[Bug 622319] Re: Storing RSA key on EnterSafe smart card fails

Stefano Rivera launchpad at rivera.za.net
Mon Aug 23 11:34:24 BST 2010 

Unsubscribing sponsors. We can't get the SRU through until it's fixed in
maverick.

-- 
Storing RSA key on EnterSafe smart card fails
https://bugs.launchpad.net/bugs/622319
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is a direct subscriber.

Status in “opensc” package in Ubuntu: New
Status in “opensc” source package in Lucid: New

Bug description:
Binary package hint: opensc

Lucid, OpenSC 0.11.12:

firas at tsukino ~ % dpkg -l | grep opensc
ii  libopensc2                                       0.11.12-1ubuntu3                                Smart card library with support for PKCS#15 
ii  opensc                                           0.11.12-1ubuntu3                                Smart card utilities with support for PKCS#1
firas at tsukino ~ % lsb_release -a
No LSB modules are available.
Distributor ID:	Ubuntu
Description:	Ubuntu 10.04.1 LTS
Release:	10.04
Codename:	lucid


How to reproduce:

Initialise the smart card:

firas at tsukino ~ % pkcs15-init -E -C --label "My Smart Card"
Using reader with a card: Feitian SCR301 00 00
New User PIN.
Please enter User PIN: 
Please type again to verify: 
Unblock Code for New User PIN (Optional - press return for no PIN).
Please enter User unblocking PIN (PUK): 
Please type again to verify: 


Generate RSA key:

firas at tsukino ~ % openssl genrsa -des3 -out mykey.key 1024
Generating RSA private key, 1024 bit long modulus
..............++++++
.......++++++
e is 65537 (0x10001)
Enter pass phrase for mykey.key:
Verifying - Enter pass phrase for mykey.key:


Try to story the key on the card:

firas at tsukino ~ % pkcs15-init -S mykey.key --auth-id ff --label "My Private Key"
Using reader with a card: Feitian SCR301 00 00
Please enter passphrase to unlock secret key: 
User PIN required.
Please enter User PIN: 
pkcs15-init: card-entersafe.c:1047: entersafe_encode_bignum: Assertion `0' failed.
zsh: abort      pkcs15-init -S mykey.key --auth-id ff --label "My Private Key"



A fix exists (patch already comitted in upstream SVN):

http://www.opensc-project.org/pipermail/opensc-devel/2010-January/013067.html
http://www.mail-archive.com/opensc-devel@lists.opensc-project.org/msg05224.html

Debdiff to follow applying both patches:

-> First patch fixes storing a key
-> Second patch fixes an unrelated bug that causes a segfault when trying to store a 2048-bit key (1024-bit key works fine with the first patch alone)

Fix is SRU-worthy IMO.

ProblemType: Bug
DistroRelease: Ubuntu 10.04
Package: opensc 0.11.12-1ubuntu3
ProcVersionSignature: Ubuntu 2.6.32-24.41-generic 2.6.32.15+drm33.5
Uname: Linux 2.6.32-24-generic x86_64
NonfreeKernelModules: wl nvidia
Architecture: amd64
Date: Sun Aug 22 17:55:01 2010
EcryptfsInUse: Yes
InstallationMedia: Ubuntu 10.04 LTS "Lucid Lynx" - Release amd64 (20100429)
ProcEnviron:
 LANGUAGE=en
 LANG=en_GB.utf8
 SHELL=/bin/zsh
SourcePackage: opensc

More information about the Ubuntu-sponsors mailing list