Re: [opensc-devel] D-TRUST-2048-Bit card .. Compute signature failed: Internal error

Simon Eisenmann Thu, 15 Mar 2007 00:45:20 -0800

Works fine with this patch!

With unpatched opensc gives same error and with patch applied the
following command works fine:


# pkcs15-crypt -s -k 000102030405060708090a0b0c0d0e0f --sha-1 --pkcs1 -i
test.sha1 -o signed.test

Debug output:

// snipped
...
apdu.c:184:sc_apdu_log: 
Incoming APDU data [    2 bytes] =====================================
90 00 ..
======================================================================
card.c:312:sc_unlock: called
sec.c:201:sc_pin_cmd: returning with: 0
card.c:312:sc_unlock: called
pkcs15-sec.c:150:sc_pkcs15_compute_signature: called
card.c:285:sc_lock: called
card.c:532:sc_select_file: called; type=2, path=3f001fff
card-cardos.c:396:cardos_select_file: called
apdu.c:516:sc_transmit_apdu: called
card.c:285:sc_lock: called
apdu.c:184:sc_apdu_log: 
Outgoing APDU data [    7 bytes] =====================================
00 A4 08 00 02 1F FF .......
======================================================================
apdu.c:184:sc_apdu_log: 
Incoming APDU data [    2 bytes] =====================================
90 00 ..
======================================================================
card.c:312:sc_unlock: called
iso7816.c:459:iso7816_select_file: returning with: 0
card-cardos.c:400:cardos_select_file: returning with: 0
card.c:554:sc_select_file: returning with: 0
sec.c:63:sc_set_security_env: called
apdu.c:516:sc_transmit_apdu: called
card.c:285:sc_lock: called
apdu.c:184:sc_apdu_log: 
Outgoing APDU data [    8 bytes] =====================================
00 22 01 B6 03 83 01 02 ."......
======================================================================
apdu.c:184:sc_apdu_log: 
Incoming APDU data [    2 bytes] =====================================
90 00 ..
======================================================================
card.c:312:sc_unlock: called
card-cardos.c:714:cardos_set_security_env: returning with: 0
sec.c:67:sc_set_security_env: returning with: 0
sec.c:49:sc_compute_signature: called
card-cardos.c:761:cardos_compute_signature: called
apdu.c:516:sc_transmit_apdu: called
card.c:285:sc_lock: called
apdu.c:184:sc_apdu_log: 
Outgoing APDU data [   26 bytes] =====================================
00 2A 9E 9A 14 F7 DF 47 DF 5F 91 41 58 E0 B7 D2 .*.....G._.AX...
0E C2 32 59 C4 38 E2 30 A3 00                   ..2Y.8.0..
======================================================================
apdu.c:184:sc_apdu_log: 
Incoming APDU data [  258 bytes] =====================================
51 2B 57 82 03 49 6B A6 46 18 85 2B 43 AF 28 2A Q+W..Ik.F..+C.(*
36 3B 8A 64 D2 8D 9B 1E D9 20 A4 90 DA BC BF 34 6;.d..... .....4
46 C4 37 0E 73 47 0B E5 F3 80 3D EE D6 3F 89 BC F.7.sG....=..?..
EB 1E 22 70 26 BB 78 D5 0C 90 C7 36 6E 42 8A 81 .."p&.x....6nB..
DB FD 39 09 6F 1C 1D C8 87 01 04 0F 2A 2C 4F E7 ..9.o.......*,O.
99 80 C2 F6 23 A5 06 55 52 3A CD F7 CE 49 48 99 ....#..UR:...IH.
F2 76 57 95 40 E1 D2 07 FA C7 26 AF 36 4B 15 11 [EMAIL PROTECTED]&.6K..
A9 5F A5 8C C5 D9 BD C1 BF E4 F3 A6 B9 F1 B1 2C ._.............,
8C F3 CE 85 E6 A2 7B 36 BD A7 16 E5 53 F2 12 2B ......{6....S..+
57 D6 5A ED CC C1 B3 7E 3A E2 9A 7A E4 BC 08 95 W.Z....~:..z....
CA C4 04 7B F3 38 80 4C F7 95 3C 4F FE 64 B1 17 ...{.8.L..<O.d..
C3 DD 96 15 2D 2F 29 8A 99 DC BA E4 51 79 E2 4A ....-/).....Qy.J
DB 1B BC B5 ED BF 60 7B D0 12 45 2A 9B 9E 9E FD ......`{..E*....
43 29 79 53 27 6F 8C 89 92 81 2D AE F1 35 7C 47 C)yS'o....-..5|G
C7 F1 4E D4 C5 15 2E 28 28 91 4E 52 72 9F C3 5B ..N....((.NRr..[
2B BB CC 51 E4 B3 99 81 77 C1 0D 76 07 49 82 42 +..Q....w..v.I.B
90 00                                           ..
======================================================================
card.c:312:sc_unlock: called
card-cardos.c:745:do_compute_signature: returning with: 256
sec.c:53:sc_compute_signature: returning with: 256
card.c:312:sc_unlock: called
pkcs15.c:775:sc_pkcs15_unbind: called
card.c:312:sc_unlock: called
reader-openct.c:458:openct_reader_unlock: called
card.c:236:sc_disconnect_card: called
reader-openct.c:280:openct_reader_disconnect: called
card.c:251:sc_disconnect_card: returning with: 0
ctx.c:738:sc_release_context: called
reader-openct.c:180:openct_reader_release: called
reader-openct.c:180:openct_reader_release: called
reader-openct.c:180:openct_reader_release: called
reader-openct.c:180:openct_reader_release: called
reader-openct.c:180:openct_reader_release: called
reader-openct.c:165:openct_reader_finish: called



Am Mittwoch, den 14.03.2007, 20:07 +0100 schrieb Nils Larsch:
> Nils Larsch wrote:
> > Simon Eisenmann wrote:
> >> Here is the debug output to add some more details for this issue:
> >>
> >> ...
> >> card-cardos.c:714:cardos_set_security_env: returning with: 0
> >> sec.c:67:sc_set_security_env: returning with: 0
> >> sec.c:49:sc_compute_signature: called
> >> card-cardos.c:761:cardos_compute_signature: called
> >> card-cardos.c:775:cardos_compute_signature: trying RSA_PURE_SIG (padded
> >> DigestInfo)
> >> apdu.c:516:sc_transmit_apdu: called
> >> card.c:285:sc_lock: called
> >> apdu.c:184:sc_apdu_log: Outgoing APDU data [  265 bytes] 
> >> =====================================
> >> 00 2A 9E 9A 00 01 00 30 30 30 30 30 30 30 30 30 .*.....000000000
> >> 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 0000000000000000
> >> 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 0000000000000000
> >> 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 0000000000000000
> >> 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 0000000000000000
> >> 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 0000000000000000
> >> 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 0000000000000000
> >> 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 0000000000000000
> >> 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 0000000000000000
> >> 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 0000000000000000
> >> 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 0000000000000000
> >> 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 0000000000000000
> >> 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 0000000000000000
> >> 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 0000000000000000
> >> 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 0000000000000000
> >> 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 30 0000000000000000
> >> 30 30 30 30 30 30 30 01 00                      0000000..
> > 
> > if you really tried to sign something with
> > "pkcs15-crypt -s -k 000102030405060708090a0b0c0d0e0f --md5 -i test.md5 
> > -o signed.test"
> > then the above APDU is obviously wrong and cannot work regardless of
> > if your reader support ext. APDU or not ...
> > What is in test.md5 ?
> > 
> > Once you have a correct digestInfo to sign in the APDU data you might
> > try the attached patch (using sha-1 instead of md5).
> 
> the patch
-- 
Simon Eisenmann

[ mailto:[EMAIL PROTECTED] ]

[ struktur AG | Kronenstraße 22a | D-70173 Stuttgart ]
[ T. +49.711.896656.68 | F.+49.711.89665610 ]
[ http://www.struktur.de | mailto:[EMAIL PROTECTED] ]

smime.p7s
Description: S/MIME cryptographic signature

_______________________________________________
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel

Re: [opensc-devel] D-TRUST-2048-Bit card .. Compute signature failed: Internal error

Reply via email to