pkcs15init cardos: fix update keys
When creating application DF ('PKCS15-AppDF'), User PIN is not yet created, and AC type 'SC_AC_SYMBOLIC' cannot be resolved. So, in the card profile, the macro '$PIN' cannot be used to define the ACLs of the application DF. git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3967 c6295689-39f2-0310-b995-f0e70906c6a9
This commit is contained in:
parent
72d5ebb79c
commit
7f52a0267f
|
@ -35,7 +35,7 @@ filesystem {
|
||||||
# Prevent unauthorized updates of basic security
|
# Prevent unauthorized updates of basic security
|
||||||
# objects via PUT DATA OCI.
|
# objects via PUT DATA OCI.
|
||||||
# ACL = UPDATE=NEVER;
|
# ACL = UPDATE=NEVER;
|
||||||
ACL = UPDATE=$PIN;
|
ACL = UPDATE=$SOPIN;
|
||||||
|
|
||||||
# Bump the size of the EF(PrKDF) - with split
|
# Bump the size of the EF(PrKDF) - with split
|
||||||
# keys, we may need a little more room.
|
# keys, we may need a little more room.
|
||||||
|
|
|
@ -249,6 +249,7 @@ cardos_store_key(sc_profile_t *profile, sc_card_t *card,
|
||||||
sc_pkcs15_prkey_t *key)
|
sc_pkcs15_prkey_t *key)
|
||||||
{
|
{
|
||||||
sc_pkcs15_prkey_info_t *key_info = (sc_pkcs15_prkey_info_t *) obj->data;
|
sc_pkcs15_prkey_info_t *key_info = (sc_pkcs15_prkey_info_t *) obj->data;
|
||||||
|
struct sc_file *file = NULL;
|
||||||
int algorithm = 0, r;
|
int algorithm = 0, r;
|
||||||
|
|
||||||
if (obj->type != SC_PKCS15_TYPE_PRKEY_RSA) {
|
if (obj->type != SC_PKCS15_TYPE_PRKEY_RSA) {
|
||||||
|
@ -262,6 +263,19 @@ cardos_store_key(sc_profile_t *profile, sc_card_t *card,
|
||||||
return SC_ERROR_NOT_SUPPORTED;
|
return SC_ERROR_NOT_SUPPORTED;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
r = sc_select_file(card, &key_info->path, &file);
|
||||||
|
if (r) {
|
||||||
|
sc_debug(card->ctx, "Failed to store key: cannot select parent DF");
|
||||||
|
return r;
|
||||||
|
}
|
||||||
|
|
||||||
|
r = sc_pkcs15init_authenticate(profile, card, file, SC_AC_OP_UPDATE);
|
||||||
|
sc_file_free(file);
|
||||||
|
if (r) {
|
||||||
|
sc_debug(card->ctx, "Failed to store key: 'UPDATE' authentication failed");
|
||||||
|
return r;
|
||||||
|
}
|
||||||
|
|
||||||
r = cardos_put_key(profile, card, algorithm, key_info, &key->u.rsa);
|
r = cardos_put_key(profile, card, algorithm, key_info, &key->u.rsa);
|
||||||
|
|
||||||
return r;
|
return r;
|
||||||
|
|
Loading…
Reference in New Issue