Menu
▾
▴
[Opensc-devel] CardOS 5.3 driver
|
From: Jakub J. <jj...@re...> - 2017-03-17 11:38:13
|
Hello all, we got several CardOS 5.3 cards that I tried to implement support for in OpenSC. The initial detection is already merged [1]. The approach used CardOS 5.0 was not working everywhere so before submitting the pull request with all the changes, I would like to hear some feedback on some questionable parts and preferable verify that the changes are not breaking anything that worked with CardOS 5.0 as originally implemented years ago (adding szikora, who implemented initial CardOS 5.0 support in PR#170) or if some of the concepts in new cards work also in the old ones. All changes are in my branch [2] are in four commits The first two make the signatures working: * Separately detect 5.3 version and use p1 = 0x41 for security environment -- will it work also in the old cards? * Remove SC_ALGORITHM_NEED_USAGE which prevented using cardos_compute_signature() with 5.3 cards. Does 5.0 or older cards need that? The last two changes are more hackish and used to make decipher mechanisms working (it looks like the card strips all the padding). Or is there any possibility to disable in OpenSC RSA_X_509 raw decipher mechanisms for this driver? Comments, thoughts? [1] https://github.com/OpenSC/OpenSC/commit/ac96e73 [2] https://github.com/Jakuje/OpenSC/commits/jjelen-cardos53 Regards, -- Jakub Jelen Software Engineer Security Technologies Red Hat |
