Douglas E. Engert:

The IdAlly CSP calls C_FindObjectsInit looking for CK_PRIVATE_KEY before
C_Login with a pin. If it does not find any, it fails. The pkcs15-piv.c in
0.11.3 and 0.11.3-pre3 set the pubkey and prvkey objects as private. 
This patch removes the SC_PKCS15_CO_FLAG_PRIVATE so IdAlly will work with the
PIV cards.


git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3221 c6295689-39f2-0310-b995-f0e70906c6a9

src/libopensc/pkcs15-piv.c

@@ -176,16 +176,16 @@ const objdata objects[] = {
 			 	SC_PKCS15_PRKEY_USAGE_WRAP |
 				SC_PKCS15_PRKEY_USAGE_VERIFY |
 				SC_PKCS15_PRKEY_USAGE_VERIFYRECOVER,
-			"9A06", 0x9A, "1", 0, SC_PKCS15_CO_FLAG_PRIVATE},
+			"9A06", 0x9A, "1", 0, 0},
 		{ "2", "SIGN pubkey", 0000, 
 				SC_PKCS15_PRKEY_USAGE_ENCRYPT |
 				SC_PKCS15_PRKEY_USAGE_VERIFY |
 				SC_PKCS15_PRKEY_USAGE_VERIFYRECOVER |
 				SC_PKCS15_PRKEY_USAGE_NONREPUDIATION,
-			"9C06", 0x9C, "1", 0, SC_PKCS15_CO_FLAG_PRIVATE},
+			"9C06", 0x9C, "1", 0, 0},
 		{ "3", "KEY MAN pubkey", 0000, 
 				SC_PKCS15_PRKEY_USAGE_WRAP,
-			"9D06", 0x9D, "1", 0, SC_PKCS15_CO_FLAG_PRIVATE},
+			"9D06", 0x9D, "1", 0, 0},
 		{ "4", "CARD AUTH pubkey", 0000, 
 				SC_PKCS15_PRKEY_USAGE_VERIFY |
 				SC_PKCS15_PRKEY_USAGE_VERIFYRECOVER, 
@@ -200,16 +200,16 @@ const objdata objects[] = {
 				SC_PKCS15_PRKEY_USAGE_UNWRAP |
 				SC_PKCS15_PRKEY_USAGE_SIGN |
 				SC_PKCS15_PRKEY_USAGE_SIGNRECOVER,
-			"", 0x9A, "1", SC_PKCS15_CO_FLAG_PRIVATE},
+			"", 0x9A, "1", 0},
 		{ "2", "SIGN key", 0000, 
 				SC_PKCS15_PRKEY_USAGE_DECRYPT |
 				SC_PKCS15_PRKEY_USAGE_SIGN |
 				SC_PKCS15_PRKEY_USAGE_SIGNRECOVER |
 				SC_PKCS15_PRKEY_USAGE_NONREPUDIATION,
-			"", 0x9C, "1", SC_PKCS15_CO_FLAG_PRIVATE},
+			"", 0x9C, "1", 0},
 		{ "3", "KEY MAN key", 0000, 
 				SC_PKCS15_PRKEY_USAGE_UNWRAP,
-			"", 0x9D, "1", SC_PKCS15_CO_FLAG_PRIVATE},
+			"", 0x9D, "1", 0},
 		{ "4", "CARD AUTH key", 0000, 
 				SC_PKCS15_PRKEY_USAGE_SIGN |
 				SC_PKCS15_PRKEY_USAGE_SIGNRECOVER,