At 14:31 21/03/2008 -0700, you wrote:
If you build the source of the applet, you can make getchallenge to build
(and work).
I dont really recall well, but I think I had to rewrite much of the
applet's sign/verify/crypt functions to make them viable.
if one decides to perform some changes in the 0.9.8 applet, he may just
prefer to fully rewrite it !
at least it will be my choice.
the current applet:
- is 98% not ISO compliant, w/o any good reasons and with painful overload
for anyone writing a driver or plug-in that had some (even basic)
experience some smartcards.
- consume a lot of unused memory and enforces some unexpected rules,
for instance: an array for 10 Pins is created in constructor, who needs
10 Pins ???
the "setup applet" command requires 2 *user pins* + 2 "admins pins" to be
defined
(2 PINs with exactly same rules, 2 resetting PINs with exactly same
rules, what is
the goal of that ? I do consider it's meaningless)
- crypto is unsafe: only RSA X509 (RSA raw mode) is provided
- crypto is far incomplete: no DSA, no ECC, no AES
- crypto is confused: once you had used a key in one operation (says signing)
you can no longer use it for another operation (eg decrypting),
""fortunately""
encryption / decryption with RSA (eg wrapping, unwrapping) is not supported
and it performed with signing/verification operation (in so raw mode), that's
pure mistake and obfuscation.
these points are not closed, nor their purposes is to criticize the applet,
I asked several times if the applet is currently supported, and in case by
who (group or person) and didn't get any responses.
regards,
Sylvain.
_______________________________________________
Muscle mailing list
Muscle@lists.musclecard.com
http://lists.drizzle.com/mailman/listinfo/muscle
