For signing algorithms that support hashing in the card, the input is silently truncated if the message size exceeds the APDU buffer size. This leads to a failing signature verification.
Applications should take care to verify created signatures, if card bases hashing is used and middleware should ensure that messages exceeding the APDU buffer are rejected.
For signing algorithms that support hashing in the card, the input is silently truncated if the message size exceeds the APDU buffer size. This leads to a failing signature verification.
Applications should take care to verify created signatures, if card bases hashing is used and middleware should ensure that messages exceeding the APDU buffer are rejected.