[Bug 1311921] [NEW] SmartCard-HSM card does not list RSA 2048 public keys

Gert van Dijk Wed, 23 Apr 2014 16:31:34 -0700

Public bug reported:

OpenSC 0.13.0 does not list RSA public keys which are of 2048 bits in
size on a SmartCard-HSM smart card.


Although the keys are listed after on-card key generation, only the
private key is listed later. This issue does not appear for keys of 1024
bits in size on the same card.

Steps to reproduce:

1. Generate the RSA key of 2048 bits in size in case none of this type
is present:

$ pkcs11-tool --module /usr/lib/x86_64-linux-gnu/opensc-pkcs11.so -l 
--keypairgen --key-type rsa:2048 --id 10
Using slot 1 with a present token (0x1)
Logging in to "SmartCard-HSM (UserPIN)".
Please enter User PIN: 
Key pair generated:
Private Key Object; RSA 
  label:      Private Key
  ID:         10
  Usage:      decrypt, sign, unwrap
Public Key Object; RSA 2048 bits
  label:      Private Key
  ID:         10
  Usage:      encrypt, verify, wrap

2. The public key cannot be listed/obained:

2a. using pkcs11-tool, reading the public key fails.

$ pkcs11-tool --module /usr/lib/x86_64-linux-gnu/opensc-pkcs11.so --id 10 
--read-object --type pubkey
Using slot 1 with a present token (0x1)
error: object not found

2b. listing the objects using pcks15-tool will only list the private key
object.

$ pkcs15-tool -D
Using reader with a card: Alcor Micro AU9540 00 00
PKCS#15 Card [SmartCard-HSM]:
[...]

PIN [UserPIN]
[...]

PIN [SOPIN]
[...]

Private RSA Key [Private Key]
[...]
        ID             : 10
[...]

Fix is committed upstream in
https://github.com/OpenSC/OpenSC/commit/99af6cd8ee78776f50bc016fc230541072c60afb

Applying fix mentioned above on top of opensc (0.13.0-3ubuntu4) fixes
the issue for me, without regenerating keys.

$ pkcs11-tool --module /usr/lib/x86_64-linux-gnu/opensc-pkcs11.so --id 10 
--read-object --type pubkey | hexdump
Using slot 1 with a present token (0x1)
0000000 8230 0a01 8202 0101 9000 5007 f88a 3370
0000010 a1c3 65e0 8d90 0b3b 0f40 d776 2d84 80be
[...]

** Affects: opensc (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1311921

Title:
  SmartCard-HSM card does not list RSA 2048 public keys

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/opensc/+bug/1311921/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1311921] [NEW] SmartCard-HSM card does not list RSA 2048 public keys

Reply via email to