Hello,
I just posted a blog [1] titled "pcsc-lite upgrade and Ubuntu special
configuration".
The problem is becoming a FAQ.
Bye
[1]
http://ludovicrousseau.blogspot.com/2010/10/pcsc-lite-upgrade-and-ubuntu-special.html
--
Dr. Ludovic Rousseau
___
o
2010/10/19 Andre Zepezauer :
> Hello Ludovic,
>
> the attached patch prevents the access of unallocated memory in
> pam_pkcs11. This happens while performing on-line certificate
> verification. The case where crl:s are fetched via http-request. Two
> additional fixes are included. Changes in detail
Hello,
I just released a new version of PAM PKCS#11. This version fixes
problems and adds features.
>From ChangeLog.svn:
2010-10-19 ludovic.rousseau
* [r464] doc/doxygen.conf.in: Update from doxygen version 1.5.6 to
1.7.1
* [r463] configure.in: release 0.6.5
*
Working with Spanish DNIe code, I've received some feedback [1] from Dirección
General
de la Policía about removal of "user consent" code on signature process
Afaik this theme has been discussed at OpenSC [2]. As a result, user consent
code
was removed from OpenSC. Same was for opensc-signer mo
Oops!! there are some obvious errors in attached code ( "module" instead of
"card_driver",
card context null checkings and so )
But It's just an idea :-)
Juan Antonio
___
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opens
Hello all,
I experimented with libp11 and enginePkcs11 lately for creating
signatures with smart cards.
I noticed that libp11 (and enginePkcs11, too) only allows to create
signatures where the hash was computed in software. The PKCS#11 device
will simply apply the signature algorithm, and the PKCS
Hello,
On Tue, Oct 19, 2010 at 13:38, Martin Boßlet
wrote:
> I noticed that libp11 (and enginePkcs11, too) only allows to create
> signatures where the hash was computed in software. The PKCS#11 device
> will simply apply the signature algorithm, and the PKCS#1.5 padding is
> created manually. Bu
2010/10/19 Martin Paljak :
> Hello,
>
> On Tue, Oct 19, 2010 at 13:38, Martin Boßlet
> wrote:
>> I noticed that libp11 (and enginePkcs11, too) only allows to create
>> signatures where the hash was computed in software. The PKCS#11 device
>> will simply apply the signature algorithm, and the PKCS#
Ludovic Rousseau wrote:
> 2010/10/19 Martin Paljak :
>
>> Hello,
>>
>> On Tue, Oct 19, 2010 at 13:38, Martin Boßlet
>> wrote:
>>
>>> I noticed that libp11 (and enginePkcs11, too) only allows to create
>>> signatures where the hash was computed in software. The PKCS#11 device
>>> will simpl
Hello,
On Tue, Oct 19, 2010 at 12:52, jons...@terra.es wrote:
> Afaik this theme has been discussed at OpenSC [2]. As a result, user consent
> code
> was removed from OpenSC.
User consent in PKCS#15 terms means that the application needs to ask
for users permission after every n-th operation. In
I'm glad that I in my KeyGen2/SKS project were not limited by all the crap
out there, but had the opportunity to create something new that hopefully
won't need endless patching and/or national profiles.
In SKS each key may have policy. This include things like:
- User modifiable PIN or not (SKS)
Hello Ludovic,
currently the mapper modules are unloaded only on authentication
failure. This patch let them unload on success too.
Regards
Andre
Index: pam_pkcs11/pam_pkcs11.c
===
--- pam_pkcs11/pam_pkcs11.c (revision 464)
+++
2010/10/19 Andre Zepezauer :
> Hello Ludovic,
>
> currently the mapper modules are unloaded only on authentication
> failure. This patch let them unload on success too.
Fixed in revision 465.
Andre, do you want to have a write access to the pam_pkcs11
repository, and commit fixes directly?
Bye
As mentioned, computing the last round of the hash on the device and
the previous rounds in software would be the perfect thing to have.
Is it ok if I try to implement this for libp11 and submit the solution
for review? If the solution is accepted I could then move on to
integrate this feature into
14 matches
Mail list logo
