Alon Bar-Lev wrote: > This is not required, as one can get this from private key attributes > or from the certificate. > It just waste card storage...
I'm not sure this is the best argument, "640k is enough for any man" and all that. I know some cards don't have much room on them, but certainly not all of them. > I read the message in reference, and I think that there should be a > different solution for this > without storing the public key. It seems to me like another solution not being considered is to not store the public key by default, but allow storing it as an option. I don't think we need to limit the software based on assumed limits of hardware. -matt > On Thu, Mar 12, 2009 at 10:33 AM, <webmas...@opensc-project.org> wrote: >> Revision: 3663 >> Author: ludovic.rousseau >> Date: 2009-03-12 08:33:37 +0000 (Thu, 12 Mar 2009) >> >> Log Message: >> ----------- >> store the generated public key on the token. >> >> Thanks to Rickard Bondesson for the patch >> http://www.opensc-project.org/pipermail/opensc-devel/2009-February/011884.html >> >> Modified Paths: >> -------------- >> trunk/src/tools/pkcs11-tool.c >> Modified: trunk/src/tools/pkcs11-tool.c >> =================================================================== >> --- trunk/src/tools/pkcs11-tool.c 2009-03-07 21:55:40 UTC (rev 3662) >> +++ trunk/src/tools/pkcs11-tool.c 2009-03-12 08:33:37 UTC (rev 3663) >> @@ -1042,13 +1042,14 @@ >> CK_OBJECT_CLASS privkey_class = CKO_PRIVATE_KEY; >> CK_ATTRIBUTE publicKeyTemplate[20] = { >> {CKA_CLASS, &pubkey_class, sizeof(pubkey_class)}, >> + {CKA_TOKEN, &_true, sizeof(_true)}, >> {CKA_ENCRYPT, &_true, sizeof(_true)}, >> {CKA_VERIFY, &_true, sizeof(_true)}, >> {CKA_WRAP, &_true, sizeof(_true)}, >> {CKA_MODULUS_BITS, &modulusBits, sizeof(modulusBits)}, >> {CKA_PUBLIC_EXPONENT, publicExponent, sizeof(publicExponent)} >> }; >> - int n_pubkey_attr = 6; >> + int n_pubkey_attr = 7; >> CK_ATTRIBUTE privateKeyTemplate[20] = { >> {CKA_CLASS, &privkey_class, sizeof(privkey_class)}, >> {CKA_TOKEN, &_true, sizeof(_true)}, >> >> >> >> _______________________________________________ >> opensc-commits mailing list >> opensc-comm...@lists.opensc-project.org >> http://www.opensc-project.org/mailman/listinfo/opensc-commits >> > _______________________________________________ > opensc-devel mailing list > opensc-devel@lists.opensc-project.org > http://www.opensc-project.org/mailman/listinfo/opensc-devel _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
