Stef Hoeben wrote:
Hi,
there seem to be 2 problems:
- protect_certificates = false by default -> nasty security bug IMHO,
this is fixed in profile.c
It's certainly a bug but I don't think this is a real security problem
(unless you can you describe a practical attack using this bug). If the
CDF isn't protected you can at most delete or replace [references to]
certificates (of course this can be a denial of service attack but it
shouldn't affect security schemes using certifcates + private keys).
PS: The flex.profile sets this value to true, but setting it to false
seems to work fine for me
(so I propose to remove it -> OK???)
how many pins did you test ?
- no reference to the user PIN is given with "pkcs15-init -X", which causes
sc_pkcs15_init_fixup_file() to set the corresponding ACs to NONE (!)
It looks rather nasty but I'm afraid of shacking it up so I just added
a reference
to the first user PIN in case it's not set -> comments?
why not the so-pin (if present) ?
@@ -3408,6 +3431,51 @@
return sc_pkcs15init_fixup_acls(profile, file, &so_acl, &user_acl);
}
+static const char * acl_to_str(const sc_acl_entry_t *e)
+{
hmm, this function isn't used in your patch.
Nils
_______________________________________________
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel