On 19/09/06, Nils Larsch <[EMAIL PROTECTED]> wrote:
Ludovic Rousseau wrote: > Hello, > > My PKCS#15 card has some DF protected by a PIN. So when > __sc_pkcs15_search_objects() try to read them the card sends a > SC_ERROR_SECURITY_STATUS_NOT_SATISFIED. > > The problem is that this happens in the C_Initialize() so very early > in the process and the PIN has no chance to be submitted at this step. > > What would be the cleanest way to solve this? > > I have a patch but it may have severe side effects. > --- libopensc/pkcs15.c (révision 3011) > +++ libopensc/pkcs15.c (copie de travail) > @@ -799,7 +803,11 @@ __sc_pkcs15_search_objects(sc_pkcs15_car > /* Enumerate the DF's, so p15card->obj_list is > * populated. */ > r = sc_pkcs15_parse_df(p15card, df); > - SC_TEST_RET(p15card->card->ctx, r, "DF parsing failed"); > + /* The DF is here but we can't read it yet */ > + if (r != SC_ERROR_SECURITY_STATUS_NOT_SATISFIED) > + SC_TEST_RET(p15card->card->ctx, r, "DF parsing failed") > + else > + sc_do_log(p15card->card->ctx, SC_LOG_TYPE_ERROR, __FILE__, > __LINE__, > __FUNCTION__, "%s: %s\n", "DF parsing failed", sc_strerror(r)); \ > df->enumerated = 1; > }hmm, shouldn't it be: if (r == SC_ERROR_SECURITY_STATUS_NOT_SATISFIED) sc_do_log(..., SC_LOG_TYPE_DEBUG, ...); else if (r < 0) { sc_do_log(..., SC_LOG_TYPE_ERROR, ...): else { /* r == SC_SUCCESS */ df->enumerated = 1; } as df->enumerated should afaik only be set if the DF has been parsed (otherwise it won't be parsed later).
I am now using your patch. The situation is not worse so I keep your suggestion. Thanks, -- Dr. Ludovic Rousseau _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
