USB communication
=================

  * No command chaining, but extended APDU and extended Lc and Le.
    I think that this keep the code simple.

  * Once, the value of dwMaxCCIDMessageLength was 64 and we supported
    ICC block chaining, so that we could not handle multple Bulk
    transactions.

  * Now, the value of dwMaxCCIDMessageLength is 320, that's the size
    of header of ICC block plus size of maximum APDU (by 64
    granularity).  Still, some ccid implementation sends ICC block
    using chaining (unfortunately), so we keep the code of ICC block
    chaining.


OpenPGP card protocol implementation
====================================

I try to follow "no clear password(s)" policy, even if it is on
protected flash memory.  Futher, keystrings for user and reset code
are removed after key imports.  Because of this, replacing keys
are not possible without password information.  Thus, replacing
existing keys are not supported.


How a private key is stored
===========================

KEYPTR
         ----> [   P   ][   Q   ][       N        ]
               <---encrypted----><---  plain  ---->

key_addr                       4-byte
additional_data_encrypted      16-byte
dek_encrypted_by_keystring_pw1 16-byte
dek_encrypted_by_keystring_rc  16-byte
dek_encrypted_by_keystring_pw3 16-byte

... decrypted to

[   P   ][   Q   ]
check   4-byte
random  4-byte
magic[] 8-byte