Hey!
In the following scenario, libp11 produces undesired results:
PC/SC lite is running with 1 USB smartcard reader and 1 pseudo-reader
for use with Aladdin eTokens:
0: AKS ifdh 0 0
1: REINER SCT CyberJack pp_a 0 0
Physically attached to the system are 1 CardOS 4.3B smartcard and 1
Aladdin eToken. When trying to sign something using the smartcard (and
its vendor-supplied PKCS#11 library) in slot 1, using openssl and
engine_pkcs11, the engine makes a call to PKCS11_enumerate_slots,
which causes pkcs11_check_token to be called on every non-empty slot.
This call fails on slot 0 because the smartcard PKCS#11 library
returns CKR_TOKEN_NOT_RECOGNIZED for the eToken, which in turn causes
the enumeration to fail as a whole, causing the signing operation to
fail too.
This interoperability problem is of course undesired, but I am unsure
how to best approach this problem in the context of libp11. I have
attached my very unsophisticated workaround, which treats slots that
contain an unrecognized token in the same way as slots that do not
contain a token at all. This appears to solve my problem.
regards,
Daniel
--- libp11-0.2.2/src/p11_slot.c 2006-04-18 15:09:04.000000000 +0200
+++ libp11-0.2.2-with-enum-fix/src/p11_slot.c 2006-10-30
13:26:10.000000000 +0100
@@ -350,7 +350,7 @@
token = slot->token;
rv = CRYPTOKI_call(ctx, C_GetTokenInfo(priv->id, &info));
- if (rv == CKR_TOKEN_NOT_PRESENT) {
+ if (rv == CKR_TOKEN_NOT_PRESENT || rv == CKR_TOKEN_NOT_RECOGNIZED) {
OPENSSL_free(token);
slot->token = NULL;
return 0;
_______________________________________________
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel
