- On-board generation of non-repudiation keys did not work
- Minor cleanup git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1531 c6295689-39f2-0310-b995-f0e70906c6a9
This commit is contained in:
parent
574d6f38ee
commit
81e6d67204
|
@ -71,11 +71,10 @@ static int etoken_extract_pubkey(sc_card_t *, int,
|
||||||
* SO PIN = 0x01, SO PUK = 0x02
|
* SO PIN = 0x01, SO PUK = 0x02
|
||||||
* each user pin is 2*N+1, each corresponding PUK is 2*N+2
|
* each user pin is 2*N+1, each corresponding PUK is 2*N+2
|
||||||
*/
|
*/
|
||||||
#define ETOKEN_PIN_ID(idx) (((idx) << 1) + 0x01)
|
#define ETOKEN_PIN_ID_MIN 1
|
||||||
#define ETOKEN_PUK_ID(idx) (((idx) << 1) + 0x02)
|
#define ETOKEN_PIN_ID_MAX 15
|
||||||
#define ETOKEN_MAX_PINS 0x10
|
#define ETOKEN_KEY_ID_MIN 16
|
||||||
#define ETOKEN_KEY_ID(idx) (0x40 + (idx))
|
#define ETOKEN_KEY_ID_MAX 31
|
||||||
#define ETOKEN_SE_ID(idx) (0x40 + (idx))
|
|
||||||
#define ETOKEN_AC_NEVER 0xFF
|
#define ETOKEN_AC_NEVER 0xFF
|
||||||
|
|
||||||
#define ETOKEN_ALGO_RSA 0x08
|
#define ETOKEN_ALGO_RSA 0x08
|
||||||
|
@ -165,7 +164,7 @@ etoken_select_pin_reference(sc_profile_t *profile, sc_card_t *card,
|
||||||
int preferred, current;
|
int preferred, current;
|
||||||
|
|
||||||
if ((current = pin_info->reference) < 0)
|
if ((current = pin_info->reference) < 0)
|
||||||
current = 1;
|
current = ETOKEN_PIN_ID_MIN;
|
||||||
|
|
||||||
if (pin_info->flags & SC_PKCS15_PIN_FLAG_SO_PIN) {
|
if (pin_info->flags & SC_PKCS15_PIN_FLAG_SO_PIN) {
|
||||||
preferred = 1;
|
preferred = 1;
|
||||||
|
@ -178,7 +177,7 @@ etoken_select_pin_reference(sc_profile_t *profile, sc_card_t *card,
|
||||||
return SC_ERROR_TOO_MANY_OBJECTS;
|
return SC_ERROR_TOO_MANY_OBJECTS;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (current > preferred)
|
if (current > preferred || preferred > ETOKEN_PIN_ID_MAX)
|
||||||
return SC_ERROR_TOO_MANY_OBJECTS;
|
return SC_ERROR_TOO_MANY_OBJECTS;
|
||||||
pin_info->reference = preferred;
|
pin_info->reference = preferred;
|
||||||
return 0;
|
return 0;
|
||||||
|
@ -232,7 +231,9 @@ etoken_select_key_reference(sc_profile_t *profile, sc_card_t *card,
|
||||||
{
|
{
|
||||||
struct sc_file *df = profile->df_info->file;
|
struct sc_file *df = profile->df_info->file;
|
||||||
|
|
||||||
if (key_info->key_reference > 255)
|
if (key_info->key_reference < ETOKEN_KEY_ID_MIN)
|
||||||
|
key_info->key_reference = ETOKEN_KEY_ID_MIN;
|
||||||
|
if (key_info->key_reference > ETOKEN_KEY_ID_MAX)
|
||||||
return SC_ERROR_TOO_MANY_OBJECTS;
|
return SC_ERROR_TOO_MANY_OBJECTS;
|
||||||
|
|
||||||
key_info->path = df->path;
|
key_info->path = df->path;
|
||||||
|
@ -491,7 +492,8 @@ etoken_create_sec_env(struct sc_profile *profile, struct sc_card *card,
|
||||||
* Note that CardOS/M4 does not support keys that can be used
|
* Note that CardOS/M4 does not support keys that can be used
|
||||||
* for signing _and_ decipherment
|
* for signing _and_ decipherment
|
||||||
*/
|
*/
|
||||||
#define USAGE_ANY_SIGN (SC_PKCS15_PRKEY_USAGE_SIGN)
|
#define USAGE_ANY_SIGN (SC_PKCS15_PRKEY_USAGE_SIGN|\
|
||||||
|
SC_PKCS15_PRKEY_USAGE_NONREPUDIATION)
|
||||||
#define USAGE_ANY_DECIPHER (SC_PKCS15_PRKEY_USAGE_DECRYPT|\
|
#define USAGE_ANY_DECIPHER (SC_PKCS15_PRKEY_USAGE_DECRYPT|\
|
||||||
SC_PKCS15_PRKEY_USAGE_UNWRAP)
|
SC_PKCS15_PRKEY_USAGE_UNWRAP)
|
||||||
|
|
||||||
|
@ -502,13 +504,13 @@ etoken_key_algorithm(unsigned int usage, int *algop)
|
||||||
|
|
||||||
if (usage & USAGE_ANY_SIGN) {
|
if (usage & USAGE_ANY_SIGN) {
|
||||||
*algop = ETOKEN_SIGN_RSA;
|
*algop = ETOKEN_SIGN_RSA;
|
||||||
sign++;
|
sign = 1;
|
||||||
}
|
}
|
||||||
if (usage & USAGE_ANY_DECIPHER) {
|
if (usage & USAGE_ANY_DECIPHER) {
|
||||||
*algop = ETOKEN_DECIPHER_RSA;
|
*algop = ETOKEN_DECIPHER_RSA;
|
||||||
decipher++;
|
decipher = 1;
|
||||||
}
|
}
|
||||||
return (sign && decipher)? -1 : 0;
|
return (sign == decipher)? -1 : 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
|
Loading…
Reference in New Issue