Antti S. Lankila wrote:
I used pkcs11-spy against opensc-pkcs11 to investigate the series of
events that leads to the login with the non-repudiation signature. I
would like to prevent this, as the key is simply too sensitive for being
unlocked without user's explicit intention of signing a contract, and
then it will be unlocked by wholly another module (opensc-signer).
As far as I can tell, firefox calls C_GetSlotList() which returns info
for the slots available. It then iterates through the list of returned
slots, which correspond to keys on a card, calling C_GetTokenInfo() for
any tokens present, and eventually calls C_Login() for the keys in the
list. At this point, the pins have been asked, so we need to intercept
this codepath sometime before the C_Login() call.
Setec's Windows driver seems to work so that it completely hides the
nonrepudiation key from the list returned by its equivalent of
C_GetSlotList, presenting only the signing key, so I believe OpenSC
should do the same.
disagree, (at least as far as pkcs11 concerned) as this would prevent
every application from using non-rep. keys not just application which
want to use non-rep. key for authentication.
It's not the job of a pkcs11 library to decide which keys an application
should use, that's the job of the application using the pkcs11 library.
Cheers,
Nils
_______________________________________________
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel
