make the sign_with_decrypt hack configureable.

git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3546 c6295689-39f2-0310-b995-f0e70906c6a9
2008-07-31 12:17:29 +00:00 · 2008-07-31 12:17:29 +00:00 · e243e7f322
parent 29d78fde39
commit e243e7f322
2 changed files with 10 additions and 0 deletions
--- a/etc/opensc.conf.in
+++ b/etc/opensc.conf.in
@ -279,6 +279,15 @@ app default {
 			# The location of the driver library
 			# module = /usr/lib/opensc/drivers/p15emu_custom.so;
 		# }
+		
+		# workaround: use rsa decrypt operation for signing
+		# some cardos cards need this, if initializes with certain
+		# versions of the siemens software
+		# we have an auto detection, but it is not 100% reliable,
+		# so you can turn it off, if it misbehaves.
+		# this option only affects cardos cards right now.
+		# Default: yes
+		# enable_sign_with_decrypt_workaround = yes;
 	}
 }

--- a/src/libopensc/pkcs15.c
+++ b/src/libopensc/pkcs15.c
@ -748,6 +748,7 @@ int sc_pkcs15_bind(sc_card_t *card,
 done:
 	/* for cardos cards initialized by Siemens: sign with decrypt */
 	if (strcmp(p15card->card->driver->short_name,"cardos") == 0
+		&& scconf_get_bool(conf_block, "enable_sign_with_decrypt_workaround", 1)
                && ( strcmp(p15card->manufacturer_id,"Siemens AG (C)") == 0
 			|| strcmp(p15card->manufacturer_id,"Prime") == 0 ))
 		p15card->flags |= SC_PKCS15_CARD_FLAG_SIGN_WITH_DECRYPT;