the common OpenSC libraries are involved into your
Hi Viktor,
we are testing on Windows XP SP3, Debian Lenny and a current Ubuntu
version. Our focus is on PKCS#11 and integration with Firefox,
Thunderbird and XCA. We already tested minidriver with IE and Outlook,
but we do short regression tests with each new build.
We've set up automated tests
2012/9/25 Peter Stuge pe...@stuge.se
NdK wrote:
IIUC that bit is not authenticated, so a MITM attack can force both
the
reader and the card think the other party doesn't support PIN auth,
making the card sign the transaction anyway, regardless the amount
involved. So IMVHO it's
Hey y'all
I have an ePass2003, and I'd like to use it for pam_p11 and ssh. The
pam_p11 key should be usable without a pin, or can I provide the pin
by using the password field? I'd like to know which paths are
possible. The other object stored is an ssh key secured by a pin.
My problem is now
Jean-Michel Pouré - GOOZE wrote:
I was quite busy and failed to do any work these last days.
Remember how much easier it is to write email with opinion.
//Peter
pgpNhpOSPqCvo.pgp
Description: PGP signature
___
opensc-devel mailing list
15 matches
Mail list logo