On Mon, 2010-08-30 at 15:19 +0200, Viktor TARASOV wrote:
> Aventra development wrote:
> >
> > The 1K key generation works nicely, but we are having a problem
> > generating a 2K key using OpenSC 0.11.13 and our own MyEID card.
> >
> > OpenSC correctly finds a new file id and creates the file, and after
> > that it tries to store the key to that file.
> >
> > The issue is that the created file’s size is only 1024 bytes, so the
> > card will answer with 67 00 (Wrong length).
> >
> > Some code in OpenSC decides to create the wrong sized file, but I have
> > not been able to find it.
> >
> > Now I’m curious that, does other cards work when generating (or just
> > loading) 2048 byte keys?
> >
>
>
> For me, to generate the 2048 bits key on the Aventra card,
> the following path was needed to be applied to the OpenSC trunk.
>
> If no objection, I'll commit this patch to trunk.
Hello Viktor,
I would write the check for supported modulus length a bit more generic.
But it's functional the same like yours, because myeid supports only
1024 and 2048 bit (at least the driver does). Therefore it doesn't
matter a lot.
#include "internal.h"
pkcs15init/pkcs15-myeid.c:513
/* check that the card supports the requested modulus length */
if (_sc_card_find_rsa_alg(p15card->card, keybits) == NULL)
SC_TEST_RET(ctx, LEVEL, ERROR, MSG);
On the other hand it would be fine to give a good example, because
someone may want to copy+paste your code. See copy+paste in the card
drivers [1].
The same check also occurs in line 427, 514, 574, 637. And interestingly
_always_ some lines below there is the following conditional assignment:
if (file->size < 1024)
file->size = 1024;
Regards
Andre
[1]http://www.opensc-project.org/pipermail/opensc-devel/2010-August/014615.html
_______________________________________________
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel
