On Wed, Jan 18, 2012 at 11:04 PM, Christian Hohnstaedt < christ...@hohnstaedt.de> wrote:
> On Wed, Jan 18, 2012 at 04:20:05PM -0800, Frank Cusack wrote: > > In a CSR, how is it proven that the key resides on a smart card (and is > not > > exportable)? In my understanding, the CSR is signed by the private key > of > > the (to be) cert itself. Thus that signature only proves that the > > requester actually possesses the private half, not that the private key > > resides on a smart card. > > > > Looking at the cryptoflex command set, I don't see anything there that > > would add something to the CSR asserting that the key was generated > > on-card. Same for ISO 7816-8, but I could easily be missing something. > > You're probably missing the fact that noone stops the owner of a > software key to add the same information to the CSR. > Not if there's an APDU that adds that information as part of the operation, and the key used in that operation cannot be used except for CSR generation. For example, if I had some key/cert on the card (and I know it can only exist on the card -- this might happen before it is shipped to me or in bulk secure provisioning on site) that is not able to be used for anything externally. ie, you cannot encrypt,decrypt,sign or verify any external data with this key/cert. But when you ask for a CSR, there's actually a CSR APDU -- not a software generation of CSR then asking the card to sign the CSR. You pass the relevant attributes to be included in the CSR, and the card itself adds some signed data as a CSR attribute which the CA can verify. There is no way for the user to add that signed data to a software CSR because the key used to sign that data is not available to the user. That's just a way I thought of, maybe there is some other way as well. It seems it would be a good advantage to be able to do this, you could provision on demand at an insecure station, instead of (e.g.) having a secure station and provisioning with a single-use PIN. Could this be implemented independently (without direct card manufacturer support) on a javacard? I don't see why not. But I was hoping to learn that some card out there already can do this, or that someone has thought of it before.
_______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
