El mar, 26-04-2011 a las 22:53 +0200, Juan Antonio Martinez escribió: [...] > > One option would be to remove public key files from emulation > > (like the Estonian eID), > Perhaps I'll need some help: pkcs15-dnie.c just parses pkcs15 data > from card, and patches some file paths and ID's... no clear idea > about how to remove found entries from pkcs15 opensc's structures
Ok, I finally did it. pkcs15-tool -D no longer shows "public keys" on my DNIe card pkcs15-tool trace says that no public key found, so looks for keys in cert, find it, tries to read certificate... ... And dies with "security status not satisfied": Remember that DNIe requires pin to read certificates, but sc_pkcs15_read_certificate() seems that does not take care on it and dies on -1211 error... > > and to move the handling of certificate->pubkey to generic > > libopensc code. This would require filtering for duplicate objects. There is already a sc_pkcs15_pubkey_from_cert() function. ¿are you taking about that?. If yes I could try to write a patch... ... but no idea on how to handle "pin required" previous error. Time to sleep :-) Juan Antonio _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
