-
-
Save nikileshsa/5652ac2986f41f353a9703aca04e5110 to your computer and use it in GitHub Desktop.
Revisions
-
Jakuje revised this gist
Oct 18, 2017 . 1 changed file with 7 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -122,8 +122,15 @@ For other parameters, replace the hash algorithsm, add a `--salt-len` parameter * Encrypt the data locally openssl rsautl -encrypt -inkey $ENC_KEY.pub -in data -pubin -out data.crypt -oaep or openssl pkeyutl -encrypt -inkey $ENC_KEY.pub -pubin -pkeyopt rsa_padding_mode:oaep -pkeyopt rsa_oaep_md:sha256 -pkeyopt rsa_mgf1_md:sha256 -in data -out data.sha256.crypt * Decrypt the data on the card cat data.crypt | ./pkcs11-tool --id $ENC_KEY --decrypt -p $PIN -m RSA-PKCS-OAEP --module ../pkcs11/.libs/opensc-pkcs11.so or cat data.sha256.crypt | ./pkcs11-tool --id $ENC_KEY --decrypt -p $PIN -m RSA-PKCS-OAEP --hash-algorithm=sha256 --module ../pkcs11/.libs/opensc-pkcs11.so -
Oct 18, 2017 . 1 changed file with 11 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -116,3 +116,14 @@ For other parameters, replace the hash algorithsm, add a `--salt-len` parameter * Decrypt the data on the card cat data_pad.crypt | ./pkcs11-tool --id $ENC_KEY --decrypt -p $PIN -m RSA-X-509 --module ../pkcs11/.libs/opensc-pkcs11.so ## RSA-PKCS-OAEP * Encrypt the data locally openssl rsautl -encrypt -inkey $ENC_KEY.pub -in data -pubin -out data.crypt -oaep * Decrypt the data on the card cat data.crypt | ./pkcs11-tool --id $ENC_KEY --decrypt -p $PIN -m RSA-PKCS-OAEP --module ../pkcs11/.libs/opensc-pkcs11.so -
Sep 20, 2017 . 1 changed file with 11 additions and 7 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -14,7 +14,7 @@ * Convert it to the public key (PEM format) openssl x509 -inform DER -in $SIGN_KEY.cert -pubkey > $SIGN_KEY.pub or @@ -34,7 +34,7 @@ or * Verify openssl rsautl -verify -inkey $SIGN_KEY.pub -in data.sig -pubin ## SHA1-RSA-PKCS @@ -44,21 +44,25 @@ or * Verify and parse the returned ASN1 structure: openssl rsautl -verify -inkey $SIGN_KEY.pub -in data.sig -pubin | openssl asn1parse -inform DER * Compare the result with the sha1 sum of the input file: sha1sum data Similarily can be tested the SHA256, SHA384 and SHA512, just by replacing SHA1 with these hashes in above commands. ## SHA1-RSA-PKCS-PSS * Sign the data on the smartcard using private key: cat data | ./pkcs11-tool --id $SIGN_KEY -s -p $PIN -m SHA1-RSA-PKCS-PSS --module ../pkcs11/.libs/opensc-pkcs11.so > data.sig * Verify openssl dgst -keyform DER -verify $SIGN_KEY.pub -sha1 -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:-1 -signature data.sig data For other parameters, replace the hash algorithsm, add a `--salt-len` parameter for the `pkcs11-tool` and adjust `rsa_pss_saltlen` argument of `openssl`. ## RSA-X-509 @@ -72,7 +76,7 @@ or * Verify openssl rsautl -verify -inkey $SIGN_KEY.pub -in data_pad.sig -pubin -raw # Encrypt/Decrypt using private key/certificate -
Sep 6, 2017 . 1 changed file with 34 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -16,6 +16,16 @@ openssl x509 -inform DER -in $SIGN_KEY.cert -pubkey > $SIGN_KEY.cert.pub or * Get the public key from the card: ./pkcs11-tool -r -p $PIN --id $SIGN_KEY --type pubkey --module ../pkcs11/.libs/opensc-pkcs11.so > $SIGN_KEY.der * Convert it to PEM format: openssl rsa -inform DER -outform PEM -in $SIGN_KEY.der -pubin > $SIGN_KEY.pub ## RSA-PKCS * Sign the data on the smartcard using private key: @@ -26,6 +36,30 @@ openssl rsautl -verify -inkey $SIGN_KEY.cert.pub -in data.sig -pubin ## SHA1-RSA-PKCS * Sign the data on the smartcard using private key: cat data | ./pkcs11-tool --id $SIGN_KEY -s -p $PIN -m SHA1-RSA-PKCS --module ../pkcs11/.libs/opensc-pkcs11.so > data.sig * Verify and parse the returned ASN1 structure: openssl rsautl -verify -inkey $SIGN_KEY.cert.pub -in data.sig -pubin | openssl asn1parse -inform DER * Compare the result with the sha1 sum of the input file: sha1sum data Similarily can be tested the SHA256, SHA384 and SHA512, just by replacing SHA1 with these hashes in above commands. ## SHA1-RSA-PSS * Sign the data on the smartcard using private key: cat data | ./pkcs11-tool --id $SIGN_KEY -s -p $PIN -m SHA1-RSA-PSS --module ../pkcs11/.libs/opensc-pkcs11.so > data.sig * Verify ??? TODO ## RSA-X-509 * Prepare data with padding: -
Mar 22, 2017 . No changes.There are no files selected for viewing
-
Mar 22, 2017 . 4 changed files with 51 additions and 247 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,37 +1,80 @@ export PIN=111111 export SIGN_KEY=11 export ENC_KEY=55 # Sign/Verify using private key/certificate * Create a data to sign echo "data to sign (max 100 bytes)" > data * Get the certificate from the card: ./pkcs11-tool -r -p $PIN --id $SIGN_KEY --type cert --module ../pkcs11/.libs/opensc-pkcs11.so > $SIGN_KEY.cert * Convert it to the public key (PEM format) openssl x509 -inform DER -in $SIGN_KEY.cert -pubkey > $SIGN_KEY.cert.pub ## RSA-PKCS * Sign the data on the smartcard using private key: cat data | ./pkcs11-tool --id $SIGN_KEY -s -p $PIN -m RSA-PKCS --module ../pkcs11/.libs/opensc-pkcs11.so > data.sig * Verify openssl rsautl -verify -inkey $SIGN_KEY.cert.pub -in data.sig -pubin ## RSA-X-509 * Prepare data with padding: (echo -ne "\x00\x01" && for i in `seq 224`; do echo -ne "\xff"; done && echo -ne "\00" && cat data) > data_pad * Sign the data on the smartcard using private key: cat data_pad | ./pkcs11-tool --id $SIGN_KEY -s -p $PIN -m RSA-X-509 --module ../pkcs11/.libs/opensc-pkcs11.so > data_pad.sig * Verify openssl rsautl -verify -inkey $SIGN_KEY.cert.pub -in data_pad.sig -pubin -raw # Encrypt/Decrypt using private key/certificate * Create a data to encrypt echo "data to encrpyt should be longer, better, faster and whatever we need to hide in front of nasty eyes of the ones that should not see them. " > data * Get the certificate from the card: ./pkcs11-tool -r -p $PIN --id $ENC_KEY --type cert --module ../pkcs11/.libs/opensc-pkcs11.so > $ENC_KEY.cert * Convert it to the public key (PEM format) openssl x509 -inform DER -in $ENC_KEY.cert -pubkey > $ENC_KEY.pub ## RSA-PKCS * Encrypt the data locally openssl rsautl -encrypt -inkey $ENC_KEY.pub -in data -pubin -out data.crypt * Decrypt the data on the card cat data.crypt | ./pkcs11-tool --id $ENC_KEY --decrypt -p $PIN -m RSA-PKCS --module ../pkcs11/.libs/opensc-pkcs11.so ## RSA-X-509 * Prepare data with padding: (echo -ne "\x00\x02" && for i in `seq 113`; do echo -ne "\xff"; done && echo -ne "\00" && cat data) > data_pad * Encrypt the data locally openssl rsautl -encrypt -inkey $ENC_KEY.pub -in data_pad -pubin -out data_pad.crypt -raw * Decrypt the data on the card cat data_pad.crypt | ./pkcs11-tool --id $ENC_KEY --decrypt -p $PIN -m RSA-X-509 --module ../pkcs11/.libs/opensc-pkcs11.so This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,109 +0,0 @@ This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,107 +0,0 @@ This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,23 +0,0 @@ -
Mar 20, 2017 . 1 changed file with 8 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,29 +1,37 @@ # Encrypt/Decrypt using private key/certificate * Create a data to encrypt echo "data to encrpyt should be longer, better, faster and whatever we need to hide in front of nasty eyes of the ones that should not see them. " > data * Get the certificate from the card: ./pkcs11-tool -r -p 111111 --id 55 --type cert --module ../pkcs11/.libs/opensc-pkcs11.so > 55.cert * Convert it to the public key (PEM format) openssl x509 -inform DER -in 55.cert -pubkey > 55.pub ## RSA-PKCS * Encrypt the data locally openssl rsautl -encrypt -inkey 55.pub -in data -pubin -out data.crypt * Decrypt the data on the card cat data.crypt | ./pkcs11-tool --id 55 --decrypt -p 111111 -m RSA-PKCS --module ../pkcs11/.libs/opensc-pkcs11.so ## RSA-X-509 * Prepare data with padding: (echo -ne "\x00\x02" && for i in `seq 113`; do echo -ne "\xff"; done && echo -ne "\00" && cat data) > data_pad * Encrypt the data locally openssl rsautl -encrypt -inkey 55.pub -in data_pad -pubin -out data_pad.crypt -raw * Decrypt the data on the card cat data_pad.crypt | ./pkcs11-tool --id 55 --decrypt -p 111111 -m RSA-X-509 --module ../pkcs11/.libs/opensc-pkcs11.so -
Mar 20, 2017 . 3 changed files with 245 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,29 @@ # Encrypt/Decrypt using private key/certificate * Create a data to encrypt echo "data to encrpyt should be longer, better, faster and whatever we need to hide in front of nasty eyes of the ones that should not see them. " > data * Get the certificate from the card: ./pkcs11-tool -r -p 111111 --id 55 --type cert --module ../pkcs11/.libs/opensc-pkcs11.so > 55.cert * Convert it to the public key (PEM format) openssl x509 -inform DER -in 55.cert -pubkey > 55.pub ## RSA-PKCS * Encrypt the data locally openssl rsautl -encrypt -inkey 55.pub -in data -pubin -out data.crypt * Decrypt the data on the card cat data.crypt | ./pkcs11-tool --id 55 --decrypt -p 111111 -m RSA-PKCS --module ../pkcs11/.libs/opensc-pkcs11.so ## RSA-X-509 * Prepare data with padding: (echo -ne "\x00\x02" && for i in `seq 113`; do echo -ne "\xff"; done && echo -ne "\00" && cat data) > data_pad * Encrypt the data locally openssl rsautl -encrypt -inkey 55.pub -in data_pad -pubin -out data_pad.crypt -raw * Decrypt the data on the card cat data_pad.crypt | ./pkcs11-tool --id 55 --decrypt -p 111111 -m RSA-X-509 --module ../pkcs11/.libs/opensc-pkcs11.so This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,109 @@ 0x7fa4a546f700 13:27:05.707 [opensc-pkcs11] pkcs15-sec.c:206:sc_pkcs15_decipher: called 0x7fa4a546f700 13:27:05.707 [opensc-pkcs11] padding.c:283:sc_get_encoding_flags: called 0x7fa4a546f700 13:27:05.707 [opensc-pkcs11] padding.c:287:sc_get_encoding_flags: iFlags 0x2, card capabilities 0xC0000011 0x7fa4a546f700 13:27:05.707 [opensc-pkcs11] padding.c:316:sc_get_encoding_flags: pad flags 0x2, secure algorithm flags 0x0 0x7fa4a546f700 13:27:05.707 [opensc-pkcs11] padding.c:317:sc_get_encoding_flags: returning with: 0 (Success) 0x7fa4a546f700 13:27:05.707 [opensc-pkcs11] card.c:393:sc_lock: called 0x7fa4a546f700 13:27:05.707 [opensc-pkcs11] card.c:435:sc_lock: returning with: 0 (Success) 0x7fa4a546f700 13:27:05.707 [opensc-pkcs11] pkcs15-sec.c:44:select_key_file: called 0x7fa4a546f700 13:27:05.707 [opensc-pkcs11] card.c:709:sc_select_file: called; type=2, path=3f005015 0x7fa4a546f700 13:27:05.707 [opensc-pkcs11] card-cardos.c:485:cardos_select_file: called 0x7fa4a546f700 13:27:05.707 [opensc-pkcs11] apdu.c:550:sc_transmit_apdu: called 0x7fa4a546f700 13:27:05.707 [opensc-pkcs11] card.c:393:sc_lock: called 0x7fa4a546f700 13:27:05.707 [opensc-pkcs11] card.c:435:sc_lock: returning with: 0 (Success) 0x7fa4a546f700 13:27:05.707 [opensc-pkcs11] apdu.c:517:sc_transmit: called 0x7fa4a546f700 13:27:05.707 [opensc-pkcs11] apdu.c:371:sc_single_transmit: called 0x7fa4a546f700 13:27:05.707 [opensc-pkcs11] apdu.c:376:sc_single_transmit: CLA:0, INS:A4, P1:8, P2:C, data(2) 0x7fff30f45222 0x7fa4a546f700 13:27:05.707 [opensc-pkcs11] reader-pcsc.c:269:pcsc_transmit: reader 'OMNIKEY AG CardMan 3121 00 00' 0x7fa4a546f700 13:27:05.707 [opensc-pkcs11] reader-pcsc.c:270:pcsc_transmit: Outgoing APDU (7 bytes): 00 A4 08 0C 02 50 15 .....P. 0x7fa4a546f700 13:27:05.707 [opensc-pkcs11] reader-pcsc.c:199:pcsc_internal_transmit: called 0x7fa4a546f700 13:27:05.717 [opensc-pkcs11] reader-pcsc.c:279:pcsc_transmit: Incoming APDU (2 bytes): 90 00 .. 0x7fa4a546f700 13:27:05.717 [opensc-pkcs11] apdu.c:386:sc_single_transmit: returning with: 0 (Success) 0x7fa4a546f700 13:27:05.717 [opensc-pkcs11] apdu.c:539:sc_transmit: returning with: 0 (Success) 0x7fa4a546f700 13:27:05.717 [opensc-pkcs11] card.c:445:sc_unlock: called 0x7fa4a546f700 13:27:05.717 [opensc-pkcs11] iso7816.c:550:iso7816_select_file: returning with: 0 (Success) 0x7fa4a546f700 13:27:05.717 [opensc-pkcs11] card-cardos.c:489:cardos_select_file: returning with: 0 (Success) 0x7fa4a546f700 13:27:05.717 [opensc-pkcs11] card.c:744:sc_select_file: returning with: 0 (Success) 0x7fa4a546f700 13:27:05.717 [opensc-pkcs11] pkcs15-sec.c:80:select_key_file: returning with: 0 (Success) 0x7fa4a546f700 13:27:05.717 [opensc-pkcs11] sec.c:68:sc_set_security_env: called 0x7fa4a546f700 13:27:05.717 [opensc-pkcs11] apdu.c:550:sc_transmit_apdu: called 0x7fa4a546f700 13:27:05.717 [opensc-pkcs11] card.c:393:sc_lock: called 0x7fa4a546f700 13:27:05.717 [opensc-pkcs11] card.c:435:sc_lock: returning with: 0 (Success) 0x7fa4a546f700 13:27:05.717 [opensc-pkcs11] apdu.c:517:sc_transmit: called 0x7fa4a546f700 13:27:05.717 [opensc-pkcs11] apdu.c:371:sc_single_transmit: called 0x7fa4a546f700 13:27:05.717 [opensc-pkcs11] apdu.c:376:sc_single_transmit: CLA:0, INS:22, P1:41, P2:B8, data(3) 0x7fff30f453c0 0x7fa4a546f700 13:27:05.717 [opensc-pkcs11] reader-pcsc.c:269:pcsc_transmit: reader 'OMNIKEY AG CardMan 3121 00 00' 0x7fa4a546f700 13:27:05.717 [opensc-pkcs11] reader-pcsc.c:270:pcsc_transmit: Outgoing APDU (8 bytes): 00 22 41 B8 03 83 01 02 ."A..... 0x7fa4a546f700 13:27:05.717 [opensc-pkcs11] reader-pcsc.c:199:pcsc_internal_transmit: called 0x7fa4a546f700 13:27:05.724 [opensc-pkcs11] reader-pcsc.c:279:pcsc_transmit: Incoming APDU (2 bytes): 90 00 .. 0x7fa4a546f700 13:27:05.724 [opensc-pkcs11] apdu.c:386:sc_single_transmit: returning with: 0 (Success) 0x7fa4a546f700 13:27:05.724 [opensc-pkcs11] apdu.c:539:sc_transmit: returning with: 0 (Success) 0x7fa4a546f700 13:27:05.724 [opensc-pkcs11] card.c:445:sc_unlock: called 0x7fa4a546f700 13:27:05.724 [opensc-pkcs11] card-cardos.c:831:cardos_set_security_env: reference=0, mechanism=0, operations=0, algo_ref=0 0x7fa4a546f700 13:27:05.724 [opensc-pkcs11] card-cardos.c:831:cardos_set_security_env: reference=0, mechanism=0, operations=0, algo_ref=0 0x7fa4a546f700 13:27:05.724 [opensc-pkcs11] card-cardos.c:831:cardos_set_security_env: reference=0, mechanism=0, operations=0, algo_ref=0 0x7fa4a546f700 13:27:05.724 [opensc-pkcs11] card-cardos.c:831:cardos_set_security_env: reference=0, mechanism=0, operations=0, algo_ref=0 0x7fa4a546f700 13:27:05.724 [opensc-pkcs11] card-cardos.c:831:cardos_set_security_env: reference=0, mechanism=0, operations=0, algo_ref=0 0x7fa4a546f700 13:27:05.724 [opensc-pkcs11] card-cardos.c:831:cardos_set_security_env: reference=0, mechanism=0, operations=0, algo_ref=0 0x7fa4a546f700 13:27:05.724 [opensc-pkcs11] card-cardos.c:831:cardos_set_security_env: reference=0, mechanism=0, operations=0, algo_ref=0 0x7fa4a546f700 13:27:05.724 [opensc-pkcs11] card-cardos.c:831:cardos_set_security_env: reference=0, mechanism=0, operations=0, algo_ref=0 0x7fa4a546f700 13:27:05.724 [opensc-pkcs11] card-cardos.c:836:cardos_set_security_env: returning with: 0 (Success) 0x7fa4a546f700 13:27:05.724 [opensc-pkcs11] sec.c:72:sc_set_security_env: returning with: 0 (Success) 0x7fa4a546f700 13:27:05.724 [opensc-pkcs11] sec.c:40:sc_decipher: called 0x7fa4a546f700 13:27:05.725 [opensc-pkcs11] iso7816.c:941:iso7816_decipher: called 0x7fa4a546f700 13:27:05.725 [opensc-pkcs11] iso7816.c:942:iso7816_decipher: ISO7816 decipher: in-len 256, out-len 512 0x7fa4a546f700 13:27:05.725 [opensc-pkcs11] apdu.c:550:sc_transmit_apdu: called 0x7fa4a546f700 13:27:05.725 [opensc-pkcs11] card.c:393:sc_lock: called 0x7fa4a546f700 13:27:05.725 [opensc-pkcs11] card.c:435:sc_lock: returning with: 0 (Success) 0x7fa4a546f700 13:27:05.725 [opensc-pkcs11] apdu.c:517:sc_transmit: called 0x7fa4a546f700 13:27:05.725 [opensc-pkcs11] apdu.c:371:sc_single_transmit: called 0x7fa4a546f700 13:27:05.725 [opensc-pkcs11] apdu.c:376:sc_single_transmit: CLA:0, INS:2A, P1:80, P2:86, data(257) 0x1501b40 0x7fa4a546f700 13:27:05.725 [opensc-pkcs11] reader-pcsc.c:269:pcsc_transmit: reader 'OMNIKEY AG CardMan 3121 00 00' 0x7fa4a546f700 13:27:05.725 [opensc-pkcs11] reader-pcsc.c:270:pcsc_transmit: Outgoing APDU (266 bytes): 00 2A 80 86 00 01 01 00 04 C7 16 57 37 67 7F FF .*.........W7g.. 83 F6 C0 A8 B9 C0 2D 22 DF B6 2D 7B 02 0A 16 F1 ......-"..-{.... BA C5 86 4A F1 97 9F F8 D8 54 3A D9 35 BE DA 5C ...J.....T:.5..\ 4C EF F6 FF C8 B4 AF 05 F3 C6 CE C8 2E B9 6F BF L.............o. 9B C3 48 71 08 C6 64 D5 80 17 11 F0 4A 6C 20 CE ..Hq..d.....Jl . E6 4A 8B 1B 79 2A B3 7C F6 26 26 4B 06 AF F5 BC .J..y*.|.&&K.... 64 04 96 54 21 E7 91 4B 8D 06 16 5D CC 59 04 BF d..T!..K...].Y.. 94 40 B2 DC EB ED D2 D2 38 18 2A 56 D0 74 00 03 [email protected].*V.t.. CB C1 57 B8 6C 2B 5C 3B 59 CE A6 DB D3 9B 57 A7 ..W.l+\;Y.....W. 6D A4 75 38 D7 3F D0 AD 8C ED 51 24 BC 0F 7C FA m.u8.?....Q$..|. E9 B2 68 E3 EE 0A A1 48 CF B8 C5 23 8B 58 F3 B7 ..h....H...#.X.. D9 69 D8 55 07 E8 90 1D A0 25 B0 93 75 DA 77 E0 .i.U.....%..u.w. 62 FE DA 5F 30 24 60 DE 9E 74 2E 1C 51 64 BA 65 b.._0$`..t..Qd.e 67 07 21 EC A9 83 DB 19 89 6B 89 E0 42 36 49 CA g.!......k..B6I. 29 B2 3F 99 F0 A2 82 7E 1F E0 D1 41 D6 93 DA 87 ).?....~...A.... 82 96 AC A5 E2 21 34 E1 11 F9 13 4C 8D 10 B1 57 .....!4....L...W 7D AC BF 11 DF 9A AE 52 01 7E }......R.~ 0x7fa4a546f700 13:27:05.725 [opensc-pkcs11] reader-pcsc.c:199:pcsc_internal_transmit: called 0x7fa4a546f700 13:27:05.979 [opensc-pkcs11] reader-pcsc.c:279:pcsc_transmit: Incoming APDU (142 bytes): 64 61 74 61 20 74 6F 20 65 6E 63 72 70 79 74 20 data to encrpyt 73 68 6F 75 6C 64 20 62 65 20 6C 6F 6E 67 65 72 should be longer 2C 20 62 65 74 74 65 72 2C 20 66 61 73 74 65 72 , better, faster 20 61 6E 64 20 77 68 61 74 65 76 65 72 20 77 65 and whatever we 20 6E 65 65 64 20 74 6F 20 68 69 64 65 20 69 6E need to hide in 20 66 72 6F 6E 74 20 6F 66 20 6E 61 73 74 79 20 front of nasty 65 79 65 73 20 6F 66 20 74 68 65 20 6F 6E 65 73 eyes of the ones 20 74 68 61 74 20 73 68 6F 75 6C 64 20 6E 6F 74 that should not 20 73 65 65 20 74 68 65 6D 2E 20 0A 90 00 see them. ... 0x7fa4a546f700 13:27:05.979 [opensc-pkcs11] apdu.c:386:sc_single_transmit: returning with: 0 (Success) 0x7fa4a546f700 13:27:05.979 [opensc-pkcs11] apdu.c:539:sc_transmit: returning with: 0 (Success) 0x7fa4a546f700 13:27:05.979 [opensc-pkcs11] card.c:445:sc_unlock: called 0x7fa4a546f700 13:27:05.979 [opensc-pkcs11] iso7816.c:969:iso7816_decipher: returning with: 140 0x7fa4a546f700 13:27:05.979 [opensc-pkcs11] sec.c:44:sc_decipher: returning with: 140 0x7fa4a546f700 13:27:05.979 [opensc-pkcs11] card.c:445:sc_unlock: called 0x7fa4a546f700 13:27:05.979 [opensc-pkcs11] padding.c:148:sc_pkcs1_strip_02_padding: called 0x7fa4a546f700 13:27:05.979 [opensc-pkcs11] padding.c:158:sc_pkcs1_strip_02_padding: returning with: -1412 (Wrong padding) 0x7fa4a546f700 13:27:05.979 [opensc-pkcs11] pkcs15-sec.c:227:sc_pkcs15_decipher: Invalid PKCS#1 padding: -1412 (Wrong padding) This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,107 @@ 0x7f13e2681700 13:26:48.918 [opensc-pkcs11] pkcs15-sec.c:206:sc_pkcs15_decipher: called 0x7f13e2681700 13:26:48.918 [opensc-pkcs11] padding.c:283:sc_get_encoding_flags: called 0x7f13e2681700 13:26:48.918 [opensc-pkcs11] padding.c:287:sc_get_encoding_flags: iFlags 0x1, card capabilities 0xC0000011 0x7f13e2681700 13:26:48.918 [opensc-pkcs11] padding.c:316:sc_get_encoding_flags: pad flags 0x0, secure algorithm flags 0x1 0x7f13e2681700 13:26:48.918 [opensc-pkcs11] padding.c:317:sc_get_encoding_flags: returning with: 0 (Success) 0x7f13e2681700 13:26:48.918 [opensc-pkcs11] card.c:393:sc_lock: called 0x7f13e2681700 13:26:48.918 [opensc-pkcs11] card.c:435:sc_lock: returning with: 0 (Success) 0x7f13e2681700 13:26:48.918 [opensc-pkcs11] pkcs15-sec.c:44:select_key_file: called 0x7f13e2681700 13:26:48.918 [opensc-pkcs11] card.c:709:sc_select_file: called; type=2, path=3f005015 0x7f13e2681700 13:26:48.918 [opensc-pkcs11] card-cardos.c:485:cardos_select_file: called 0x7f13e2681700 13:26:48.918 [opensc-pkcs11] apdu.c:550:sc_transmit_apdu: called 0x7f13e2681700 13:26:48.918 [opensc-pkcs11] card.c:393:sc_lock: called 0x7f13e2681700 13:26:48.918 [opensc-pkcs11] card.c:435:sc_lock: returning with: 0 (Success) 0x7f13e2681700 13:26:48.918 [opensc-pkcs11] apdu.c:517:sc_transmit: called 0x7f13e2681700 13:26:48.918 [opensc-pkcs11] apdu.c:371:sc_single_transmit: called 0x7f13e2681700 13:26:48.918 [opensc-pkcs11] apdu.c:376:sc_single_transmit: CLA:0, INS:A4, P1:8, P2:C, data(2) 0x7ffcd0ac3412 0x7f13e2681700 13:26:48.918 [opensc-pkcs11] reader-pcsc.c:269:pcsc_transmit: reader 'OMNIKEY AG CardMan 3121 00 00' 0x7f13e2681700 13:26:48.918 [opensc-pkcs11] reader-pcsc.c:270:pcsc_transmit: Outgoing APDU (7 bytes): 00 A4 08 0C 02 50 15 .....P. 0x7f13e2681700 13:26:48.918 [opensc-pkcs11] reader-pcsc.c:199:pcsc_internal_transmit: called 0x7f13e2681700 13:26:48.928 [opensc-pkcs11] reader-pcsc.c:279:pcsc_transmit: Incoming APDU (2 bytes): 90 00 .. 0x7f13e2681700 13:26:48.928 [opensc-pkcs11] apdu.c:386:sc_single_transmit: returning with: 0 (Success) 0x7f13e2681700 13:26:48.928 [opensc-pkcs11] apdu.c:539:sc_transmit: returning with: 0 (Success) 0x7f13e2681700 13:26:48.928 [opensc-pkcs11] card.c:445:sc_unlock: called 0x7f13e2681700 13:26:48.928 [opensc-pkcs11] iso7816.c:550:iso7816_select_file: returning with: 0 (Success) 0x7f13e2681700 13:26:48.928 [opensc-pkcs11] card-cardos.c:489:cardos_select_file: returning with: 0 (Success) 0x7f13e2681700 13:26:48.928 [opensc-pkcs11] card.c:744:sc_select_file: returning with: 0 (Success) 0x7f13e2681700 13:26:48.928 [opensc-pkcs11] pkcs15-sec.c:80:select_key_file: returning with: 0 (Success) 0x7f13e2681700 13:26:48.928 [opensc-pkcs11] sec.c:68:sc_set_security_env: called 0x7f13e2681700 13:26:48.928 [opensc-pkcs11] apdu.c:550:sc_transmit_apdu: called 0x7f13e2681700 13:26:48.928 [opensc-pkcs11] card.c:393:sc_lock: called 0x7f13e2681700 13:26:48.928 [opensc-pkcs11] card.c:435:sc_lock: returning with: 0 (Success) 0x7f13e2681700 13:26:48.928 [opensc-pkcs11] apdu.c:517:sc_transmit: called 0x7f13e2681700 13:26:48.928 [opensc-pkcs11] apdu.c:371:sc_single_transmit: called 0x7f13e2681700 13:26:48.928 [opensc-pkcs11] apdu.c:376:sc_single_transmit: CLA:0, INS:22, P1:41, P2:B8, data(3) 0x7ffcd0ac35b0 0x7f13e2681700 13:26:48.928 [opensc-pkcs11] reader-pcsc.c:269:pcsc_transmit: reader 'OMNIKEY AG CardMan 3121 00 00' 0x7f13e2681700 13:26:48.928 [opensc-pkcs11] reader-pcsc.c:270:pcsc_transmit: Outgoing APDU (8 bytes): 00 22 41 B8 03 83 01 02 ."A..... 0x7f13e2681700 13:26:48.928 [opensc-pkcs11] reader-pcsc.c:199:pcsc_internal_transmit: called 0x7f13e2681700 13:26:48.935 [opensc-pkcs11] reader-pcsc.c:279:pcsc_transmit: Incoming APDU (2 bytes): 90 00 .. 0x7f13e2681700 13:26:48.935 [opensc-pkcs11] apdu.c:386:sc_single_transmit: returning with: 0 (Success) 0x7f13e2681700 13:26:48.935 [opensc-pkcs11] apdu.c:539:sc_transmit: returning with: 0 (Success) 0x7f13e2681700 13:26:48.935 [opensc-pkcs11] card.c:445:sc_unlock: called 0x7f13e2681700 13:26:48.935 [opensc-pkcs11] card-cardos.c:831:cardos_set_security_env: reference=0, mechanism=0, operations=0, algo_ref=0 0x7f13e2681700 13:26:48.935 [opensc-pkcs11] card-cardos.c:831:cardos_set_security_env: reference=0, mechanism=0, operations=0, algo_ref=0 0x7f13e2681700 13:26:48.935 [opensc-pkcs11] card-cardos.c:831:cardos_set_security_env: reference=0, mechanism=0, operations=0, algo_ref=0 0x7f13e2681700 13:26:48.935 [opensc-pkcs11] card-cardos.c:831:cardos_set_security_env: reference=0, mechanism=0, operations=0, algo_ref=0 0x7f13e2681700 13:26:48.935 [opensc-pkcs11] card-cardos.c:831:cardos_set_security_env: reference=0, mechanism=0, operations=0, algo_ref=0 0x7f13e2681700 13:26:48.935 [opensc-pkcs11] card-cardos.c:831:cardos_set_security_env: reference=0, mechanism=0, operations=0, algo_ref=0 0x7f13e2681700 13:26:48.935 [opensc-pkcs11] card-cardos.c:831:cardos_set_security_env: reference=0, mechanism=0, operations=0, algo_ref=0 0x7f13e2681700 13:26:48.935 [opensc-pkcs11] card-cardos.c:831:cardos_set_security_env: reference=0, mechanism=0, operations=0, algo_ref=0 0x7f13e2681700 13:26:48.935 [opensc-pkcs11] card-cardos.c:836:cardos_set_security_env: returning with: 0 (Success) 0x7f13e2681700 13:26:48.935 [opensc-pkcs11] sec.c:72:sc_set_security_env: returning with: 0 (Success) 0x7f13e2681700 13:26:48.935 [opensc-pkcs11] sec.c:40:sc_decipher: called 0x7f13e2681700 13:26:48.935 [opensc-pkcs11] iso7816.c:941:iso7816_decipher: called 0x7f13e2681700 13:26:48.935 [opensc-pkcs11] iso7816.c:942:iso7816_decipher: ISO7816 decipher: in-len 256, out-len 512 0x7f13e2681700 13:26:48.935 [opensc-pkcs11] apdu.c:550:sc_transmit_apdu: called 0x7f13e2681700 13:26:48.935 [opensc-pkcs11] card.c:393:sc_lock: called 0x7f13e2681700 13:26:48.935 [opensc-pkcs11] card.c:435:sc_lock: returning with: 0 (Success) 0x7f13e2681700 13:26:48.935 [opensc-pkcs11] apdu.c:517:sc_transmit: called 0x7f13e2681700 13:26:48.935 [opensc-pkcs11] apdu.c:371:sc_single_transmit: called 0x7f13e2681700 13:26:48.935 [opensc-pkcs11] apdu.c:376:sc_single_transmit: CLA:0, INS:2A, P1:80, P2:86, data(257) 0x109fb40 0x7f13e2681700 13:26:48.935 [opensc-pkcs11] reader-pcsc.c:269:pcsc_transmit: reader 'OMNIKEY AG CardMan 3121 00 00' 0x7f13e2681700 13:26:48.935 [opensc-pkcs11] reader-pcsc.c:270:pcsc_transmit: Outgoing APDU (266 bytes): 00 2A 80 86 00 01 01 00 75 DA 95 F5 75 51 A8 71 .*......u...uQ.q E7 0F B0 19 5C FF FB DF A4 A0 5F F3 00 38 BD 92 ....\....._..8.. CA 7E 40 39 14 D7 9C 81 74 90 14 08 07 59 11 1C [email protected].. FD EF EC 3E 3C 67 C8 07 91 D2 32 C7 A4 ED BD F1 ...><g....2..... 66 0C 9C 33 2F 83 DD F9 74 BF 7E CD F0 E2 6F D1 f..3/...t.~...o. 37 C4 EB 08 B4 DE EF B2 57 D2 B5 6F FC 03 03 DC 7.......W..o.... D0 51 DB 36 1D 6C 89 2F 62 02 73 51 8E 50 E0 37 .Q.6.l./b.sQ.P.7 42 C0 BE 25 A0 45 1B C9 2C C5 E0 14 CE FE D6 0F B..%.E..,....... A0 D5 46 A3 BC 94 69 F9 13 17 50 E2 A9 D9 C2 C9 ..F...i...P..... 13 44 04 B1 A6 56 6B A3 FB B4 E6 82 73 F1 65 5E .D...Vk.....s.e^ 61 AB BB 38 E5 32 C7 D3 BD 8D 17 32 9D EF 03 BD a..8.2.....2.... FB 2F 70 05 35 F5 B0 5B 5A 0A D0 C8 67 70 90 75 ./p.5..[Z...gp.u 36 C9 CB EA 72 44 E0 07 84 F6 E3 CF 41 AF 53 E6 6...rD......A.S. D9 66 40 93 CB BA 8E C6 D6 9E F4 79 AF 5F 1B 71 [email protected]._.q 4D F1 DC CA 1C 16 8F A0 71 EB 74 4A 13 0A 95 E6 M.......q.tJ.... 2D DC 9D 0A 9B CD BA D5 C2 E8 32 09 1F E8 66 9A -.........2...f. CE 42 B1 09 AB F8 2A 01 01 7E .B....*..~ 0x7f13e2681700 13:26:48.935 [opensc-pkcs11] reader-pcsc.c:199:pcsc_internal_transmit: called 0x7f13e2681700 13:26:49.189 [opensc-pkcs11] reader-pcsc.c:279:pcsc_transmit: Incoming APDU (142 bytes): 64 61 74 61 20 74 6F 20 65 6E 63 72 70 79 74 20 data to encrpyt 73 68 6F 75 6C 64 20 62 65 20 6C 6F 6E 67 65 72 should be longer 2C 20 62 65 74 74 65 72 2C 20 66 61 73 74 65 72 , better, faster 20 61 6E 64 20 77 68 61 74 65 76 65 72 20 77 65 and whatever we 20 6E 65 65 64 20 74 6F 20 68 69 64 65 20 69 6E need to hide in 20 66 72 6F 6E 74 20 6F 66 20 6E 61 73 74 79 20 front of nasty 65 79 65 73 20 6F 66 20 74 68 65 20 6F 6E 65 73 eyes of the ones 20 74 68 61 74 20 73 68 6F 75 6C 64 20 6E 6F 74 that should not 20 73 65 65 20 74 68 65 6D 2E 20 0A 90 00 see them. ... 0x7f13e2681700 13:26:49.189 [opensc-pkcs11] apdu.c:386:sc_single_transmit: returning with: 0 (Success) 0x7f13e2681700 13:26:49.189 [opensc-pkcs11] apdu.c:539:sc_transmit: returning with: 0 (Success) 0x7f13e2681700 13:26:49.189 [opensc-pkcs11] card.c:445:sc_unlock: called 0x7f13e2681700 13:26:49.189 [opensc-pkcs11] iso7816.c:969:iso7816_decipher: returning with: 140 0x7f13e2681700 13:26:49.189 [opensc-pkcs11] sec.c:44:sc_decipher: returning with: 140 0x7f13e2681700 13:26:49.189 [opensc-pkcs11] card.c:445:sc_unlock: called 0x7f13e2681700 13:26:49.189 [opensc-pkcs11] pkcs15-sec.c:230:sc_pkcs15_decipher: returning with: 140 -
Mar 20, 2017 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,23 @@ 0x7f2600dd7700 10:48:11.153 [opensc-pkcs11] sec.c:68:sc_set_security_env: called 0x7f2600dd7700 10:48:11.153 [opensc-pkcs11] apdu.c:550:sc_transmit_apdu: called 0x7f2600dd7700 10:48:11.153 [opensc-pkcs11] card.c:393:sc_lock: called 0x7f2600dd7700 10:48:11.153 [opensc-pkcs11] card.c:435:sc_lock: returning with: 0 (Success) 0x7f2600dd7700 10:48:11.153 [opensc-pkcs11] apdu.c:517:sc_transmit: called 0x7f2600dd7700 10:48:11.153 [opensc-pkcs11] apdu.c:371:sc_single_transmit: called 0x7f2600dd7700 10:48:11.153 [opensc-pkcs11] apdu.c:376:sc_single_transmit: CLA:0, INS:22, P1:1, P2:B8, data(3) 0x7ffcf95c6600 0x7f2600dd7700 10:48:11.153 [opensc-pkcs11] reader-pcsc.c:269:pcsc_transmit: reader 'OMNIKEY AG CardMan 3121 00 00' 0x7f2600dd7700 10:48:11.153 [opensc-pkcs11] reader-pcsc.c:270:pcsc_transmit: Outgoing APDU (8 bytes): 00 22 01 B8 03 83 01 02 ."...... 0x7f2600dd7700 10:48:11.153 [opensc-pkcs11] reader-pcsc.c:199:pcsc_internal_transmit: called 0x7f2600dd7700 10:48:11.159 [opensc-pkcs11] reader-pcsc.c:279:pcsc_transmit: Incoming APDU (2 bytes): 6A 86 j. 0x7f2600dd7700 10:48:11.159 [opensc-pkcs11] apdu.c:386:sc_single_transmit: returning with: 0 (Success) 0x7f2600dd7700 10:48:11.159 [opensc-pkcs11] apdu.c:539:sc_transmit: returning with: 0 (Success) 0x7f2600dd7700 10:48:11.159 [opensc-pkcs11] card.c:445:sc_unlock: called 0x7f2600dd7700 10:48:11.159 [opensc-pkcs11] card-cardos.c:311:cardos_check_sw: p1/p2 invalid 0x7f2600dd7700 10:48:11.159 [opensc-pkcs11] card-cardos.c:808:cardos_set_security_env: Card returned error: -1205 (Incorrect parameters in APDU) 0x7f2600dd7700 10:48:11.159 [opensc-pkcs11] sec.c:72:sc_set_security_env: returning with: -1205 (Incorrect parameters in APDU) 0x7f2600dd7700 10:48:11.159 [opensc-pkcs11] card.c:445:sc_unlock: called 0x7f2600dd7700 10:48:11.159 [opensc-pkcs11] pkcs15-sec.c:221:sc_pkcs15_decipher: use_key() failed: -1205 (Incorrect parameters in APDU)