Ticket #97 (new defect)
pkcs15-crypt: needs better key usage checking
| Reported by: | aj | Owned by: | opensc-devel@… |
|---|---|---|---|
| Priority: | normal | Milestone: | |
| Component: | opensc | Version: | 0.11.1 |
| Severity: | normal | Keywords: | |
| Cc: |
Description
this report was send to opensc mailing list. the user tried to decrypt with a signing only key, which did not work. but the error message is not good, we should track down the situation and make sure a proper error message is presented.
Andreas
Hi everyone!
I created a key pair using pkcs15-init. They seem ok, because 'pkcs15-tool -k' outputs this:
Private RSA Key [Private Key]
Com. Flags : 3 Usage : [0x4], sign Access Flags: [0x1D], sensitive, alwaysSensitive, neverExtract, local ModLength? : 1024 Key ref : 145 Native : yes Path : 3f005015 Auth ID : 01 ID : 45
and 'pkcs15-tool --list-public-keys' outputs this:
Public RSA Key [Public Key]
Com. Flags : 2 Usage : [0x4], sign Access Flags: [0x0] ModLength? : 1024 Key ref : 0 Native : no Path : 3f0050153048 Auth ID : ID : 45
Then I enciphered data with openssl using the public key listed above.
I am trying now to decipher using pkcs15-crypt, but without success.
When I try:
1 - 'pkcs15-crypt -c --key 15 --input /var/tmp/crypted.bin -v'
I get:
" Connecting to card in reader SCM SCR 335 (605004b8) 00 00... Using card driver STARCOS SPK 2.3. Trying to find a PKCS #15 compatible card... Found OpenSC Card! Unable to find private decryption key '15': Requested object not found "
2 - 'pkcs15-crypt -c --key F --input /var/tmp/crypted.bin -v'
I get: " Connecting to card in reader SCM SCR 335 (605004b8) 00 00... Using card driver STARCOS SPK 2.3. Trying to find a PKCS #15 compatible card... Found OpenSC Card! Unable to find private decryption key '0x0F': Requested object not found "
3 - 'pkcs15-crypt -c --key 145 --input /var/tmp/crypted.bin -v'
I get: " Connecting to card in reader SCM SCR 335 (605004b8) 00 00... Using card driver STARCOS SPK 2.3. Trying to find a PKCS #15 compatible card... Found OpenSC Card! Unable to find private decryption key '145': Requested object not found "
4 - 'pkcs15-crypt -c --key 91 --input /var/tmp/crypted.bin -v'
I get: " Connecting to card in reader SCM SCR 335 (605004b8) 00 00... Using card driver STARCOS SPK 2.3. Trying to find a PKCS #15 compatible card... Found OpenSC Card! Unable to find private decryption key '91': Requested object not found "
5 - 'pkcs15-crypt -c --key 11 --input /var/tmp/crypted.bin -v'
I get: " Connecting to card in reader SCM SCR 335 (605004b8) 00 00... Using card driver STARCOS SPK 2.3. Trying to find a PKCS #15 compatible card... Found OpenSC Card! Unable to find private decryption key '11': Requested object not found "
6 - 'pkcs15-crypt -c --key 17 --input /var/tmp/crypted.bin -v'
I get: " Connecting to card in reader SCM SCR 335 (605004b8) 00 00... Using card driver STARCOS SPK 2.3. Trying to find a PKCS #15 compatible card... Found OpenSC Card! Unable to find private decryption key '17': Requested object not found "
SO, my question is: what is the private key id I should use with pkcs15-crypt?
I am using a GDBurti card, with StarcOS 2.3.
Thanks a lot!
