Hello, After changeset 3784 http://www.opensc-project.org/opensc/changeset/3784/branches Give special attention to: -static void cache_pin(void *, int, const sc_path_t *, const void *, size_t); and http://www.opensc-project.org/opensc/browser/branches/martin/0.12/src/pkcs11/framework-pkcs15.c?rev=3784#L3003
Tests Rytoken ECP: C_Login() C_CreateObject() -> (pkcs15_create_object -> pkcs15_create_data -> sc_pkcs15init_store_data_object -> sc_pkcs15init_store_data -> sc_pkcs15init_update_file) -> sc_pkcs15init_authenticate -> --- [opensc-pkcs11] pkcs15-lib.c:3427:sc_pkcs15init_authenticate: path=3f0050000501, op=1 [opensc-pkcs11] pkcs15-lib.c:3437:sc_pkcs15init_authenticate: r:[0x00000000] [opensc-pkcs11] pkcs15-lib.c:3438:sc_pkcs15init_authenticate: acl:[0x0805ee48] [opensc-pkcs11] pkcs15-lib.c:3455:sc_pkcs15init_authenticate: verify --- do_get_and_verify_secret -> sc_keycache_get_key returned is $1 = -1407 => [opensc-pkcs11] misc.c:82:sc_to_cryptoki_error: opensc error: Requested object not found (-1407) Minimal patch (draft): Index: src/pkcs11/framework-pkcs15.c =================================================================== --- src/pkcs11/framework-pkcs15.c (revision 3852) +++ src/pkcs11/framework-pkcs15.c (working copy) @@ -1009,6 +1009,9 @@ rc = sc_pkcs15_verify_pin(card, pin, pPin, ulPinLen); sc_debug(context, "PIN verification returned %d\n", rc); + if (rc >= 0) + sc_keycache_put_key(&pin->path, pin->type, pin->reference, + pPin, ulPinLen); return sc_to_cryptoki_error(rc, p11card->reader); } @@ -1016,7 +1019,8 @@ { struct pkcs15_fw_data *fw_data = (struct pkcs15_fw_data *) p11card->fw_data; int rc = 0; - + + /* FIXME: cleanup keycache, to do opposite sc_keycache_put_key */ sc_pkcs15_pincache_clear(fw_data->p15_card); sc_logout(fw_data->p15_card->card); @@ -1054,6 +1058,9 @@ rc = sc_pkcs15_change_pin(fw_data->p15_card, pin, pOldPin, ulOldLen, pNewPin, ulNewLen); sc_debug(context, "PIN change returned %d\n", rc); + if (rc >= 0) + sc_keycache_put_key(&pin->path, pin->type, pin->reference, + pNewPin, ulNewLen); return sc_to_cryptoki_error(rc, p11card->reader); } @@ -1099,6 +1106,8 @@ pkcs15_init_slot(fw_data->p15_card, slot, auth_obj); pin_info = (sc_pkcs15_pin_info_t *) auth_obj->data; + sc_keycache_put_key(&pin_info->path, pin_info->type, pin_info->reference, + pPin, ulPinLen); return CKR_OK; } Any idea? _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel