Revision: 111 http://trac.macosforge.org/projects/smartcardservices/changeset/111 Author: ludovic.rousseau@gmail.com Date: 2010-02-02 05:42:35 -0800 (Tue, 02 Feb 2010) Log Message: ----------- GemaltoPrivateKeyRecord::getAcl(): add a new "PIN1" argument to mAclEntries.add() so that the PIN is asked and the card can be used. Thanks to Giuseppe Amato for the info Modified Paths: -------------- trunk/Tokend/PKCS11/GemaltoRecord.cpp Modified: trunk/Tokend/PKCS11/GemaltoRecord.cpp =================================================================== --- trunk/Tokend/PKCS11/GemaltoRecord.cpp 2010-02-02 10:50:08 UTC (rev 110) +++ trunk/Tokend/PKCS11/GemaltoRecord.cpp 2010-02-02 13:42:35 UTC (rev 111) @@ -665,12 +665,17 @@ mAclEntries.allocator()), AclAuthorizationSet(CSSM_ACL_AUTHORIZATION_DB_READ, 0)); + char tmptag[20]; + const uint32 slot = 1; // hardwired for now, but... + snprintf(tmptag, sizeof(tmptag), "PIN%d", slot); + + // Using this key to sign or decrypt will require PIN1 mAclEntries.add(CssmClient::AclFactory::PinSubject( mAclEntries.allocator(), 1), AclAuthorizationSet( CSSM_ACL_AUTHORIZATION_DECRYPT, CSSM_ACL_AUTHORIZATION_SIGN, - 0)); + 0), tmptag); } count = mAclEntries.size(); acls = mAclEntries.entries();