OpenPGP card doesn't support raw RSA so don't set such algo flag

According to descriptions of commands "PSO: COMPUTE DIGITAL SIGNATURE", "PSO: DECIPHER" and "INTERNAL AUTHENTICATE" in OpenPGP card spec (versions 1.1 and 2.1.1) the card adds / strips and checks PKCS#1 padding automatically. There is no documented way to perform raw RSA operations on this card so SC_ALGORITHM_RSA_RAW flag shouldn't be set. Signed-off-by: Maciej S. Szmigiero <[email protected]>
OpenSC · Aug 26, 2016 · fa4174f · fa4174f
1 parent f984c96
commit fa4174f
Showing 1 changed file with 1 addition and 3 deletions.
diff --git a/src/libopensc/card-openpgp.c b/src/libopensc/card-openpgp.c
@@ -569,10 +569,8 @@ pgp_get_card_features(sc_card_t *card)
  unsigned long flags;
 
  /* Is this correct? */
- /* OpenPGP card spec 1.1 & 2.0, section 2.1 */
- flags = SC_ALGORITHM_RSA_RAW;
  /* OpenPGP card spec 1.1 & 2.0, section 7.2.9 & 7.2.10 */
- flags |= SC_ALGORITHM_RSA_PAD_PKCS1;
+ flags = SC_ALGORITHM_RSA_PAD_PKCS1;
  flags |= SC_ALGORITHM_RSA_HASH_NONE;
  /* Can be generated in card */
  flags |= SC_ALGORITHM_ONBOARD_KEY_GEN;