(no subject)

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

(no subject)

Umberto Rustichelli aka Ubi
Dear all, I find myself working with an old version of engine_pkcs11 /
libp11 libraries, that served me well for years.
The issue almost certainly apply to the most recent release (NOTICE: the
libp11 dowload link on the page
https://www.opensc-project.org/opensc/wiki/libp11 is broken).

It is not uncommon to have slot ID which are quite high, for instance
761406623 with an HSM (my case).
It almost always happens when using multiple PKCS#11 drivers, that is how
I found out about the problem...

The point is that the slot ID (as numbered by the PKCS#11 drver) has
nothing to do with the index of the slots array generated by libp11, only
accidentally they match when you're using one driver only.

If you identify a key with, for instance, the name
"slot_761406623-id_1307301149164400" (reporting the slot ID), it will
miserably fail (and it is a good thing, at least it is not trying to
access the wrong slot with a bad PIN) because it finds out that  761406623
is not good. The message is "Invalid slot number: 761406623" even if the
slot ID is exactly that.

Now, I suspect that the original intention is to put the slot ID, not the
slot array index, in the string... is my observation correct?
Or did I make any mistake in my analysis of the code?

If I am right, I am likely going to work on my old version and change the
code for my purpose even if the intention was not to indicate the slot
ID...: do you have some important advice regarding my attempt?

Get your SQL database under version control now!
Version control is standard for application code, but databases havent
caught up. So what steps can you take to put your SQL databases under
version control? Why should you start doing it? Read more to find out.
Opensc-devel mailing list
[hidden email]