Closed dschuermann closed 5 years ago
Now I read it again. we can provide several working ones with JavaCard >= 3.0.4
interested in that >
part!
@martinpaljak I was overstating sry (copy and paste from the sentence in the beginning). I was talking about 3.0.4 cards, more specifically JC30M48CR, NXP J3H145, ACOSJ, and Oberthur Cosmo v8.1-N.
To implements ECDSA_RAW you may need to use class Signature.OneShot
Javacard-3.0.5 Class Signature.OneShot open(byte messageDigestAlgorithm, byte cipherAlgorithm, byte paddingAlgorithm)
says:
"Note that the cipher algorithms listed in the Signature class include some choices not available directly as a Cipher - e.g DSA.
When there is no discrete message digest algorithm, use the MessageDigest.ALG_NULL choice for the message digest algorithm.
When the padding algorithm is built into the cipher algorithm use the PAD_NULL choice for the padding algorithm. "
You may need to use SIG_CIPHER_ECDSA
or SIG_CIPHER_ECDSA_PLAIN
for the cipherAlgorithm
.
I have yet to see card-format devices with 3.0.5 (available for purchase on open market)
I can't find one either. I do have a ID-One PIV 2.4 on a Cosmos V8.1 as a PIV test card.
Sounds like 3.0.4 has the signPreComputedHash
and it should also work.
I have a feature request: On JavaCard >= 3.0.4
signPreComputedHash()
is available to implement the ECDSA hash-on-host functionality required by the PIV standard.Ref: https://www.oracle.com/technetwork/java/embedded/javacard/downloads/releasenotes-jsp-1440109.html (search for "signPreComputedHash")
Would be great if this could be used to implement algorithm ID
0x11
forECCP256
.If you need a test card, we can provide several working ones with JavaCard >= 3.0.4. Just drop me an email.