For example: What should happen when trying to delete such (nont existing) public key object?
On Tue, Apr 26, 2011 at 16:38, Martin Paljak <mar...@martinpaljak.net> wrote: > Hello, > > 2011/4/26 Jean-Michel Pouré - GOOZE <jmpo...@gooze.eu>: >> Le mardi 26 avril 2011 à 08:23 +0300, Martin Paljak a écrit : >>> pkcs15-tool is a (G)UI as well. And to my knowledge it does what it >>> advertises. >> Now, we come to the point: >> * pkcs15-tool --list-public-keys >> returns nothing >> >> * pkcs15-tool --read-public-key c81e42ceda0bc1d65c9051b0eb8679e29dd6c067 >> returns the public key > > > This is because of > http://www.opensc-project.org/opensc/browser/trunk/src/tools/pkcs15-tool.c#L649 >> From a user point of view, this is an inconsistency. >> >> In my previous emails, I was suggesting that pkcs15-tool >> --list-public-keys may return all usable keys, even when public objects >> don't exist on card. > > The shortest fix is adding proper documentation about what > --read-public-key does, and that it makes a shortcut to the > certificate if it does not find a public key object with the given ID. > Generic education (instead of application feature) that certificates > contain public keys does not hurt anyone either I think. Fetching a > public key from a certificate is already a convenience feature. > > For the sake of purity, I don^t think that --list-public-keys should > display a fake public key object, which does NOT exist on the card in > relevant PKCS#15 structures. but patches for documentation are most > welcome. > > Martin > _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
