Nils Larsch wrote:
well, it depends on whether this is card 'feature' or a limitation
of the card reader.
Card reader - the same card works fine in some readers, not in others.
unfortunatly it is not even detectable via the driver - some ccid
readers work fine, some don't.
If it's property of the gemsafe card it should
be put in the card driver if it's a limitation of the reader
we should place it in the reader driver.
If I understand this correctly, setting such a limit will not
cause any problem except some extra transactions and thus delays,
right?
then I would like to add it to reader-openct or whole opensc.
the alternative would be blacklists of usb vendor/product codes
in the openct ccid driver and somehow propagate that up to opensc
/ wherever the commands can be limited to a certain size. I don't
want to go down that road unless I absolutely have too, and if
limiting all readers to 248 bytes doesn't hurt anyone, then this
is the best way from my point of view.
Also I'd like to make this a config file option. I guess that some
manufacturer will produce a buggy reader, and users will need to be able
to set a lower value.
So where would be a good place to set this? And should we set it for
openct only or for all reader drivers? (i.e. did anyone test lots
of readers with pcsc and 2048 bit rsa keys? any problems? ludovic,
maybe you stress tested the readers you have? or can you handle it
yourself in pcsc, so no changes from opensc needed? I saw you have
this list of ccid readers and their max. command size, so you
already know the problem and most likely worked around it?)
Regards, Andreas
_______________________________________________
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel
