Andreas Jellinghaus wrote:
ok, as a summary:
- cryptoflex cards have only T=0 and are limited to 248 byte transfers.
to download a 256 byte signature the chanin is
sign / 61 00 / get 248 bytes / 90 00 / get 8 bytes / 90 00
- piv cards: to download a response: fetch 256 bytes and while
>= 256 bytes are left to read the response is 61 00,
once less than 256 bytes are left to read the response is
61 XX, reading the last bytes the response is 90 00
I don't see how we can one function that works with both cards, so we
need to move the loop into get_response and have per card functions.
Have the cryptoflex card limit the max_send_size and max_rec_size to
248. It looks like the same logic is in card-starcos.c,
card-atrust-acos.c, pkcs15-gemsafe.c and card-miocos.c
The older GemSAFE cards supported by pkcs15-gemsafe.c had the same 248
byte problem. The patch I sent in last fall limited the size to 248 for
this card. Thus I can have in the opensc.conf
max_send_size = 256;
max_recv_size = 256;
and use either a PIV or a old GemSafe card.
which of these behaviours is correct / should be used with other cards
per default?
Regards, Andreas
_______________________________________________
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel
--
Douglas E. Engert <[EMAIL PROTECTED]>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
_______________________________________________
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel
