On Saturday, January 07 at 09:20PM, Frank Morgner wrote: > Hi! > > > IIRC the original discussion had a few combined aspects: > > * splitting sc_transmit into an APDU version and byte array version (yes) > > * exporting the byte array version to libopensc (libopensc "removal" > > from exported interfaces was to discourage relentless linking against > > libopensc for "smart card support" a la linking against OpenSSL if you > > only need sha1.c) > > I don't agree on this point. The OpenSSL guys know what they are doing > and this is the most important thing when you are programming security > related software. Implementing SHA-1 yourself feeling self-confident > only because you read "Applied Cryptography" is not a good idea...
Uh, I forgot to mention, that this also applies to OpenSC, which is also security related in some regard... Cheers, Frank.
pgpB8rggik5AM.pgp
Description: PGP signature
_______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
