Re: Various small changes to OpenSC

Nils Larsch wrote:

> Stef Hoeben wrote:
>
> > > > It's an alternative to sc_pkcs15_authenticate(). The limitation with
> > > > that function is that it gets the ACs from the profile file, 
> > > > instead of
> > > > from the real card. So if you have a card that wasn't made with
> > > > pkcs15-init, or you changed the profile file afterwards, the function
> > > > may fail.
> > >
> > >
> > >
> > >
> > > I think it would be better to let sc_pkcs15init_authenticate use real
> > > ACs if the are available. The only problem is that some card don't tell
> > > us the ACs => the current profile based approach. What about a new card
> > > capability for that and sc_pkcs15init_authenticate uses the real AC if
> > > the card can tell us the ACs.
> >
> >
> >
> >
> > Hm, okay. You know by head which cards don't tell us the ACs?
> > (If not, I'll look into the code.)
>
>
> I would add the new caps flag only to those cards which need it,
> at least for now.

I just noted there's allready an SC_CARD_CAP_NO_FCI flag.
We could just add a SC_CARD_CAP_USE_FCI flag, but perhaps
that's a little confusing/silly?

Cheers,
Stef