Andreas Jellinghaus wrote:
> so the question is: which goal do we have?
> - an emulation for their format?
> - implementing pkcs#15 format on acos5
>
> both would be nice, but for me the later would be more important right now.
I'm not sure how I'd judge which would be the best approach. Maybe we
do need both at some stage. I'd be happy with either, as for the things
I want to do I'm able to use their certificate tool to format the card
and load certificates.
I did make a start investigating what their format looked like, as it
looked enough like PKCS#15 that I thought it might be a fairly quick way
in. That's why I implemented enough code to get the opensc-explorer
working; that let me figure out what their certificate tool put on the card.
If I recall correctly, the first thing I found was that they used a
non-standard application identifier in the 2F00 directory. I faked that
up, and things moved along a fair way, as there appears to be a more or
less PKCS#15 format directory under 4100.
I think where things next broke down was that the PKCS#15 code tried to
load the whole contents of some of the index files in 4100. However, in
the ACOS5 implementation, these are held in record-structured files
(linear variable EFs) whose overall file size is not reported correctly.
Instead, the total file size is reported as zero. It wasn't clear to
me what should have been reported for these files, as I don't have a
copy of the appropriate standard. So, I couldn't tell whether the
problem was a non-standard implementation of the file system by the
ACOS5 or simply that the file handling code in opensc simply didn't know
how to handle this particular kind of file.
Does any of the above make sense to someone more experienced in this
area? I can drill down a bit further to (for example) the results of
the SELECT FILE commands on these linear variable files if someone feels
they can indicate whether the return is standard or non-standard.
-- Ian
_______________________________________________
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel
