at least with cryptoflex only the sign apdu returns 0x61 and the number
of bytes we can fetch. all get response commands return 90 00. so we
need to keep the number of bytes to get from the first command, and then
loop till we received all bytes.
I hope this also works with all other smart cards?
Nils, is this change ok for you?
without it
# erase card
opentest/bin/pkcs15-init -ET
# format card
opentest/bin/pkcs15-init -CT -p pkcs15+onepin
# create key
opentest/bin/pkcs15-init -G rsa/2048 -a 01
# hash some data
openssl dgst -sha1 -binary -out test.sha1 < /bin/bash
# sign it
opentest/bin/pkcs15-crypt -s --sha-1 --pkcs1 -i test.sha1 -o test.sha1.sig
# have a look
ls -l test.sha1*
# see? 248 bytes only
resulted in a 248 byte signature, which is invalid with a 2048 bit rsa
key. now with the changed loop logic it works for me.
Regards, Andreas
--- Begin Message ---
Revision: 3093
Author: aj
Date: 2006-12-29 09:44:13 +0000 (Fri, 29 Dec 2006)
Log Message:
-----------
only the first apdu (command) tells us how many bytes we need to get.
we need to keep this value and call get_response as often as needed
to get them part by part.
Modified Paths:
--------------
trunk/src/libopensc/apdu.c
Modified: trunk/src/libopensc/apdu.c
===================================================================
--- trunk/src/libopensc/apdu.c 2006-12-22 12:43:00 UTC (rev 3092)
+++ trunk/src/libopensc/apdu.c 2006-12-29 09:44:13 UTC (rev 3093)
@@ -448,6 +448,7 @@
*/
size_t le, buflen;
u8 *buf;
+ int len = apdu->sw2 != 0 ? (size_t)apdu->sw2 : 256;
if (card->ops->get_response == NULL) {
/* this should _never_ happen */
@@ -466,13 +467,13 @@
buflen = olen - apdu->resplen;
/* 0x6100 means at least 256 more bytes to read */
- le = apdu->sw2 != 0 ? (size_t)apdu->sw2 : 256;
do {
u8 tbuf[256];
/* call GET RESPONSE to get more date from
* the card; note: GET RESPONSE returns the
* amount of data left (== SW2) */
+ le = len - (buf - apdu->resp);
r = card->ops->get_response(card, &le, tbuf);
if (r < 0)
SC_FUNC_RETURN(ctx, 2, r);
@@ -483,7 +484,7 @@
memcpy(buf, tbuf, le);
buf += le;
buflen -= le;
- } while (r != 0);
+ } while (r != 0 || (buf - apdu->resp < len));
/* we've read all data, let's return 0x9000 */
apdu->resplen = buf - apdu->resp;
apdu->sw1 = 0x90;
_______________________________________________
opensc-commits mailing list
[EMAIL PROTECTED]
http://www.opensc-project.org/mailman/listinfo/opensc-commits
--- End Message ---
_______________________________________________
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel
