Fix security issue.

git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@3688 c6295689-39f2-0310-b995-f0e70906c6a9
2009-05-07 10:57:07 +00:00 · 2009-05-07 10:57:07 +00:00 · 3fa5747e33
parent dd9a40ad0e
commit 3fa5747e33
2 changed files with 4 additions and 3 deletions
--- a/5
+++ b/5
@ -6,8 +6,9 @@ http://www.opensc-project.org/opensc/wiki/WhatsNew
 Also see the svn changelog using svn command
 or doc/nonpersistent/ChangeLog.

-New in 0.11.8; 2009-??-??; Andreas Jellinghaus
-* updated and improve entersave driver.
+New in 0.11.8; 2009-05-07; Andreas Jellinghaus
+* Fix security problem in pkcs11-tool gen_keypair (PublicExponent 1)
+* fix compiling without openssl.
 * updated and improve entersafe driver. FTCOS/PK-01C cards are supported
  now, compatible with cards writen by Feitian's software on windows.

--- a/src/tools/pkcs11-tool.c
+++ b/src/tools/pkcs11-tool.c
@ -1035,7 +1035,7 @@ static int gen_keypair(CK_SLOT_ID slot, CK_SESSION_HANDLE session,
 {
 	CK_MECHANISM mechanism = {CKM_RSA_PKCS_KEY_PAIR_GEN, NULL_PTR, 0};
 	CK_ULONG modulusBits = 1024;
-	CK_BYTE publicExponent[] = { 65537 };
+	CK_BYTE publicExponent[] = { 0x01, 0x00, 0x01 }; /* 65537 in bytes */
 	CK_BBOOL _true = TRUE;
 	CK_OBJECT_CLASS pubkey_class = CKO_PUBLIC_KEY;
 	CK_OBJECT_CLASS privkey_class = CKO_PRIVATE_KEY;