[opensc-devel] Support for the non-PIN authentication objects
Hello,
I would like to introduce the placeholder for the non-PIN authentication
objects.
So that there will be possibility to develop the support of the 'biometric',
'authKey' authentication types.
The general idea is to replace the 'sc_pkcs15_pin_info' structure by the more
general data type
where the actual pin-info would be as a sub-type.
The total patch is rather trivial but huge,
so here in attachment there is only the difference between existing and
proposed data types.
On the same occasion I propose to remove the 'magic' member.
If no objections, I will commit it after release.
Kind wishes,
Viktor.
Index: src/libopensc/pkcs15.h
===
--- src/libopensc/pkcs15.h (révision 5446)
+++ src/libopensc/pkcs15.h (copie de travail)
@@ -73,21 +73,32 @@
#define SC_PKCS15_PIN_AUTH_TYPE_AUTH_KEY 1
#define SC_PKCS15_PIN_AUTH_TYPE_SM_KEY 2
-struct sc_pkcs15_pin_info {
- struct sc_pkcs15_id auth_id;
- int reference;
- unsigned int flags, type;
- unsigned int auth_method;
- size_t min_length, stored_length, max_length;
- u8 pad_char;
- struct sc_path path;
- int tries_left;
- int max_tries;
+struct sc_pkcs15_pin_attributes {
+ unsigned int flags, type;
+ size_t min_length, stored_length, max_length;
+ int reference;
+ u8 pad_char;
+ };
+struct sc_pkcs15_authkey_attributes {
+ int derived;
+ struct sc_pkcs15_id skey_id;
+ };
+struct sc_pkcs15_biometric_attributes {
+ };
+struct sc_pkcs15_auth_info {
+ struct sc_pkcs15_id auth_id;
+ struct sc_path path;
+ unsigned auth_type;
+ union {
+ struct sc_pkcs15_pin_attributes pin;
+ struct sc_pkcs15_biometric_attributes bio;
+ struct sc_pkcs15_authkey_attributes authkey;
+ } attrs;
+ unsigned int auth_method;
+ int tries_left, max_tries;
+ };
+typedef struct sc_pkcs15_auth_info sc_pkcs15_auth_info_t;
- unsigned int magic;
-};
-typedef struct sc_pkcs15_pin_info sc_pkcs15_pin_info_t;
-
#define SC_PKCS15_ALGO_OP_COMPUTE_CHECKSUM 0x01
#define SC_PKCS15_ALGO_OP_COMPUTE_SIGNATURE0x02
#define SC_PKCS15_ALGO_OP_VERIFY_CHECKSUM 0x04
@@ -753,7 +764,7 @@
void sc_pkcs15_free_pubkey_info(sc_pkcs15_pubkey_info_t *key);
void sc_pkcs15_free_cert_info(sc_pkcs15_cert_info_t *cert);
void sc_pkcs15_free_data_info(sc_pkcs15_data_info_t *data);
-void sc_pkcs15_free_pin_info(sc_pkcs15_pin_info_t *pin);
+void sc_pkcs15_free_auth_info(sc_pkcs15_auth_info_t *auth_info);
void sc_pkcs15_free_object(sc_pkcs15_object_t *obj);
/* File content wrapping */
@@ -846,7 +857,7 @@
const sc_pkcs15_object_t *, const void *);
/* some wrapper functions for sc_pkcs15emu_object_add */
int sc_pkcs15emu_add_pin_obj(sc_pkcs15_card_t *,
- const sc_pkcs15_object_t *, const sc_pkcs15_pin_info_t *);
+ const sc_pkcs15_object_t *, const sc_pkcs15_auth_info_t *);
int sc_pkcs15emu_add_rsa_prkey(sc_pkcs15_card_t *,
const sc_pkcs15_object_t *, const sc_pkcs15_prkey_info_t *);
int sc_pkcs15emu_add_rsa_pubkey(sc_pkcs15_card_t *,
___
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] [opensc-commits] svn opensc changed[5447] pkcs11-tool: move --module to the first position in help text and make it mandatory.
This will break many of people's usages.
Until now it was assumed that if --module is not specified the opensc
provider is loaded.
And as pkcs11-tool is part of opensc, I know many who did not specify this.
I know that something was broken recently with finding the default
module, however, do you really want to change existing behavior?
On Tue, May 17, 2011 at 4:27 PM, webmas...@opensc-project.org wrote:
Revision: 5447
Author: martin
Date: 2011-05-17 13:27:09 + (Tue, 17 May 2011)
Log Message:
---
pkcs11-tool: move --module to the first position in help text and make it
mandatory.
Modified Paths:
--
trunk/src/tools/pkcs11-tool.c
Modified: trunk/src/tools/pkcs11-tool.c
===
--- trunk/src/tools/pkcs11-tool.c 2011-05-16 08:32:07 UTC (rev 5446)
+++ trunk/src/tools/pkcs11-tool.c 2011-05-17 13:27:09 UTC (rev 5447)
@@ -76,6 +76,7 @@
};
static const struct option options[] = {
+ { module, 1, NULL, OPT_MODULE },
{ show-info, 0, NULL, 'I' },
{ list-slots, 0, NULL, 'L' },
{ list-token-slots, 0, NULL, 'T' },
@@ -113,7 +114,6 @@
{ attr-from, 1, NULL, OPT_ATTR_FROM },
{ input-file, 1, NULL, 'i' },
{ output-file, 1, NULL, 'o' },
- { module, 1, NULL, OPT_MODULE },
{ test, 0, NULL, 't' },
{ test-hotplug, 0, NULL, OPT_TEST_HOTPLUG },
@@ -125,6 +125,7 @@
};
static const char *option_help[] = {
+ Specify the module to load (mandatory),
Show global token information,
List available slots,
List slots with tokens,
@@ -162,7 +163,6 @@
Use arg to create some attributes when writing an object,
Specify the input file,
Specify the output file,
- Specify the module to load,
Test (best used with the --login or --pin option),
Test hotplug capabilities (C_GetSlotList + C_WaitForSlotEvent),
@@ -544,6 +544,10 @@
util_print_usage_and_die(app_name, options,
option_help);
}
}
+
+ if (opt_module == NULL)
+ util_print_usage_and_die(app_name, options, option_help);
+
if (action_count == 0)
util_print_usage_and_die(app_name, options, option_help);
___
opensc-commits mailing list
opensc-comm...@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-commits
___
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel
