fish

1 files changed, 34 insertions, 0 deletions

diff --git a/master/ignore-non-repudation-in-extra-yubikey-slots b/master/ignore-non-repudation-in-extra-yubikey-slots
new file mode 100644
index 0000000..021f485
--- /dev/null
+++ b/master/ignore-non-repudation-in-extra-yubikey-slots
@@ -0,0 +1,34 @@
+diff --git a/feeds/packages/utils/opensc/patches/020-ignore-non-repudiation.patch b/feeds/packages/utils/opensc/patches/020-ignore-non-repudiation.patch
+new file mode 100644
+index 0000000..e0d80e8
+--- /dev/null
++++ b/feeds/packages/utils/opensc/patches/020-ignore-non-repudiation.patch
+@@ -0,0 +1,28 @@
++--- opensc-0.20.0/src/libopensc/pkcs15-piv.c	2019-12-29 12:50:57.000000000 +0000
+++++ opensc-0.20.0/src/libopensc/pkcs15-piv.c	2021-06-07 11:19:14.138003400 +0100
++@@ -1166,10 +1166,12 @@
++ 			case SC_ALGORITHM_RSA:
++ 				if(ckis[i].cert_keyUsage_present) {
++ 					prkey_info.usage |= ckis[i].priv_usage;
+++#if 0
++ 					/* If retired key and non gov cert has NONREPUDIATION, treat as user_consent */
++ 					if (i >= 4 && (ckis[i].priv_usage & SC_PKCS15_PRKEY_USAGE_NONREPUDIATION)) {
++ 						prkey_obj.user_consent = 1;
++ 					}
+++#endif
++ 				} else {
++ 					prkey_info.usage |= prkeys[i].usage_rsa;
++ 				}
++@@ -1179,10 +1181,12 @@
++ 			case SC_ALGORITHM_EC:
++ 				if (ckis[i].cert_keyUsage_present) {
++ 					prkey_info.usage  |= ckis[i].priv_usage;
+++#if 0
++ 					/* If retired key and non gov cert has NONREPUDIATION, treat as user_consent */
++ 					if (i >= 4 && (ckis[i].priv_usage & SC_PKCS15_PRKEY_USAGE_NONREPUDIATION)) {
++ 						prkey_obj.user_consent = 1;
++ 					}
+++#endif
++ 				} else {
++ 					prkey_info.usage  |= prkeys[i].usage_ec;
++ 				}