|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Joao Pedro (countzero
sapo.pt)
Date: Thu Mar 05 2009 - 06:14:52 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I've been digging through the code and, apparently, the reason why
2048 bit keys don't work is that MCardPlugin doesn't yet support
handling APDUs with size > MSC_MAXSIZEOF_APDU_DATALEN.
http://svn.debian.org/wsvn/muscleplugins/trunk/MCardPlugin/src/musclecardApplet.c?op=file&rev=0&sc=0
PL_MSCComputeCrypt:
(...)
if ( (inputDataSize + MSC_SIZEOF_CIPHERMODE + MSC_SIZEOF_CIPHERDIR
+ MSC_SIZEOF_DATALOCATION) > MSC_MAXSIZEOF_APDU_DATALEN ) {
/*********************************************/
/* Do the MSC_CIPHER_PROCESS portion of the code */
/*********************************************/
/* TODO : I don't want to do this now */
pBuffer[OFFSET_P2] = MSC_CIPHER_PROCESS;
pBuffer[OFFSET_LC] = 0; /* TODO */
currentPointer = 0;
return MSC_UNSUPPORTED_FEATURE;
(...)
I don't have experience with the smart card APIs and standards, but if
someone was willing to give me some general guidelines of what is
necessary to implement and modify in the code, I'd be willing to fill
in the necessary pieces to add support for 2048 bit keys.
Thank you.
Best regards,
Joao
Joao Pedro <countzerosapo.pt> wrote:
> Hello Hendrik,
>
> Thanks for the hint. The thing is that, with a proprietary applet,
> 2048 bit keys seem to work fine...
>
> Best regards,
> Joao
>
> Hendrik Tews <tewscs.ru.nl> wrote:
>
>>
>> 1. The card generates a 2048 bit RSA keypair, but when trying, for
>> example, to encrypt data with the public key the card seems to throw
>> and SW_UNSUPPORTED_FEATURE exception - this problem doesn't happen
>> with 1024 bit keys.
>>
>> With NXP JCOP cards I have the following experience: even if it
>> is printed on the backside that they support RSA up to 2048 bits,
>> their largest key size is 1952. For bigger key sizes either
>> RSAPublicKey.setModulus throws CryptoException.ILLEGAL_VALUE or
>> RSAPublicKey.setExponent throws CryptoException.ILLEGAL_VALUE.
>>
>> I would try slightly smaller keys.
>>
>> 2. The random number generator doesn't seem to work... (even though
>> the card supports it).
>>
>> No idea here.
>>
>> Bye,
>>
>> Hendrik
>> _______________________________________________
>> Muscle mailing list
>> Musclelists.musclecard.com
>> http://lists.drizzle.com/mailman/listinfo/muscle
>>
>
>
> _______________________________________________
> Muscle mailing list
> Musclelists.musclecard.com
> http://lists.drizzle.com/mailman/listinfo/muscle
>
_______________________________________________
Muscle mailing list
Musclelists.musclecard.com
http://lists.drizzle.com/mailman/listinfo/muscle
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]