Bug#603167: opensc: Various common operations fail on Feitian EnterSafe cards

Tim Small Thu, 11 Nov 2010 08:03:17 -0800

Package: opensc
Version: 0.11.13-1
Severity: normal
Tags: patch upstream

As it looks like Squeeze is ending up with v0.11.13 I'd like to propose
backporting various fixes for Feitian EnterSafe cards - as without these
fixes these cards will be unusable for many common applications with
Squeeze...


References below:

http://www.opensc-project.org/opensc/ticket/197

http://www.opensc-project.org/opensc/changeset/3906

http://www.gooze.eu/forums/support/problem-converting-openssh-rsa-key-to-pem-format#comment-106

... the last of these isn't upstream yet, but omitting this patch
wouldn't impact many users.  The first two will affect most users,
however.

Cheers,

Tim.


diff -Naur 
opensc-0.11.13/debian/patches/entersafe-encode-bignum-backport-changeset3906 
opensc-0.11.13.new/debian/patches/entersafe-encode-bignum-backport-changeset3906
--- 
opensc-0.11.13/debian/patches/entersafe-encode-bignum-backport-changeset3906    
    1970-01-01 01:00:00.000000000 +0100
+++ 
opensc-0.11.13.new/debian/patches/entersafe-encode-bignum-backport-changeset3906
    2010-11-08 12:29:27.725017108 +0000
@@ -0,0 +1,27 @@
+--- opensc-0.11.13.orig/src/libopensc/card-entersafe.c.orig    2010-11-08 
12:26:14.680903369 +0000
++++ opensc-0.11.13/src/libopensc/card-entersafe.c      2010-11-08 
12:28:00.776175074 +0000
+@@ -1044,14 +1044,13 @@
+        u8 *p=*ptr;
+ 
+        *p++=tag;
+-       assert(0);
+-       if(bignum.len<256)
++       if(bignum.len<128)
+        {
+                 *p++=(u8)bignum.len;
+        }
+        else
+        {
+-                u8 bytes=0;
++                u8 bytes=1;
+                 size_t len=bignum.len;
+                 while(len)
+                 {
+@@ -1069,6 +1068,7 @@
+        memcpy(p,bignum.data,bignum.len);
+        entersafe_reverse_buffer(p,bignum.len);
+        p+=bignum.len;
++       *ptr = p;
+ }
+ 
+ static int entersafe_write_small_rsa_key(sc_card_t *card,u8 key_id,struct 
sc_pkcs15_prkey_rsa *rsa)
diff -Naur opensc-0.11.13/debian/patches/entersafe-import-rsa-key-ticket197 
opensc-0.11.13.new/debian/patches/entersafe-import-rsa-key-ticket197
--- opensc-0.11.13/debian/patches/entersafe-import-rsa-key-ticket197    
1970-01-01 01:00:00.000000000 +0100
+++ opensc-0.11.13.new/debian/patches/entersafe-import-rsa-key-ticket197        
2010-11-08 11:44:38.872096810 +0000
@@ -0,0 +1,11 @@
+--- opensc-0.11.13.orig/src/libopensc/card-entersafe.c (révision 4041)
++++ opensc-0.11.13/src/libopensc/card-entersafe.c      (copie de travail)
+@@ -1252,7 +1252,7 @@
+        switch(data->usage)
+        {
+        case 0x22:
+-                if(rsa->modulus.len<=1024)
++                if(rsa->modulus.len<256)
+                          return 
entersafe_write_small_rsa_key(card,data->key_id,rsa);
+                 else
+                          return 
entersafe_write_large_rsa_key(card,data->key_id,rsa);
diff -Naur 
opensc-0.11.13/debian/patches/entersafe-support-old-sshkeygen-exponent 
opensc-0.11.13.new/debian/patches/entersafe-support-old-sshkeygen-exponent
--- opensc-0.11.13/debian/patches/entersafe-support-old-sshkeygen-exponent      
1970-01-01 01:00:00.000000000 +0100
+++ opensc-0.11.13.new/debian/patches/entersafe-support-old-sshkeygen-exponent  
2010-11-11 12:16:02.972017891 +0000
@@ -0,0 +1,13 @@
+--- opensc-0.11.13/src/libopensc/card-entersafe.c.orig 2010-11-11 
12:14:06.720016943 +0000
++++ opensc-0.11.13/src/libopensc/card-entersafe.c      2010-11-11 
12:15:04.880017145 +0000
+@@ -127,6 +127,10 @@
+       _sc_card_add_rsa_alg(card, 768, flags, 0x10001);
+       _sc_card_add_rsa_alg(card,1024, flags, 0x10001);
+       _sc_card_add_rsa_alg(card,2048, flags, 0x10001);
++      _sc_card_add_rsa_alg(card, 512, flags, 0x23);
++      _sc_card_add_rsa_alg(card, 768, flags, 0x23);
++      _sc_card_add_rsa_alg(card,1024, flags, 0x23);
++      _sc_card_add_rsa_alg(card,2048, flags, 0x23);
+ 
+       /*card->caps = SC_CARD_CAP_RNG|SC_CARD_CAP_APDU_EXT; */
+       card->caps = SC_CARD_CAP_RNG; 
diff -Naur opensc-0.11.13/debian/patches/series 
opensc-0.11.13.new/debian/patches/series
--- opensc-0.11.13/debian/patches/series        2010-11-11 15:34:22.956017190 
+0000
+++ opensc-0.11.13.new/debian/patches/series    2010-11-11 15:33:35.020451684 
+0000
@@ -1 +1,4 @@
 debian-changes
+entersafe-import-rsa-key-ticket197
+entersafe-encode-bignum-backport-changeset3906
+entersafe-support-old-sshkeygen-exponent



-- System Information:
Debian Release: squeeze/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-5-openvz-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages opensc depends on:
ii  libc6                         2.11.2-7   Embedded GNU C Library: Shared lib
ii  libltdl7                      2.2.6b-2   A system independent dlopen wrappe
ii  libopensc2                    0.11.13-1  Smart card library with support fo
ii  libreadline5                  5.2-7      GNU readline and history libraries
ii  libssl0.9.8                   0.9.8o-2   SSL shared libraries

opensc recommends no packages.

opensc suggests no packages.

-- no debconf information



--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]

Bug#603167: opensc: Various common operations fail on Feitian EnterSafe cards

Reply via email to