Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

docs: add example to initialize PIN with pkcs11-tool #2983

Merged
merged 4 commits into from
Feb 13, 2024
Merged

docs: add example to initialize PIN with pkcs11-tool #2983

merged 4 commits into from
Feb 13, 2024

Conversation

frankmorgner
Copy link
Member

fixes #2867

Checklist
  • Documentation is added or updated
  • New files have a LGPL 2.1 license statement
  • PKCS#11 module is tested
  • Windows minidriver is tested
  • macOS tokend is tested

Jakuje
Jakuje reviewed Jan 15, 2024
View reviewed changes
src/tools/pkcs11-tool.c Show resolved Hide resolved
src/tools/pkcs11-tool.c Show resolved Hide resolved
@frankmorgner
Copy link
Member Author

No, this was not an accident. Note the previous check for type != NULL, which makes any value of kind type + X also non-NULL. All that could happen is that the derived value points to'\0', but strcmp will not match that to a gost parameter set and atol in the RSA/AES case will return 0 so that the subsequent check of the key_length will fail.

As written in the commit message ac77fc8, this disallows the use of default key length. This was implemented for RSA, for example, but the user had to use RSA: (note the colon at the end). As User, I would have wanted a default value only without the colon. Additionally, if the user supplies RSA:abcde, then atol also returns 0, which currently results in the default key length rather than being treated as error. That's why, I changed --key-type to not use any default values.

Jakuje
Jakuje reviewed Jan 15, 2024
View reviewed changes
src/tools/pkcs11-tool.c Show resolved Hide resolved
src/tools/pkcs11-tool.c Outdated Show resolved Hide resolved
Jakuje
Jakuje approved these changes Jan 31, 2024
View reviewed changes
src/tools/pkcs11-tool.c Outdated Show resolved Hide resolved
@frankmorgner frankmorgner added this to To do in OpenSC 0.25.0 Feb 1, 2024
@Jakuje
Copy link
Member

Jakuje commented Feb 13, 2024

Thank you!

@Jakuje Jakuje merged commit 675b336 into OpenSC:master Feb 13, 2024
43 of 44 checks passed
OpenSC 0.25.0 automation moved this from To do to Done Feb 13, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Jakuje Jakuje Jakuje approved these changes

Assignees
No one assigned
Labels
None yet
Projects
No open projects
OpenSC 0.25.0
Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Given an SO-PIN, how do you change the PIN?
2 participants
@frankmorgner @Jakuje