On Mar 1, 2010, at 10:59 , Viktor TARASOV wrote:
> Hi,
>
> do somebody uses the card profiles with the 'pin-domains' activated?
> Will you have any objections against the idea to abandon the support of
> the 'pin-domains' in pkcs15init ?
>
> Actually only one card driver cflex (and cyberflex), one of the first
> drivers, implements it .
> Afaik, for a long time these cards are not more produced.
> It's not going about the total elimination of the 'flex' card support,
> but about the support with one 'pin-domain',
> like the others card drivers do.
>
> Imho, the support of 'pin-domains' is an non-justified burden for the
> pkcs15init core .
>
> Alternative to 'pin-domains' is the multi-pkcs15-applications, which the
> implementation can be considered.
PKCS#15 does not talk about PIN domains, so the implementation should be
implemented in the card specific driver. Do you have any pointers do docs?
At the same time, the way I see it, it would break (multiple, all?) PINs on
Cryptoflex, which is a good working driver?
I have a cryptoflex, so I can help testing. Probably the only source for PIN
domains and the way it is implemented would be cryptoflex doc?
>From the source I see:
/* Some cards need to keep all their PINs in separate directories.
* Create a subdirectory now, and put the pin into
* this subdirectory
*/
At the same time, I was not able to delete cryptoflex with current trunk, it
seems that it tries to cache as a PIN the transport keys and crashes. Will
investigate.
--
Martin Paljak
http://martin.paljak.pri.ee
+3725156495
_______________________________________________
opensc-devel mailing list
[email protected]
http://www.opensc-project.org/mailman/listinfo/opensc-devel
