Question about private/public Data objects

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

Question about private/public Data objects

Tarasov Viktor

I whould like to differenciate the ACLs and DF for the PIN protected and
non-protected Data objects.

The most inoffensive way to do it, IMHO, is to change the prototype
of 'new_file' entry in the 'sc_pkcs15init_operations';
    int (*new_file)(struct sc_profile *, struct sc_card *, unsigned int
object_type, unsigned int, struct sc_file **out);
    int (*new_file)(struct sc_profile *, struct sc_card *, struct
sc_pkcs15_object *obj, unsigned int, struct sc_file **out);
This entry belongs to the old-style API and currently used only by MICOS
and Oberthur pkcs15init modules.

This modification will permit more subtile card-specific control over
the DATA object
(it's also true for the other object types) from the card-specific
pkcs15init module and profile.

What do you think about it?

Kind wishes,

opensc-devel mailing list
[hidden email]