Hello,
On Dec 16, 2010, at 8:46 PM, Andreas Jellinghaus wrote:
> http://www.h-online.com/open/news/item/When-a-smart-card-can-root-your-
> computer-1154829.html
>
> http://www.heise.de/security/meldung/Wenn-die-Smartcard-den-Rechner-
> rootet-1154599.html
>
> Heise reports a security issue found
When built without OpenSSL, register_mechanisms can fail.
Without OpenSSL sc_pkcs11_register_sign_and_hash_mechanisum fails
if the hash is not available, even if the card could do the hash
on the card.
../../../src/src/pkcs11/framework-pkcs15.c:173:pkcs15_bind: register_mechanisms
failed: 0x70
A
Now OpenSC without OpenSSL is working very well. Seems that NSS has no
problem with it, even if the supported mechanisms are striped to a
minimum:
$pkcs11-tool -M
Supported mechanisms:
RSA-PKCS, keySize={2048,2048}, hw, decrypt, sign
$
On Fri, 2010-12-17 at 11:13 -0600, Douglas E. Engert wrote:
