63 lines
2.2 KiB
Diff
63 lines
2.2 KiB
Diff
From fe198e8b3837aa4c960e75d0e2a41020ad4dc9f9 Mon Sep 17 00:00:00 2001
|
|
From: Jakub Jelen <jjelen@redhat.com>
|
|
Date: Fri, 24 Sep 2021 13:33:26 +0200
|
|
Subject: [PATCH 1/9] pkcs11: Unbreak detection of unenrolled cards
|
|
|
|
This was broken since 58b03b68, which tried to sanitize some states,
|
|
but caused C_GetTokenInfo returning CKR_TOKEN_NOT_RECOGNIZED instead
|
|
of empty token information.
|
|
|
|
Note, that this has effect only if the configuration options
|
|
enable_default_driver and pkcs11_enable_InitToken are turned on.
|
|
Otherwise it still returns CKR_TOKEN_NOT_RECOGNIZED.
|
|
---
|
|
src/pkcs11/framework-pkcs15.c | 17 +++++++++--------
|
|
1 file changed, 9 insertions(+), 8 deletions(-)
|
|
|
|
diff --git a/src/pkcs11/framework-pkcs15.c b/src/pkcs11/framework-pkcs15.c
|
|
index 74fe7b3c49..4205e41739 100644
|
|
--- a/src/pkcs11/framework-pkcs15.c
|
|
+++ b/src/pkcs11/framework-pkcs15.c
|
|
@@ -544,9 +544,7 @@ CK_RV C_GetTokenInfo(CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo)
|
|
{
|
|
struct sc_pkcs11_slot *slot;
|
|
struct pkcs15_fw_data *fw_data = NULL;
|
|
- struct sc_pkcs15_card *p15card = NULL;
|
|
struct sc_pkcs15_object *auth;
|
|
- struct sc_pkcs15_auth_info *pin_info;
|
|
CK_RV rv;
|
|
|
|
sc_log(context, "C_GetTokenInfo(%lx)", slotID);
|
|
@@ -578,12 +576,6 @@ CK_RV C_GetTokenInfo(CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo)
|
|
rv = sc_to_cryptoki_error(SC_ERROR_INTERNAL, "C_GetTokenInfo");
|
|
goto out;
|
|
}
|
|
- p15card = fw_data->p15_card;
|
|
- if (!p15card) {
|
|
- rv = sc_to_cryptoki_error(SC_ERROR_INVALID_CARD, "C_GetTokenInfo");
|
|
- goto out;
|
|
- }
|
|
-
|
|
/* User PIN flags are cleared before re-calculation */
|
|
slot->token_info.flags &= ~(CKF_USER_PIN_COUNT_LOW|CKF_USER_PIN_FINAL_TRY|CKF_USER_PIN_LOCKED);
|
|
auth = slot_data_auth(slot->fw_data);
|
|
@@ -591,8 +583,17 @@ CK_RV C_GetTokenInfo(CK_SLOT_ID slotID, CK_TOKEN_INFO_PTR pInfo)
|
|
"C_GetTokenInfo() auth. object %p, token-info flags 0x%lX", auth,
|
|
slot->token_info.flags);
|
|
if (auth) {
|
|
+ struct sc_pkcs15_card *p15card = NULL;
|
|
+ struct sc_pkcs15_auth_info *pin_info = NULL;
|
|
+
|
|
pin_info = (struct sc_pkcs15_auth_info*) auth->data;
|
|
|
|
+ p15card = fw_data->p15_card;
|
|
+ if (!p15card) {
|
|
+ rv = sc_to_cryptoki_error(SC_ERROR_INVALID_CARD, "C_GetTokenInfo");
|
|
+ goto out;
|
|
+ }
|
|
+
|
|
sc_pkcs15_get_pin_info(p15card, auth);
|
|
|
|
if (pin_info->tries_left >= 0) {
|
|
|