martinpaljak
commented
5 years ago Now I read it again. we can provide several working ones with JavaCard >= 3.0.4 interested in that > part!
Closed dschuermann closed 5 years ago
martinpaljak
commented
5 years ago Now I read it again. we can provide several working ones with JavaCard >= 3.0.4 interested in that > part!
dschuermann
commented
5 years ago @martinpaljak I was overstating sry (copy and paste from the sentence in the beginning). I was talking about 3.0.4 cards, more specifically JC30M48CR, NXP J3H145, ACOSJ, and Oberthur Cosmo v8.1-N.
dengert
commented
5 years ago To implements ECDSA_RAW you may need to use class Signature.OneShot Javacard-3.0.5 Class Signature.OneShot open(byte messageDigestAlgorithm, byte cipherAlgorithm, byte paddingAlgorithm) says:
"Note that the cipher algorithms listed in the Signature class include some choices not available directly as a Cipher - e.g DSA.
When there is no discrete message digest algorithm, use the MessageDigest.ALG_NULL choice for the message digest algorithm.
When the padding algorithm is built into the cipher algorithm use the PAD_NULL choice for the padding algorithm. "
You may need to use SIG_CIPHER_ECDSA or SIG_CIPHER_ECDSA_PLAIN for the cipherAlgorithm.
martinpaljak
commented
5 years ago I have yet to see card-format devices with 3.0.5 (available for purchase on open market)
dengert
commented
5 years ago I can't find one either. I do have a ID-One PIV 2.4 on a Cosmos V8.1 as a PIV test card.
Sounds like 3.0.4 has the signPreComputedHash and it should also work.
I have a feature request: On JavaCard >= 3.0.4
signPreComputedHash()is available to implement the ECDSA hash-on-host functionality required by the PIV standard.Ref: https://www.oracle.com/technetwork/java/embedded/javacard/downloads/releasenotes-jsp-1440109.html (search for "signPreComputedHash")
Would be great if this could be used to implement algorithm ID
0x11forECCP256.If you need a test card, we can provide several working ones with JavaCard >= 3.0.4. Just drop me an email.