Don't used cashed PINs for a UserConsent key!
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2342 c6295689-39f2-0310-b995-f0e70906c6a9
This commit is contained in:
parent
4a8c465fbb
commit
fa333542db
|
@ -1751,24 +1751,6 @@ static CK_RV pkcs15_prkey_sign(struct sc_pkcs11_session *ses, void *obj,
|
|||
sc_debug(context, "Initiating signing operation, mechanism 0x%x.\n",
|
||||
pMechanism->mechanism);
|
||||
|
||||
/* If this key requires user consent for every N operations,
|
||||
* we may have to present the PIN again and again.
|
||||
* For now, we require that either the terminal has a key pad,
|
||||
* or the user allows pin caching. We may want to add GUI
|
||||
* function pointers though.
|
||||
*/
|
||||
if (prkey->prv_p15obj->user_consent) {
|
||||
/* XXX we should really keep track how often the key
|
||||
* is used, and how often we need to ask the user for
|
||||
* her PIN.
|
||||
* For now, we just assume user_consent is 1.
|
||||
*/
|
||||
/* XXX - do we require an sc_lock here? */
|
||||
rv = revalidate_pin(data, ses);
|
||||
if (rv < 0)
|
||||
return sc_to_cryptoki_error(rv, ses->slot->card->reader);
|
||||
}
|
||||
|
||||
/* See which of the alternative keys supports signing */
|
||||
while (prkey
|
||||
&& !(prkey->prv_info->usage
|
||||
|
|
Loading…
Reference in New Issue