Package: opensc
Version: 0.13.0-3
Severity: normal
Tags: patch
User: [email protected]
Usertags: origin-ubuntu utopic ubuntu-patch
*** /tmp/tmpsB0qMw/bug_body
OpenSC 0.13.0 does not list RSA public keys which are of 2048 bits in size on
a SmartCard-HSM smart card.
Although the keys are listed after on-card key generation, only the private
key is listed later. This issue does not appear for keys of 1024 bits in size
on the same card.
See Ubuntu bug for steps to reproduce.
In Ubuntu, the attached patch was applied to achieve the following:
* debian/patches/0003-fix-sc-hsm-rsa2048.patch:
Add upstream fix to show generated RSA public keys of 2048 bits.
Cherry-picking commit:
- 99af6cd sc-hsm: Fixed a bug that prevents a newly generated 2048 [...]
(LP: #1311921)
Thanks for considering the patch.
-- System Information:
Debian Release: jessie/sid
APT prefers trusty-updates
APT policy: (500, 'trusty-updates'), (500, 'trusty-security'), (500,
'trusty-proposed'), (500, 'trusty'), (100, 'trusty-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.13.0-24-generic (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru opensc-0.13.0/debian/changelog opensc-0.13.0/debian/changelog
diff -Nru opensc-0.13.0/debian/patches/0003-fix-sc-hsm-rsa2048.patch opensc-0.13.0/debian/patches/0003-fix-sc-hsm-rsa2048.patch
--- opensc-0.13.0/debian/patches/0003-fix-sc-hsm-rsa2048.patch 1969-12-31 19:00:00.000000000 -0500
+++ opensc-0.13.0/debian/patches/0003-fix-sc-hsm-rsa2048.patch 2014-05-02 08:37:41.000000000 -0400
@@ -0,0 +1,17 @@
+Description: Fix to show generated RSA2048 pubkeys in PKCS#11 interface.
+ Fixed a bug that prevents a newly generated 2048 key to show up at the
+ PKCS#11 interface
+Author: Andreas Schwier <[email protected]>
+Origin: upstream https://github.com/OpenSC/OpenSC/commit/99af6cd8ee78776f50bc016fc230541072c60afb
+
+--- opensc-0.13.0.orig/src/libopensc/pkcs15-sc-hsm.c
++++ opensc-0.13.0/src/libopensc/pkcs15-sc-hsm.c
+@@ -268,7 +268,7 @@ static int sc_pkcs15emu_sc_hsm_add_pubke
+ sc_pkcs15_pubkey_info_t pubkey_info;
+ sc_pkcs15_object_t pubkey_obj;
+ struct sc_pkcs15_pubkey pubkey;
+- u8 efbin[512];
++ u8 efbin[1024];
+ sc_cvc_t cvc;
+ u8 *cvcpo;
+ size_t cvclen;
diff -Nru opensc-0.13.0/debian/patches/series opensc-0.13.0/debian/patches/series
--- opensc-0.13.0/debian/patches/series 2014-03-12 10:51:09.000000000 -0400
+++ opensc-0.13.0/debian/patches/series 2014-05-02 08:37:41.000000000 -0400
@@ -1,2 +1,3 @@
0001-pkcs15-regression-in-e35febe-compute-cert-length.patch
0002-fix-epass2003-support-from-upstream.patch
+0003-fix-sc-hsm-rsa2048.patch
