-
Notifications
You must be signed in to change notification settings - Fork 711
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
PKCS11 function C_SignFinal failed: rv = CKR_ARGUMENTS_BAD with PKCS#15 Card [CardOS V5.3] using 3072 bit RSA key #1764
Comments
It looks like the problem is with line 873: See if you can get farther by defining The card is capable of doing extended APDUs. |
I've tried that (I've put 1000 instead of |
Di you have a new debug log? Based on you first debug log lines 1424-26:
In git master code:
Your diff has:
It look like failure in first debug log is from |
please check if #1776 fixes the problem |
Yes, now it works, thanks! I don't know how to verify the signature though. |
Problem Description
Using opensc 0.19.0 with pcsc-lite 1.8.24,2 on FreeBSD 11.2-STABLE
Applied a small patch to get key length 3072 and 4096 recognized and get some extra debug output:
I try to sign the following uuencoded bytes:
My opensc.conf:
My test script:
Output in the
cardlog
file:If I don't patch OpenSC as above, I am getting
CKR_FUNCTION_NOT_SUPPORTED
instead.Proposed Resolution
Looking at my extra debug line added by a patch above:
https://gist.github.com/saper/9febbea30f9e0fb57e4599f3b102378c#file-opensc-debug-redacted-txt-L1425
I think the problem is with too small buffers for the signing operation with larger keys.
Steps to reproduce
as above
Card identification:
Logs
https://gist.github.com/9febbea30f9e0fb57e4599f3b102378c
The text was updated successfully, but these errors were encountered: