Oops, I was mistaken in my previous note, the prefix is sent to be signed.
Thunderbird with NSS calling opensc-pkcs11 for RSA 2048 bit key:
1322: C_Sign
[in] hSession = 0xf1a2d160
[in] pData[ulDataLen] f24f9010 / 35
30213009 06052B0E 03021A05 0004145C 1362A567 70C3E95E 0B5881B8 5AA257BC
On 12/14/2010 5:29 AM, Martin Paljak wrote:
>
> On Dec 14, 2010, at 1:21 PM, Andre Zepezauer wrote:
>
>> On Tue, 2010-12-14 at 13:07 +0200, Martin Paljak wrote:
>>>
>>> Right now I guess that the stripping of input data, coming from an
>>> application (meaning that the calling application will e
> What could be the "ISO version" of SHA1 + PKCS#1 + RSA Stef was
> referencing to in the e-mail I referenced in this thread?
Maybe that one:
[1] http://www.alvestrand.no/objectid/1.2.840.113549.1.1.5.html
Assuming the following definition
ASN1-ENCODE ::= SEQUENCE {
algorithm OBJECT IDENTI
On Tue, 2010-12-14 at 13:29 +0200, Martin Paljak wrote:
> On Dec 14, 2010, at 1:21 PM, Andre Zepezauer wrote:
>
> > On Tue, 2010-12-14 at 13:07 +0200, Martin Paljak wrote:
> >>
> >> Right now I guess that the stripping of input data, coming from an
> >> application (meaning that the calling appl
On Dec 14, 2010, at 1:21 PM, Andre Zepezauer wrote:
> On Tue, 2010-12-14 at 13:07 +0200, Martin Paljak wrote:
>>
>> Right now I guess that the stripping of input data, coming from an
>> application (meaning that the calling application will expect the data to be
>> exactly the same when verify
Hello Martin,
On Oct 26, 2010, at 11:31 PM, Martin Boßlet wrote:
> I implemented computation of the hash on-device, and it works fine except for
> one odd problem:
What happened to your implementation? Is it available somewhere? Do you have a
patch?
It feels an important and interesting devel
On Tue, 2010-12-14 at 13:07 +0200, Martin Paljak wrote:
> Hello,
> On Dec 14, 2010, at 11:11 AM, Andre Zepezauer wrote:
> > to make a long story short, there is an (easy?) way to get ride of the
> > whole flag magic.
> >
> > It would require more attention on TokenInfo.SupportedAlgorithms and
> >
Hello,
On Dec 14, 2010, at 11:11 AM, Andre Zepezauer wrote:
> to make a long story short, there is an (easy?) way to get ride of the
> whole flag magic.
>
> It would require more attention on TokenInfo.SupportedAlgorithms and
> implementation of CKA_ALLOWED_MECHANISMS.
It is not implemented by Ope
Hello,
On Dec 13, 2010, at 10:30 PM, Frank Morgner wrote:
> You're not supposed to link against libopensc via the sc_* API but use
> PKCS#11. It is possible but not encouraged, thus the .pc file is
> removed.
Why is it not encouraged?
>>
>> The effort that would be required
Hello Martin,
to make a long story short, there is an (easy?) way to get ride of the
whole flag magic.
It would require more attention on TokenInfo.SupportedAlgorithms and
implementation of CKA_ALLOWED_MECHANISMS. That's it. When these to
mechanism are in place, things would still happen auto-mag
10 matches
Mail list logo
