Le 28/04/2011 11:02, NdK a écrit :
> On 25/04/2011 11:01, Viktor TARASOV wrote:
>
>>> For what I've understood, "-a N" makes $PIN in profile be replaced by
>>> CHVN, hence IMO --insecure<=> $PIN->NONE.
>> No,
>> '-a N' means in fact '-a<ID of authentication object> .
>> The real PIN reference, the one that can be used in the PINs APDU,
>> is extracted from AODF record as PinAttributes.pinReference .
>>
>> The 'N' in the CHVN syntax is directly pin reference that corresponds to
>> PinAttributes.pinReference .
> Ok.
> Too bad it seems not to work this way, and $PIN anlways gets translated to
> CHV1 :(
$PIN, $SOPIN and others are the profile macros and correspond to the
SC_AC_SYMBOLIC authentication method.
They are resolved using the pin flags of the PIN pkcs15 objects already present
on the card.
Look into sc_pkcs15init_get_pin_reference() .
If your card contains the User PIN authentication object with the reference 1,
the $PIN is translated to CHV1.
> If I do
> $ pkcs15-init -G rsa/2048 -a 02 -l "test a2"
> the card still requires verification of CHVN1 to use the card.
'-a 02' only (to be confirmed) means that the CommonObjectAttributes.authId of
your object will be set to '02' and written to the PrKDF .
Look into you profile (which one?) -- how generation/creation of new
file/object is protected in your parent DF?
how write operation for xxDFs is protected ? ... If one of them is protected by
CHV1 ($PIN) -- you will be asked for CHV1.
> PINs are defined as:
> PIN [Card auth]
> Object Flags : [0x3], private, modifiable
> ID : 01
> Flags : [0x30], initialized, needs-padding
> Length : min_len:4, max_len:8, stored_len:8
> Pad char : 0xFF
> Reference : 1
> Type : ascii-numeric
> Path :
>
> PIN [User auth]
> Object Flags : [0x3], private, modifiable
> ID : 02
> Flags : [0x30], initialized, needs-padding
> Length : min_len:4, max_len:8, stored_len:8
> Pad char : 0xFF
> Reference : 2
> Type : ascii-numeric
> Path :
> so -a 02 should make $PIN get translated to CHV2, not to CHV1 as it
> does. Or am I wrong?
See above.
>> Personally, I'm ready to remove at all 'insecure' option -- never used it.
>> All the stuff can be defined in the card profile. But let us wait for the
>> other opinions.
> I could finally workaround non-working-as-advertised --insecure by
> patching profile and w/o touching code:
>
> option default {
> macros {
> [...]
> prkacl = CRYPTO=$PIN, UPDATE=$PIN, DELETE=$PIN,
> GENERATE=$PIN;
> }
> }
>
> option insecure {
> macros {
> prkacl = CRYPTO=NONE, UPDATE=$PIN, DELETE=$PIN, GENERATE=NONE;
> }
> }
> [...]
> EF template-private-key {
> [...]
> acl = $prkacl;
> }
>
> So now I can use
> $ pkcs15-init --profile pkcs15+default+insecure -G rsa/2048 --insecure
> -l "key usable without PIN"
>
> It's a bit ugly, but makes the user think twice before generating an
> insecure key :)
>
> I still think that --insecure should "translate" $PIN to NONE, but
> that's another story.
>
> BYtE,
> Diego.
> _______________________________________________
> opensc-devel mailing list
> [email protected]
> http://www.opensc-project.org/mailman/listinfo/opensc-devel
>
--
Viktor Tarasov <[email protected]>
_______________________________________________
opensc-devel mailing list
[email protected]
http://www.opensc-project.org/mailman/listinfo/opensc-devel
