Hello Douglas, in my opinion the usage of OpenSSL in libopensc.so should be removed altogether. If cryptography is needed by some cards (i.e. for initialisation/personalisation), then this should be done by dedicated tools. CardOS is a good example. It requires encrypted APDU:s for the delete_MF and create_MF commands. This is done by cardos-tool, which has to be executed only before personalisation. Looking at the code of entersafe, gpk and oberthur I came to the conclusion, that a similar approach could work for these drivers too.
If parsing of certificates is the reason for using OpenSSL, then the missing functionality of pkcs15-cert.c should be determined and corresponding tickets should be created. Kind Regards Andre Zepezauer _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel