From d9d381c4cbd6c8dafac4ef7344c33ea5b49090f4 Mon Sep 17 00:00:00 2001 From: Raul Metsma Date: Thu, 1 Jun 2023 08:23:50 +0300 Subject: [PATCH] Do not trigger update when token has multiple similar certificates (#1185) IB-7572 Signed-off-by: Raul Metsma --- client/QSigner.cpp | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/client/QSigner.cpp b/client/QSigner.cpp index 463f31222..d3b7e9e0e 100644 --- a/client/QSigner.cpp +++ b/client/QSigner.cpp @@ -61,7 +61,7 @@ class QSigner::Private final ECDSA_SIG* QSigner::Private::ecdsa_do_sign(const unsigned char *dgst, int dgst_len, const BIGNUM * /*inv*/, const BIGNUM * /*rp*/, EC_KEY *eckey) { - QCryptoBackend *backend = (QCryptoBackend*)EC_KEY_get_ex_data(eckey, 0); + auto *backend = (QCryptoBackend*)EC_KEY_get_ex_data(eckey, 0); QByteArray result = backend->sign(QCryptographicHash::Sha512, QByteArray::fromRawData((const char*)dgst, dgst_len)); if(result.isEmpty()) return nullptr; @@ -299,7 +299,7 @@ void QSigner::run() { if(QCardLock::instance().readTryLock()) { - QPKCS11 *pkcs11 = qobject_cast(d->backend); + auto *pkcs11 = qobject_cast(d->backend); if(pkcs11 && !pkcs11->reload()) { Q_EMIT error(tr("Failed to load PKCS#11 module")); @@ -321,9 +321,9 @@ void QSigner::run() SslCertificate c(t.cert()); if(c.keyUsage().contains(SslCertificate::KeyEncipherment) || c.keyUsage().contains(SslCertificate::KeyAgreement)) - acards << t; + acards.append(t); if(c.keyUsage().contains(SslCertificate::NonRepudiation)) - scards << t; + scards.append(t); } // check if selected card is still in slot @@ -370,7 +370,9 @@ void QSigner::selectCard(const TokenData &token) Q_EMIT authDataChanged(d->auth = token); for(const TokenData &other: cache()) { - if(other == token || other.card() != token.card()) + if(other == token || + other.card() != token.card() || + isSign == SslCertificate(other.cert()).keyUsage().contains(SslCertificate::NonRepudiation)) continue; if(isSign) // Select other cert if they are on same card Q_EMIT authDataChanged(d->auth = other);