Hi again, Some days ago, i've sent this mail and i've got no answer. I would appreciate if anyone could test the patch attached on my previous mail [1] and apply it to OpenSC code.
Or if this patch is not correctly, I would fixed it. Thanks a lot. Best regards, [1] http://www.opensc-project.org/pipermail/opensc-devel/2006-April/008369.html -- Albert Solana Berengué [EMAIL PROTECTED] C3PO, S.L. http://www.c3po.es C/Bertran, 113 - 08023 Barcelona Tel. 93 417 99 55 - Fax. 93 253 12 80 El dv 07 de 04 del 2006 a les 14:56 +0200, en/na Albert Solana va escriure: > Hi all, > > Using the command "pkcs11-tool -O -l" to list all objects on a smart > card, I have some errors on some public key objects: > > warning: PKCS11 function C_GetAttributeValue(MODULUS_BITS) failed: rv = > CKR_ATTRIBUTE_TYPE_INVALID (0x12) > > However, I have realized that there are duplicated public keys objects, > corresponding to the same public key. This occurs because when create_tokens > is called OpenSC creates a pkcs11 object for any object listed on pkcs#15 > structure. So, on __pkcs15_create_pubkey_object call, the public keys objects > listed on pkcs15 structure are created. And, on __pkcs15_create_cert_object > call > a public key object is created for any certificate listed on pkcs15 > structure, > without checking whether a public key object with the same ID already exists. > > I think that this behaviour is reasonable if there is no public key created > for its respective certificate, but creates another object for the same > public key. > So whenever I used the above command, OpenSC shows errors retrieving info on > the > objects created from pkcs15 structure, the first ones. And the info of the > ones created > from the respective cert objects is well shown. > > I suggest a solution and I attach a patch which I've tested and solved the > problem: > > Whenever a certificate pkcs11 object is being created using > __pkcs15_create_cert_object, it creates also its public key. I think it would > be > better to check if there is already a public key object with the same ID as > the > certificate one. If it exists, a function should fill the missing information > from the certificate despite of creating a new object. > > Sorry for my heavy and long mail. > Could you check my patch and apply it on OpenSC code? > > Thanks a lot, > _______________________________________________ > opensc-devel mailing list > opensc-devel@lists.opensc-project.org > http://www.opensc-project.org/mailman/listinfo/opensc-devel _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
