Skip to content

fixed setting CKP_PUBLIC_CERTIFICATES_TOKEN #2733

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
frankmorgner merged 1 commit into from
Mar 28, 2023
Merged

fixed setting CKP_PUBLIC_CERTIFICATES_TOKEN #2733

frankmorgner merged 1 commit into from
Mar 28, 2023

Conversation

@frankmorgner
Copy link
Member

@frankmorgner frankmorgner commented Mar 17, 2023

Due to a bug in checking the object bitmask, a private data object would be considered to be a private certificate and the CKP_PUBLIC_CERTIFICATES_TOKEN would not be set to this slot.

Checklist
  • PKCS#11 module is tested

@frankmorgner
fixed setting CKP_PUBLIC_CERTIFICATES_TOKEN
13770f7 
Due to a bug in checking the object bitmask, a *private* data object
would be considered to be a private certificate and the
CKP_PUBLIC_CERTIFICATES_TOKEN would not be set to this slot.
@frankmorgner
Copy link
Member Author

frankmorgner commented Mar 17, 2023

This PR now sets the flag correctly for my token. However, this doesn't result in the friendlyness I was expecting. I am experimenting with having a soft-certificate loaded directly into firefox and having OpenSC loaded in parallel with a token inserted. When connecting to a server that requests a signature from the softkey, the smart card PIN is still requested (it's possible to abort the PIN prompt multiple times to proceed). Debugging in Firefox's workflow, it looks like this behavior is intended and is not related to CKP_PUBLIC_CERTIFICATES_TOKEN .

In #2681 it was stated, that the missing "friendlyness" was the original reason for having the onepin module. At least this should be fixed now. @metsma , could you please check whether there are still issues with multiple PINs after applying this PR? This maybe allows avoiding some of the complexity of #2681.

@frankmorgner frankmorgner merged commit c17b432 into OpenSC:master Mar 28, 2023
@frankmorgner frankmorgner mentioned this pull request Mar 28, 2023
Merged
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Jakuje Jakuje Jakuje approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@frankmorgner @Jakuje