Re: [opensc-devel] keycache broken between pkcs11 and pkcs15 layers
On Mon, 18 Jan 2010 18:55:56 +0800, Aktiv Co. Aleksey Samsonov wrote: > Please see patch in > http://www.opensc-project.org/pipermail/opensc-devel/2009-November/012863.html > for interim measures. That's more subtle, more preferable, I saw its been partly applied in OpenSC, thank you all! ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] keycache broken between pkcs11 and pkcs15 layers
Hello, > Xiaoshuo Wu wrote: >> On Sun, 17 Jan 2010 20:36:53 +0800, Xiaoshuo Wu >> wrote: >> >>> I'd like to hear your plan for these changes so as to help me fix this. >> I recovered cache_pin() in rev 3783, renamed it add_pins_to_keycache() >> and had some adjustment. When login/change PIN/init PIN/create object >> successful, we cache the pin. I made a patch for this, please review >> it, any advices are welcome, thank you. Please see patch in http://www.opensc-project.org/pipermail/opensc-devel/2009-November/012863.html for interim measures. ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] keycache broken between pkcs11 and pkcs15 layers
Xiaoshuo Wu wrote: > On Sun, 17 Jan 2010 20:36:53 +0800, Xiaoshuo Wu > wrote: > >> I'd like to hear your plan for these changes so as to help me fix this. > I recovered cache_pin() in rev 3783, renamed it add_pins_to_keycache() > and had some adjustment. When login/change PIN/init PIN/create object > successful, we cache the pin. I made a patch for this, please review > it, any advices are welcome, thank you. Afaiu, there is the tendency to replace the existing global static pin cache system (pkcs15init/keycache.c) with the pin cache as a part of the sc_pkc15_card structure (sc_pkcs15_pincache_entry_t *pin_cache[SC_PKCS15_MAX_PINS];). Your proposal still uses the first one. As for me, the second one is more preferable. > Regards, Xiaoshuo Kind wishes, Viktor. > > > ___ > opensc-devel mailing list > opensc-devel@lists.opensc-project.org > http://www.opensc-project.org/mailman/listinfo/opensc-devel -- Viktor Tarasov ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
Re: [opensc-devel] keycache broken between pkcs11 and pkcs15 layers
On Sun, 17 Jan 2010 20:36:53 +0800, Xiaoshuo Wu wrote: I'd like to hear your plan for these changes so as to help me fix this. I recovered cache_pin() in rev 3783, renamed it add_pins_to_keycache() and had some adjustment. When login/change PIN/init PIN/create object successful, we cache the pin. I made a patch for this, please review it, any advices are welcome, thank you. Regards, Xiaoshuo keycache.diff Description: Binary data ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
[opensc-devel] keycache broken between pkcs11 and pkcs15 layers
Dear Martin: In my early post(see http://www.opensc-project.org/pipermail/opensc-user/2009-December/003511.html), I got this command failed in latest OpenSC version: pkcs11-tool -a "key.txt" -y data -w ./key.txt --private -l IMHO, it is likely because of the empty add_pins_to_keycache() implementation which connects pkcs11 and pkcs15 layers. I found this comment in svn log rev 3784: "Re-implement PIN cache on PKCS#15 layer; remove it from PKCS#11. Re-name and log PKCS#15 options to better reflect the purpose. Data objects and PKCS#15 init are left broken currently." I'd like to hear your plan for these changes so as to help me fix this. Regards, Xiaoshuo ___ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
