Am Sonntag 13 Dezember 2009 14:49:31 schrieb Ludovic Rousseau: > 2009/12/13 Andreas Jellinghaus <a...@dungeon.inka.de>: > > I tried all four combinations of old/new code for init and for signing. > > > > only cards initialized with old code and signing with new code is broken, > > so we could as quick fix revert the change. > > I remember doing this patch. > The problem was that the ASN.1 encoder/decoder routines were bogus. > Negative values and "special" values like 128 were not encoded > correctly. > > I am not really surprised that cards initialized with an old version > have problems when used with a new one. But I am surprised that the > problem is only discovered ~2 years after the code change.
distirbutions sometimes lag behind with opensc releases, and most people use distribution packages, so it isn't that unlikely. > I am not sure the correct solution is to revert the patch and continue > using a bad ASN.1 encoder/decoder for ever. well, for compatibility it would be best, as new cards work with the old code, but not the other way round. do you know if there is some way to detect the old broken encoding, so we can implement some checking function and a compatibility hack? > Maybe users with problematic cards should re-issue them using the > corrected ASN.1 encoder? starcos cards are normaly not eraseable, so they would need to throw all cards away and issue new ones - very expensive. but maybe the individual files can be changed? some tool to "upgrade" the cards would be nice. Regards, Andreas _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
