[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: heimdal 0.8-rc3
Minor problem with smart card.
ks_p11.c aborts at line 31, with "CKA_MODULES missing"
The comment after says: "the exponent should always be present...
Well in my case the modules may also be is also missing, as
the PIV card does not expose the exponent and modulus with the
private key, they can only be obtained from the certificate,
and there is no matching certificate on the card for that key.
Removing the if and abort lines, so the modules and exponent
can both be missing, allows it to work as the auth cert
--- ,ks_p11.c Mon Dec 11 12:42:42 2006
+++ ks_p11.c Tue Jan 9 13:02:38 2007
@@ -626,8 +626,8 @@
_hx509_abort("out of memory");
rsa->n = getattr_bn(p, slot, session, object, CKA_MODULUS);
- if (rsa->n == NULL)
- _hx509_abort("CKA_MODULUS missing");
+// if (rsa->n == NULL)
+// _hx509_abort("CKA_MODULUS missing");
* The exponent should always be present according to the pkcs11
* specification, but some smartcards leaves it out, let ignore
Love Hörnquist Åstrand wrote:
> I've just created a heimdal 0.8-rc3 snapshot.
> Basicly what needs to happen before release is fixing (text) error message
> for GSS-API mech-glue layer and testing on more platforms.
> Testing is mostly automated and very simple to set up, please read
> here if you want to contribute.
Douglas E. Engert <DEEngert@anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439