From cec660fda1fb43f9213f054357251457ccc8cfbf Mon Sep 17 00:00:00 2001 From: okir Date: Tue, 9 Dec 2003 13:57:20 +0000 Subject: [PATCH] - More cyberflex fixes from Martin Buechler git-svn-id: https://www.opensc-project.org/svnp/opensc/trunk@1665 c6295689-39f2-0310-b995-f0e70906c6a9 --- src/libopensc/card-flex.c | 5 +++-- src/pkcs15init/cyberflex.profile | 4 ++-- src/pkcs15init/pkcs15-cflex.c | 26 ++++++++++++++++---------- src/pkcs15init/pkcs15-lib.c | 2 +- 4 files changed, 22 insertions(+), 15 deletions(-) diff --git a/src/libopensc/card-flex.c b/src/libopensc/card-flex.c index dd414fcf..3f5b77cc 100644 --- a/src/libopensc/card-flex.c +++ b/src/libopensc/card-flex.c @@ -1100,7 +1100,7 @@ cyberflex_compute_signature(sc_card_t *card, const u8 *data, switch (data_len) { case 64: alg_id = 0xC4; break; case 96: alg_id = 0xC6; break; - case 128: alg_id = 0xC6; break; + case 128: alg_id = 0xC8; break; default: sc_error(card->ctx, "Illegal input length: %d\n", data_len); return SC_ERROR_INVALID_ARGUMENTS; @@ -1182,7 +1182,8 @@ static int flex_generate_key(sc_card_t *card, struct sc_cardctl_cryptoflex_genke p1 = data->key_num; sc_format_apdu(card, &apdu, SC_APDU_CASE_3_SHORT, 0x46, p1, p2); - apdu.cla = 0xF0; + if (!IS_CYBERFLEX(card)) + apdu.cla = 0xF0; apdu.data = sbuf; apdu.datalen = 4; apdu.lc = 4; diff --git a/src/pkcs15init/cyberflex.profile b/src/pkcs15init/cyberflex.profile index 9790a7b8..79b6e97d 100644 --- a/src/pkcs15init/cyberflex.profile +++ b/src/pkcs15init/cyberflex.profile @@ -1,5 +1,5 @@ # -# General purpose PKCS15 profile for Cyberflex Access cards +# General purpose PKCS15 profile for Cyberflex Access 16K cards # cardinfo { max-pin-length = 8; @@ -52,7 +52,7 @@ filesystem { DF PKCS15-AppDF { ACL = *=$SOPIN, FILES=NONE, DELETE=NONE; # Cyberflex Access 16K - size = 13000; + size = 7500; # This "pin-domain" DF is a template that is # instantiated for each PIN created on the card. diff --git a/src/pkcs15init/pkcs15-cflex.c b/src/pkcs15init/pkcs15-cflex.c index 75bd499a..4bdcaf67 100644 --- a/src/pkcs15init/pkcs15-cflex.c +++ b/src/pkcs15init/pkcs15-cflex.c @@ -626,7 +626,7 @@ bn2cft(sc_pkcs15_bignum_t *num, u8 tag, u8 *buf, size_t bufsize) memset(buf, 0, bufsize); buf[0] = tag; buf[1] = len + 1; - memcpy(buf + 2, num->data, len); + memcpy(buf + 3, num->data, len); return 0; } @@ -759,18 +759,19 @@ cyberflex_encode_private_key(sc_profile_t *profile, sc_card_t *card, * NULL pad byte */ bnlen = base + 3; - if ((r = bn2cft(&rsa->p, 0xC2, key + 0 * bnlen, bnlen)) < 0 - || (r = bn2cft(&rsa->q, 0xC2, key + 1 * bnlen, bnlen)) < 0 + if ((r = bn2cft(&rsa->q, 0xC2, key + 0 * bnlen, bnlen)) < 0 + || (r = bn2cft(&rsa->p, 0xC2, key + 1 * bnlen, bnlen)) < 0 || (r = bn2cft(&rsa->iqmp, 0xC2, key + 2 * bnlen, bnlen)) < 0 - || (r = bn2cft(&rsa->dmp1, 0xC2, key + 3 * bnlen, bnlen)) < 0 - || (r = bn2cft(&rsa->dmq1, 0xC2, key + 4 * bnlen, bnlen)) < 0) + || (r = bn2cft(&rsa->dmq1, 0xC2, key + 3 * bnlen, bnlen)) < 0 + || (r = bn2cft(&rsa->dmp1, 0xC2, key + 4 * bnlen, bnlen)) < 0) return r; key += 5 * bnlen; - *key++ = 0; - *key++ = 0; - *key++ = 0; - + key[0] = 0x0A; + key[1] = 0x0A; + key[2] = 0x00; + key[3] = 0x00; + return 0; } @@ -790,7 +791,7 @@ cyberflex_encode_public_key(sc_profile_t *profile, sc_card_t *card, return SC_ERROR_INVALID_ARGUMENTS; } - key_blob_size = 12 + base + 3 + 7; + key_blob_size = 12 + 3 + base + 7 + 4; if (*keysize < key_blob_size) return SC_ERROR_BUFFER_TOO_SMALL; *keysize = key_blob_size; @@ -810,6 +811,11 @@ cyberflex_encode_public_key(sc_profile_t *profile, sc_card_t *card, || (r = bn2cft(&rsa->exponent, 0xC0, key + bnlen, 3 + 4)) < 0) return r; + key += bnlen + 3 + 4; + key[0] = 0x0A; + key[1] = 0x0A; + key[2] = 0x00; + key[3] = 0x00; return 0; } diff --git a/src/pkcs15init/pkcs15-lib.c b/src/pkcs15init/pkcs15-lib.c index abd771a2..2546079a 100644 --- a/src/pkcs15init/pkcs15-lib.c +++ b/src/pkcs15init/pkcs15-lib.c @@ -2773,7 +2773,7 @@ sc_pkcs15init_parse_info(sc_card_t *card, size_t n; end = p + len; - while (p < end && (tag = *p++) != 0) { + while (p < end && (tag = *p++) != 0 && tag != 0xFF) { int r = 0; if (p >= end || p + (n = *p++) > end)