search

arekinath / PivApplet

PIV applet for JavaCard 2.2.2 and 3.0.4+ with full ECDSA/ECDH support
111 stars 37 forks source link

Allow deleting certs/keys #9

Closed arekinath closed 3 years ago

arekinath commented 6 years ago

It would be nice to support deleting certs/keys. yubico-piv-tool has a delete-certificate command, so we should support the commands that sends.

arekinath commented 4 years ago

So the delete-certificate command sends:

> 00 db 3f ff 07 5c 03 5f c1 01 53 00 
< 90 00

(An empty put_data on the cert), which currently works as-is and clears the certificate out. This doesn't, however, delete or destroy the private key in that slot. I'm going to try to find a current-gen YubiKey with the GET_METADATA command to see if the private key remains on a real YubiKey after sending it this command. If it does remain, we already do the same thing they're doing.

dengert commented 4 years ago

On real PIV deleting the certificate i.e. writing a null certificate, does not affect the key. I have used this during testing, to create a different certificate using the existing key. The trick is you have to have the public key, which was presented to the application during the GENERATE KEY PAIR command. The OpenSC card-piv.c driver and piv-tool.c save this public key (SPKI format) in an external file and by setting an env variable to point at the external file. When card-piv.c is asked for a public key, and there is no certificate on the card, but the env variable is present it will load the public key. The properties of the key , modulus, exponent and size or curveName, public point, and field length are taken from the public key. This allows the card to sign a certificate request, even for a key that should be EC_DH only.

NIST 800-73 leaves card management up to the card vendor. NIST provided the GENERATE KEY PAIR and 9B key as possible way to do card management, or at least get a start on card management. Note they did not provide a way to write an existing key. They also did not provide a way to delete a private key, other then to generate a new key. Even then the card could have both an RSA key, and EC key still on the card. The specs do not prohibit this, as a key is found based on the public key.

So card management for your applet is up to you.

mistial-dev commented 3 years ago

@arekinath For what it's worth, if an empty put-data works to clear out the cert, it's compatible with the functionality of the demo card I have.

It sounds like this issue might be able to be closed.