Hello Martin, On Fri 25 May 2012 03:40:31 PM ICT, Martin Paljak wrote: > Hello, > > In the long run, I don't think that it helps to emulate a filesystem > on top of non-filesystem cards (like OpenPGP or Muscle). Or to try to > make it fit into the filesystem-oriented stack of OpenSC.
Has OpenSC project defines another approach to deal with these cards (non-filesystem)? I'm starting from the current codebase, which uses a emulation layer, so I don't know other choice than continue with this approach. > In case of OpenPGP, where no files or PKCS#15 data structures are > written to the card (the card already has a fixed profile, with fixed > data slots), it makes no sense. The main utility of pkcs15-init is > creating (and storing) PKCS#15 ASN.1 structures to the card, when such > slots for keys or certificates are created as a side-product. If ASN. > shall not be created, pcks15-init should IMHO not be used. I want to store certificate via PKCS#11 interface, and this interface invokes pkcs15-init to do that. If you know there is other way to redirect PKCS#11 to use directly the card driver, instead of going through pkcs15-init, please tell me. > > Maybe it would be better to have a single "sticky pkcs15-ish mapping > for a fixed profile card" in a single location (like the pkcs15 > emulation drivers) and allow pkcs15-tool (which does not try to create > any PKCS#15 structures) to re-generate exposed key slots and replace > exposed certificate slots. And extend that API as needed. > I don't really understand this idea. - Now, to solve the problem of the path I mentioned at the beginning of this mail thread, I change a bit in gpg_select_file, to automatically ignore the part of DF PKCS15-AppDF (5015). Does it resemble the idea "sticky pkcs15-ish mapping for a fixed profile card"? - What "re-generate exposed key slots and replace exposed certificate slots" is for? Thank you. -- Regards, Quân _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
