Closed swissbit-csteuer closed 1 year ago
I tested RSA PSS today with OpenSC. OpenSC does two things that are kind of incompatible with the RSA PSS implementation in the IsoApplet:
SC_ALGORITHM_RSA_PAD_PSS
flag, OpenSC assumes that all hash algorithms (SHA1 + SHA2) are supported unless one constrains the available hash algorithms. E.g. we could set the SC_ALGORITHM_RSA_HASH_SHA256
if we only support RSA with SHA256. However, that constrains the hash algorithms that are available to RSA PKCS#1.5 as well. Therefore, I changed the IsoApplet to only signal RSA PSS support if all signature schemes are supported.I hope its ok that I increased the scope of this PR by adding those changes.
I added some more changes to make RSA 4096 work. Everything seems to work now so I do not plan any further changes.
Hi, I did some testing today. My physical card will throw "CryptoException.ILLEGAL_USE" when calling update() of the ECDSA Signature object. I included your changes into the IsoApplet-v1 branch, but made some changes, so that the sign()-Method is used directly. The message/buffer size shouldn't be a problem here (anymore, since using off-card-hashes).
Could you confirm that this version still works with your card(s)?
Hi,
I can confirm that it still works with our card.
Happy new year by the way :fireworks: :slightly_smiling_face:
Thanks for testing. I commented on the OpenSC PR so that it can be merged.
Happy new year by the way fireworks slightly_smiling_face
Thank you! I also wish you a happy new year!
When testing the isoapplet-v1 changes with real hardware instead of the simulator, I found that the size of the APDU buffer is not large enough to hold all data, e.g. when sending the public EC key, even if extended APDUs are used.
I found in the JavaCard API docs that the guaranteed length of the APDU buffer is only 133 bytes (the buffer size of the smart card that I use for testing is 261 byte).
Therefore, I revived the ram buffer from the v0 version. I have already tested EC and RSA Keygen, ECDSA and RSA-PKCS1 signature creation and EC/RSA key import. RSA-PSS signatures and RSA decryption have not been tested yet.