Bug#746694: marked as done (opensc: Support for Feitian ePass2003)

Sat, 05 Jul 2014 14:39:42 -0700 

Your message dated Sat, 05 Jul 2014 21:37:50 +0000
with message-id <[email protected]>
and subject line Bug#746694: fixed in opensc 0.14.0-1
has caused the Debian Bug report #746694,
regarding opensc: Support for Feitian ePass2003
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
746694: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=746694
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: opensc
Version: 0.13.0-3
Severity: normal
Tags: patch
User: [email protected]
Usertags: origin-ubuntu utopic ubuntu-patch



*** /tmp/tmprA8Vep/bug_body

In Ubuntu, the attached patch was applied to achieve the following:

  * debian/patches/0002-fix-epass2003-support-from-upstream.patch:
    Add upstream fixes for ePass2003 token. Cherry-picking commits
    - 4c1cafe epass2003: key generation allows stricter privkey/pubkey ACLs
    - b1a4775 epass2003: properly disable padding
    - 83dc469 epass2003: list_files implemented
    - ee48ea1 Fix to allow exponents other than 65537 for Feitian ePass 2003
    (LP: #1176305)


Thanks for considering the patch.


-- System Information:
Debian Release: jessie/sid
  APT prefers trusty-updates
  APT policy: (500, 'trusty-updates'), (500, 'trusty-security'), (500, 
'trusty-proposed'), (500, 'trusty'), (100, 'trusty-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.13.0-24-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

diff -Nru opensc-0.13.0/debian/changelog opensc-0.13.0/debian/changelog
diff -Nru opensc-0.13.0/debian/patches/0002-fix-epass2003-support-from-upstream.patch opensc-0.13.0/debian/patches/0002-fix-epass2003-support-from-upstream.patch
--- opensc-0.13.0/debian/patches/0002-fix-epass2003-support-from-upstream.patch	1969-12-31 19:00:00.000000000 -0500
+++ opensc-0.13.0/debian/patches/0002-fix-epass2003-support-from-upstream.patch	2014-05-02 11:45:54.000000000 -0400
@@ -0,0 +1,120 @@
+## Description: add some description
+## Origin/Author: add some origin or author
+## Bug: bug URL
+Index: opensc-0.13.0/src/libopensc/card-epass2003.c
+===================================================================
+--- opensc-0.13.0.orig/src/libopensc/card-epass2003.c	2012-12-04 15:43:40.000000000 +0100
++++ opensc-0.13.0/src/libopensc/card-epass2003.c	2014-03-03 21:38:17.620039138 +0100
+@@ -117,8 +117,8 @@
+ 
+ 	memcpy(iv_tmp, iv, EVP_MAX_IV_LENGTH);
+ 	EVP_CIPHER_CTX_init(&ctx);
+-	EVP_CIPHER_CTX_set_padding(&ctx, 0);
+ 	EVP_EncryptInit_ex(&ctx, cipher, NULL, key, iv_tmp);
++	EVP_CIPHER_CTX_set_padding(&ctx, 0);
+ 
+ 	if (!EVP_EncryptUpdate(&ctx, output, &outl, input, length))
+ 		goto out;
+@@ -146,8 +146,8 @@
+ 
+ 	memcpy(iv_tmp, iv, EVP_MAX_IV_LENGTH);
+ 	EVP_CIPHER_CTX_init(&ctx);
+-	EVP_CIPHER_CTX_set_padding(&ctx, 0);
+ 	EVP_DecryptInit_ex(&ctx, cipher, NULL, key, iv_tmp);
++	EVP_CIPHER_CTX_set_padding(&ctx, 0);
+ 
+ 	if (!EVP_DecryptUpdate(&ctx, output, &outl, input, length))
+ 		goto out;
+@@ -1003,10 +1003,10 @@
+ 
+ 	flags = SC_ALGORITHM_ONBOARD_KEY_GEN | SC_ALGORITHM_RSA_RAW | SC_ALGORITHM_RSA_HASH_NONE;
+ 
+-	_sc_card_add_rsa_alg(card, 512, flags, 0x10001);
+-	_sc_card_add_rsa_alg(card, 768, flags, 0x10001);
+-	_sc_card_add_rsa_alg(card, 1024, flags, 0x10001);
+-	_sc_card_add_rsa_alg(card, 2048, flags, 0x10001);
++	_sc_card_add_rsa_alg(card, 512, flags, 0);
++	_sc_card_add_rsa_alg(card, 768, flags, 0);
++	_sc_card_add_rsa_alg(card, 1024, flags, 0);
++	_sc_card_add_rsa_alg(card, 2048, flags, 0);
+ 
+ 	card->caps = SC_CARD_CAP_RNG | SC_CARD_CAP_APDU_EXT;
+ 
+@@ -1858,7 +1858,6 @@
+ 	LOG_FUNC_RETURN(card->ctx, r);
+ }
+ 
+-#if 0
+ static int
+ epass2003_list_files(struct sc_card *card, unsigned char *buf, size_t buflen)
+ {
+@@ -1867,9 +1866,9 @@
+ 	int r;
+ 
+ 	SC_FUNC_CALLED(card->ctx, SC_LOG_DEBUG_VERBOSE);
+-	sc_format_apdu(card, &apdu, SC_APDU_CASE_2_SHORT, 0x34, 0x00, 0x00);
++	sc_format_apdu(card, &apdu, SC_APDU_CASE_1, 0x34, 0x00, 0x00);
+ 	apdu.cla = 0x80;
+-	apdu.le = 0x40;
++	apdu.le = 0;
+ 	apdu.resplen = sizeof(rbuf);
+ 	apdu.resp = rbuf;
+ 
+@@ -1887,7 +1886,6 @@
+ 
+ 	LOG_FUNC_RETURN(card->ctx, buflen);
+ }
+-#endif
+ 
+ 
+ static int
+@@ -2376,7 +2374,7 @@
+ 	epass2003_ops.compute_signature = epass2003_decipher;
+ 	epass2003_ops.create_file = epass2003_create_file;
+ 	epass2003_ops.delete_file = epass2003_delete_file;
+-	/* epass2003_ops.list_files = epass2003_list_files; */
++	epass2003_ops.list_files = epass2003_list_files;
+ 	epass2003_ops.card_ctl = epass2003_card_ctl;
+ 	epass2003_ops.process_fci = epass2003_process_fci;
+ 	epass2003_ops.construct_fci = epass2003_construct_fci;
+Index: opensc-0.13.0/src/pkcs15init/pkcs15-epass2003.c
+===================================================================
+--- opensc-0.13.0.orig/src/pkcs15init/pkcs15-epass2003.c	2012-12-04 15:43:40.000000000 +0100
++++ opensc-0.13.0/src/pkcs15init/pkcs15-epass2003.c	2014-03-03 21:38:19.084039076 +0100
+@@ -507,6 +507,12 @@
+ 		 sc_print_path(&file->path));
+ 	sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL, "private key_info path: %s",
+ 		 sc_print_path(&(key_info->path)));
++
++	r = sc_pkcs15init_authenticate(profile, p15card, file,
++				       SC_AC_OP_DELETE);
++	SC_TEST_RET(card->ctx, SC_LOG_DEBUG_NORMAL, r,
++		    "generate key: pkcs15init_authenticate(SC_AC_OP_DELETE) failed");
++
+ 	r = sc_delete_file(p15card->card, &file->path);
+ 	/* create */
+ 	r = sc_pkcs15init_create_file(profile, p15card, file);
+@@ -558,6 +564,11 @@
+ 	r = sc_select_file(p15card->card, &pukf->path, NULL);
+ 	/* if exist, delete */
+ 	if (r == SC_SUCCESS) {
++		r = sc_pkcs15init_authenticate(profile, p15card, pukf,
++		       SC_AC_OP_DELETE);
++		SC_TEST_RET(card->ctx, SC_LOG_DEBUG_NORMAL, r,
++		    "generate key - pubkey: pkcs15init_authenticate(SC_AC_OP_DELETE) failed");
++
+ 		r = sc_pkcs15init_delete_by_path(profile, p15card, &pukf->path);
+ 		if (r != SC_SUCCESS) {
+ 			sc_debug(card->ctx, SC_LOG_DEBUG_NORMAL,
+@@ -573,6 +584,11 @@
+ 		goto failed;
+ 	}
+ 
++	r = sc_pkcs15init_authenticate(profile, p15card, pukf,
++				       SC_AC_OP_UPDATE);
++	SC_TEST_RET(card->ctx, SC_LOG_DEBUG_NORMAL, r,
++		    "generate key - pubkey: pkcs15init_authenticate(SC_AC_OP_UPDATE) failed");
++
+ 	/* generate key pair */
+ 	fidl = (file->id & 0xff) * FID_STEP;
+ 	file->id = (file->id & 0xff00) + fidl;
diff -Nru opensc-0.13.0/debian/patches/series opensc-0.13.0/debian/patches/series
--- opensc-0.13.0/debian/patches/series	2014-01-14 03:57:41.000000000 -0500
+++ opensc-0.13.0/debian/patches/series	2014-05-02 11:45:54.000000000 -0400
@@ -1 +1,2 @@
 0001-pkcs15-regression-in-e35febe-compute-cert-length.patch
+0002-fix-epass2003-support-from-upstream.patch

--- End Message ---
--- Begin Message --- 
Source: opensc
Source-Version: 0.14.0-1

We believe that the bug you reported is fixed in the latest version of
opensc, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Eric Dorland <[email protected]> (supplier of updated opensc package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sat, 05 Jul 2014 15:34:04 -0400
Source: opensc
Binary: opensc opensc-pkcs11
Architecture: source amd64
Version: 0.14.0-1
Distribution: unstable
Urgency: medium
Maintainer: Eric Dorland <[email protected]>
Changed-By: Eric Dorland <[email protected]>
Description:
 opensc     - Smart card utilities with support for PKCS#15 compatible cards
 opensc-pkcs11 - Smart card utilities with support for PKCS#15 compatible cards
Closes: 731235 746663 746694
Changes:
 opensc (0.14.0-1) unstable; urgency=medium
 .
   * New upstream release. (Closes: #746694, #731235, #746663)
   * debian/watch: Update to new GitHub location.
   * debian/patches/0001-pkcs15_compute_cert_length.diff,
     debian/patches/0002-fix-for-aventra-myeid.diff: Drop upstreamed
     patches.
   * debian/opensc.install: Install new dnie-tool.
   * debian/control: Fix Vcs-Git path.
   * debian/control: Use new GitHub homepage.
Checksums-Sha1:
 4c0ede5ca5176c1868113e4eaeeca929085121d2 2023 opensc_0.14.0-1.dsc
 06513c27c1812dd0afccd0db6421f88305bb718f 1172904 opensc_0.14.0.orig.tar.gz
 99030ca5056f6a211b8ad4a773feca543e1d13ad 7824 opensc_0.14.0-1.debian.tar.xz
 2b4e52793df9a63a5d763c510d3ec4b3feee4822 218840 opensc_0.14.0-1_amd64.deb
 0fbc01598de0cd94fe33e9b5c77289665f92aab0 684874 
opensc-pkcs11_0.14.0-1_amd64.deb
Checksums-Sha256:
 5ee89b444ee8439f6ebea5d8376389facf4fe9d525fd2ac1bdd1a5292fa6197d 2023 
opensc_0.14.0-1.dsc
 ffe8bcc704f2ab9a05c6781bc815f00eaf75cba0a1bd21e3142b9194a7bed5c9 1172904 
opensc_0.14.0.orig.tar.gz
 10a6f59fefbda86d3e61bfe4dac286d5e9c842ab33c1ed9ca5d69faa82f467a1 7824 
opensc_0.14.0-1.debian.tar.xz
 cc6ce8c5e00f615b628fcc92088ab55dc68c104dc7d7637a9fe407919abbfbdc 218840 
opensc_0.14.0-1_amd64.deb
 11b315b152ba49455286bc9e5c9a396b3b66ca5e08d34fffca511c912306050e 684874 
opensc-pkcs11_0.14.0-1_amd64.deb
Files:
 4ba579ecc882c106799e7c651f2d51cf 218840 utils extra opensc_0.14.0-1_amd64.deb
 555e3733647368ee921b5f5928b3da26 684874 utils extra 
opensc-pkcs11_0.14.0-1_amd64.deb
 061ef09fe285a70c7d78886b05644b9e 2023 utils extra opensc_0.14.0-1.dsc
 1ee31dc2e89860458fd984e0cac9795e 1172904 utils extra opensc_0.14.0.orig.tar.gz
 84da23b176f0b40e5aaf54b90719d897 7824 utils extra opensc_0.14.0-1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJTuGy0AAoJEBiP/EqTqnFyZR8P+wZeg4lOBpydOsTxCANQqqSC
4xS4NFsUx4zS4rilRyFeKi9UuoyctQ1UAUYfZ3UmDELsgJRpOCiwwyqpqdF5BbkT
eTCfzIIHonDbTdsT4cz4zhrV/m42InlhNlbuqemI0yYJUbbotEhW7Yh6TTqPDVNB
0IjPdEa3ZpG2jZ7wF+41gXhr2gsNE+0D75ZYggqPLUxt4aNwTUhP1IrvHLdy8A3R
Hwka/47znn1VCJCwWv/TTIqr2BgFXnHkt04/5htGBXpZ559Non7T+ePKocglY0Ou
uvz+hJYZU03fVM6n6TGLpBGA/NgfXAFw8u+fUL55awoOI11HSmrIlNdOZZ495pRY
gkd+gO4rMhwM2+rHR9EdTWAZauYcCUttZwOtnysvnBqbMLodfXhMvxAKujTFIl9m
Hs0seBO7w/34Giv0xDmV8BCvFl5vczn73OYMfdv07gImVmOurr24F7Ty+s9Re6K/
2tnvIyqR7TE1adkUNJ9vW4zB02KC7xls1iPlvJtLL2OQ9aWShGIjeAS1cM/XUHnY
May03Xo6KCKLjWZMVTpzdHcE2/QaGlUVSvP1sTxuwTfXWDjOVnFYioAThCTadQSr
ligem/81hHiZUTWXtopkgr4TpbPZKBTXqEozz3igdbx68Q2p8m7GXYI1jIqwkI1z
2L4criz1hqVWd75otqfR
=Gy9L
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to