On Fri, 2011-02-04 at 23:31 +0100, Juan Antonio Martinez wrote:
> About visibility of certificates and keys patch, notice that
> DNIe requires the user to enter pin for just read (neither
> signature nor authentication) user certificates. It's not
> standard, I know, but seems to be a very common issue in
> some cards
I didn't know that, but it's addressed in the attached patch.
Index: src/libopensc/pkcs15-dnie.c
===================================================================
--- src/libopensc/pkcs15-dnie.c (revision 223)
+++ src/libopensc/pkcs15-dnie.c (working copy)
@@ -195,22 +195,12 @@
/* Perform required fixes */
p15_obj = p15card->obj_list;
while (p15_obj != NULL) {
- /* Add 'auth_id' to private keys */
- if ((p15_obj->type & SC_PKCS15_TYPE_CLASS_MASK) == SC_PKCS15_TYPE_PRKEY) {
+ /* Add missing 'auth_id' to private objects */
+ if ((p15_obj->flags & SC_PKCS15_CO_FLAG_PRIVATE) && (p15_obj->auth_id.len == 0)) {
p15_obj->auth_id.value[0] = 0x01;
p15_obj->auth_id.len = 1;
}
-#if 0
- /* Unset flags 'private, modifiable' on public keys */
- if ((p15_obj->type & SC_PKCS15_TYPE_CLASS_MASK) == SC_PKCS15_TYPE_PUBKEY) {
- p15_obj->flags &= ~(SC_PKCS15_CO_FLAG_PRIVATE | SC_PKCS15_CO_FLAG_MODIFIABLE);
- }
- /* Unset flags 'private, modifiable' on certificates */
- if ((p15_obj->type & SC_PKCS15_TYPE_CLASS_MASK) == SC_PKCS15_TYPE_CERT) {
- p15_obj->flags &= ~(SC_PKCS15_CO_FLAG_PRIVATE | SC_PKCS15_CO_FLAG_MODIFIABLE);
- }
-#endif
p15_obj = p15_obj->next;
}
_______________________________________________
opensc-devel mailing list
[email protected]
http://www.opensc-project.org/mailman/listinfo/opensc-devel
