Re: [opensc-devel] --insecure ?

Thu, 28 Apr 2011 02:02:26 -0700 

On 25/04/2011 11:01, Viktor TARASOV wrote:

>> For what I've understood, "-a N" makes $PIN in profile be replaced by
>> CHVN, hence IMO --insecure<=>  $PIN->NONE.
> No,
> '-a N' means in fact '-a <ID of authentication object> .
> The real PIN reference, the one that can be used in the PINs APDU,
> is extracted from AODF record as PinAttributes.pinReference .
> 
> The 'N' in the CHVN syntax is directly pin reference that corresponds to 
> PinAttributes.pinReference .
Ok.
Too bad it seems not to work this way, and $PIN anlways gets translated
to CHV1 :(
If I do
$ pkcs15-init -G rsa/2048 -a 02 -l "test a2"
the card still requires verification of CHVN1 to use the card.
PINs are defined as:
PIN [Card auth]
        Object Flags   : [0x3], private, modifiable
        ID             : 01
        Flags          : [0x30], initialized, needs-padding
        Length         : min_len:4, max_len:8, stored_len:8
        Pad char       : 0xFF
        Reference      : 1
        Type           : ascii-numeric
        Path           :

PIN [User auth]
        Object Flags   : [0x3], private, modifiable
        ID             : 02
        Flags          : [0x30], initialized, needs-padding
        Length         : min_len:4, max_len:8, stored_len:8
        Pad char       : 0xFF
        Reference      : 2
        Type           : ascii-numeric
        Path           :
so -a 02 should make $PIN get translated to CHV2, not to CHV1 as it
does. Or am I wrong?

> Personally, I'm ready to remove at all 'insecure' option -- never used it.
> All the stuff can be defined in the card profile. But let us wait for the 
> other opinions.
I could finally workaround non-working-as-advertised --insecure by
patching profile and w/o touching code:

 option default {
    macros {
[...]
       prkacl          = CRYPTO=$PIN, UPDATE=$PIN, DELETE=$PIN,
GENERATE=$PIN;
    }
 }

 option insecure {
     macros {
        prkacl = CRYPTO=NONE, UPDATE=$PIN, DELETE=$PIN, GENERATE=NONE;
     }
 }
[...]
 EF template-private-key {
[...]
               acl       = $prkacl;
 }

So now I can use
$ pkcs15-init --profile pkcs15+default+insecure -G rsa/2048 --insecure
-l "key usable without PIN"

It's a bit ugly, but makes the user think twice before generating an
insecure key :)

I still think that --insecure should "translate" $PIN to NONE, but
that's another story.

BYtE,
 Diego.
_______________________________________________
opensc-devel mailing list
[email protected]
http://www.opensc-project.org/mailman/listinfo/opensc-devel

Reply via email to