[Bug 621] scard-opensc.c: more than one private key object for a certificate

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Wed Jul 23 18:29:18 EST 2003


http://bugzilla.mindrot.org/show_bug.cgi?id=621

           Summary: scard-opensc.c: more than one private key object for a
                    certificate
           Product: Portable OpenSSH
           Version: -current
          Platform: All
        OS/Version: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Smartcard
        AssignedTo: openssh-bugs at mindrot.org
        ReportedBy: larsch at trustcenter.de


There's currently a small problem in scard-opensc.c if there's more than one
private key object for a given certificate (i.e. public key). For example some
cards OSs do not support signing and decryption with one private key object
=> if you want to use the same key for signing and decryption you need
two copies of the key (one for signing and one for decryption).
Currently scard-opensc.c uses the sc_pkcs15_find_prkey_by_id function to get
the private key object (specified by the pkcs15 id) but this function returns
only the first private key object found. It would be better to use the
sc_pkcs15_find_prkey_by_id_usage function and search for a private key
with the desired capability (see attached patch).

Nils



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.




More information about the openssh-bugs mailing list