Hello.

From your log I see that the user PIN is marked as unblocking PIN:

PIN [PIN]
        Com. Flags: 0x3
        ID        : 01
        Flags     : [0x51], case-sensitive, initialized, unblockingPin
        Length    : min_len:6, max_len:16, stored_len:16
        Pad char  : 0x00
        Reference : 0
        Type      : ascii-numeric
        Path      : 5000
        Tries left: 10

OpenSC 0.12.0 ignores unblocking PIN-s [2] as slot authentication objects.

The TCOS driver marks the user PIN as unblocking PIN [3], which I believe is 
incorrect (only PUK should have the unblocking code flag set)

Attachment: tcos-unblockpin.patch
Description: Binary data

The attached patch should fix this. Peter, please add your comment.


On Sep 13, 2010, at 2:34 PM, Johannes Becker wrote:
> now I detected another flaw in  0.12.0: 
> After some idle time the browser seems to forget completely about the chip 
> card.
> If you request an encrypted web page, a ssl handshake error is displayed.
Please send the debug log. The PC/SC reader handling shall improve before final 
release, there are two outstanding bugs in it.


[1] http://www.uni-giessen.de/~g013/opensc/report-bug.txt
[2] 
http://www.opensc-project.org/opensc/browser/trunk/src/pkcs11/framework-pkcs15.c#L919
[3] 
http://www.opensc-project.org/opensc/browser/trunk/src/libopensc/pkcs15-tcos.c?rev=4250#L305
-- 
Martin Paljak
@martinpaljak.net
+3725156495

_______________________________________________
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel

Reply via email to