Re: [opensc-devel] secure messaging with OpenSC

2007-01-08 Thread Andreas Jellinghaus
Hi Viktor, I like the idea of adding secure messagin! but in general: I think it would be nice to be able to encrypt all communication. think of contactless smart cards, I don't want data like the certificate go over the air unencrypted for privacy reasons. about the code: why add it as loadabl

Re: [opensc-devel] fix get_response logic

2007-01-08 Thread Andreas Jellinghaus
Nils Larsch wrote: well, I thought of something like this (see attached patch, note: untested). might work. but if r is 00, it could be because of 90 00, but also because of 61 00. we should make sure the code and comments know about this. maybe explicit check the whole status code to see which

Re: [opensc-devel] ATR masking bug prevents detection of certain Cryptoflex cards; Patch attached

2007-01-08 Thread Andreas Jellinghaus
Nils Larsch wrote: Andreas Jellinghaus wrote: or mask both values before comparing? ok commited. should we really continue here ? After all it's an error in the card driver. a very small typo shouldn't disable the whole software I think. the effect is the card won't match, and we get an

Re: [opensc-devel] ATR masking bug prevents detection of certain Cryptoflex cards; Patch attached

2007-01-08 Thread Nils Larsch
Andreas Jellinghaus wrote: or mask both values before comparing? ok Index: card.c === --- card.c (revision 3093) +++ card.c (working copy) @@ -765,14 +765,20 @@ matr_len = strlen(matr);

Re: [opensc-devel] ATR masking bug prevents detection of certain Cryptoflex cards; Patch attached

2007-01-08 Thread Heiko Knospe
Ok, it is probably a good idea to mask both values before comparing. Although, for network addresses one would usually put zeroes in the subnet address, e.g. 192.168.1.0 netmask 255.255.255.0 ... I tested your patch successfully with one modification: ctx needs to be inserted in the sc_error f

Re: [opensc-devel] problem to support new token

2007-01-08 Thread Nils Larsch
eugene wrote: Hi, I am working on new smart card driver for opensc library. Here is the description of problems I found during implementation: SC does not conform to PKCS#15, it does not contain RSA/DSA ciphers at all, except Russian GOST-28147.89 standard, but Windows drivers support keeping

Re: [opensc-devel] fix get_response logic

2007-01-08 Thread Nils Larsch
Andreas Jellinghaus wrote: Nils Larsch wrote: If this sounds reasonable I will prepare a patch. not 100% sure I understood it correctly, but it is worth a try. please do so. well, I thought of something like this (see attached patch, note: untested). Cheers, Nils Index: src/libopensc/apdu.c

Re: [opensc-devel] Re: [opensc-commits] Re: [OpenSC] #128: Patch: PIV Card update patch

2007-01-08 Thread Nils Larsch
Thomas Harning Jr. wrote: On Sat, 2007-01-06 at 16:28 +0100, Nils Larsch wrote: OpenSC wrote: #128: Patch: PIV Card update patch -+-- Reporter: harningt |Owner: opensc-devel@lists.opensc.org Type: enhan

Re: [opensc-devel] Re: [opensc-commits] Re: [OpenSC] #128: Patch: PIV Card update patch

2007-01-08 Thread Thomas Harning Jr.
On Sat, 2007-01-06 at 16:28 +0100, Nils Larsch wrote: > OpenSC wrote: > > #128: Patch: PIV Card update patch > > -+-- > > Reporter: harningt |Owner: opensc-devel@lists.opensc.org > > Type: enhancement |