Hello, thanks for going through the drivers!
> The handful of drivers with insecure operations I was talking about, I > got with the following command: grep -n OPENSSL libopensc/card-*.c > > But looking closer to each drivers source, I must confess that there are > only two of them affected: > > http://www.opensc-project.org/opensc/browser/trunk/src/libopensc/card-westcos.c#L1244 > http://www.opensc-project.org/opensc/browser/trunk/src/libopensc/card-rutoken.c#L1376 Looking at card-westcos.c:1117, I'd say that the "insecure mode" is only used with cards that do not have on-board RSA capabilities, but do have a private exportable key. In other words, it should only be a fallback. On the other hand, it really seems that RSA is only done in software with card-rutoken.c. Perhaps that device does not support RSA in hardware at all? -- Emanuele _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
