Re: [Opensc-devel] Last minute patching

[Andreas S. (ML) <and...@ca...>]

Hi Toni,

I've marked the change in [1] / pkcs15-pubkey.c / 658.

Your modification to the code is correct, but it breaks existing code as
it changes the format of the public key stored in ecpointQ. Before your
change it used to contain an OCTET-STRING, now it contains just the
plain public key (04|X|Y).

My point is not that we should not do this kind of fixes, we just should
allow a little more time for other to check implications of large code
changes. And we should certainly not introduce such large changes after
we verified 2 release candidates - I mean, what's the purpose of a
release candidate, if the final code looks completely different ?

Andreas


[1]
https://github.com/OpenSC/OpenSC/commit/457426543dfa02597895d57013dde94cc9e7d038

Am 18.02.2013 21:00, schrieb Toni Sjoblom - Aventra:
> Hi,
> 
> First of all, I'm sorry for the problems you got due to a change we did.
> 
> At the time, it seemed for me that the OpenSC's ECC parts were very
> incomplete,
> especially key generation. We added these parts and tried to interpret
> standards to get everything right.
> 
> I tried to look at the actual problem you got, but I cannot find the patch
> you mentioned.
> Could you post a direct link to the pull request?
> 
> Kind regards,
> Toni
> 
>> -----Original Message-----
>> From: Andreas Schwier (ML) [mailto:and...@ca...]
>> Sent: 15. helmikuuta 2013 19:01
>> To: Viktor Tarasov
>> Cc: ope...@li...
>> Subject: Re: [Opensc-devel] Last minute patching
>>
>> Dear Viktor,
>>
>> the patch is attached to the pending pull request for
>> CardContact/OpenSC.
>>
>> Andreas
>>
>> Am 15.02.2013 15:31, schrieb Viktor Tarasov:
>>> Hello,
>>>
>>> On Fri, Feb 15, 2013 at 2:41 PM, Andreas Schwier (ML)
>>> <and...@ca...
>>> <mailto:and...@ca...>> wrote:
>>>
>>>     while doing some regression testing we've come across a problem
>> that
>>>     once working code broke apart immediately before the 0.13 release
>> was
>>>     finished.
>>>
>>>     We traced the problem down to a code change introduced by the
>> MyEID
>>>     ECDSA patch [1] that went into the 0.13 version as one of the
>> very final
>>>     patches.
>>>
>>>     Even though the code change is valid, it breaks existing code,
>> rendering
>>>     the ECDSA key generation for the SmartCard-HSM in the 0.13
>> release
>>>     pretty much useless.
>>>
>>>
>>> Sorry, for these problems.
>>>
>>>
>>>
>>>     Can we for the future agree, that we don't squeeze such a large
>> code
>>>     change in right before doing a release ?
>>>
>>>
>>>
>>> Yes, in the future we'll be less hazardous.
>>>
>>> This release was not as like the others -- first train after the long
>>> interruption of traffic: many passengers, new locomotive, equipage
>>> without experience, ...
>>>
>>>
>>>
>>>     We tested all the release candidates and they worked up and until
>> the
>>>     very last patch.
>>>
>>>     Andreas
>>>
>>>
>>> Kind regards,
>>> Viktor.
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>> https://github.com/OpenSC/OpenSC/commit/457426543dfa02597895d57013dde9
>>> 4cc9e7d038
>>>
>>>     --
>>>
>>>         ---------    CardContact Software & System Consulting
>>>        |.##> <##.|   Andreas Schwier
>>>        |#       #|   Schülerweg 38
>>>        |#       #|   32429 Minden, Germany
>>>        |'##> <##'|   Phone +49 571 56149 <tel:%2B49%20571%2056149>
>>>         ---------    http://www.cardcontact.de
>>>                      http://www.tscons.de
>>>                      http://www.openscdp.org
>>>
>>>
>>>     -----------------------------------------------------------------
>> -------------
>>>     Free Next-Gen Firewall Hardware Offer
>>>     Buy your Sophos next-gen firewall before the end March 2013
>>>     and get the hardware for free! Learn more.
>>>     http://p.sf.net/sfu/sophos-d2d-feb
>>>     _______________________________________________
>>>     Opensc-devel mailing list
>>>     Ope...@li...
>>>     <mailto:Ope...@li...>
>>>     https://lists.sourceforge.net/lists/listinfo/opensc-devel
>>>
>>>
>>
>>
>> --
>>
>>     ---------    CardContact Software & System Consulting
>>    |.##> <##.|   Andreas Schwier
>>    |#       #|   Schülerweg 38
>>    |#       #|   32429 Minden, Germany
>>    |'##> <##'|   Phone +49 571 56149
>>     ---------    http://www.cardcontact.de
>>                  http://www.tscons.de
>>                  http://www.openscdp.org
>>
>>
>> -----------------------------------------------------------------------
>> -------
>> Free Next-Gen Firewall Hardware Offer
>> Buy your Sophos next-gen firewall before the end March 2013 and get the
>> hardware for free! Learn more.
>> http://p.sf.net/sfu/sophos-d2d-feb
>> _______________________________________________
>> Opensc-devel mailing list
>> Ope...@li...
>> https://lists.sourceforge.net/lists/listinfo/opensc-devel
> 


-- 

    ---------    CardContact Software & System Consulting
   |.##> <##.|   Andreas Schwier
   |#       #|   Schülerweg 38
   |#       #|   32429 Minden, Germany
   |'##> <##'|   Phone +49 571 56149
    ---------    http://www.cardcontact.de
                 http://www.tscons.de
                 http://www.openscdp.org