On 28/04/2011 20:23, Viktor TARASOV wrote:
>> Maybe I could try to write a patch to support $AUTH (or something more
>> generic, see below) for this purpose?
> Yes you can.
Ok. On TODO.
> You have a reason, probably we'll need to introduce a new auth method.
> The one that could be overwritten wi
Le 28/04/2011 15:37, NdK a écrit :
> Il 28/04/2011 14:24, Viktor TARASOV ha scritto:
>
>>> Why is it fixed?
>> Let's say 'translated'.
>> 'PIN', 'SOPIN' in human language are translated to CHV## in APDU language .
> Well, I understand that it must be translated to what APDUs need. But
> why "fix" i
On 4/28/2011 3:37 AM, Toni Sjoblom - Aventra wrote:
> Hello!
>
>> -Original Message-
>> Subject: Re: [opensc-devel] --insecure ?
>>
>> Il 28/04/2011 09:05, Toni Sjoblom - Aventra ha scritto:
>>
>>> I agree. Also a very common scenario is to have 3 PINs, one for normal
> use,
>>> one for s
Il 28/04/2011 14:24, Viktor TARASOV ha scritto:
>> Why is it fixed?
> Let's say 'translated'.
> 'PIN', 'SOPIN' in human language are translated to CHV## in APDU language .
Well, I understand that it must be translated to what APDUs need. But
why "fix" it in the profile, since we already have CHVn
Le 28/04/2011 12:28, NdK a écrit :
> On 28/04/2011 12:07, Viktor TARASOV wrote:
>
>> $PIN, $SOPIN and others are the profile macros
>> and correspond to the SC_AC_SYMBOLIC authentication method.
> Ok. I already found this digging code.
>
>> They are resolved using the pin flags of the PIN pkcs15
>>
On 28/04/2011 12:07, Viktor TARASOV wrote:
> $PIN, $SOPIN and others are the profile macros
> and correspond to the SC_AC_SYMBOLIC authentication method.
Ok. I already found this digging code.
> They are resolved using the pin flags of the PIN pkcs15
> objects already present on the card.
> Look
On 28/04/2011 10:51, Martin Paljak wrote:
>> Don't know how this could be done for OpenSC, since it caches PIN codes.
> Only if the PIN does not cache "user consent" keys and only if PIN caching is
> enabled.
Found relevant code.
> Yes it does support using such PIN-s. OpenSC does not cache the
Le 28/04/2011 11:02, NdK a écrit :
> On 25/04/2011 11:01, Viktor TARASOV wrote:
>
>>> For what I've understood, "-a N" makes $PIN in profile be replaced by
>>> CHVN, hence IMO --insecure<=> $PIN->NONE.
>> No,
>> '-a N' means in fact '-a .
>> The real PIN reference, the one that can be used in th
Hello Martin,
> -Original Message-
> From: Martin Paljak [mailto:martin.pal...@gmail.com] On Behalf Of Martin
Paljak
>
> Hello,
> On Apr 28, 2011, at 11:37 , Toni Sjoblom - Aventra wrote:
> > Don't know how this could be done for OpenSC, since it caches PIN codes.
> Only if the PIN does n
On 25/04/2011 11:01, Viktor TARASOV wrote:
>> For what I've understood, "-a N" makes $PIN in profile be replaced by
>> CHVN, hence IMO --insecure<=> $PIN->NONE.
> No,
> '-a N' means in fact '-a .
> The real PIN reference, the one that can be used in the PINs APDU,
> is extracted from AODF record
Hello,
On Apr 28, 2011, at 11:37 , Toni Sjoblom - Aventra wrote:
> Don't know how this could be done for OpenSC, since it caches PIN codes.
Only if the PIN does not cache "user consent" keys and only if PIN caching is
enabled.
> This is something called "User Consent", and is a common standardiz
Hello!
> -Original Message-
> Subject: Re: [opensc-devel] --insecure ?
>
> Il 28/04/2011 09:05, Toni Sjoblom - Aventra ha scritto:
>
> > I agree. Also a very common scenario is to have 3 PINs, one for normal
use,
> > one for signatures (PIN is reset after every use, so user need to enter
Il 28/04/2011 09:05, Toni Sjoblom - Aventra ha scritto:
> I think that this feature is just missing from the drivers code.
> Can you Martin say which card you have used the --insecure option with?
> This could help find the missing code
Yup!
> (for us that that are not that
> familiar with the Op
Hi,
> -Original Message-
> Subject: Re: [opensc-devel] --insecure ?
>
> Il 26/04/2011 08:41, Martin Paljak ha scritto:
>
> > problem is that it is not equally supported by card drivers and always
> > not well supported by applications (which insist on using C_Login
> > before any operati
14 matches
Mail list logo
