The subject of the requirement is to verify that "malformed" or "incomplete" certificates cannot be loaded on to the card.
-----Original Message----- From: opensc-devel-boun...@lists.opensc-project.org [mailto:opensc-devel-boun...@lists.opensc-project.org] On Behalf Of Peter Stuge Sent: Friday, February 25, 2011 11:19 AM To: opensc-devel@lists.opensc-project.org Subject: Re: [opensc-devel] Documentation sanity checks Brian Thomas wrote: > I need to prove to our customer that OpenSC performs some sort of > sanity checking before loading a certificate on to a smart card. Sanity checking of what? If the requirement is not qualified any further then that is one stupid requirement. > PKCS15-init does some kind of checking because when I attempt to > load a certificate on the card after modifying it with a text > editor, it fails and throws an error. That would be because the encoding has been broken. If it's the text-readable format that is called PEM encoding. If you modify the certificate with a tool that actually understands the encoding used then of course you can change the contents. So again, what checking do you need? //Peter _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
