When trying to import a too large keyfile as a data object, TrueCrypt received a CKR_GENERAL_ERROR before this.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3926 c6295689-39f2-0310-b995-f0e70906c6a9
at the profile level the difference between EF and BSO is:
- BSO path is always the path of the host DF and do not indexated when template is instanciated;
- EF path is always ending with file-id that is always indexated when template is instanciated.
New non-static 'sc_profile_get_file_instance' procedure to instanciate non-template entries.
In profile.c get_uint() accepts hexadecimals.
In CardOS profile (I venture to) increase the xDF sizes
and change ACL to permit the key re-importing.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3919 c6295689-39f2-0310-b995-f0e70906c6a9
;use macros SC_CALLED, SC_RETURN and SC_TEST_RET;
;change debug level in debug macros;
For a new pkcs15 object of a given type the file index is chosen as a first value in the range from 'file-id' to 'max-id',
excluding the values that are already assigned to the file indexes of the existing pkcs15 objects of the same type.
'file-id' is defined in the template ('key-domain') of the card profile ;
'max-id' is 'file-id' + hard coded value 0xFE .
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3916 c6295689-39f2-0310-b995-f0e70906c6a9
One of the three unblock methods can be activated from the 'opensc-pkcs11' section of opensc.conf:
- C_SetPin() in the unlogged sesssion;
- C_SetPin() in the CKU_SPECIFIC_CONTEXT session;
- C_InitPin() in CKU_SO session (inspired by Pierre Ossman).
-- This last one works, for a while, only for the pkcs15 cards without SOPIN auth object.
For the pkcs15 cards with SOPIN, this method will be useful for the cards
that do not have then modes '00' and '01' of ISO command 'RESET RETRY COUNTER'.
Test commands:
# pkcs11-tool --module ./opensc-pkcs11.so --slot 0 --unlock-pin --puk "123456" --new-pin "9999"
# pkcs11-tool --module ./opensc-pkcs11.so --slot 0 --unlock-pin -l --login-type context-specific --puk "123456" --new-pin "9999"
# pkcs11-tool --module ./opensc-pkcs11.so --slot 0 --init-pin -l --new-pin "9999"
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3901 c6295689-39f2-0310-b995-f0e70906c6a9
Splitted key is stored as the two private keys with the same ID.
(It's not conform to PKCS#15, but tolerated by OpenSC.)
Previously used 'sc_pkcs15_find_prkey_by_id()' is not appropriated to the case of splitted key.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3900 c6295689-39f2-0310-b995-f0e70906c6a9
PKCS#11:
"To log into a token with a protected authentication path, the pPin parameter to C_Login should be NULL_PTR."
"To initialize the normal user?s PIN on a token with such a protected authentication path, the pPin parameter to C_InitPIN should be NULL_PTR."
"To modify the current user?s PIN on a token with such a protected authentication path, the pOldPin and pNewPin parameters to C_SetPIN should be NULL_PTR."
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3890 c6295689-39f2-0310-b995-f0e70906c6a9
C_CreateObject, C_CopyObject, C_DestroyObject, C_SetAttributeValue,
C_GenerateKey, C_GenerateKeyPair, C_UnwrapKey, C_DeriveKey if session is
read-only.
PKCS#11:
"C_InitPIN can only be called in the 'R/W SO Functions' state."
"C_SetPIN can only be called in the 'R/W Public Session' state, 'R/W SO
Functions' state, or 'R/W User Functions' state. An attempt to call it
from a session in any other state fails with error CKR_SESSION_READ_ONLY."
"Only session objects can be created/destroyed/modified
(C_CreateObject/C_DestroyObject/C_SetAttributeValue) during a read-only
session."
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3886 c6295689-39f2-0310-b995-f0e70906c6a9
a minor mistake in my patch for opensc_info(). For the Sun Studio 12.1
compiler (__SUNPRO_C == 0x5100) and later versions also, it must be
(__SUNPRO_C >> 4) & 0xFF to split the micro and mask the major version
number.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3881 c6295689-39f2-0310-b995-f0e70906c6a9
martin
s
viktor.tarasov
aj