Hello, Martin Paljak wrote: > On Sep 1, 2010, at 9:41 AM, Aleksey Samsonov wrote: >> "Rutoken S" [1] doesn't support on-board RSA (as opposed to "Rutoken ECP"). >> "Rutoken ECP" [2] have on-board RSA (with RSA keys up to 2048 bits), GOST R >> 34.10-2001 (public-key cryptography), GOST 34.11-94 (hash) and GOST 28147-89 >> (symmetric-key algorithm). >> The file card-rutoken.c provides support "Rutoken S". And this code worked >> on "old scheme OpenSC". Already now ("new scheme") all old functionality >> aren't working at "Rutoken S". Example: software key generation was removed >> [3]. > Right. Software RSA support for Rutoken S should then be removed.
I'm going to cleanup code. > OpenSC should be a gateway to key operations in hardware. > > Maybe, just maybe, it would make sense to support "data objects over PKCS#11" > for using smart cards like small secure flash drives (like TrueCrypt wants to > use PKCS#11) but key material should never be automagically extracted into > host memory and the user of OpenSC (PKCS#11) left the impression that key > operations are taking place inside the token, when in fact they are not. I think, support data objects make sense. I will make cleanup Rutoken S code. Thanks _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel