giomba
/
opensc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Onepin profile stopped to work after commit 10e1ad001d 

Cards formatted with one-pin profile can not be used (for modification
of the data on the card with pkcs15-init -X for example) after this
commit, which prevent the reading of 5015/4946 (containing the
profile).

The part of the code was simply commented out without comment.
Maybe it was used for testing purposes, and not removed for
the commit ?
This commit is contained in:
Jean-Pierre Szikora 2013-07-29 11:53:18 +02:00 committed by Viktor Tarasov
parent e3649fb7de
commit de4dd056bf
1 changed files with 20 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
src/pkcs15init/pkcs15-lib.c
View File

@ -114,7 +114,7 @@ static int check_key_compatibility(struct sc_pkcs15_card *,
static int prkey_fixup(struct sc_pkcs15_card *, struct sc_pkcs15_prkey *); static int prkey_fixup(struct sc_pkcs15_card *, struct sc_pkcs15_prkey *);
static int prkey_bits(struct sc_pkcs15_card *, struct sc_pkcs15_prkey *); static int prkey_bits(struct sc_pkcs15_card *, struct sc_pkcs15_prkey *);
static int prkey_pkcs15_algo(struct sc_pkcs15_card *, struct sc_pkcs15_prkey *); static int prkey_pkcs15_algo(struct sc_pkcs15_card *, struct sc_pkcs15_prkey *);
static int select_intrinsic_id(struct sc_pkcs15_card *, struct sc_profile *, static int select_intrinsic_id(struct sc_pkcs15_card *, struct sc_profile *,
int, struct sc_pkcs15_id *, void *); int, struct sc_pkcs15_id *, void *);
static int select_id(struct sc_pkcs15_card *, int, struct sc_pkcs15_id *); static int select_id(struct sc_pkcs15_card *, int, struct sc_pkcs15_id *);
static int select_object_path(struct sc_pkcs15_card *, struct sc_profile *, static int select_object_path(struct sc_pkcs15_card *, struct sc_profile *,
@ -122,8 +122,8 @@ static int select_object_path(struct sc_pkcs15_card *, struct sc_profile *,
static int sc_pkcs15init_get_pin_path(struct sc_pkcs15_card *, static int sc_pkcs15init_get_pin_path(struct sc_pkcs15_card *,
struct sc_pkcs15_id *, struct sc_path *); struct sc_pkcs15_id *, struct sc_path *);
static int sc_pkcs15init_qualify_pin(struct sc_card *, const char *, static int sc_pkcs15init_qualify_pin(struct sc_card *, const char *,
unsigned int, struct sc_pkcs15_auth_info *); unsigned int, struct sc_pkcs15_auth_info *);
static struct sc_pkcs15_df * find_df_by_type(struct sc_pkcs15_card *, static struct sc_pkcs15_df * find_df_by_type(struct sc_pkcs15_card *,
unsigned int); unsigned int);
static int sc_pkcs15init_read_info(struct sc_card *card, struct sc_profile *); static int sc_pkcs15init_read_info(struct sc_card *card, struct sc_profile *);
static int sc_pkcs15init_parse_info(struct sc_card *, const unsigned char *, size_t, static int sc_pkcs15init_parse_info(struct sc_card *, const unsigned char *, size_t,
@ -341,13 +341,13 @@ sc_pkcs15init_bind(struct sc_card *card, const char *name, const char *profile_o
profile->options[i++] = strdup(s); profile->options[i++] = strdup(s);
} }
} }
#if 0
r = sc_pkcs15init_read_info(card, profile); r = sc_pkcs15init_read_info(card, profile);
if (r < 0) { if (r < 0) {
sc_profile_free(profile); sc_profile_free(profile);
LOG_TEST_RET(ctx, r, "Read info error"); LOG_TEST_RET(ctx, r, "Read info error");
} }
#endif
/* Check the config file for a profile name. /* Check the config file for a profile name.
* If none is defined, use the default profile name. * If none is defined, use the default profile name.
*/ */
@ -545,7 +545,7 @@ sc_pkcs15init_erase_card_recursively(struct sc_pkcs15_card *p15card,
int int
sc_pkcs15init_delete_by_path(struct sc_profile *profile, struct sc_pkcs15_card *p15card, sc_pkcs15init_delete_by_path(struct sc_profile *profile, struct sc_pkcs15_card *p15card,
const struct sc_path *file_path) const struct sc_path *file_path)
{ {
struct sc_context *ctx = p15card->card->ctx; struct sc_context *ctx = p15card->card->ctx;
@ -800,7 +800,7 @@ sc_pkcs15init_add_app(struct sc_card *card, struct sc_profile *profile,
if (pin_obj) { if (pin_obj) {
/* When composing ACLs to create 'DIR' DF, /* When composing ACLs to create 'DIR' DF,
* the references of the not-yet-existing PINs can be requested. * the references of the not-yet-existing PINs can be requested.
* For this, create a 'virtual' AUTH object 'SO PIN', accessible by the card specific part, * For this, create a 'virtual' AUTH object 'SO PIN', accessible by the card specific part,
* but not yet written into the on-card PKCS#15. * but not yet written into the on-card PKCS#15.
*/ */
@ -1463,7 +1463,7 @@ sc_pkcs15init_store_public_key(struct sc_pkcs15_card *p15card,
struct sc_pkcs15_pubkey_info *key_info; struct sc_pkcs15_pubkey_info *key_info;
struct sc_pkcs15_keyinfo_gostparams *keyinfo_gostparams; struct sc_pkcs15_keyinfo_gostparams *keyinfo_gostparams;
struct sc_pkcs15_pubkey key; struct sc_pkcs15_pubkey key;
struct sc_path *path; struct sc_path *path;
const char *label; const char *label;
unsigned int keybits, type, usage; unsigned int keybits, type, usage;
int r; int r;
@ -1807,7 +1807,7 @@ sc_pkcs15init_get_pin_reference(struct sc_pkcs15_card *p15card,
} }
/* 2. No existing pkcs15 PIN object /* 2. No existing pkcs15 PIN object
* -- check if profile defines some PIN with 'reference' as PIN reference. */ * -- check if profile defines some PIN with 'reference' as PIN reference. */
r = sc_profile_get_pin_id_by_reference(profile, auth_method, reference, &auth_info); r = sc_profile_get_pin_id_by_reference(profile, auth_method, reference, &auth_info);
if (r < 0) if (r < 0)
LOG_TEST_RET(ctx, SC_ERROR_OBJECT_NOT_FOUND, "PIN template not found"); LOG_TEST_RET(ctx, SC_ERROR_OBJECT_NOT_FOUND, "PIN template not found");
@ -2113,7 +2113,7 @@ prkey_bits(struct sc_pkcs15_card *p15card, struct sc_pkcs15_prkey *key)
sc_log(ctx, "Unsupported key (keybits %u)", sc_pkcs15init_keybits(&key->u.gostr3410.d)); sc_log(ctx, "Unsupported key (keybits %u)", sc_pkcs15init_keybits(&key->u.gostr3410.d));
return SC_ERROR_OBJECT_NOT_VALID; return SC_ERROR_OBJECT_NOT_VALID;
} }
return SC_PKCS15_GOSTR3410_KEYSIZE; return SC_PKCS15_GOSTR3410_KEYSIZE;
case SC_ALGORITHM_EC: case SC_ALGORITHM_EC:
/* calculation returns one bit too small, add one bu default */ /* calculation returns one bit too small, add one bu default */
sc_log(ctx, "Private EC key length %u", sc_pkcs15init_keybits(&key->u.ec.privateD) + 1); sc_log(ctx, "Private EC key length %u", sc_pkcs15init_keybits(&key->u.ec.privateD) + 1);
@ -2208,7 +2208,7 @@ select_intrinsic_id(struct sc_pkcs15_card *p15card, struct sc_profile *profile,
else if (pubkey->algorithm == SC_ALGORITHM_GOSTR3410 && else if (pubkey->algorithm == SC_ALGORITHM_GOSTR3410 &&
!pubkey->u.gostr3410.xy.data) !pubkey->u.gostr3410.xy.data)
goto done; goto done;
else if (pubkey->algorithm == SC_ALGORITHM_EC && !pubkey->u.ec.ecpointQ.value) else if (pubkey->algorithm == SC_ALGORITHM_EC && !pubkey->u.ec.ecpointQ.value)
goto done; goto done;
/* In Mozilla 'GOST R 34.10' is not yet supported. /* In Mozilla 'GOST R 34.10' is not yet supported.
@ -2320,14 +2320,14 @@ select_id(struct sc_pkcs15_card *p15card, int type, struct sc_pkcs15_id *id)
/* /*
* Select a path for a new object * Select a path for a new object
* 1. If the object is to be protected by a PIN, use the path * 1. If the object is to be protected by a PIN, use the path
* given in the PIN auth object * given in the PIN auth object
* 2. Otherwise, use the path of the application DF * 2. Otherwise, use the path of the application DF
* 3. If the profile defines a key-dir template, the new object * 3. If the profile defines a key-dir template, the new object
* should go into a subdirectory of the selected DF: * should go into a subdirectory of the selected DF:
* Instantiate the template, using the ID of the new object * Instantiate the template, using the ID of the new object
* to uniquify the path. Inside the instantiated template, * to uniquify the path. Inside the instantiated template,
* look for a file corresponding to the type of object we * look for a file corresponding to the type of object we
* wish to create ("private-key", "public-key" etc). * wish to create ("private-key", "public-key" etc).
*/ */
static const char * static const char *
get_template_name_from_object (struct sc_pkcs15_object *obj) get_template_name_from_object (struct sc_pkcs15_object *obj)
@ -3004,8 +3004,8 @@ sc_pkcs15init_update_certificate(struct sc_pkcs15_card *p15card,
if (r < 0 && r != SC_ERROR_NOT_SUPPORTED) if (r < 0 && r != SC_ERROR_NOT_SUPPORTED)
goto done; goto done;
r = sc_create_file(p15card->card, file); r = sc_create_file(p15card->card, file);
if (r < 0) { if (r < 0) {
sc_log(ctx, "Cannot create cert file"); sc_log(ctx, "Cannot create cert file");
goto done; goto done;
} }
@ -3016,7 +3016,7 @@ sc_pkcs15init_update_certificate(struct sc_pkcs15_card *p15card,
/* FCI of selected cert file do not contains ACLs. /* FCI of selected cert file do not contains ACLs.
* For the 'UPDATE' authentication use instead sc_file * For the 'UPDATE' authentication use instead sc_file
* instantiated from card profile with default ACLs. */ * instantiated from card profile with default ACLs. */
sc_file_free(file); sc_file_free(file);
r = select_object_path(p15card, profile, obj, &tmp_path); r = select_object_path(p15card, profile, obj, &tmp_path);