diff options
Diffstat (limited to 'master/ignore-non-repudation-in-extra-yubikey-slots')
-rw-r--r-- | master/ignore-non-repudation-in-extra-yubikey-slots | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/master/ignore-non-repudation-in-extra-yubikey-slots b/master/ignore-non-repudation-in-extra-yubikey-slots new file mode 100644 index 0000000..021f485 --- /dev/null +++ b/master/ignore-non-repudation-in-extra-yubikey-slots @@ -0,0 +1,34 @@ +diff --git a/feeds/packages/utils/opensc/patches/020-ignore-non-repudiation.patch b/feeds/packages/utils/opensc/patches/020-ignore-non-repudiation.patch +new file mode 100644 +index 0000000..e0d80e8 +--- /dev/null ++++ b/feeds/packages/utils/opensc/patches/020-ignore-non-repudiation.patch +@@ -0,0 +1,28 @@ ++--- opensc-0.20.0/src/libopensc/pkcs15-piv.c 2019-12-29 12:50:57.000000000 +0000 +++++ opensc-0.20.0/src/libopensc/pkcs15-piv.c 2021-06-07 11:19:14.138003400 +0100 ++@@ -1166,10 +1166,12 @@ ++ case SC_ALGORITHM_RSA: ++ if(ckis[i].cert_keyUsage_present) { ++ prkey_info.usage |= ckis[i].priv_usage; +++#if 0 ++ /* If retired key and non gov cert has NONREPUDIATION, treat as user_consent */ ++ if (i >= 4 && (ckis[i].priv_usage & SC_PKCS15_PRKEY_USAGE_NONREPUDIATION)) { ++ prkey_obj.user_consent = 1; ++ } +++#endif ++ } else { ++ prkey_info.usage |= prkeys[i].usage_rsa; ++ } ++@@ -1179,10 +1181,12 @@ ++ case SC_ALGORITHM_EC: ++ if (ckis[i].cert_keyUsage_present) { ++ prkey_info.usage |= ckis[i].priv_usage; +++#if 0 ++ /* If retired key and non gov cert has NONREPUDIATION, treat as user_consent */ ++ if (i >= 4 && (ckis[i].priv_usage & SC_PKCS15_PRKEY_USAGE_NONREPUDIATION)) { ++ prkey_obj.user_consent = 1; ++ } +++#endif ++ } else { ++ prkey_info.usage |= prkeys[i].usage_ec; ++ } |