Bug 621 - scard-opensc.c: more than one private key object for a certificate
Summary: scard-opensc.c: more than one private key object for a certificate
Status: CLOSED FIXED
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: Smartcard (show other bugs)
Version: -current
Hardware: All Linux
: P2 normal
Assignee: OpenSSH Bugzilla mailing list
URL:
Keywords:
Depends on:
Blocks: 627
  Show dependency treegraph
 
Reported: 2003-07-23 18:29 AEST by Nils Larsch
Modified: 2004-04-14 12:24 AEST (History)
0 users

See Also:

Attachments
suggested patch (2.18 KB, patch)
2003-07-23 18:30 AEST, Nils Larsch 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Nils Larsch 2003-07-23 18:29:17 AEST 
There's currently a small problem in scard-opensc.c if there's more than one
private key object for a given certificate (i.e. public key). For example some
cards OSs do not support signing and decryption with one private key object
=> if you want to use the same key for signing and decryption you need
two copies of the key (one for signing and one for decryption).
Currently scard-opensc.c uses the sc_pkcs15_find_prkey_by_id function to get
the private key object (specified by the pkcs15 id) but this function returns
only the first private key object found. It would be better to use the
sc_pkcs15_find_prkey_by_id_usage function and search for a private key
with the desired capability (see attached patch).

Nils
Comment 1 Nils Larsch 2003-07-23 18:30:33 AEST 
Created attachment 360 [details]
suggested patch
Comment 2 Damien Miller 2003-08-25 10:58:46 AEST 
Applied, thanks.
Comment 3 Damien Miller 2004-04-14 12:24:19 AEST 
Mass change of RESOLVED bugs to CLOSED