Moin, Am Mon, 24 Jul 2006 20:26:03 +0200 schrieb Nils Larsch:
> actually relative paths shouldn't a problem if we change do not > unnecessarily change the working DF But exactly that is what happens. The private key path is stored as 50724B015501 and the certificate path is stored as 43044301. So when you select either one as a relative path you can't select the other one unless you first reselect the DF(PKCS#15). > One could implement a workaround in the cardos driver that would try > to create a signature with the decipher command if the COMPUTE > SIGNATURE doesn't work. Hmm, where would one do that? I see that cardos_compute_signature() already does try some different approaches. However, IMHO we can't switch from trying SIGNATURE to DECIPHER in there because decipher needs a different security environment. So the fallback to deciphering would need to happen in sc_pkcs15_compute_signature() where the security environments are set. But that is not cardos-specific code. -- Henryk Plötz Grüße aus Berlin ~~~~~~~ Un-CDs, nein danke! http://www.heise.de/ct/cd-register/ ~~~~~~~ ~ Help Microsoft fight software piracy: Give Linux to a friend today! ~
pgpyrDmBNSDES.pgp
Description: PGP signature
_______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
