On 9/7/2010 4:45 AM, Viktor TARASOV wrote: > Hi, > > in r4668 the APDU validity condition > 'apdu->le> 256' was replaced by 'apdu->le> card->max_recv_size'.
> > It's comprehensible but revealed the ambiguity of the 'max_recv_size'. > The unique card's max_recv_size cannot be used to validate all the APDUs > of card. > > For example, not all the cards accept Le = 256 for the 'READ BINARY' > command, > but the same card returns 256 bytes of the signature with RSA key 2048bit. > > My question is, > should the test 'apdu->le> card->max_recv_size' be removed from the > APDU validity control, Yes, I agree it should be removed, and go back to the 256 check. Can the author of the patch explain why this was changed? The checks as I see it where there to verify a short apdu is valid, and if chaining is allowed, 256. If a card has some limitations, it should not be setting 256, but setting the max_recv_size. Having the apdu.c do that check is too much hand holding. > or in each card driver, that can be sensible to this problem, the (for > ex.) 'compute_signature' command have > to enveloped by change/restore of 'max_recv_size' . I would suggest, If the card has special requirements, it need to take care of it internally. If the change is left in, all card drivers need to be examined to see if they will still work! > > Kind wishes, > Viktor. > -- Douglas E. Engert <deeng...@anl.gov> Argonne National Laboratory 9700 South Cass Avenue Argonne, Illinois 60439 (630) 252-5444 _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
