Re: [opensc-devel] r4096 breaks ODF parsing

Mon, 14 Mar 2011 07:58:22 -0700 

On 14.03.2011 14:22, Pierre Ossman wrote:
> Hi everyone,
>
> We upgraded from 0.11.x to 0.12.x here and noticed a serious
> regression. The new branch has problems parsing ODFs where a type
> occurs multiple times. The code in question was introduced in r4096
> and looks like this:
>
> Index: src/libopensc/pkcs15.c
> ===================================================================
> --- src/libopensc/pkcs15.c    (revision 4095)
> +++ src/libopensc/pkcs15.c    (revision 4096)
> @@ -1347,15 +1353,21 @@
>
>   int sc_pkcs15_add_df(struct sc_pkcs15_card *p15card,
>                    unsigned int type, const sc_path_t *path,
> -                  const sc_file_t *file)
> +                  const sc_file_t *file,
> +                  int (*parse_handler)(struct sc_pkcs15_card *, unsigned))
>   {
> -     struct sc_pkcs15_df *p = p15card->df_list, *newdf;
> +     struct sc_pkcs15_df *p, *newdf;
> +     
> +     for (p = p15card->df_list; p; p = p->next)
> +             if (p->type == type)
> +                     return 0;
>
> As you see, it will now refuse to handle more than one entry of each
> type in the ODF. The PKCS#15 spec isn't explicit about multiple entries
> of the same type, but since it isn't explicitly forbidden and also
> found in the wild, I'd say this is an OpenSC bug.
You have a reason:
"There can be any number of *DFs in a PKCS #15 DF, but it is anticipated that 
in the normal case there will be at
most one. The keys themselves may reside anywhere on the card." (pkcs#15 v1.1 
ch.5.5.2/3/4/...) .


> The commit message talks about protected attributes and doesn't say
> anything about this specific change.

> One guess is that this was a check to see what was already parsed when the 
> card is later unlocked.
Exact.
I'll take care about, thank you .


> Rgds
>
>
> _______________________________________________
> opensc-devel mailing list
> opensc-devel@lists.opensc-project.org
> http://www.opensc-project.org/mailman/listinfo/opensc-devel


-- 
Viktor Tarasov  <viktor.tara...@opentrust.com>

_______________________________________________
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel

Reply via email to