[pkg-opensc-commit] [engine-pkcs11] 129/152: Search for a certificate by a label

Eric Dorland eric at moszumanska.debian.org
Mon Oct 19 03:11:25 UTC 2015


This is an automated email from the git hooks/post-receive script.

eric pushed a commit to branch master
in repository engine-pkcs11.

commit 9bc538149fce5ef161d93823444897c5024438bf
Author: Petr Písař <petr.pisar at atlas.cz>
Date:   Tue Aug 20 22:34:09 2013 +0200

    Search for a certificate by a label
    
    Previously, it was not possible to load a certificate by a label because it
    always searched by undefined ID value. This has been fixed to behave in the
    same way as searching for a key.
---
 src/engine_pkcs11.c | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/src/engine_pkcs11.c b/src/engine_pkcs11.c
index 6e05c7b..dfb500a 100644
--- a/src/engine_pkcs11.c
+++ b/src/engine_pkcs11.c
@@ -694,13 +694,19 @@ static X509 *pkcs11_load_cert(ENGINE * e, const char *s_slot_cert_id)
 		fprintf(stderr, "Found %u cert%s:\n", cert_count,
 			(cert_count <= 1) ? "" : "s");
 	}
-	if ((s_slot_cert_id && *s_slot_cert_id) && (cert_id_len != 0)) {
+	if ((s_slot_cert_id && *s_slot_cert_id) && (cert_id_len != 0 || cert_label != NULL)) {
 		for (n = 0; n < cert_count; n++) {
 			PKCS11_CERT *k = certs + n;
 
-			if (cert_id_len != 0 && k->id_len == cert_id_len &&
-			    memcmp(k->id, cert_id, cert_id_len) == 0) {
-				selected_cert = k;
+			if (cert_label == NULL) {
+				if (cert_id_len != 0 && k->id_len == cert_id_len &&
+				    memcmp(k->id, cert_id, cert_id_len) == 0) {
+				    selected_cert = k;
+				}
+			} else {
+				if (strcmp(k->label, cert_label) == 0) {
+				    selected_cert = k;
+				}
 			}
 		}
 	} else {

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-opensc/engine-pkcs11.git



More information about the pkg-opensc-commit mailing list