Yes you are right, almost no one is using MGF1. But the passports in Sweden has to be signed with MGF1 signing. We made an application to the Swedish Police that is using smartcards for this. But this is a java app so we got no use of opensc. Instead we have a java crypro provider for the signing capable of handling pkcs15 cards. My point is just that signing keys on cards should be capable of signing with any algorithm. Maybe someone states that a signing of a document has to be done with MGF1 in order to be accepted as a legal. Then only new client SW is needed. All issued cards could be kept.
Regards, Lars Andreas Jellinghaus wrote: > On Friday 03 August 2007 00:55:25 you wrote: >> "SHA1withRSAandMGF1" is a signing algorithm where the most significant byte >> of the padding is not 0. The command send to the card with response is >> looking like this for this algorithm: > > hmm, I checked the pkcs#1 standard and the implementation seems easy > (well, we would need to do MGF1 in our code, right?). but pkcs#11 has lots > about it, we would need to add all those definitions, data structures etc. > so it is not that simple as task, and I generic implementation for all cards > covering raw rsa would be nice. > > so I see this as a long term project, as there is no software using it > (the one you mentioned was only a test thing, right?). > unless someone wants to implement it right now :) > > Regards, Andreas > _______________________________________________ > opensc-devel mailing list > opensc-devel@lists.opensc-project.org > http://www.opensc-project.org/mailman/listinfo/opensc-devel _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
