On Jun 2, 2010, at 07:06 , Xiaoshuo Wu wrote: > I figure out a solution, add an new option combination "--change-attributes > pin --pin-flags local --id $pin_id" in pkcs15-init command, so one can add > "local" pin-flag without reinitialize the card. > > Here is the steps: > 0.Apply the patch in my attachment. > 1.Use "pkcs15-tool -D", get PIN's ID XX. > 2.Run "pkcs15-init -A pin --pin-flags local -i XX", set the "local" pin-flag. > > It's a bit shaggy, but straight.
This makes sense, with the exception that if it is possible to change PIN flags afterwards, it should be possible the set them via command line when creating the PIN as well. I'm a bit lost now how this relates to profile information, which also specifies PIN flags and how much should be tweakable via command line at initialization stage, to still be apprehensible and provide a working and consistent solution. I'm not sure if exposing arbitrary bit field manipulation to the end user is a good idea. -- Martin Paljak http://martin.paljak.pri.ee +3725156495 _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
