Displaying 20 results from an estimated 100 matches similar to: "[Bug 577] bug (wrong flag) in sc_private_decrypt (scard-opensc.c)"
2003 Jun 03
6
[Bug 584] scard-opensc.c doesn't work without PIN
http://bugzilla.mindrot.org/show_bug.cgi?id=584
Summary: scard-opensc.c doesn't work without PIN
Product: Portable OpenSSH
Version: -current
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: Smartcard
AssignedTo: openssh-bugs at mindrot.org
ReportedBy:
2003 May 14
0
small fix for scard-opensc.c
Hi,
I think there's a small bug in sc_private_decrypt
in scard-opensc.c (see attached patch). The 'flags'
parameter in the sc_pkcs15_decipher function call
should be set to SC_ALGORITHM_RSA_PAD_PKCS1 and
not to 0. If flags == 0 then sc_pkcs15_decipher uses
RSA raw as a default method which has (at least)
two drawbacks a) not all cards support RSA raw
and b) sc_pkcs15_decipher does not
2003 Jun 05
3
[Bug 589] scard-opensc.c: load only those keys for which there's a private key
http://bugzilla.mindrot.org/show_bug.cgi?id=589
Summary: scard-opensc.c: load only those keys for which there's a
private key
Product: Portable OpenSSH
Version: -current
Platform: All
OS/Version: Linux
Status: NEW
Severity: enhancement
Priority: P2
Component: Smartcard
2003 Jul 23
1
[Bug 621] scard-opensc.c: more than one private key object for a certificate
http://bugzilla.mindrot.org/show_bug.cgi?id=621
Summary: scard-opensc.c: more than one private key object for a
certificate
Product: Portable OpenSSH
Version: -current
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: Smartcard
AssignedTo:
2003 Jun 10
6
[Bug 591] use PKCS#15 private key label as a comment in case of OpenSC
http://bugzilla.mindrot.org/show_bug.cgi?id=591
Summary: use PKCS#15 private key label as a comment in case of
OpenSC
Product: Portable OpenSSH
Version: -current
Platform: All
OS/Version: Linux
Status: NEW
Severity: enhancement
Priority: P2
Component: Smartcard
AssignedTo:
2002 Jul 20
0
opensc smartcard support does not work
Hi,
sorry, I'm not on the list, so please answer directly.
I use opensc-0.7.0 and pcsc-lite-1.1.1 under FreeBSD 4.6
with Gemplus 410 and 430 smartcard readers and Schlumberger
cryptoflex smartcards.
I used openssh-3.2.2p1 but the relevant file scard-opensc.c
is unchanged in 3.4.
RSA authentication to a remote host running opensshd
did not work with the smartcard.
Investigating the problem
2003 May 08
3
get_pin for scard-opensc.c
I'm attaching a patch to allow ssh client to get a pin from the command line
when using a smartcard. Most of it is from a patch by Danny De Cock
<godot () ulyssis ! org>, but I've used the ssh read_passphrase function
instead. Any errors are mine, I'm sure.
This enables ssh -I 0 to use a pin-protected smartcard via opensc.
Thanks,
Kevin Stefanik
-------------- next part
2002 Apr 17
3
[Bug 221] updates for OpenSC support
http://bugzilla.mindrot.org/show_bug.cgi?id=221
------- Additional Comments From markus at openbsd.org 2002-04-18 02:04 -------
Created an attachment (id=81)
readme patch
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
2010 Apr 23
1
Path simple menu integrated progress indicator
This patch modifies the simple menu com32 program to include integrated load progress. It also adds new options to the simple menu configuration
MENU LOADMSG -- allows the user to specify the text to display when loading
MENU LOADMSGROW -- controls where the text is written
Example configuration:
MENU LOADMSG Booting
MENU LOADMSGROW 25
It works with my setup, please let me know if you find
2015 Mar 17
2
[patch] Updated patch for pkcs#11 smartcard readers that have a protected PIN path
Some smartcard readers have keypad to enter the PIN securely (i.e. such that it cannot be intercepted by a rogue (ssh) binary.
PKCS#11 allows for enforcing this in hardware. Below patch allows for SSH to make use of this; against head/master as of today.
Dw.
commit 7f0250a8ae6c639a19d4e1e24fc112d5e2e1249a
Author: Dirk-Willem van Gulik <dirkx at webweaving.org>
Date: Tue Mar 17
2015 Mar 31
7
Wanted: smartcard with ECDSA support
Hi list,
I have no idea if Damien Miller had the time to work on that.
I have an initial patch to authenticate using PKCS#11 and ECDSA keys.
This requires OpenSSL 1.0.2, prior OpenSSL versions do not expose the
required interfaces to override the signature function pointer for ECDSA.
The only limitation is that the OpenSSL API misses some cleanup function
(finish, for instance), hence I have yet
2016 Nov 16
3
[PATCH] ssh-pkcs11: allow providing unconditional pin code for PKCS11
Some HSM's such as Safenet Network HSM do not allow searching for keys
unauthenticated. To support such devices provide a mechanism for users
to provide a pin code that is always used to automatically log in to
the HSM when using PKCS11.
The pin code is read from a file specified by the environment variable
SSH_PKCS11_PINFILE if it is set.
Tested against Safenet Network HSM.
---
2016 Nov 16
2
[PATCH] ssh-pkcs11: allow providing unconditional pin code for PKCS11
I find this approach very bad in general.?
PKCS#11 standard says that *private* keys should not be accessible without authentication. *Public* keys and certificates of course can and should be accessible with no authentication.
SoftHSM misinterpreted this originally (older pkcs11 documents were less clear :), but they rectified this mistake. We should not repeat it.?
2002 Feb 28
0
Can't untar snapshot.. scard missing from CVS?
Hello-
I'm testing the current versions on UnixWare 2.x and have run into
the following problems:
After downloading the nightly snapshot, untar fails with
"Directory Checksum error". Gunzip is successful, but the tar
fails.
Failing the snapshot extraction, I checked out a clean copy from the
CVS. Configure fails when it hits the "/scard" directory, which is
empty. I
2014 Nov 03
0
SSL Client authentication with trustcenter-certificate
Dear reader,
we are using dovecot 2.2.7 and like it very much. Authentication is done
via a checkpassword program that does two things:
1) check wether the client has connected via SSL using a client certificate
2) check wether the client is using a one time password generator
Most of our users are using certificates that we have created ourself.
These certificates contain a
2008 Jun 20
2
OpenSC smartcard access should use raw public keys, not X.509 certificates
A non-text attachment was scrubbed...
Name: use-public-keys-instead-of-certs-with-opensc.patch
Type: text/x-diff
Size: 5512 bytes
Desc: enable the use of raw public keys on OpenSC-supported
smartcards
Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20080620/0fbcb856/attachment.bin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not
2002 Apr 17
0
[Bug 221] New: updates for OpenSC support
http://bugzilla.mindrot.org/show_bug.cgi?id=221
Summary: updates for OpenSC support
Product: Portable OpenSSH
Version: -current
Platform: Other
OS/Version: other
Status: NEW
Severity: normal
Priority: P2
Component: Miscellaneous
AssignedTo: openssh-unix-dev at mindrot.org
ReportedBy: markus
2010 Apr 08
1
ssh-add -s /usr/lib/opensc-pkcs11.so does not work
Dear friends,
First, thanks for helping me on ssh default option for smartcards. I
recompiled SSH from CVS and it seems to work.
I still have problems with:
ssh-add -s /usr/lib/opensc-pkcs11.so
Enter passphrase for PKCS#11: (I enter PIN code)
SSH_AGENT_FAILURE
Could not add card: /usr/lib/opensc-pkcs11.so
pkcs11-tool --slot 1 -O
Public Key Object; RSA 2048 bits
label: Public Key
ID:
2003 Apr 04
1
overload key signing function for opensc tokens...
I wasn't having much luck getting a key and certificate stored on a hardware
token to work until I made this fix. The ssh_rsa_sign key was not using
either overloading. I used the rsa.meth way, instead of the engine.
With this patch ssh-add works. I'm working on getting ssh to take a PIN, but
when I put in a call to read_passphrase in the appropriate place, it muddies
the waters
2003 Aug 15
0
OpenSC 0.8.0 Released
OpenSC Release 0.8.0
====================
We are pleased to announce the availability of OpenSC 0.8.0.
OpenSC provides a set of libraries and utilities to access smart
cards. Its main focus is on cards that support cryptographic operations,
and facilitate their use in security applications such as mail encryption,
authentication, and digital signature.
OpenSC can be used with the following