Hi, Was not sure whether this should be a ticket on the opensc trac or the libp11 trac. Thought I'd raise it here instead. I believe the current implementation of PKCS11_sign is broken. It should propogate the callers "guess" of signature size to the underlying p11 implementation. AIUI: Setting sigsize==0 is *how* applications are supposed to obtain the required size from the implementation. Current code forces it to the result of PKCS11_get_key_size. I don't understand how this could ever be the "right thing" to do - what am I missing ?
The attatched patch is against libp11/trunk at r108 Cheers, Robin
libp11-r108-PKCS11_sign.patch
Description: Binary data
_______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
