-
Notifications
You must be signed in to change notification settings - Fork 711
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OpenPGP: fixed state tracking after erasing card #3024
Conversation
src/libopensc/card-openpgp.c
Outdated
if (((info->access & READ_MASK) != READ_NEVER) && (info->get_fn != NULL)) { | ||
pgp_blob_t *child = NULL; | ||
|
||
child = pgp_new_blob(card, priv->mf, info->id, sc_file_new()); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If the pgp_new_blob()
fails, the memory allocated by sc_file_new()
is leaked (yeah, it was in the original code too but as I noticed it, it would be good to fix it).
thanks for the review. I'll look at the suggestions, when @arrowd confirms that it actually fixes the problem |
I will not be able to test this during this week, sorry, but I will certainly check this out later. If I'm reading it right, this change would allow me to just do |
No. If this works as expected, then you will get refreshed objects right after erasing the card without the need of reconnecting. |
The problem is not only with erasing. The first post of #3018 shows a code that generates a keypair twice in a row, but it seemingly doesn't change until the reinsertion (physical or emulated with my hacks). |
please check if it works in case of erasing the card. If so, one case is fixed and you know where to poke. |
Sorry for taking this too long. The proposed change indeed improves things for both The key information isn't updated, though. |
If I understand correctly, you are NOT referring to opensc-explorer with respect to the key inforamtion, since this isn't used anywhere here. I assume that opensc-explorer works as expected. If you're talking about the card's profile which is readable via PKCS#11, we will only refresh that if modifications were executed via PKCS#11. If some concurrent process modifies the card, you need to C_Finalize and C_Initialize again to refresh the token information. Modification of the OpenPGP card via PKCS#11 is not completely implemented; in particular, erasing the card is currently not available: OpenSC/src/pkcs15init/pkcs15-openpgp.c Lines 45 to 48 in de5942f
|
It might be easy to add. OpenPGP specs V3.4.1 (also in v.2.0 ) defines two optional commands
Accept for the pin code this comes down to the TERMINATE DF and ACTIVATE FILE commands. @arrowd you could try these on your cards" |
Yes, the problem with
It now works correctly - nothing gets printed after
There are no concurrent processes in my case. I just call
Indeed, in my daemon I call
What does |
7.2.17 ACTIVATE FILE |
If you then run Modify Modify |
064af69
to
5a7139b
Compare
I fixed the memory leaks and found some other minor fix. I'd like to leave this fix as is, because I doubt that we will get more insights without debugging. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm. Do we want this in 0.25.0?
It is not essential, so we can postpone this to the next release |
fixes #3018
Checklist