Regression in 1.2.2-6 with MUP certificate

[SergeiPatiakin]

Steps to reproduce

• Insert MUP smart card into reader
• Open app
• Click 'Podnesi prijavu'

Expected behavior

• PIN dialog appears, allowing you to enter PIN

Observed behavior

• PIN dialog does not appear.
• 'Podnesi prijavu' button stays disabled

Environment

• ePorezi 1.2.2-6: https://github.com/OpenSerbianEID/ePorezi/releases/download/1.2.2-6/ePorezi.zip
• MacOS 12.3
• Apple Macbook M1 Pro
• Gemalto IDBridge CT30 smart card reader
• MUP lična karta smart card

Comments

Bug not present on 1.2.2-5

[SergeiPatiakin]

In a from-source build with enhanced logging, I was able to see that the line Provider provider = new SunPKCS11(new ByteArrayInputStream(moduleData.getBytes())); throws the following error:

java.security.ProviderException: Initialization failed
    at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:377)
    at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:108)
    at com.itsinbox.smartbox.model.PKCS11Card.loadKeyStore(Unknown Source)
    at com.itsinbox.smartbox.gui.LoginFrame.loadKeyStore(Unknown Source)
    at com.itsinbox.smartbox.gui.LoginFrame.access$900(Unknown Source)
    at com.itsinbox.smartbox.gui.LoginFrame$9.run(Unknown Source)
Caused by: java.security.ProviderException: slotListIndex is 1 but token only has 1 slots
    at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:358)
    ... 5 more

[SergeiPatiakin]

Changing slotListIndex=1 to slotListIndex=0 in com/itsinbox/smartbox/model/PKCS11Card.java fixes the issue for me. I believe this is a regression introduced by @palyla in https://github.com/OpenSerbianEID/ePorezi/pull/7 . Using a single card reader with a MUP certificate is a common configuration so I believe leaving slotListIndex=1 hard-coded is unjustified.