Kim O'Sullivan
Kim O'Sullivan
Hi @mistial-dev, thanks for bringing this to our attention. Yes this was addressed by FEATURE_STRICT_APDU_CHAINING for issue #4. This was later reviewed and removed as it was clear enough that...
Understood, in this context I was using the term chaining to refer to both large command and response processing, though I know it's typically used just for commands. In any...
This is correct and I've tagged it as a bug. My intention is to review the TLVReader class, but most importantly it needs a validate() method that checks the tag...
Hi you are correct, this was a very early decision not to permit `ACCESS_MODE_ALWAYS` to be used for administrative functions. This was later relaxed to include the `ACCESS_MODE_USER_ADMIN` but I...
For my $0.02, it is essential that OpenFIPS201 can say that it complies with the PIV standard, however we achieve this by configuration and our current level of flexibility already...
Agreed, once we have closed issue #65 I will make the changes to the default script to include the correct occ settings.
Hi @mistial-dev, yes this is correct there is no way to avoid SCP at all in this case for a few reasons: - The file system must first be defined...
> Looking at the use of GPSystem in this applet (GPSystem.getSecureChannel(), resetSecurity(), getSecurityLevel(), unwrap(), processSecurity()) then "mocking" this as a java code for jcardsim is max half day of effort....
@dmercer-google @spaikmos I'm thinking about how to get this in to suit your use case easily. I don't think this is useful for initial card pre-perso and perso given the...
Hi @mistial-dev, yes this has been on the non-allocated TODO list for a while now. The idea of identifying whether a key has been generated or imported makes total sense,...