Skip to content

Commit

Permalink
Only append PIN name to token label if necessary
Browse files Browse the repository at this point in the history
There is no need to append PIN name to token label, if the
token has only one PIN object (occupies only one virtual slot).
  • Loading branch information
Your Name committed Feb 5, 2024
1 parent 79f2ced commit 98f2e69
Show file tree
Hide file tree
Showing 2 changed files with 31 additions and 1 deletion.
29 changes: 28 additions & 1 deletion src/pkcs11/framework-pkcs15.c
Original file line number Diff line number Diff line change
Expand Up @@ -1110,6 +1110,18 @@ pkcs15_add_object(struct sc_pkcs11_slot *slot, struct pkcs15_any_object *obj,
}


static int get_num_slots(struct sc_card *card)
{
size_t i;
for (i=0; i<list_size(&virtual_slots); i++) {
sc_pkcs11_slot_t *slot = (sc_pkcs11_slot_t *) list_get_at(&virtual_slots, i);
if (slot && slot->p11card && slot->p11card->card == card)
return slot->p11card->num_slots;
}
return 0;
}


static void
pkcs15_init_slot(struct sc_pkcs15_card *p15card, struct sc_pkcs11_slot *slot,
struct sc_pkcs15_object *auth, struct sc_app_info *app_info)
Expand Down Expand Up @@ -1160,7 +1172,7 @@ pkcs15_init_slot(struct sc_pkcs15_card *p15card, struct sc_pkcs11_slot *slot,
size_t pin_len = 0;
if (auth->label[0] && strncmp(auth->label, "PIN", 4) != 0)
pin_len = strlen(auth->label);
if (pin_len) {
if (pin_len && get_num_slots(p15card->card) > 1) {
size_t tokeninfo_len = 0;
if (p15card->tokeninfo && p15card->tokeninfo->label)
tokeninfo_len = strlen(p15card->tokeninfo->label);
Expand Down Expand Up @@ -1625,6 +1637,10 @@ pkcs15_create_tokens(struct sc_pkcs11_card *p11card, struct sc_app_info *app_inf
}
sc_log(context, "create slots flags 0x%X", cs_flags);

if (p11card) {
p11card->num_slots = 0;
}

/* Find out framework data corresponding to the given application */
fw_data = get_fw_data(p11card, app_info, &idx);
if (!fw_data) {
Expand Down Expand Up @@ -1681,6 +1697,13 @@ pkcs15_create_tokens(struct sc_pkcs11_card *p11card, struct sc_app_info *app_inf
auth_count = rc;
sc_log(context, "Found %d authentication objects", auth_count);

for (i = 0; i < auth_count; i++) {
struct sc_pkcs15_auth_info *pin_info = (struct sc_pkcs15_auth_info*)auths[i]->data;
if (!_is_slot_auth_object(pin_info))
continue;
p11card->num_slots++;
}

for (i = 0; i < auth_count; i++) {
struct sc_pkcs15_auth_info *pin_info = (struct sc_pkcs15_auth_info*)auths[i]->data;
struct sc_pkcs11_slot *islot = NULL;
Expand All @@ -1704,6 +1727,10 @@ pkcs15_create_tokens(struct sc_pkcs11_card *p11card, struct sc_app_info *app_inf
}
}
else {
if (auth_user_pin && (cs_flags & SC_PKCS11_SLOT_FOR_PIN_USER))
p11card->num_slots++;
if (auth_sign_pin && (cs_flags & SC_PKCS11_SLOT_FOR_PIN_SIGN))
p11card->num_slots++;
sc_log(context, "User/Sign PINs %p/%p", auth_user_pin, auth_sign_pin);
if (auth_user_pin && (cs_flags & SC_PKCS11_SLOT_FOR_PIN_USER)) {
/* For the UserPIN of the first slot create slot */
Expand Down
3 changes: 3 additions & 0 deletions src/pkcs11/sc-pkcs11.h
Original file line number Diff line number Diff line change
Expand Up @@ -201,6 +201,9 @@ struct sc_pkcs11_card {
/* List of supported mechanisms */
struct sc_pkcs11_mechanism_type **mechanisms;
unsigned int nmechanisms;

/* Number of virtual slots the card occupies */
int num_slots;
};

/* If the slot did already show with `C_GetSlotList`, then we need to keep this
Expand Down

0 comments on commit 98f2e69

Please sign in to comment.