Don't used cashed PINs for a UserConsent key!
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@2342 c6295689-39f2-0310-b995-f0e70906c6a9
This commit is contained in:
parent
4a8c465fbb
commit
fa333542db
|
@ -1751,24 +1751,6 @@ static CK_RV pkcs15_prkey_sign(struct sc_pkcs11_session *ses, void *obj,
|
||||||
sc_debug(context, "Initiating signing operation, mechanism 0x%x.\n",
|
sc_debug(context, "Initiating signing operation, mechanism 0x%x.\n",
|
||||||
pMechanism->mechanism);
|
pMechanism->mechanism);
|
||||||
|
|
||||||
/* If this key requires user consent for every N operations,
|
|
||||||
* we may have to present the PIN again and again.
|
|
||||||
* For now, we require that either the terminal has a key pad,
|
|
||||||
* or the user allows pin caching. We may want to add GUI
|
|
||||||
* function pointers though.
|
|
||||||
*/
|
|
||||||
if (prkey->prv_p15obj->user_consent) {
|
|
||||||
/* XXX we should really keep track how often the key
|
|
||||||
* is used, and how often we need to ask the user for
|
|
||||||
* her PIN.
|
|
||||||
* For now, we just assume user_consent is 1.
|
|
||||||
*/
|
|
||||||
/* XXX - do we require an sc_lock here? */
|
|
||||||
rv = revalidate_pin(data, ses);
|
|
||||||
if (rv < 0)
|
|
||||||
return sc_to_cryptoki_error(rv, ses->slot->card->reader);
|
|
||||||
}
|
|
||||||
|
|
||||||
/* See which of the alternative keys supports signing */
|
/* See which of the alternative keys supports signing */
|
||||||
while (prkey
|
while (prkey
|
||||||
&& !(prkey->prv_info->usage
|
&& !(prkey->prv_info->usage
|
||||||
|
|
Loading…
Reference in New Issue