Bug#746663: opensc: SmartCard-HSM card does not list RSA 2048 public keys

Fri, 02 May 2014 06:13:18 -0700 

Package: opensc
Version: 0.13.0-3
Severity: normal
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu utopic ubuntu-patch



*** /tmp/tmpsB0qMw/bug_body

OpenSC 0.13.0 does not list RSA public keys which are of 2048 bits in size on
a SmartCard-HSM smart card.

Although the keys are listed after on-card key generation, only the private
key is listed later. This issue does not appear for keys of 1024 bits in size
on the same card.

See Ubuntu bug for steps to reproduce.

In Ubuntu, the attached patch was applied to achieve the following:

  * debian/patches/0003-fix-sc-hsm-rsa2048.patch:
    Add upstream fix to show generated RSA public keys of 2048 bits.
    Cherry-picking commit:
    - 99af6cd sc-hsm: Fixed a bug that prevents a newly generated 2048 [...]
    (LP: #1311921)


Thanks for considering the patch.


-- System Information:
Debian Release: jessie/sid
  APT prefers trusty-updates
  APT policy: (500, 'trusty-updates'), (500, 'trusty-security'), (500, 
'trusty-proposed'), (500, 'trusty'), (100, 'trusty-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.13.0-24-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

diff -Nru opensc-0.13.0/debian/changelog opensc-0.13.0/debian/changelog
diff -Nru opensc-0.13.0/debian/patches/0003-fix-sc-hsm-rsa2048.patch opensc-0.13.0/debian/patches/0003-fix-sc-hsm-rsa2048.patch
--- opensc-0.13.0/debian/patches/0003-fix-sc-hsm-rsa2048.patch	1969-12-31 19:00:00.000000000 -0500
+++ opensc-0.13.0/debian/patches/0003-fix-sc-hsm-rsa2048.patch	2014-05-02 08:37:41.000000000 -0400
@@ -0,0 +1,17 @@
+Description: Fix to show generated RSA2048 pubkeys in PKCS#11 interface.
+ Fixed a bug that prevents a newly generated 2048 key to show up at the
+ PKCS#11 interface
+Author: Andreas Schwier <andreas.schw...@cardcontact.de>
+Origin: upstream https://github.com/OpenSC/OpenSC/commit/99af6cd8ee78776f50bc016fc230541072c60afb
+
+--- opensc-0.13.0.orig/src/libopensc/pkcs15-sc-hsm.c
++++ opensc-0.13.0/src/libopensc/pkcs15-sc-hsm.c
+@@ -268,7 +268,7 @@ static int sc_pkcs15emu_sc_hsm_add_pubke
+ 	sc_pkcs15_pubkey_info_t pubkey_info;
+ 	sc_pkcs15_object_t pubkey_obj;
+ 	struct sc_pkcs15_pubkey pubkey;
+-	u8 efbin[512];
++	u8 efbin[1024];
+ 	sc_cvc_t cvc;
+ 	u8 *cvcpo;
+ 	size_t cvclen;
diff -Nru opensc-0.13.0/debian/patches/series opensc-0.13.0/debian/patches/series
--- opensc-0.13.0/debian/patches/series	2014-03-12 10:51:09.000000000 -0400
+++ opensc-0.13.0/debian/patches/series	2014-05-02 08:37:41.000000000 -0400
@@ -1,2 +1,3 @@
 0001-pkcs15-regression-in-e35febe-compute-cert-length.patch
 0002-fix-epass2003-support-from-upstream.patch
+0003-fix-sc-hsm-rsa2048.patch

Reply via email to