Generating RSA 2048 keys returns too small key values

[GSStahl]

Hi!

This is probably not an issue with the applet itself, but I'm posting it here hoping that this is a well-known problem for someone.

I have installed this PIV applet on a contactless smartcard and almost everything seems to work great. I can read/write to the card, I can verify my PIN, etc. However, when I try to generate RSA key pairs (2048 bits) for the 9a and 9e certificates, the card responds with weird data.

Here is an example:

> 00 47 00 9a 05 ac 03 80 01 07
< 90 00: 7f 49 82 01 09 81 82 01 00 92 7e 98 c8 4a 4b c8 5a 47 82 03 01 00 01

Parsing the returned value it appears that my "256" byte modulus is only 9 bytes long.

7f 49: 
  82 01 09 (length):
      81 (modulo):
            82 01 00 (length):
                 92 7e 98 c8 4a 4b c8 5a 47
      82 (exponent)
            03 (length):
                 01 00 01

Everytime I send the command I get a new similar short result back.

However, when I try to generate 1024 bits RSA I get more expected results, e.g.

> 00 47 00 9a 05 ac 03 80 01 06
< 90 00: 7f 49 81 88 81 81 80 e2 cc bd fd 49 c1 0c f2 9f de ee 0a b0 29 7a 8a 0c 14 7d 8e 17 2b 9e 32 12 20 4d b3 a3 e7 11 a0 ee ce f7 b4 f2 57 d8 a5 75 41 c5 78 fd b2 ce bd b6 bc d7 f2 b1 95 5c cb 35 ae 82 ec a5 f0 2e 98 8c 50 f1 fc d6 46 1a ed ef 58 9f a0 65 31 52 c4 c2 bd 63 bc 47 13 14 f3 1a 5a 9e 46 90 5d 52 67 64 6d 01 42 96 ed 7d 59 ad 58 df f1 7e 26 81 ff 7a cc a5 79 14 bb bd 15 3d 42 5b a9 55 82 c1 e9 82 03 01 00 01

Has anyone here seen anything like this before? My only guess at the time is that it is the card itself that does something weird, but I have no actual clue.

[GSStahl]

I now realize that I was blind before and didn't see issue #51

I guess this is just a duplicate of that issue, and is an actual bug of the applet.