Hi, > -----Original Message----- > From: opensc-devel-boun...@lists.opensc-project.org [mailto:opensc-devel- > > On 22/02/2011 13:56, Toni Sjoblom - Aventra wrote: > > > The private key files sizes are shown in bits not bytes. A 1K private key > > uses approx. 960 bytes and 2K respectively approx. 1296 bytes. This consists > > of both the private and public parts. > This matches my experimental numbers better :) > 28548 (free space before keypair gen) - 24052 (free space after keypair > gen) - 2880 (pukdf) = 1616 > It's still 320 extra bytes, but at least it's closer. Bookkeeping? Sorry, the public key size for the 2K was missing from that value. That explains the 320 bytes difference. Public key file for a 2K bit key is 270 bytes. Also, some space is occupied when new files are added as well.
> > The DIR files do not grow when > > creating new files, they are created once during initialization with a size > > that's defined in the driver's profile. > But it seems they get created only when needed: pukdf (EF 4403) was not > present until keypair creation. > So if I only import certificates I won't have pukdf anywhere (room for > an extra cert :) ). Yes, you're right about that :) > I'll soon post some more tweaking since now I've better data to work on. Keep in mind that if you try to optimize the DIR file (CDF, PuKDF, PrKDF..) sizes to the maximum, it means that you have no space left for other data objects, e.g. images etc. And also the time taken to read the card increases with large DIR files. This is due to the fact that the files are read in chunks over a somewhat old and slow interface that the standard APDU protocol is. Newer and improved interfaces exist, but are not widely supported/used. My opinion is that the profile should be tweaked for each use case, while at the same time the default profile should be a reasonable compromise between using the maximum space and no space. I agree that currently the MyEID profile has too small file. This has historic reasons from a time when the memory size was limited on javacards. Kind regards, Toni > BYtE, > Diego. _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
