opensc/SOURCES/opensc-0.19.0-coolkey-2k.patch

From 6c1b9094a6060d9d838bac9ea4f7c4c9e755c4ae Mon Sep 17 00:00:00 2001
From: Steve Ross <sross@forcepoint.com>
Date: Wed, 14 Nov 2018 11:59:43 -0600
Subject: [PATCH] Enable CoolKey driver to handle 2048-bit keys.

For a problem description, see <https://github.com/OpenSC/OpenSC/issues/1524>.
In a nutshell, for a card with the CoolKey applet and 2048-bit keys,
the command
	pkcs11-tool --test --login
fails to complete all of its tests.

This commit consists of a patch from @dengert.

To avoid triggering an error when the data exceeds 255 bytes, this commit
limits the amount of the payload sent to the CoolKey applet on the card based
on the maximum amount of data that the card can receive, and overhead bytes
(namely, a header and nonce) that accompany the payload.

With this change, the command
	pkcs11-tool --test --login
succeeds.
---
 src/libopensc/card-coolkey.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/libopensc/card-coolkey.c b/src/libopensc/card-coolkey.c
index e320290dfe..11c4e92643 100644
--- a/src/libopensc/card-coolkey.c
+++ b/src/libopensc/card-coolkey.c
@@ -1168,12 +1168,16 @@ static int coolkey_write_object(sc_card_t *card, unsigned long object_id,
 	size_t operation_len;
 	size_t left = buf_len;
 	int r;
+	size_t max_operation_len;
+
+	/* set limit for the card's maximum send size and short write */
+	max_operation_len = MIN(COOLKEY_MAX_CHUNK_SIZE, (card->max_send_size - sizeof(coolkey_read_object_param_t) - nonce_size));
 
 	ulong2bebytes(&params.head.object_id[0], object_id);
 
 	do {
 		ulong2bebytes(&params.head.offset[0], offset);
-		operation_len = MIN(left, COOLKEY_MAX_CHUNK_SIZE);
+		operation_len = MIN(left, max_operation_len);
 		params.head.length = operation_len;
 		memcpy(params.buf, buf, operation_len);
 		r = coolkey_apdu_io(card, COOLKEY_CLASS, COOLKEY_INS_WRITE_OBJECT, 0, 0,