multipart encryption when, for example, the data is too big to fit in
one APDU. It basically calls the Cipher.update() method until all data
has been processed. However, the Java Card API documentation advises
against using update():
"This method requires temporary storage of intermediate results. In
addition, if the input data length is not block aligned (multiple of
block size) then additional internal storage may be allocated at this
time to store a partial input data block. This may result in additional
resource consumption and/or slow performance. This method should only
be used if all the input data required for the cipher is not available
in one byte array. If all the input data required for the cipher is
located in a single byte array, use of the doFinal() method to process
all of the input data is recommended."
As the card's JVM was returning an internal exception when using
OP_PROCESS, it was decided to implement an msc_crypt_final_object()
function in OpenSC that uses the msc_object_*() functions to read/write
all the data from the card. This way, it is possible to transmit/receive
"arbitrarily" large data chunks to/from the card and use doFinal(). This
is the fallback method when, for example, using 2048 bit keys and the
card doesn't support extended APDUs.
Thanks to Joao Poupino for the patch
http://www.opensc-project.org/pipermail/opensc-devel/2009-March/011978.html
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3673 c6295689-39f2-0310-b995-f0e70906c6a9
* Update IOCTL definitions to PC/SC part 10 v2.02.05
* Return SC_SUCCESS instead of 0 if returning SC_ codes.
* Detect the presence of a display with FEATURE_IFD_PIN_PROPERTIES
Tested with patched CCID driver on OS X, with SPR532 (no display) and OK3821 (with display)
Known CCID reader with a display:
ATMEL_AT91SO.txt: wLcdLayout: 0x0210
CardMan3821.txt: wLcdLayout: 0x0210
Kobil_EMV_CAP.txt: wLcdLayout: 0x0210
Xiring_XI-SIGN.txt: wLcdLayout: 0x020C
Xiring_XI-SIGN_6000.txt: wLcdLayout: 0x020C
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3666 c6295689-39f2-0310-b995-f0e70906c6a9
the old code was undefined, but ok (variables where never used
again in the "goto error" case). but the new code should
be clearer on this.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3658 c6295689-39f2-0310-b995-f0e70906c6a9
- Correctly report Cryptoki version if v2.20 is used.
- Consistently report no version for hardware/software we know no version information about.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3627 c6295689-39f2-0310-b995-f0e70906c6a9
* Increase default slot count to 16, which equals 4 concurrent readers by default
* 2 OpenCT + 2 PC/SC on Linux for example
* Rename num_slots to slots_per_card
* Rename internal PKCS#11 variables, remove unneeded defines.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3619 c6295689-39f2-0310-b995-f0e70906c6a9
Most users don't use more than one or two tokens concurrently. This way default configuration (or with no configuration file) works even after you insert a PC/SC reader as OpenCT does not "eat up" all PKCS#11 slots with 5 virtual readers.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3618 c6295689-39f2-0310-b995-f0e70906c6a9
* Work as expected without a configuration file
* "Normalize" the configuration file: show the used default and give examples with opposite values.
* DWIM:
* If there is no config file: try all builtin drivers
* If there is a configuration file, allow to turn emulation off
* If there is a configuration file, allow to filter the list of internal drivers
* Introduce a PKCS#15 layer card flag for emulated cards
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3613 c6295689-39f2-0310-b995-f0e70906c6a9
ACL settings, and check C_CreateObject parameter CKA_PRIVATE aka
pkcs15_create_data args.auth_id variable, aka sc_pkcs15init_new_object
object->flags & SC_PKCS15_CO_FLAG_PRIVATE to decide if "data" or "privdata"
profile needs to be used.
Tested with cryptoflex 32k and opensc-explorer, now I no longer can
"get" the data object file stored with "--private".
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3605 c6295689-39f2-0310-b995-f0e70906c6a9