From 64fd479aa501d7662bdadf54233aa75db973a6f1 Mon Sep 17 00:00:00 2001 From: aj Date: Mon, 21 Jul 2008 14:35:21 +0000 Subject: [PATCH] Chaskiel Grundman: Nowhere in pkcs15init/pkcs15-cardos.c is the user pin ever requested or presented to the card. Since the update acl for the key object uses the user pin, the GENERATE KEY operation fails when it isn't logged in. git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3537 c6295689-39f2-0310-b995-f0e70906c6a9 --- src/pkcs15init/pkcs15-cardos.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/src/pkcs15init/pkcs15-cardos.c b/src/pkcs15init/pkcs15-cardos.c index aee2364f..40f61a86 100644 --- a/src/pkcs15init/pkcs15-cardos.c +++ b/src/pkcs15init/pkcs15-cardos.c @@ -308,7 +308,8 @@ cardos_generate_key(sc_profile_t *profile, sc_card_t *card, u8 abignum[256]; int algorithm, r, delete_it = 0, use_ext_rsa = 0; size_t keybits, rsa_max_size; - + int pin_id = -1; + if (obj->type != SC_PKCS15_TYPE_PRKEY_RSA) return SC_ERROR_NOT_SUPPORTED; @@ -334,6 +335,12 @@ cardos_generate_key(sc_profile_t *profile, sc_card_t *card, "for key generation."); return SC_ERROR_NOT_SUPPORTED; } + pin_id = sc_keycache_find_named_pin(&key_info->path, SC_PKCS15INIT_USER_PIN); + if (pin_id > 0) { + r = sc_pkcs15init_verify_key(profile, card, NULL, SC_AC_CHV, pin_id); + if (r < 0) + return r; + } if (use_ext_rsa == 0) temp->ef_structure = SC_FILE_EF_LINEAR_VARIABLE_TLV; else