On Fri, Sep 15, 2000 at 01:48:37PM -0400, Naomaru Itoi wrote:
> We have done something like that (Cyberflex Access & SSH 1.2.27).
> Maybe our course homepage helps.
> http://www.citi.umich.edu/eecs598/ssh_sc.html.
>
> Cyberflex pad the data with 0. When your data is smaller than RSA key
> size, it will be padded to:
>
> 0 0 ... 0 data
>
> and then encrypted.
I think I fixed my problem (actually all I know is it works with my
kludge, fix may be an overoptimistic term). I'm not sure if its
related to above but what I used was the RSA check padding function
because the encrypted data was padded. So after the normal decryption
I ran the RSA check on it and it stripped it off correctly. The kludge
I had to use was skipping the first byte of data. I don't know if it
was an extra zero added on by the Cyberflex, but looking through the
rsa code in openssl pointed me to skipping it. After that it worked.
>
> We have some code to use RSA operation on Cyberflex. I can send it to
> you if you want.
I'd like to take a look at it as well as look at the link you sent me
in a little more depth. I've been playing with it this morning and I
successfully authenticated using the card with a kludged up ssh-agent.
It processes the challenge correctly. I just gotta work on making the
agent not crash all the time.
Thanks for the info,
Stephen
***************************************************************
Linux Smart Card Developers - M.U.S.C.L.E.
(Movement for the Use of Smart Cards in a Linux Environment)
http://www.linuxnet.com/smartcard/index.html
***************************************************************
