On Wednesday 16 May 2007 22:43:15 Mister T wrote:
> 1. How do I configure the profile
/usr/share/opensc/pkcs15.profile to have
> the PIN, PUK and soPIn and soPUK stored under the MF
(3F00) instead of the
> DF PKCS15-AppDF (3F005015)? This should make the PIN
global for all
> applications on the smartcard.
I don't think anyone has done this before, no idea.
also it depends whether the security model of the card
allowes this. some
might need the pin in the same folder as the key - not
sure.
> 2. How do I configure the profile pkcs15.profile so
that each application
> is protected by this global PIN?
also no idea. normally only keys are protected by pin, and
writte access to
other files. but read for example is not protected by the
pin. i guess pkcs#15
requires read access to some files without pin protection
(e.g. the directory
files).
also I wonder: why do you need this?
I haven't found a case where once card with more than one
key was better
than having two seperate cards? so I guess you have some new
use case
where a card with several keys / "applications"
fits your need?
Regards, Andreas
_______________________________________________
opensc-user mailing list
opensc-user lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-
user
|