bugzilla-daemon at mindrot.org
2003-May-27 12:28 UTC
[Bug 577] bug (wrong flag) in sc_private_decrypt (scard-opensc.c)
http://bugzilla.mindrot.org/show_bug.cgi?id=577
Summary: bug (wrong flag) in sc_private_decrypt (scard-opensc.c)
Product: Portable OpenSSH
Version: -current
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: Smartcard
AssignedTo: openssh-bugs at mindrot.org
ReportedBy: larsch at trustcenter.de
There's a small bug in scard-opensc.c. The OpenSC function
sc_pkcs15_decipher
is called with the wrong flag. Currently sc_private_decrypt set the flag to
0 and hence OpenSC uses RSA raw to decipher the cryptogram => the Smartcard
(or OpenSC) does not remove the PKCS#1 padding => v1 authentication fails
because the returned data has the wrong length. To fix this problem simply
replace:
r = sc_pkcs15_decipher(p15card, key_obj, 0, from, flen, to, flen);
with
r = sc_pkcs15_decipher(p15card, key_obj, SC_ALGORITHM_RSA_PAD_PKCS1, from, flen,
to, flen);
Nils
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2003-May-27 12:51 UTC
[Bug 577] bug (wrong flag) in sc_private_decrypt (scard-opensc.c)
http://bugzilla.mindrot.org/show_bug.cgi?id=577 ------- Additional Comments From larsch at trustcenter.de 2003-05-27 22:51 ------- Created an attachment (id=312) --> (http://bugzilla.mindrot.org/attachment.cgi?id=312&action=view) patch to fix the issue with the wrong sc_pkcs15_decrypt flag ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2003-Jun-04 11:53 UTC
[Bug 577] bug (wrong flag) in sc_private_decrypt (scard-opensc.c)
http://bugzilla.mindrot.org/show_bug.cgi?id=577
djm at mindrot.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |FIXED
Summary|bug (wrong flag) in |bug (wrong flag) in
|sc_private_decrypt (scard- |sc_private_decrypt (scard-
|opensc.c) |opensc.c)
------- Additional Comments From djm at mindrot.org 2003-06-04 21:53 -------
Fix applied, thanks.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2003-Jun-05 08:26 UTC
[Bug 577] bug (wrong flag) in sc_private_decrypt (scard-opensc.c)
http://bugzilla.mindrot.org/show_bug.cgi?id=577
larsch at trustcenter.de changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |VERIFIED
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
Apparently Analagous Threads
- [Bug 584] scard-opensc.c doesn't work without PIN
- small fix for scard-opensc.c
- [Bug 589] scard-opensc.c: load only those keys for which there's a private key
- [Bug 621] scard-opensc.c: more than one private key object for a certificate
- [Bug 591] use PKCS#15 private key label as a comment in case of OpenSC