2010/2/23 Nick Sayer <[email protected]>:
> So the patch that I needed to apply to make it work (which is still required)
> is this:
>
> --- p11_object.c.orig 2008-05-31 09:24:52.000000000 -0700
> +++ p11_object.c 2010-02-23 09:18:42.000000000 -0800
> @@ -378,11 +378,28 @@
> }
> else
> {
> + if (pTemplate[i].type == 0x103) {
> + log_Log(LOG_LOW, "Got expected error, faking a 103
> attribute (TRUE)");
> + pTemplate[i].ulValueLen = (CK_ULONG)1;
> + if (pTemplate[i].pValue != 0) {
> + ((char*)(pTemplate[i].pValue))[0] = 1;
> + }
> + rv = CKR_OK;
> + } else if (pTemplate[i].type == 0x162) {
> + log_Log(LOG_LOW, "Got expected error, faking a 162
> attribute (FALSE)");
> + pTemplate[i].ulValueLen = (CK_ULONG)1;
> + if (pTemplate[i].pValue != 0) {
> + ((char*)(pTemplate[i].pValue))[0] = 0;
> + }
> + rv = CKR_OK;
> + } else
> + {
> pTemplate[i].ulValueLen = (CK_ULONG)-1;
> perm_rv = rv;
> rv = CKR_OK;
> }
> }
> + }
>
> if ((rv == CKR_OK) && (perm_rv != CKR_OK))
> rv = perm_rv;
Please try with the attached patch. It is a small revision of your own
patch. But with some reformatting and symbols instead of numerical
constants.
> I don't say that's the best solution to the problem, but it is necessary for
> any activities that use a private key using the Sun PKCS11 provider
> configured to use libmusclepkcs11. The better solution, no doubt, would be to
> insure that private keys actually *have* those attributes so that
> libmusclepkcs11 can find them.
>
> It's also unclear to me why jarsigner only works with -sigalg specified. Even
> if I specify md5withrsa (which is supposed to be jarsigner's default), it
> *works*, but without any sigalg argument, it fails.
I think OpenSC now has support of the musclecard applet. The
libmusclepkcs11 is not really maintained these days.
Bye
--
Dr. Ludovic Rousseau
Index: configure.in
===================================================================
--- configure.in (revision 468)
+++ configure.in (working copy)
@@ -46,12 +46,12 @@
CFLAGS="$OLD_CFLAGS"
OLD_LIBS="$LIBS"
-LDLIBS="$LDLIBS $MUSCLECARD_LIBS"
-AC_CHECK_LIB(musclecard, MSCListTokens, [],
- [AC_MSG_ERROR([MSCListTokens() not found, install libmusclecard
(included in pcsc-lite), or use LDLIBS=... ./configure])])
+#LDLIBS="$LDLIBS $MUSCLECARD_LIBS"
+#AC_CHECK_LIB(musclecard, MSCListTokens, [],
+# [AC_MSG_ERROR([MSCListTokens() not found, install libmusclecard
(included in pcsc-lite), or use LDLIBS=... ./configure])])
LIBS="$OLD_LIBS"
-PKG_CHECK_MODULES(PCSC, libpcsclite)
+#PKG_CHECK_MODULES(PCSC, libpcsclite)
dnl Checks for libraries.
AC_CHECK_LIB(crypto, d2i_X509_bio)
Index: src/p11_object.c
===================================================================
--- src/p11_object.c (revision 468)
+++ src/p11_object.c (working copy)
@@ -378,10 +378,30 @@
}
else
{
- pTemplate[i].ulValueLen = (CK_ULONG)-1;
- perm_rv = rv;
- rv = CKR_OK;
- }
+ if (pTemplate[i].type == CKA_SENSITIVE)
+ {
+ log_Log(LOG_LOW, "Got expected error,
faking a CKA_SENSITIVE attribute (TRUE)");
+ pTemplate[i].ulValueLen = (CK_ULONG)1;
+ if (pTemplate[i].pValue != NULL)
+ ((CK_BYTE
*)(pTemplate[i].pValue))[0] = 1;
+ }
+ else
+ {
+ if (pTemplate[i].type ==
CKA_EXTRACTABLE)
+ {
+ log_Log(LOG_LOW, "Got expected
error, faking a CKA_EXTRACTABLE attribute (FALSE)");
+ pTemplate[i].ulValueLen =
(CK_ULONG)1;
+ if (pTemplate[i].pValue != NULL)
+ ((CK_BYTE
*)(pTemplate[i].pValue))[0] = 0;
+ }
+ else
+ {
+ pTemplate[i].ulValueLen =
(CK_ULONG)-1;
+ perm_rv = rv;
+ }
+ }
+ rv = CKR_OK;
+ }
}
if ((rv == CKR_OK) && (perm_rv != CKR_OK))
_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle
