Hi Martin,
- Original Message -
From: Martin Paljak mar...@martinpaljak.net
Date: Tuesday, July 26, 2011 4:42 pm
Subject: Re: [opensc-devel] Issue during delete object with Athena Cards
To: Andre Zepezauer andre.zepeza...@student.uni-halle.de
Cc: HOURY William william.ho...@atos.net
Hello,
this regression could be related to #370 [1]. William, please open a New
Ticket and upload the required Attachments.
Regards
Andre
[1] http://www.opensc-project.org/opensc/ticket/370
On Tue, 2011-07-26 at 07:55 +, HOURY William wrote:
Hello all,
We seem to have a regression
Hello Martin,
On Thu, 2011-06-30 at 12:56 +0300, Martin Paljak wrote:
Tarballs builds (which also run make distcheck etc) actually should
come with --enable-strict, which should also be the default option for
developers. If not constantly, then every now and then. Hopefully this
will trigger
On Wed, 2011-06-08 at 11:50 +0200, Jean-Pierre Szikora wrote:
On 06/07/2011 03:17 PM, Andre Zepezauer wrote:
Hello Jean-Pierre,
SC_PKCS15_PIN_FLAG_VERIFY_RC_COUNTER doesn't correspond to any flag
defined in PKCS#15. Furthermore, the capability to modify the return
code of the VERIFY
On Wed, 2011-06-08 at 17:45 +0300, Martin Paljak wrote:
Hello,
On Wed, Jun 8, 2011 at 17:37, Andre Zepezauer
andre.zepeza...@student.uni-halle.de wrote:
More elegant indeed. Some nice documentation about the real meaning of the
flag would also be nice. most cards do almost ISO
On Wed, 2011-06-08 at 17:31 +0200, Andre Zepezauer wrote:
On Wed, 2011-06-08 at 17:45 +0300, Martin Paljak wrote:
Hello,
On Wed, Jun 8, 2011 at 17:37, Andre Zepezauer
andre.zepeza...@student.uni-halle.de wrote:
More elegant indeed. Some nice documentation about the real meaning
Hello Jean-Pierre,
SC_PKCS15_PIN_FLAG_VERIFY_RC_COUNTER doesn't correspond to any flag
defined in PKCS#15. Furthermore, the capability to modify the return
code of the VERIFY command is not specific to PKCS#15.
Why not using a different approach? In example it's possible to detect
the installed
Hello,
when the following warnings becomes fixed, then we could use the
compiler options -Wno-unused-parameter -Werror in nightly builds. This
would be of help to avoid the introduction of new warnings of this kind.
Regards
Andre
pkcs15-oberthur-awp.c: In function ‘awp_new_container_entry’:
On Wed, 2011-04-13 at 14:44 -0300, Felipe Blauth wrote:
Hello to all,
Simple question:
Is it possible, using openssl, to unwrap a key wraped inside a Smart
Card with C_Wrap function?
Maybe, but the question here is how the key becomes wrapped in the smart
card. OpenSC doesn't support that
On Sat, 2011-03-05 at 08:06 -0600, Douglas E. Engert wrote:
On 3/4/2011 10:40 AM, Andre Zepezauer wrote:
Hello Douglas,
what's that magic value 0x20 and where it becomes set?
It goes back to 2006:
http://www.opensc-project.org/pipermail/opensc-devel/2006-May/008569.html
On Mon, 2011-02-28 at 15:33 +0100, Andre Zepezauer wrote:
Hello Martin,
I would like to commit the attached patch. Any objections?
Committed in r5222.
On Thu, 2011-02-03 at 14:36 +0200, Martin Paljak wrote:
Hello,
On Thu, Jan 27, 2011 at 20:08, Andre Zepezauer
andre.zepeza
Hello Douglas,
what's that magic value 0x20 and where it becomes set?
http://www.opensc-project.org/opensc/browser/trunk/src/libopensc/pkcs15-piv.c#L586
http://www.opensc-project.org/opensc/browser/trunk/src/libopensc/pkcs15-piv.c#L707
Hello,
I found some magic in pkcs15-gemsafeV1.c [1]. Anyone knows where these
lower 4 bits are set? If not, I will remove these lines as part of a
larger patch.
[1]
http://www.opensc-project.org/opensc/browser/trunk/src/libopensc/pkcs15-gemsafeV1.c#L308
Regards
Andre
Hello Martin,
I would like to commit the attached patch. Any objections?
On Thu, 2011-02-03 at 14:36 +0200, Martin Paljak wrote:
Hello,
On Thu, Jan 27, 2011 at 20:08, Andre Zepezauer
andre.zepeza...@student.uni-halle.de wrote:
Hello Martin,
some comments on r5124:
1. The values
On Mon, 2011-02-14 at 13:23 -0600, Douglas E. Engert wrote:
On 2/11/2011 6:02 PM, Andre Zepezauer wrote:
On Fri, 2011-02-11 at 15:16 -0600, Douglas E. Engert wrote:
On 2/11/2011 3:02 PM, Andre Zepezauer wrote:
On Fri, 2011-02-11 at 22:25 +0200, Martin Paljak wrote:
Furthermore, any
On Fri, 2011-02-11 at 11:24 +0200, Martin Paljak wrote:
On Fri, Feb 4, 2011 at 01:19, Andre Zepezauer
andre.zepeza...@student.uni-halle.de wrote:
BTW: The main handle in OpenSC is 'sc_pkcs15_card_t' and not
'sc_context_t'. In fact 'sc_context_t' is really unimportant
On Fri, 2011-02-11 at 14:06 -0600, Douglas E. Engert wrote:
On 2/11/2011 11:43 AM, Martin Paljak wrote:
On Feb 11, 2011, at 6:55 PM, Douglas E. Engert wrote:
On 2/11/2011 3:24 AM, Martin Paljak wrote:
On Fri, Feb 4, 2011 at 01:19, Andre Zepezauer
andre.zepeza...@student.uni-halle.de
On Fri, 2011-02-11 at 22:25 +0200, Martin Paljak wrote:
Furthermore, any cardmod adjustments can be implemented and isolated
with ifdef-s,
The only #ifdef ENABLED_CARDMOD left is in ctx, and that could easily be
removed as it tests the app_name for cardmod (The cardmod/Makefile.am
has
On Fri, 2011-02-11 at 15:16 -0600, Douglas E. Engert wrote:
On 2/11/2011 3:02 PM, Andre Zepezauer wrote:
On Fri, 2011-02-11 at 22:25 +0200, Martin Paljak wrote:
Furthermore, any cardmod adjustments can be implemented and isolated
with ifdef-s,
The only #ifdef ENABLED_CARDMOD left
On Fri, 2011-02-11 at 15:16 -0600, Douglas E. Engert wrote:
On 2/11/2011 3:02 PM, Andre Zepezauer wrote:
On Fri, 2011-02-11 at 22:25 +0200, Martin Paljak wrote:
Furthermore, any cardmod adjustments can be implemented and isolated
with ifdef-s,
The only #ifdef ENABLED_CARDMOD left
Hello Douglas,
please have a look at that picture [1]. FYI the cardmod resides on the
same level as OpenSC.tokend does. As you can see, there is a clear
distinction between the library 'libopensc' and the applications (shown
at the top).
So, if there is a problem within a particular application,
On Tue, 2011-02-08 at 14:42 -0600, Douglas E. Engert wrote:
So, if there is a problem within a particular application, that problem
should also be fixed within the same application. If that isn't possible
at all, then improvements in libopensc may be considered.
Yes that is the situation.
On Mon, 2011-02-07 at 11:32 -0600, Douglas E. Engert wrote:
On 2/4/2011 2:20 AM, Martin Paljak wrote:
I think Douglas is incrementally working on the existing codebase. Why the
cardmod
driver was squeezed into reader-pcsc.c the way it is in the first place is
beyond
me, as
On Mon, 2011-02-07 at 14:27 -0600, Douglas E. Engert wrote:
On 2/7/2011 11:26 AM, Douglas E. Engert wrote:
On 2/3/2011 11:58 PM, Martin Paljak wrote:
On Feb 3, 2011, at 10:04 PM, Douglas E. Engert wrote:
I would consider using a new hook, like use_reader or
use_pcsc_parameters
On Mon, 2011-02-07 at 16:00 -0600, Douglas E. Engert wrote:
Attached is a patch that implements a sc_ctx_use_reader, to pass in two
void
pointers to an underling driver. The code to use this from cardmod.c to the
cardmod code in reader-pcsc.c (or where ever it ends up) will be added as
On Fri, 2011-02-04 at 23:31 +0100, Juan Antonio Martinez wrote:
About visibility of certificates and keys patch, notice that
DNIe requires the user to enter pin for just read (neither
signature nor authentication) user certificates. It's not
standard, I know, but seems to be a very common
On Tue, 2011-02-08 at 03:16 +0100, Juan Antonio Martinez wrote:
El lun, 07-02-2011 a las 23:58 +0100, Andre Zepezauer escribió:
On Fri, 2011-02-04 at 23:31 +0100, Juan Antonio Martinez wrote:
About visibility of certificates and keys patch, notice that
DNIe requires the user to enter pin
On Fri, 2011-02-04 at 07:58 +0200, Martin Paljak wrote:
On Feb 3, 2011, at 10:04 PM, Douglas E. Engert wrote:
I have updates #321 with a new version of the cardmod patch
and would like to start to commit it in pieces.
Piece 1 is the attachment I sent on 1/28 as new.martin.patch
based
On Thu, 2011-02-03 at 12:03 +0100, jons...@terra.es wrote:
Hi All:
I've concluded that DNIe card is not so pkcs15 compliant as
promissed...
I think I need rewriting of several file permissions and paths, as
information
provided in card pkcs15 structure seems to be wrong or incomplete
On Thu, 2011-02-03 at 14:36 +0200, Martin Paljak wrote:
Hello,
On Thu, Jan 27, 2011 at 20:08, Andre Zepezauer
andre.zepeza...@student.uni-halle.de wrote:
Hello Martin,
some comments on r5124:
1. The values of pin_info-reference and prkey_info-key_reference
shouldn't be compared
Hello Juan Antonio,
attached tar file contains an external loadable emulator. Most things in
it are written to the information I got from your 'pkcs15-tool -D' dump.
But don't expect it to work instantly.
I assumed following locations:
* EF.TokenInfo 3F005032
* EF.ODF 3F005031
On Thu, 2011-02-03 at 16:15 +0100, Andre Zepezauer wrote:
Hello Juan Antonio,
attached tar file contains an external loadable emulator. Most things in
it are written to the information I got from your 'pkcs15-tool -D' dump.
But don't expect it to work instantly.
I assumed following
On Thu, 2011-02-03 at 14:04 -0600, Douglas E. Engert wrote:
I have updates #321 with a new version of the cardmod patch
and would like to start to commit it in pieces.
Piece 1 is the attachment I sent on 1/28 as new.martin.patch
based on Martin's patch from 1/19. This was the patch that
Ok, now module loads... but fails on locating pkcs15 files,
as rsc_pkcs15_make_absolute_path() removes 5015 on _every_
file...
FYI: I know about these paths:
These are (afaik) standard locations:
3F00: DF Master.File
3F005015: DF PKCS15 App
3F0050155031: EF ODF
Its not a straight forward as you might think. Have you tried reading the 135
page Windows Smart Card Minidriver Specification?
http://www.microsoft.com/whdc/device/input/smartcard/sc-minidriver.mspx
At least in so far to get a picture of the workings. And my impression
is, that all the state
On Thu, 2011-02-03 at 15:55 -0600, Douglas E. Engert wrote:
On 2/3/2011 3:14 PM, Andre Zepezauer wrote:
On Thu, 2011-02-03 at 14:04 -0600, Douglas E. Engert wrote:
I have updates #321 with a new version of the cardmod patch
and would like to start to commit it in pieces.
Piece 1
On Tue, 2011-02-01 at 23:17 +0100, Juan Antonio Martinez wrote:
El mar, 01-02-2011 a las 20:18 +0100, Andre Zepezauer escribió:
Hello Juan Antonio,
On Mon, 2011-01-31 at 20:15 +0100, Juan Antonio Martinez wrote:
Any hint to start debugging?
If you are using opensc-trunk, then try
Hello Juan Antonio,
On Mon, 2011-01-31 at 20:15 +0100, Juan Antonio Martinez wrote:
Any hint to start debugging?
If you are using opensc-trunk, then try this one:
Index: pkcs11/framework-pkcs15.c
===
--- pkcs11/framework-pkcs15.c
Hello Martin,
some comments on r5124:
1. The values of pin_info-reference and prkey_info-key_reference
shouldn't be compared because:
* pin_info-reference is used as P2 parameter in VERIFY command
* prkey_info-key_reference is used in MSE SET tag 0x84
There is no relation between these two
On Sat, 2011-01-22 at 15:42 +0200, Martin Paljak wrote:
On Jan 21, 2011, at 9:33 AM, Aventra wrote:
Could this fix that Andre has proposed be committed to trunk?
It should work for all cards, since it only makes two elements of the
TokenInfo optional.
Yes, but I'm not able to directly
Hello Viktor,
from Changeset 5094 [1]:
[...] 'path' is [now] mandatory for the 'Local' PINs.
I think of it as a temporary solution to fix a weakness of IAS ECC
cards as specified by The Gixel Group [2]. But keep in mind that the
behaviour up to revision 4927 was conforming with PKCS#15 and ISO
On Sun, 2011-01-16 at 11:58 +0100, Viktor TARASOV wrote:
There you can find the semantics of the SELECT command defined for Java
Cards. Read section 3 Java Card Applet Lifetime especially 3.2 and
3.4. Hopefully the following becomes more clear.
Unfortunately not. I found nothing that can
On Fri, 2011-01-14 at 10:20 +0100, Viktor TARASOV wrote:
Hello Andre,
On 14.01.2011 04:24, Andre Zepezauer wrote:
please have a look at PKCS#15 6.8.2 Pin objects for the definition of
local and global PIN objects. There is no mention of storage location.
There is mention of 'path
On Fri, 2011-01-14 at 14:14 +0100, Viktor TARASOV wrote:
On 14.01.2011 13:37, Andre Zepezauer wrote:
On Fri, 2011-01-14 at 10:20 +0100, Viktor TARASOV wrote:
Hello Andre,
On 14.01.2011 04:24, Andre Zepezauer wrote:
please have a look at PKCS#15 6.8.2 Pin objects for the definition
On Fri, 2011-01-14 at 17:42 +0200, Aventra wrote:
Hi,
From: opensc-devel-boun...@lists.opensc-project.org [mailto:opensc-devel-
Anybody can change the profile if they want to. We have defined a
default
profile for MyEID that suits common cases.
Just for the sake of curiosity, can
On Fri, 2011-01-14 at 16:00 +0100, Viktor TARASOV wrote:
On 14.01.2011 15:17, Andre Zepezauer wrote:
On Fri, 2011-01-14 at 14:14 +0100, Viktor TARASOV wrote:
On 14.01.2011 13:37, Andre Zepezauer wrote:
On Fri, 2011-01-14 at 10:20 +0100, Viktor TARASOV wrote:
Hello Andre,
On 14.01.2011
On Fri, 2011-01-14 at 18:31 +0100, Viktor TARASOV wrote:
On 14.01.2011 17:53, Andre Zepezauer wrote:
On Fri, 2011-01-14 at 17:31 +0100, Viktor TARASOV wrote:
On 14.01.2011 16:51, Andre Zepezauer wrote:
On Fri, 2011-01-14 at 16:00 +0100, Viktor TARASOV wrote:
On 14.01.2011 15:17, Andre
On Fri, 2011-01-14 at 18:50 +0100, Viktor TARASOV wrote:
On 14.01.2011 18:36, Andre Zepezauer wrote:
On Fri, 2011-01-14 at 18:31 +0100, Viktor TARASOV wrote:
On 14.01.2011 17:53, Andre Zepezauer wrote:
On Fri, 2011-01-14 at 17:31 +0100, Viktor TARASOV wrote:
On 14.01.2011 16:51, Andre
Hello Viktor,
even not completed yet it's quite obvious what you want achieve with
r5092 [1]. Its purpose is the selection of specific algorithms for the
cryptographic operations sign and decipher. Tag 0x80 in the data field
of MSE command and specific to each private key.
That intention is
Hello,
On Thu, 2011-01-13 at 11:37 +0100, Ludovic Rousseau wrote:
Found the bug (I think).
The CCID driver calculate a timeout accordings to the card ATR. In
your case the timeout is 1428 ms rounded to 2 seconds.
Log says:
0007 ifdhandler.c:791:IFDHSetProtocolParameters() Timeout: 2
Hello,
OpenSC as a library doesn't need it's own logging system. Such things
are better placed at application level. If debugging is necessary, then
'export OPENSC_DEBUG=9' + pkcs11-spy works for me.
What would be the advantage of having logs of different instances of
OpenSC intermixed in a
On Thu, 2011-01-13 at 18:39 +0100, Jean-Michel Pouré - GOOZE wrote:
Le jeudi 13 janvier 2011 à 18:08 +0100, Peter Stuge a écrit :
* Unsupported.
* Supported (and not should work).
* Supported and reviewed (and not Supported).
The good names depend on what support means in this
On Thu, 2011-01-13 at 17:58 +0100, Viktor TARASOV wrote:
On 13.01.2011 17:07, Andre Zepezauer wrote:
Hello,
OpenSC as a library doesn't need it's own logging system. Such things
are better placed at application level. If debugging is necessary, then
'export OPENSC_DEBUG=9' + pkcs11-spy
Hello Viktor,
please have a look at PKCS#15 6.8.2 Pin objects for the definition of
local and global PIN objects. There is no mention of storage location.
So, why trying to fix something that's not broken? BTW it segfaults.
Regards
Andre
___
Hello,
On Wed, 2011-01-12 at 10:53 +0100, François Schauber wrote:
Hi,
I just discovered OpenSC. I try to read my card, a Cryptoflex, but it
seems unsupported.
D:\Program Files\OpenSC Project\OpenSCopensc-tool.exe --reader 0 -a
3b:95:18:40:14:64:02:01:01:02
D:\Program Files\OpenSC
Subject: Re: [opensc-devel] Misleading information about capabilities of
readers
2011/1/11 Andre Zepezauer andre.zepeza...@student.uni-halle.de:
Hello,
the wiki page of MyEID [1] contains the following paragraph:
Many readers don't support receiving the default amount of data (254
:01:00:00:90:00:B1 {
name = Unknown Cyberflex;
driver = flex;
}
Please provide debug logs. 'export OPENSC_DEBUG=9'
2011/1/12 Andre Zepezauer andre.zepeza...@student.uni-halle.de
Hello,
On Wed, 2011-01-12 at 10:53 +0100, François Schauber wrote
On Wed, 2011-01-12 at 17:22 +0200, Aventra development wrote:
Hi,
-Original Message-
From: Andre Zepezauer [mailto:andre.zepeza...@student.uni-halle.de]
Sent: 12. tammikuuta 2011 12:46
There is nothing special about MyEID that would cause the issue. In
windows
everything
On Wed, 2011-01-12 at 19:41 +0200, Aventra wrote:
Hi,
-Original Message-
-Original Message-
From: Andre Zepezauer [mailto:andre.zepeza...@student.uni-halle.de]
Sent: 12. tammikuuta 2011 12:46
There is nothing special about MyEID that would cause the issue
Hello,
the wiki page of MyEID [1] contains the following paragraph:
Many readers don't support receiving the default amount of data (254).
Problems will only appear when reading larger files from the card (e.g.
certificates). So if you have problems with reading the card with no
apparent reason,
This patch should fix it:
Index: libopensc/pkcs15.c
===
--- libopensc/pkcs15.c (revision 5078)
+++ libopensc/pkcs15.c (working copy)
@@ -42,8 +42,8 @@
{ algorithmPKCS#11, SC_ASN1_INTEGER,SC_ASN1_TAG_INTEGER,
On Thu, 2010-12-23 at 09:54 +0200, Martin Paljak wrote:
Hello,
On Dec 23, 2010, at 5:40 AM, Andre Zepezauer wrote:
On Thu, 2010-12-23 at 03:10 +0100, Peter Stuge wrote:
That bug always occurs if there is an EF (i.e. EF.PrKD, EF.PuKD, EF.SKD)
that contains either broken ASN.1 or uses
Hello,
today I encountered a new bug that was introduced with the fix of #266.
A working patch was committed in r4983.
That bug always occurs if there is an EF (i.e. EF.PrKD, EF.PuKD, EF.SKD)
that contains either broken ASN.1 or uses an encoding that OpenSC isn't
able to decode. The committed
Hello Peter,
On Thu, 2010-12-23 at 03:10 +0100, Peter Stuge wrote:
Andre Zepezauer wrote:
Hello,
today I encountered a new bug that was introduced with the fix of
#266. A working patch was committed in r4983.
Please be careful about wording in the subject. It is very much
unclear
Hello Martin,
On Mon, 2010-12-20 at 17:42 +0200, Martin Paljak wrote:
Hello,
On Dec 20, 2010, at 4:58 PM, Brian Thomas wrote:
I’m just wondering if anybody has a good estimation as to when OpenSC 12.0
will be released as final?
There were some additional fixes to building without
On Mon, 2010-12-20 at 22:49 +0200, Martin Paljak wrote:
Hi,
On Dec 20, 2010, at 7:10 PM, Andre Zepezauer wrote:
On Mon, 2010-12-20 at 17:42 +0200, Martin Paljak wrote:
Hello,
On Dec 20, 2010, at 4:58 PM, Brian Thomas wrote:
I’m just wondering if anybody has a good estimation as to when
What could be the ISO version of SHA1 + PKCS#1 + RSA Stef was
referencing to in the e-mail I referenced in this thread?
Maybe that one:
[1] http://www.alvestrand.no/objectid/1.2.840.113549.1.1.5.html
Assuming the following definition
ASN1-ENCODE ::= SEQUENCE {
algorithm OBJECT
will provide one for westcos user...
It is ok for you this way?
François.
De :
Martin Paljak mar...@paljak.pri.ee
A:
Andre Zepezauer andre.zepeza...@student.uni-halle.de
Cc :
opensc-devel opensc-devel@lists.opensc-project.org
Date:
07/12/2010 19:38
Objet :
Re: [opensc-devel] westcos
Hello Martin,
On Mon, 2010-12-13 at 13:50 +0200, Martin Paljak wrote:
Hello,
On Dec 12, 2010, at 6:30 PM, Andre Zepezauer wrote:
So it's better to have a common place for such tweaks. In the smart card
world this should be preferable the read driver. Applications should
only care about
On Mon, 2010-12-13 at 13:53 +0200, Martin Paljak wrote:
Hello,
On Dec 12, 2010, at 12:13 PM, Andreas Jellinghaus wrote:
but stuff like this might happen all the time - most tokens are sold
as solution with chip/reader/token device plus software as a bundle,
so any alternative software
On Mon, 2010-12-13 at 15:51 +0100, Andre Zepezauer wrote:
On Mon, 2010-12-13 at 13:53 +0200, Martin Paljak wrote:
Hello,
On Dec 12, 2010, at 12:13 PM, Andreas Jellinghaus wrote:
but stuff like this might happen all the time - most tokens are sold
as solution with chip/reader/token
On Mon, 2010-12-13 at 13:09 +0200, Martin Paljak wrote:
Hello,
On Dec 13, 2010, at 10:02 AM, Andre Zepezauer wrote:
attached is the missing patch. It removes the RSA faking, but leaves
everything else as is.
Looks reasonable.
BTW: Is the source code of that applet publicly
On Sun, 2010-12-12 at 18:30 +0100, Ludovic Rousseau wrote:
2010/12/12 Andre Zepezauer andre.zepeza...@student.uni-halle.de:
On Sun, 2010-12-12 at 11:13 +0100, Andreas Jellinghaus wrote:
hmm. for details on using ccid readers ludovic knows this stuff
much better than I do.
for some other
On Sun, 2010-08-15 at 12:56 +0200, Emanuele Pucciarelli wrote:
Greetings,
I have uploaded a new, updated patch for Italian CNS support against
the current trunk:
http://www.opensc-project.org/opensc/attachment/ticket/177/itacns-patch3.diff
Now all Secure Messaging bits are completely
Hello Andreas,
some time ago, you have changed the comments on reader max_x_sizes in
opensc.conf [1]:
Some reader drivers have limitations, so you need to set these values.
For usb devices check the properties with lsusb -vv for dwMaxIFSD.
Can you remember why pointing the user to dwMaxIFSD?
Hello Douglas,
please can you review the attached patch. It fixes some problems in
r4874 and f4902.
Thanks
Index: src/libopensc/pkcs15-pubkey.c
===
--- src/libopensc/pkcs15-pubkey.c (revision 4939)
+++ src/libopensc/pkcs15-pubkey.c
Hello,
I would like to commit the attached patch. It enables the textual output
of SC_ERROR return codes in debug messages. Any objections?
Regards
Andre
Index: src/pkcs11/misc.c
===
--- src/pkcs11/misc.c (revision 4939)
+++
On Thu, 2010-12-09 at 14:31 +0300, Aleksey Samsonov wrote:
Hello,
2010/12/9 Martin Paljak mar...@paljak.pri.ee:
Hello,
On Dec 9, 2010, at 9:23 AM, webmas...@opensc-project.org wrote:
Revision: 4930
Author: s
Date: 2010-12-09 07:23:10 + (Thu, 09 Dec 2010)
Log Message:
On Thu, 2010-12-09 at 09:38 -0600, Douglas E. Engert wrote:
On 12/9/2010 8:41 AM, Andre Zepezauer wrote:
On Thu, 2010-12-09 at 14:31 +0300, Aleksey Samsonov wrote:
Hello,
2010/12/9 Martin Paljakmar...@paljak.pri.ee:
Hello,
On Dec 9, 2010, at 9:23 AM, webmas...@opensc-project.org
Hello,
the westcos driver still fakes crypto-hardware. It first extracts the
key material from the card and than performs the crypto operations in
software. Following that schema, then every card could easily support
every crypto-algorithm. OpenSSL would make it possible. What would be
the next
On Tue, 2010-12-07 at 20:38 +0200, Martin Paljak wrote:
Hello,
On Dec 7, 2010, at 8:25 PM, Andre Zepezauer wrote:
Hello,
the westcos driver still fakes crypto-hardware. It first extracts the
key material from the card and than performs the crypto operations in
software. Following
Hello Martin,
not a big issue, but IMO the link to 0.11.12 in the NEWS file should be
removed. See development tree below:
releases 0.11.8 0.11.9 0.11.10 0.11.11 -- 0.11.12 -- 0.11.13 --
0.11.14 0.12.0
||| |
On Wed, 2010-12-01 at 08:31 -0600, Douglas E. Engert wrote:
On 11/30/2010 8:16 PM, Andre Zepezauer wrote:
On Tue, 2010-11-30 at 16:16 -0600, Douglas E. Engert wrote:
On 11/30/2010 3:22 PM, Andre Zepezauer wrote:
Hello Douglas,
for problem you tried to solve with r4901
Hello Douglas,
for problem you tried to solve with r4901 there is a more general
solution. That solution would involve the mapping of the ASN1 type
ObjectValue to the corresponding C-structures.
In the case related to r4901, the hook would be
sc_pkcs15_pubkey_info_t-path. The underlying ASN1
On Mon, 2010-11-29 at 08:50 -0600, Douglas E. Engert wrote:
On 11/25/2010 10:23 AM, Andre Zepezauer wrote:
Hello,
I would like to commit the attached patch. It modifies the method of
public key retrieval in pkcs11-tool.
Currently the non standard attribute CKA_VALUE is uses
On Thu, 2010-11-25 at 09:28 +0100, Ludovic Rousseau wrote:
2010/11/23 Andre Zepezauer andre.zepeza...@student.uni-halle.de:
Dear OpenSC developers,
it seems to me that there are some myths in the OpenSC community about
the send/receive limitations of cards and readers.
In OpenSC
Hello,
I would like to commit the attached patch. It modifies the method of
public key retrieval in pkcs11-tool.
Currently the non standard attribute CKA_VALUE is uses. With the patch
applied, only attributes defined by PKCS#11 are used for public key
retrieval. Tested with OpenSSL 0.9.8.
afterwards. I.e. opensc-tool -f would be fine. Or
just write some data objects with:
pkcs15-init -W [file] --application-id 1.2.3 --label MyObject -a 01
Please include log-files with APDU sequences in your reply. Vendor and
Model of reader would be helpful too.
Kind Regards
Andre Zepezauer
Hello,
2010/11/20 Andre Zepezauer andre.zepeza...@student.uni-halle.de:
I would like to commit a change to pkcs11-spy, that changes the output
related to enquiries on attribute values (C_GetAttributeValue). The
reason for that change is that PKCS#11 defines a precise algorithm
On Mon, 2010-11-22 at 09:12 -0600, Douglas E. Engert wrote:
On 11/21/2010 3:24 AM, Jean-Michel Pouré - GOOZE wrote:
Le samedi 20 novembre 2010 à 18:05 +0100, Andre Zepezauer a écrit :
BTW: This is *exactly* the subset of CCID readers NOT supporting 2048
bit keys. Because they can transmit
On Sun, 2010-11-21 at 09:44 +0100, Ludovic Rousseau wrote:
Hello,
2010/11/20 Andre Zepezauer andre.zepeza...@student.uni-halle.de:
at the moment I'm investigating the max_x_size problem. Here is a short
preview of things I found so far. More detailed results will be attached
to #269
well a reader is actually
supported by libccid should be checked at [2].
Kind Regards
Andre Zepezauer
[1] http://pcsclite.alioth.debian.org/ccid_extended_apdu.html
[2] http://pcsclite.alioth.debian.org/ccid/section.html
On Sun, 2010-11-21 at 10:30 +0100, Jean-Michel Pouré - GOOZE wrote:
Dear
Hello,
at the moment I'm investigating the max_x_size problem. Here is a short
preview of things I found so far. More detailed results will be attached
to #269.
Current state of affairs:
1. currently I concentrate only on USB CCID devices
2. there are in fact three different kinds
*
BTW: This is *exactly* the subset of CCID readers NOT supporting 2048
bit keys. Because they can transmit only Short APDUs.
261 Aktiv_Rutoken_Magistra.txt
261 Gemalto_PDT.txt
261 GnD_StarSignCardToken550.txt
261 JCOP41V221.txt
261 Oberthur-CosmoCard1.txt
261
Hello,
I would like to commit a change to pkcs11-spy, that changes the output
related to enquiries on attribute values (C_GetAttributeValue). The
reason for that change is that PKCS#11 defines a precise algorithm for
these enquiries. That algorithm depends for example on pointer
(NULL_PTR) and
Hello Toni,
please could you try the attached patch. It should fix #269.
Regards
Andre
Index: libopensc/card.c
===
--- libopensc/card.c (revision 4874)
+++ libopensc/card.c (working copy)
@@ -216,11 +216,17 @@
card-name =
Hello Douglas,
you should check if NSS does support ECDSA. If it does, then it should
verify the users certificate on its own. Calling a PKCS#11 provider for
doing it, is some kind of abuse. (See quotation below)
But if NSS tries to offload the verification to OpenSC, because it
doesn't has
On Wed, 2010-11-10 at 13:03 -0600, Douglas E. Engert wrote:
On 11/10/2010 11:37 AM, Andre Zepezauer wrote:
Hello Douglas,
you should check if NSS does support ECDSA. If it does, then it should
verify the users certificate on its own. Calling a PKCS#11 provider for
doing it, is some
On Mon, 2010-11-08 at 16:11 +0100, Nikos Mavrogiannopoulos wrote:
On 11/08/2010 01:48 PM, Andre Zepezauer wrote:
I'm interested in the security attributes, that are set when the file
above is created. The simplest way to get these attributes is to use
opensc-explorer:
Here
On Mon, 2010-11-08 at 08:49 +0100, Nikos Mavrogiannopoulos wrote:
On Sun, Nov 7, 2010 at 8:07 AM, Andre Zepezauer
andre.zepeza...@student.uni-halle.de wrote:
Hello Nikos,
please could you post the access conditions of 3F00/5015/4946. I wounder
why the error code SC_ERROR_NOT_ALLOWED
1 - 100 of 208 matches
Mail list logo