On Fri, 2011-02-04 at 23:31 +0100, Juan Antonio Martinez wrote: > About visibility of certificates and keys patch, notice that > DNIe requires the user to enter pin for just read (neither > signature nor authentication) user certificates. It's not > standard, I know, but seems to be a very common issue in > some cards
I didn't know that, but it's addressed in the attached patch.
Index: src/libopensc/pkcs15-dnie.c =================================================================== --- src/libopensc/pkcs15-dnie.c (revision 223) +++ src/libopensc/pkcs15-dnie.c (working copy) @@ -195,22 +195,12 @@ /* Perform required fixes */ p15_obj = p15card->obj_list; while (p15_obj != NULL) { - /* Add 'auth_id' to private keys */ - if ((p15_obj->type & SC_PKCS15_TYPE_CLASS_MASK) == SC_PKCS15_TYPE_PRKEY) { + /* Add missing 'auth_id' to private objects */ + if ((p15_obj->flags & SC_PKCS15_CO_FLAG_PRIVATE) && (p15_obj->auth_id.len == 0)) { p15_obj->auth_id.value[0] = 0x01; p15_obj->auth_id.len = 1; } -#if 0 - /* Unset flags 'private, modifiable' on public keys */ - if ((p15_obj->type & SC_PKCS15_TYPE_CLASS_MASK) == SC_PKCS15_TYPE_PUBKEY) { - p15_obj->flags &= ~(SC_PKCS15_CO_FLAG_PRIVATE | SC_PKCS15_CO_FLAG_MODIFIABLE); - } - /* Unset flags 'private, modifiable' on certificates */ - if ((p15_obj->type & SC_PKCS15_TYPE_CLASS_MASK) == SC_PKCS15_TYPE_CERT) { - p15_obj->flags &= ~(SC_PKCS15_CO_FLAG_PRIVATE | SC_PKCS15_CO_FLAG_MODIFIABLE); - } -#endif p15_obj = p15_obj->next; }
_______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel