pkcs15init cardos: fix update keys
When creating application DF ('PKCS15-AppDF'), User PIN is not yet created, and AC type 'SC_AC_SYMBOLIC' cannot be resolved. So, in the card profile, the macro '$PIN' cannot be used to define the ACLs of the application DF. git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3967 c6295689-39f2-0310-b995-f0e70906c6a9
This commit is contained in:
parent
72d5ebb79c
commit
7f52a0267f
|
@ -35,7 +35,7 @@ filesystem {
|
|||
# Prevent unauthorized updates of basic security
|
||||
# objects via PUT DATA OCI.
|
||||
# ACL = UPDATE=NEVER;
|
||||
ACL = UPDATE=$PIN;
|
||||
ACL = UPDATE=$SOPIN;
|
||||
|
||||
# Bump the size of the EF(PrKDF) - with split
|
||||
# keys, we may need a little more room.
|
||||
|
|
|
@ -249,6 +249,7 @@ cardos_store_key(sc_profile_t *profile, sc_card_t *card,
|
|||
sc_pkcs15_prkey_t *key)
|
||||
{
|
||||
sc_pkcs15_prkey_info_t *key_info = (sc_pkcs15_prkey_info_t *) obj->data;
|
||||
struct sc_file *file = NULL;
|
||||
int algorithm = 0, r;
|
||||
|
||||
if (obj->type != SC_PKCS15_TYPE_PRKEY_RSA) {
|
||||
|
@ -262,6 +263,19 @@ cardos_store_key(sc_profile_t *profile, sc_card_t *card,
|
|||
return SC_ERROR_NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
r = sc_select_file(card, &key_info->path, &file);
|
||||
if (r) {
|
||||
sc_debug(card->ctx, "Failed to store key: cannot select parent DF");
|
||||
return r;
|
||||
}
|
||||
|
||||
r = sc_pkcs15init_authenticate(profile, card, file, SC_AC_OP_UPDATE);
|
||||
sc_file_free(file);
|
||||
if (r) {
|
||||
sc_debug(card->ctx, "Failed to store key: 'UPDATE' authentication failed");
|
||||
return r;
|
||||
}
|
||||
|
||||
r = cardos_put_key(profile, card, algorithm, key_info, &key->u.rsa);
|
||||
|
||||
return r;
|
||||
|
|
Loading…
Reference in New Issue