From 137286858f71bbd47633df9ab0fdb7ef2d251f54 Mon Sep 17 00:00:00 2001 From: Vincent JARDIN Date: Mon, 22 Mar 2021 18:06:50 +0000 Subject: [PATCH] IASECC/CPX: enable calls thru pkcs15-iasecc.c Same than Gemalto's IASECC, the CPX cards need a workaround since the PrKey does not have its Algo_regs. We get: pkcs15-tool -k --verify-pin --pin 1234 Using reader with a card: ACS ACR33U-A1 3SAM ICC Reader 00 00 Private RSA Key [CPS_PRIV_SIG] Object Flags : [0x01], private Usage : [0x200], nonRepudiation Access Flags : [0x0D], sensitive, alwaysSensitive, neverExtract Algo_refs : 0 Access Rules : pso_cds:01; ModLength : 2048 Key ref : 129 (0x81) Native : yes Path : e828bd080f8025000001ff0010:: Auth ID : 01 ID : e828bd080f8025000001ff001001 MD:guid : e7aab727-f2af-e673-37bb-7d43867a6349 Private RSA Key [CPS_PRIV_AUT] Object Flags : [0x07], private, modifiable Usage : [0x06], decrypt, sign Access Flags : [0x0D], sensitive, alwaysSensitive, neverExtract Algo_refs : 0 Access Rules : pso_decrypt:01; int_auth:01; ModLength : 2048 Key ref : 130 (0x82) Native : yes Path : e828bd080f8025000001ff0010:: Auth ID : 01 ID : e828bd080f8025000001ff001002 MD:guid : 2b6bf284-225c-80bc-8cbe-1c791db33543 We need to get Algo_regs to be set to something that is not 0. Fix: issue #2267 --- src/libopensc/pkcs15-syn.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/libopensc/pkcs15-syn.c b/src/libopensc/pkcs15-syn.c index 73954053..d4e03df8 100644 --- a/src/libopensc/pkcs15-syn.c +++ b/src/libopensc/pkcs15-syn.c @@ -91,6 +91,8 @@ int sc_pkcs15_is_emulation_only(sc_card_t *card) case SC_CARD_TYPE_DNIE_USER: case SC_CARD_TYPE_DNIE_TERMINATED: case SC_CARD_TYPE_IASECC_GEMALTO: + case SC_CARD_TYPE_IASECC_CPX: + case SC_CARD_TYPE_IASECC_CPXCL: case SC_CARD_TYPE_PIV_II_GENERIC: case SC_CARD_TYPE_PIV_II_HIST: case SC_CARD_TYPE_PIV_II_NEO: