Hi Peter, On 05/21/2012 04:35 AM, Peter Koch wrote: > Here are my own impressions - if they are wrong, please correct me: > > 1: OpenPGP cards do NOT have a filesystem like other smart cards. > Instead of storing informations in EFs which are located in DFs an > OpenPGP card stores information in Data Objects. Here my conclusion > is: Without EFs and DFs and in particular without commands to > create EFs and DFs pkcs15-init does not make any sense. Yes, but the pkcs15-init binding for OpenPGP card will implement only a small part: importing certificate, generate keys. It won't create DF & EFs. The reason why I need pkcs15-init binding is that I want it possible to import certificate via PKCS#11 interface (using Firefox). While researching how to achieve it, I tried with the pkcs11-tool and found that doing import certificate needs the pkcs15-init binding.
I will appreciate if someone point me another way to do, avoiding pkcs15-init. > > 2: The current driver emulates SELECT and READ BINARY APDUs > by reading from the corresponding Data Objects. I believe this > was done in order to emulate a (read only) PKCS#15 file layout. > If that was true - is there any hope to extend this emulation? Yes, but it seems that this emulated file layout does not match the PKCS#15 very well, leading to the problem which I described in this topic http://www.opensc-project.org/pipermail/opensc-devel/2012-May/018018.html > 3: What features are missing in the current implementation and > what bugs should be fixed? > What's new in my own branch: - Write support for normal DOs (the Extended Header List DO - 4D - is not supported yet. This DO is used for key import). - Expose certificate (stored in the 7F21 DO) to PKCS#11 app. Things I want to do next is to support key import and certificate import. -- Regards, Quân _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
