I'm working on understanding the BelPIC smartcard API at the APDU level to attempt to integrate it into another framework.
Looking at the capabilities, it doesn't support 'raw' operations, nor decryption. I dug through the code and it appears that OpenSC treats (in set_security_data) algorithm reference 1 as the PKCS1 padding... however in the public user specification (BEID-CardSpecs-v2.0.0.pdf) it states the following: 1 - RSASSA-PSS using SHA1 2 - RSASSA-PKCS1-v1.5 using SHA1 4 - RSASSA-PKCS1-v1.5 using MD5 (+ others that they don't support like decryption) RSASSA-PSS leads me to believe that you have to give it the SHA1 hash... however in a quick test, I noticed that all your PKCS11 tests use 01 (rather than pass the raw hash) and it validates. Is there any one here that can shed a light on this oddity? (maybe for RSASSA-PSS they expect the user to perform the calculations to prepare the padded data...) -- Thomas Harning @ TrustBearer Labs (http://www.trustbearer.com) Secure OpenID: https://openid.trustbearer.com/harningt 3201 Stellhorn Road 260-399-1656 Fort Wayne, IN 46815 _______________________________________________ opensc-devel mailing list [email protected] http://www.opensc-project.org/mailman/listinfo/opensc-devel
