[pkg-opensc-commit] [opensc] 56/295: sc-hsm: cache certificates
Eric Dorland
eric at moszumanska.debian.org
Sat Jun 24 21:11:15 UTC 2017
This is an automated email from the git hooks/post-receive script.
eric pushed a commit to branch master
in repository opensc.
commit ff335fe87f5aea007fbbff2bfddfc0c74bbf2a70
Author: Frank Morgner <frankmorgner at gmail.com>
Date: Tue Jun 21 13:22:10 2016 +0200
sc-hsm: cache certificates
---
src/libopensc/pkcs15-sc-hsm.c | 11 ++++++++++-
1 file changed, 10 insertions(+), 1 deletion(-)
diff --git a/src/libopensc/pkcs15-sc-hsm.c b/src/libopensc/pkcs15-sc-hsm.c
index aaf7d13..ad6516f 100644
--- a/src/libopensc/pkcs15-sc-hsm.c
+++ b/src/libopensc/pkcs15-sc-hsm.c
@@ -581,7 +581,8 @@ static int sc_pkcs15emu_sc_hsm_add_prkd(sc_pkcs15_card_t * p15card, u8 keyid) {
struct sc_pkcs15_object prkd;
sc_pkcs15_prkey_info_t *key_info;
u8 fid[2];
- u8 efbin[512];
+ /* enough to hold a complete certificate */
+ u8 efbin[4096];
u8 *ptr;
size_t len;
int r;
@@ -647,6 +648,14 @@ static int sc_pkcs15emu_sc_hsm_add_prkd(sc_pkcs15_card_t * p15card, u8 keyid) {
cert_info.id = key_info->id;
sc_path_set(&cert_info.path, SC_PATH_TYPE_FILE_ID, fid, 2, 0, 0);
cert_info.path.count = -1;
+ if (p15card->opts.use_file_cache) {
+ /* look this up with our AID, which should already be cached from the
+ * call to `read_file`. This may have the side effect that OpenSC's
+ * caching layer re-selects our applet *if the cached file cannot be
+ * found/used* and we may loose the authentication status. We assume
+ * that caching works perfectly without this side effect. */
+ cert_info.path.aid = sc_hsm_aid;
+ }
strlcpy(cert_obj.label, prkd.label, sizeof(cert_obj.label));
r = sc_pkcs15emu_add_x509_cert(p15card, &cert_obj, &cert_info);
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-opensc/opensc.git
More information about the pkg-opensc-commit
mailing list