Bug 459539
Summary: | Support the Safenet330J token | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Product: | [Retired] Dogtag Certificate System | Reporter: | Jack Magne <jmagne> | ||||||||
Component: | TPS | Assignee: | Jack Magne <jmagne> | ||||||||
Status: | CLOSED ERRATA | QA Contact: | Chandrasekar Kannan <ckannan> | ||||||||
Severity: | medium | Docs Contact: | |||||||||
Priority: | high | ||||||||||
Version: | 1.0 | CC: | aakkiang, benl, bob.lord, cfu, rrelyea | ||||||||
Target Milestone: | --- | ||||||||||
Target Release: | --- | ||||||||||
Hardware: | All | ||||||||||
OS: | Linux | ||||||||||
Whiteboard: | |||||||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||||||
Doc Text: | Story Points: | --- | |||||||||
Clone Of: | Environment: | ||||||||||
Last Closed: | 2009-07-22 23:29:37 UTC | Type: | --- | ||||||||
Regression: | --- | Mount Type: | --- | ||||||||
Documentation: | --- | CRM: | |||||||||
Verified Versions: | Category: | --- | |||||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||||
Embargoed: | |||||||||||
Bug Depends On: | |||||||||||
Bug Blocks: | 443788 | ||||||||||
Attachments: |
|
Description
Jack Magne
2008-08-19 20:52:04 UTC
The first attachment will be for TPS code needed to allow "decryptVerifyKey" on the applet to succeed. It turns out that we need to change the apdu to have a format similar to the PutKey command. The main difference is that the algorith id "80" is to be prepended before the wrapped challenge. This allows decryptVerifyKey to work on the Safenet Token and it still works for our other tokens... Created attachment 329061 [details]
Patch to help generate key on token
cfu, can you review 329061? (In reply to comment #2) > Created an attachment (id=329061) [details] > Patch to help generate key on token +cfu I've done some more testing here. Specifically with server side keygen. I found out that the data being sent to "decryptVerifyKey" in the server sidd keygen case needs to be modified as well. Next patch attachment addresses this issue. Created attachment 329764 [details]
Revised patch for this fix.
CFU, can you please review this change? Created attachment 329765 [details]
Spec file for change.
Sending apdu/Generate_Key_APDU.cpp Transmitting file data . Committed revision 186. Sending channel/Secure_Channel.cpp Transmitting file data . Committed revision 187. Sending processor/RA_Enroll_Processor.cpp Transmitting file data . Committed revision 188. Sending pki-tps.spec Transmitting file data . Committed revision 189. Verified. Token Enrollment with Safenet 330J token is successful on ESC installed on Windows (XP and Vista) and RHEL 5.3 platforms with the CS 8.0 installed on RHEL 5.3 (x86 and x86_64). |