Hi, On Mon, Oct 30, 2006 at 10:52:03PM +0100, Peter Koch wrote: > I like to hear from people that use my TCOS emulation :-) Some people use it here, with the modification we can use stock OpenSC, OpenCT/pcscd and have only to patch one application.
> > Sounds like a nice solution, but its currently not implemented: > > the certs with id 47 are looked up in files df01c200 and df0143b1 > > so OpenSwan grabs the first one but i need the latter one. > > It was a suggestion only. Seems that you are interested, so I > will implement this tomorrow. Would be great! > Since OpenSwan selects the cert by an non-unique criteria > (i.e. its key-id) OpenSC must pick one and it selects the > first one it finds. So the only way to get the right one > is to make sure it's the first one in OpenSCs list. Currently some certs have the same id, so only describing the exact file on the card (i.e. df0143b1) one wants to use would be an option to the application as i see it. If the opensc-interface lets the app do it. And this woulnt be a nice abstraction of the card-usage to the app. > Your patch always loads the user cert first even with cards that do > not have such a cert. If the (optional) user-cert is missing no > cert will be loaded at all. So plain TeleSec cards without > user-certs won't work anymore. I will take care of that. Uh, doing that would be a bad thing, agreed. Christian _______________________________________________ opensc-devel mailing list [email protected] http://www.opensc-project.org/mailman/listinfo/opensc-devel
