[Bug 577] bug (wrong flag) in sc_private_decrypt (scard-opensc.c)

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Tue May 27 22:28:02 EST 2003


http://bugzilla.mindrot.org/show_bug.cgi?id=577

           Summary: bug (wrong flag) in sc_private_decrypt (scard-opensc.c)
           Product: Portable OpenSSH
           Version: -current
          Platform: All
        OS/Version: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Smartcard
        AssignedTo: openssh-bugs at mindrot.org
        ReportedBy: larsch at trustcenter.de


There's a small bug in scard-opensc.c. The OpenSC function sc_pkcs15_decipher
is called with the wrong flag. Currently sc_private_decrypt set the flag to
0 and hence OpenSC uses RSA raw to decipher the cryptogram => the Smartcard
(or OpenSC) does not remove the PKCS#1 padding => v1 authentication fails
because the returned data has the wrong length. To fix this problem simply
replace:
r = sc_pkcs15_decipher(p15card, key_obj, 0, from, flen, to, flen);
with
r = sc_pkcs15_decipher(p15card, key_obj, SC_ALGORITHM_RSA_PAD_PKCS1, from, flen,
to, flen);

Nils



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.




More information about the openssh-bugs mailing list