msetina

Any new development on mitigating this. I am using cryptography and their aliases are not disected properly and even get_args does not help to mark object as suitable. Also a...

ATR is: Using reader with a card: ActivIdentity Activkey_Sim 00 00 3b:7b:18:00:00:00:31:c0:64:77:e3:03:00:82:90:00 The not supported comes after: ```P:1202; T:0x140341028037568 11:08:12.786 [pkcs15-init] card-cac1.c:516:cac_init: returning with: 0 (Success) P:1202; T:0x140341028037568 11:08:12.787 [pkcs15-init]...

Or maybe a better question: Could there be a way to provide info from driver or settings which app/token is for authentication and which for signing? I know this card...

Thank you for your explanation. I was fishing for a solution. With no setup in conf file for PKCS15 framework the PKCS11 programming interface can access any token on the...

Looking at XADES spec I see there can also be digests for CA chain so writing part is ok. The verify should probably go by list index? _verify_cert_digests should expect...

I can fix verification so it works by list index for start. Is that OK?

#247 fixes the erroneus ```signxml.exceptions.InvalidDigest: Digest mismatch for certificate digest``` by matching X509Certificate to xades:Cert by index. Other things are more complex...

Test suite has some problems linked to problematic code. I added: ``` if b64decode(digest_value.text) != self._get_digest( der_encoded_cert, algorithm=digest_alg ): raise InvalidDigest("Digest mismatch for certificate digest") else: print("Digest {0} OK".format(idx)) ```...

By continuing test, I found test cases with 2 X509Certificate and only one xades:Cert. - xades-x-level-wrong-sigAndRefsTstVersion - xades-extended-epes - xades-with-multiple-signaturetimestamps and they were not marked as raising error. Can we...

Ignoring missing xades:Cert nodes and removing erroneus error_condition, alows test suite to finish OK.