Doug Engert
Doug Engert
> I agree with the smart card jungle, but that is also the reason we should be careful not to interfere with other applications in the same system. > And...
Some additional information on OpenSC Select AID commands. With the card that is failing and running this with OpenSC 0.25.0 `./opensc-tool -v -v -v --serial 2>&1 | grep -n "sc_connect_card:...
> This is not a SmartCard-HSM card, but a different applet we developed for a customer. This is unrelated to the SmartCard-HSM as a product. That other card does not...
> Unfortunately the card does understand the GET DATA command, but does no have the object requested. So there is no real good mechanism to differ legitimate GET DATA commands...
> We already had quite some debate about piv_match_card_continued() where I argued that the match_card callback should only be used to check IF we can handle the card, whereas init...
>Do we store somewhere the result of unsuccessful probing ? Not as far as I know, but we do have a default driver `card-default.c` which sets `card->name = "Unsupported card";`...
Using `pkcs11-tool --test --login` with an unknown card will get to: https://github.com/OpenSC/OpenSC/blob/master/src/libopensc/card.c#L370-L373 then https://github.com/OpenSC/OpenSC/blob/master/src/libopensc/card.c#L398-L403 where it disconnects from PCSC, so the next time it will try and match all the...
I have started to look at using opensc.conf with `card_atr xx:xx:xx { driver = "blacklist"; }` i.e. force using a dummy driver that would in effect mark the reader with...
> My point is, that we should not issue other commands than SELECT(AID) to cards we don't know, meaning cards whose ATR is not recognized any on of the driver....
> Ahhh, no. P1=04 means Select by DF Name, which means SELECT(AID) Disagree. IOS 7816-4 says: "A multi-application card shall support the SELECT command with P1='04', P2='00' and..." The point...