Hi Aleksey, On 08.12.2009, at 13:23, Aktiv Co. Aleksey Samsonov wrote: > I propose a patch for PKCS#11 > > Fix: return CKR_SESSION_READ_ONLY from C_InitPIN, C_SetPIN, C_CreateObject, > C_CopyObject, C_DestroyObject, C_SetAttributeValue, C_GenerateKey, > C_GenerateKeyPair, C_UnwrapKey, C_DeriveKey if session is read-only. I don't think that obvious fixes for spec conformance need any vetting period. +1 anyway.
> PKCS#11: > "C_InitPIN can only be called in the 'R/W SO Functions' state." > > "C_SetPIN can only be called in the 'R/W Public Session' state, 'R/W SO > Functions' state, or 'R/W User Functions' state. An attempt to call it from a > session in any other state fails with error CKR_SESSION_READ_ONLY." > > "Only session objects can be created/destroyed/modified > (C_CreateObject/C_DestroyObject/C_SetAttributeValue) during a read-only > session." > > But, > http://www.opensc-project.org/opensc/browser/trunk/src/pkcs11/pkcs11-session.c?rev=3862#L344 > Why does it need (#if 0)? See svn blame: r164. No further comments needed I guess. -- Martin Paljak http://martin.paljak.pri.ee +372.515.6495 _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
