Would like enigne_pkcs11 to generate random numbers through HSM. #40
Comments
gmt0x0
changed the title
|
Hi, |
|
Have you tried pkcs11-tool --generate-random
opensc-tool only supports short APDU's. It is limited in send_apdu which uses buffers based on:
types.h:#define SC_MAX_APDU_BUFFER_SIZE 261 /* takes account of: CLA INS P1 P2 Lc [255 byte of data] Le */
You could send multiple -s commands and combine the results to get a longer chain.
opensc-tool could be modified to allocate buffers rather then using fixed size buffers on the stack.
sc_bytes2apdu appears to handle extended APDU's.
…On 8/5/2017 3:05 AM, seurat-atreides wrote:
Hi,
I'm experimenting with an SC-HSM card from cardcontact.de and have managed to generate random numbers (max 265 byte) by sending APDUs to the card via opensc-tool:
opensc-tool -s 00A4040C0be82b0601040181c31f020100 -s 00840000
The last byte (Le) of the GET_CHALLENGE APDU determines the length of the random number chain.
I haven't been able to generate more hat 256 bytes (Le=00) because I can't figure out how to send an extended length Le. I know the card can handle up to 0xFFFF random number chains because I have
used the test suite provided by cardcontact.de
I hope someone can explain to me how to use opensc-tool to send an extended length Le for the GET_CHALLENGE APDU.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub <#40 (comment)>, or mute the thread
<https://github.com/notifications/unsubscribe-auth/AA00ManVrudjIBy0usT3LEJzUrsOYhXyks5sVCJSgaJpZM4I3RqQ>.
--
Douglas E. Engert <[email protected]>
|
|
I'm running opensc-pkcs11ver 0.15 under ubuntu and --generate-random is not an option. |
|
It is in 0.17.0. Can you build and try 0.17.0? The engine code calls pkcs11. Testing opensc-pkcs11 would be the first step to getting engine to generate random numbers. |
Is it planned to add the random number generation functionality to the engine?
Regards,
The text was updated successfully, but these errors were encountered: