[SmartcardServices-Changes] [111] trunk/Tokend/PKCS11/GemaltoRecord.cpp

Tue Feb 2 05:42:37 PST 2010

Revision: 111
          http://trac.macosforge.org/projects/smartcardservices/changeset/111
Author:   ludovic.rousseau at gmail.com
Date:     2010-02-02 05:42:35 -0800 (Tue, 02 Feb 2010)
Log Message:
-----------
GemaltoPrivateKeyRecord::getAcl(): add a new "PIN1" argument to
mAclEntries.add() so that the PIN is asked and the card can be used.

Thanks to Giuseppe Amato for the info

Modified Paths:
--------------
    trunk/Tokend/PKCS11/GemaltoRecord.cpp

Modified: trunk/Tokend/PKCS11/GemaltoRecord.cpp
===================================================================

--- trunk/Tokend/PKCS11/GemaltoRecord.cpp	2010-02-02 10:50:08 UTC (rev 110)
+++ trunk/Tokend/PKCS11/GemaltoRecord.cpp	2010-02-02 13:42:35 UTC (rev 111)
@@ -665,12 +665,17 @@
 			mAclEntries.allocator()),
 			AclAuthorizationSet(CSSM_ACL_AUTHORIZATION_DB_READ, 0));
 
+		char tmptag[20];
+		const uint32 slot = 1;	// hardwired for now, but...
+		snprintf(tmptag, sizeof(tmptag), "PIN%d", slot);
+
+		// Using this key to sign or decrypt will require PIN1
 		mAclEntries.add(CssmClient::AclFactory::PinSubject(
 			mAclEntries.allocator(), 1),
 			AclAuthorizationSet(
 				CSSM_ACL_AUTHORIZATION_DECRYPT,
 				CSSM_ACL_AUTHORIZATION_SIGN,
-				0));
+				0), tmptag);
 	}
 	count = mAclEntries.size();
 	acls = mAclEntries.entries();
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/smartcardservices-changes/attachments/20100202/cdc0d07f/attachment.html>
