[Muscle] Some issues with Aladdin eToken PRO 72K (Athena OS755)

Joao Pedro countzero at sapo.pt
Thu Mar 5 04:14:52 PST 2009 

I've been digging through the code and, apparently,  the reason why  
2048 bit keys don't work is that MCardPlugin doesn't yet support  
handling APDUs with size > MSC_MAXSIZEOF_APDU_DATALEN.

http://svn.debian.org/wsvn/muscleplugins/trunk/MCardPlugin/src/musclecardApplet.c?op=file&rev=0&sc=0  
@PL_MSCComputeCrypt:
(...)
   if ( (inputDataSize + MSC_SIZEOF_CIPHERMODE + MSC_SIZEOF_CIPHERDIR
         + MSC_SIZEOF_DATALOCATION) > MSC_MAXSIZEOF_APDU_DATALEN ) {

     /*********************************************/
     /* Do the MSC_CIPHER_PROCESS portion of the code */
     /*********************************************/

     /* TODO : I don't want to do this now */

     pBuffer[OFFSET_P2]     = MSC_CIPHER_PROCESS;
     pBuffer[OFFSET_LC]     = 0; /* TODO */

     currentPointer  = 0;

     return MSC_UNSUPPORTED_FEATURE;
(...)

I don't have experience with the smart card APIs and standards, but if  
someone was willing to give me some general guidelines of what is  
necessary to implement and modify in the code, I'd be willing to fill  
in the necessary pieces to add support for 2048 bit keys.

Thank you.

Best regards,
Joao

Joao Pedro <countzero at sapo.pt> wrote:

> Hello Hendrik,
>
> Thanks for the hint. The thing is that, with a proprietary applet,  
> 2048 bit keys seem to work fine...
>
> Best regards,
> Joao
>
> Hendrik Tews <tews at cs.ru.nl> wrote:
>
>>
>>   1. The card generates a 2048 bit RSA keypair, but when trying, for
>>   example, to encrypt data with the public key the card seems to throw
>>   and SW_UNSUPPORTED_FEATURE exception - this problem doesn't happen
>>   with 1024 bit keys.
>>
>> With NXP JCOP cards I have the following experience: even if it
>> is printed on the backside that they support RSA up to 2048 bits,
>> their largest key size is 1952. For bigger key sizes either
>> RSAPublicKey.setModulus throws CryptoException.ILLEGAL_VALUE or
>> RSAPublicKey.setExponent throws CryptoException.ILLEGAL_VALUE.
>>
>> I would try slightly smaller keys.
>>
>>   2. The random number generator doesn't seem to work... (even though
>>   the card supports it).
>>
>> No idea here.
>>
>> Bye,
>>
>> Hendrik
>> _______________________________________________
>> Muscle mailing list
>> Muscle at lists.musclecard.com
>> http://lists.drizzle.com/mailman/listinfo/muscle
>>
>
>
> _______________________________________________
> Muscle mailing list
> Muscle at lists.musclecard.com
> http://lists.drizzle.com/mailman/listinfo/muscle
>

More information about the Muscle mailing list