Hi Quân I still don't understand what you are trying to do - maybe you can explain that in more detail:
The purpose of pkcs15-init is to create a PKCS#15 filesystem layout on a card. The purpose of a pkca15-emulation routine is to make OpenSC believe that a card has a PKCS#15 filesystem which in reality does NOT have such a layout. We have such an emulation for OpenPGP cards and OpenPGP cards don't have a PKCS#15 layout and there is no way to create such a layout on an OpenPGP card due to the lack of a CREATE EF/DF/DO command. So the only thing pkcs1-init might do is to change the contents of certain already existing DOs on an OpenPGP card. And this might happen via emulated UPDATE BINARY commands (which would do PUT DATA instead). But changing the contents of DOs on an OpenPGP card is exactly what the gpg administration tools do, so why reimplementing this into pkcs15-init And I'm afraigth that those things that "gpg --edit-card" cannot do are impossible to do. You cannot create a private key file on an OpenPGP card. There are 3 of them already on every OpenPGP card and the only thing you can do is to replace their contents. Same situation with certificates: You cannot create them. There's one DO on an OpenPGP card meant to store one certificate. You can replace its content with a PUT DATA but I don't see any possibility to create additional certificates. Peter
_______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
