Sign by using the decrypt function.
git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3223 c6295689-39f2-0310-b995-f0e70906c6a9
This commit is contained in:
parent
60e3e1e683
commit
14bc32dda2
3
NEWS
3
NEWS
|
@ -6,6 +6,9 @@ http://www.opensc-project.org/opensc/wiki/WhatsNew
|
|||
Also see the svn changelog using svn command
|
||||
or doc/ChangeLog.
|
||||
|
||||
New in 0.11.4; 2007-??-??; Andreas Jellinghaus
|
||||
* Support Siemens CardOS initialized cards (signing with decryption)
|
||||
|
||||
New in 0.11.3; 2007-07-11; Andreas Jellinghaus
|
||||
* added regression test for raw rsa (crypt0007).
|
||||
* regression suite can now use installed binaries with --installed.
|
||||
|
|
|
@ -148,6 +148,31 @@ int sc_pkcs15_compute_signature(struct sc_pkcs15_card *p15card,
|
|||
unsigned long pad_flags = 0, sec_flags = 0;
|
||||
|
||||
SC_FUNC_CALLED(ctx, 1);
|
||||
|
||||
/* some strange cards/setups need decrypt to sign ... */
|
||||
if (p15card->flags & SC_PKCS15_CARD_FLAG_SIGN_WITH_DECRYPT) {
|
||||
if (flags & SC_ALGORITHM_RSA_RAW) {
|
||||
return sc_pkcs15_decipher(p15card, obj,flags,
|
||||
in, inlen, out, outlen);
|
||||
}
|
||||
size_t tmplen = sizeof(buf);
|
||||
if (modlen > tmplen) {
|
||||
sc_error(ctx, "Buffer too small, needs recompile!\n");
|
||||
return SC_ERROR_NOT_ALLOWED;
|
||||
}
|
||||
r = sc_pkcs1_encode(ctx, flags, in, inlen, buf, &tmplen, modlen);
|
||||
|
||||
/* no padding needed - already done */
|
||||
flags &= ~SC_ALGORITHM_RSA_PADS;
|
||||
/* instead use raw rsa */
|
||||
flags |= SC_ALGORITHM_RSA_RAW;
|
||||
|
||||
SC_TEST_RET(ctx, r, "Unable to add padding");
|
||||
r = sc_pkcs15_decipher(p15card, obj,flags, buf, modlen,
|
||||
out, outlen);
|
||||
return r;
|
||||
}
|
||||
|
||||
/* If the key is extractable, the caller should extract the
|
||||
* key and do the crypto himself */
|
||||
if (!prkey->native)
|
||||
|
|
|
@ -675,6 +675,11 @@ static int sc_pkcs15_bind_internal(sc_pkcs15_card_t *p15card)
|
|||
p15card->seInfo = tokeninfo.seInfo;
|
||||
p15card->num_seInfo = tokeninfo.num_seInfo;
|
||||
|
||||
/* for cardos cards initialized by Siemens: sign with decrypt */
|
||||
if (strcmp(p15card->card->driver->short_name,"cardos") == 0
|
||||
&& strcmp(p15card->manufacturer_id,"Siemens AG (C)") == 0)
|
||||
p15card->flags |= SC_PKCS15_CARD_FLAG_SIGN_WITH_DECRYPT;
|
||||
|
||||
ok = 1;
|
||||
end:
|
||||
if(buf != NULL)
|
||||
|
|
|
@ -398,6 +398,7 @@ typedef struct sc_pkcs15_card {
|
|||
#define SC_PKCS15_CARD_FLAG_LOGIN_REQUIRED 0x02
|
||||
#define SC_PKCS15_CARD_FLAG_PRN_GENERATION 0x04
|
||||
#define SC_PKCS15_CARD_FLAG_EID_COMPLIANT 0x08
|
||||
#define SC_PKCS15_CARD_FLAG_SIGN_WITH_DECRYPT 0x10
|
||||
|
||||
/* sc_pkcs15_bind: Binds a card object to a PKCS #15 card object
|
||||
* and initializes a new PKCS #15 card object. Will return
|
||||
|
|
Loading…
Reference in New Issue