engine_pkcs11 doesn't forward PIN

[ahasenack@…]

$ echo mypin | openssl rsautl -engine pkcs11 -in key.crypt -inkey 45 -keyform engine -decrypt -passin fd:0 reader-pcsc.c:495:pcsc_connect: SCardControl failed: Invalid parameter given. engine "pkcs11" set. PKCS#11 token PIN:

The pkcs11 engine isn't taking the PIN from openssl. Seems the cb_data structure is ignored and the engine asks for the PIN again.

I hope the patch below (which is not a proposed fix) helps to illustrate the issue:

--- engine_pkcs11.c.orig 2005-12-06 19:17:59.000000000 -0200 +++ engine_pkcs11.c 2005-12-06 19:18:02.000000000 -0200 @@ -101,6 +101,15 @@

static char *get_pin(UI_METHOD * ui_method, void *callback_data, char *sc_pin, int maxlen) {

UI *ui;

+ struct { + const void *password; + const char *prompt_info; + } *mycb = callback_data; + + if (mycb->password) { + sc_pin = set_pin(mycb->password); + return sc_pin; + }

ui = UI_new(); if (ui_method != NULL)

[ahasenack@…]

better upload the illustrating patch

[ahasenack@…]

Maybe this time it works...

--- engine_pkcs11.c.orig        2005-12-06 19:17:59.000000000 -0200
+++ engine_pkcs11.c     2005-12-06 19:18:02.000000000 -0200
@@ -101,6 +101,15 @@
 static char *get_pin(UI_METHOD * ui_method, void *callback_data, char *sc_pin, int maxlen)
 {
        UI *ui;
+       struct {
+               const void *password;
+               const char *prompt_info;
+       } *mycb = callback_data;
+
+       if (mycb->password) {
+               sc_pin = set_pin(mycb->password);
+               return sc_pin;
+       }

        ui = UI_new();
        if (ui_method != NULL)

[aj]

applied to trunk.