2013-02-07 03:04:33 +01:00
|
|
|
---
|
2013-07-18 09:25:53 +02:00
|
|
|
src/cms_common.c | 12 ++++++++++--
|
2013-02-07 03:04:33 +01:00
|
|
|
src/cms_common.h | 1 +
|
|
|
|
src/pesign.c | 1 +
|
2013-07-18 09:25:53 +02:00
|
|
|
3 files changed, 12 insertions(+), 2 deletions(-)
|
2013-02-07 03:04:33 +01:00
|
|
|
|
2019-05-13 09:18:23 +02:00
|
|
|
Index: pesign-113/src/cms_common.c
|
2015-12-01 10:03:35 +01:00
|
|
|
===================================================================
|
2019-05-13 09:18:23 +02:00
|
|
|
--- pesign-113.orig/src/cms_common.c
|
|
|
|
+++ pesign-113/src/cms_common.c
|
|
|
|
@@ -282,6 +282,7 @@ struct cbdata {
|
2013-02-07 03:04:33 +01:00
|
|
|
CERTCertificate *cert;
|
|
|
|
PK11SlotListElement *psle;
|
|
|
|
secuPWData *pwdata;
|
|
|
|
+ int privkey_unneeded;
|
|
|
|
};
|
|
|
|
|
|
|
|
static SECStatus
|
2019-05-13 09:18:23 +02:00
|
|
|
@@ -293,6 +294,12 @@ is_valid_cert(CERTCertificate *cert, voi
|
2013-07-16 08:43:52 +02:00
|
|
|
void *pwdata = cbdata->pwdata;
|
2013-02-07 03:04:33 +01:00
|
|
|
|
|
|
|
SECKEYPrivateKey *privkey = NULL;
|
2013-07-16 08:43:52 +02:00
|
|
|
+
|
2013-02-07 03:04:33 +01:00
|
|
|
+ if (cbdata->privkey_unneeded) {
|
|
|
|
+ cbdata->cert = cert;
|
|
|
|
+ return SECSuccess;
|
|
|
|
+ }
|
|
|
|
+
|
|
|
|
privkey = PK11_FindPrivateKeyFromCert(slot, cert, pwdata);
|
|
|
|
if (privkey != NULL) {
|
|
|
|
cbdata->cert = cert;
|
2019-05-13 09:18:23 +02:00
|
|
|
@@ -423,7 +430,7 @@ find_certificate(cms_context *cms, int n
|
2013-07-16 08:43:52 +02:00
|
|
|
}
|
2013-02-07 03:04:33 +01:00
|
|
|
|
|
|
|
SECStatus status;
|
|
|
|
- if (PK11_NeedLogin(psle->slot) && !PK11_IsLoggedIn(psle->slot, pwdata)) {
|
|
|
|
+ if (!cms->privkey_unneeded && PK11_NeedLogin(psle->slot) && !PK11_IsLoggedIn(psle->slot, pwdata)) {
|
|
|
|
status = PK11_Authenticate(psle->slot, PR_TRUE, pwdata);
|
|
|
|
if (status != SECSuccess) {
|
2013-07-16 08:43:52 +02:00
|
|
|
PK11_DestroySlotListElement(slots, &psle);
|
2019-05-13 09:18:23 +02:00
|
|
|
@@ -452,6 +459,7 @@ find_certificate(cms_context *cms, int n
|
2013-02-07 03:04:33 +01:00
|
|
|
.cert = NULL,
|
|
|
|
.psle = psle,
|
|
|
|
.pwdata = pwdata,
|
|
|
|
+ .privkey_unneeded = cms->privkey_unneeded,
|
|
|
|
};
|
|
|
|
|
2013-07-16 08:43:52 +02:00
|
|
|
if (needs_private_key) {
|
2019-05-13 09:18:23 +02:00
|
|
|
@@ -572,7 +580,7 @@ find_named_certificate(cms_context *cms,
|
2013-07-18 09:25:53 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
SECStatus status;
|
|
|
|
- if (PK11_NeedLogin(psle->slot) && !PK11_IsLoggedIn(psle->slot, pwdata)) {
|
|
|
|
+ if (!cms->privkey_unneeded && PK11_NeedLogin(psle->slot) && !PK11_IsLoggedIn(psle->slot, pwdata)) {
|
|
|
|
status = PK11_Authenticate(psle->slot, PR_TRUE, pwdata);
|
|
|
|
if (status != SECSuccess) {
|
|
|
|
PK11_DestroySlotListElement(slots, &psle);
|
2019-05-13 09:18:23 +02:00
|
|
|
Index: pesign-113/src/cms_common.h
|
2015-12-01 10:03:35 +01:00
|
|
|
===================================================================
|
2019-05-13 09:18:23 +02:00
|
|
|
--- pesign-113.orig/src/cms_common.h
|
|
|
|
+++ pesign-113/src/cms_common.h
|
|
|
|
@@ -62,6 +62,7 @@ typedef int (*cms_common_logger)(struct
|
2013-02-07 03:04:33 +01:00
|
|
|
typedef struct cms_context {
|
|
|
|
PRArenaPool *arena;
|
|
|
|
void *privkey;
|
|
|
|
+ int privkey_unneeded;
|
|
|
|
|
|
|
|
char *tokenname;
|
|
|
|
char *certname;
|
2019-05-13 09:18:23 +02:00
|
|
|
Index: pesign-113/src/file_pe.c
|
2015-12-01 10:03:35 +01:00
|
|
|
===================================================================
|
2019-05-13 09:18:23 +02:00
|
|
|
--- pesign-113.orig/src/file_pe.c
|
|
|
|
+++ pesign-113/src/file_pe.c
|
|
|
|
@@ -354,6 +354,7 @@ pe_handle_action(pesign_context *ctxp, i
|
2013-02-07 03:04:33 +01:00
|
|
|
*/
|
|
|
|
case IMPORT_RAW_SIGNATURE|IMPORT_SATTRS:
|
|
|
|
check_inputs(ctxp);
|
|
|
|
+ ctxp->cms_ctx->privkey_unneeded = 1;
|
2013-07-16 08:43:52 +02:00
|
|
|
rc = find_certificate(ctxp->cms_ctx, 0);
|
2013-02-07 03:04:33 +01:00
|
|
|
if (rc < 0) {
|
|
|
|
fprintf(stderr, "pesign: Could not find "
|