[PATCH] scd: correct length for RSA public key response

Arnaud Fontaine arnaud.fontaine at ssi.gouv.fr
Fri Aug 25 13:23:50 CEST 2017

For example, with an exponent of 17 bits (e.g. 0x010001 which is
commonly used on smartcards), 3 bytes are needed to encode it, not 2.
When the conversion from bits to bytes is done with integer division,
the value is truncated: 17/8 = 2.125 which is truncated to 2.
The "(x+7)/8" trick permits to obtain the correct conversion; it is
already used at several places in the code, but it is missing there.

Actually, when the incorrect expected response length (i.e. Le field) is
transmitted to the card, the card's answer is missing a byte (i.e. ...
6101) so an additional command has to be sent to the card to retrieve
the last byte. Using the correct length avoids to send the additional
command to retrieve the missing byte, when the computed length is wrong.

Le 25/08/2017 à 13:01, Werner Koch a écrit :
>> -    + 2 /* tag+len */ + app->app_local->keyattr[keyno].rsa.e_bits/8;
>> +    + 2 /* tag+len */ + (app->app_local->keyattr[keyno].rsa.e_bits + 7)/8;
> Would you mind to explain your test setting?
> Shalom-Salam,
>    Werner

More information about the Gnupg-devel mailing list