Hello,
Martin Paljak wrote:
> On Sep 1, 2010, at 9:41 AM, Aleksey Samsonov wrote:
>> "Rutoken S" [1] doesn't support on-board RSA (as opposed to "Rutoken ECP").
>> "Rutoken ECP" [2] have on-board RSA (with RSA keys up to 2048 bits), GOST R
>> 34.10-2001 (public-key cryptography), GOST 34.11-94 (hash) and GOST 28147-89
>> (symmetric-key algorithm).
>> The file card-rutoken.c provides support "Rutoken S". And this code worked
>> on "old scheme OpenSC". Already now ("new scheme") all old functionality
>> aren't working at "Rutoken S". Example: software key generation was removed
>> [3].
> Right. Software RSA support for Rutoken S should then be removed.
I'm going to cleanup code.
> OpenSC should be a gateway to key operations in hardware.
>
> Maybe, just maybe, it would make sense to support "data objects over PKCS#11"
> for using smart cards like small secure flash drives (like TrueCrypt wants to
> use PKCS#11) but key material should never be automagically extracted into
> host memory and the user of OpenSC (PKCS#11) left the impression that key
> operations are taking place inside the token, when in fact they are not.
I think, support data objects make sense. I will make cleanup Rutoken S
code.
Thanks
_______________________________________________
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel
