Open creiter32 opened 3 years ago
Note: I have asked the same question here too: https://github.com/Orange-OpenSource/IoT-SAFE-APDU-library/issues/1
Yes the specification is not yet very clear on this. But indeed it is more future proof to have it on fix 3-bytes length.
This question concerns the encoding of the
Compute signature – Update
APDU, precisely the length field of the tag9Bh
(Table 2.10.3.2)In https://github.com/ThalesGroup/iot-safe-middleware/blob/master/iotsafelib/common/src/ROT.cpp#L404 I can see that the length of the data to sign is passed in a variable length encoding.
In other implementations (https://github.com/Orange-OpenSource/IoT-SAFE-APDU-library/blob/master/src/iot_safe_internal.c#L610) this is implemented using a fixed width field.
The IoT Security Applet Interface Description doesn't seem to be clear, if a variable length encoding according to ASN.1 DER (I don't see this mentioned anywhere in the specification) is needed, or if the length is always encoded in 3 bytes (to allow for the maximum specified length of 0xFFFFFF). What is the correct way to encode this?