Hi again,
See below
Andreas Jellinghaus wrote:
> On Friday 03 August 2007 22:00:15 Lars Silvén wrote:
>> My point
>> is just that signing keys on cards should be capable of signing with any
>> algorithm. Maybe someone states that a signing of a document has to be done
>> with MGF1 in order to be
On Friday 03 August 2007 22:00:15 Lars Silvén wrote:
> My point
> is just that signing keys on cards should be capable of signing with any
> algorithm. Maybe someone states that a signing of a document has to be done
> with MGF1 in order to be accepted as a legal. Then only new client SW is
> neede
On Fri, Aug 03, 2007 at 10:00:15PM +0200, Lars Silvén wrote:
> But the passports in Sweden has to be signed with MGF1 signing.
Do you have any experience from NIDEL by the way?
> My point is just that signing keys on cards should be capable of
> signing with any algorithm.
It depends on the car
Yes you are right, almost no one is using MGF1.
But the passports in Sweden has to be signed with MGF1 signing. We made an
application to the Swedish Police that is using smartcards for this. But this
is a java app so we got no use of opensc. Instead we have a java crypro
provider for the signi
On Friday 03 August 2007 00:55:25 you wrote:
> "SHA1withRSAandMGF1" is a signing algorithm where the most significant byte
> of the padding is not 0. The command send to the card with response is
> looking like this for this algorithm:
hmm, I checked the pkcs#1 standard and the implementation seem
Am Freitag, 3. August 2007 schrieb Lars Silvén:
> In which release will this hack be included? 0.11.2 or 0.12.0?
next release is 0.11.4 (maybe withion 10 days).
> Do you have any clue when it will reach Debian?
unstable usualy picks up new releases within a week, testing needs another
two weeks.
Thank you!
In which release will this hack be included? 0.11.2 or 0.12.0? I could not find
any "ticket for it".
Do you have any clue when it will be released?
Do you have any clue when it will reach Debian?
Reagrds, Lars
Andreas Jellinghaus wrote:
> Lars Silvén wrote:
>> I checked out your tru
Lars Silvén wrote:
> I checked out your trunk from svn and changed the if statement to this:
thanks, commited.
> "SHA1withRSAandMGF1" is a signing algorithm where the most significant
> byte of the padding is not 0.
ok, I added this for now as new ticket. not sure how best to implement it.
but w
Hi Andreas,
I checked out your trunk from svn and changed the if statement to this:
/* for cardos cards initialized by Siemens or PrimeKey: sign with
decrypt */
if (strcmp(p15card->card->driver->short_name,"cardos") == 0
&& ( strcmp(p15card->manufacturer_id,"Siemen
Hi Lars,
thanks for your work. but we already have a different hack for cardos
initialized with siemens highpath.
in pkcs15.c in sc_pkcs15_bind_internal() we do this:
/* for cardos cards initialized by Siemens: sign with decrypt */
if (strcmp(p15card->card->driver->short_name,"ca
Lars Silvén wrote:
> Hi Douglas,
>
> The extra bite is not a flag. It is needed in indata to the decryption
> command since it is one byte longer than the signing command.
Is this a card specific requirement? Is it RSA specific?
> The change will not affect other cards since the pointer to th
Hi Douglas,
The extra bite is not a flag. It is needed in indata to the decryption command
since it is one byte longer than the signing command.
The change will not affect other cards since the pointer to the signing
function is now pointing on the second byte in the buffer. The first byte will
Lars Silvén wrote:
> Hi list,
>
> This is an attempt to persuade you to add functionality to opensc.
> I have already made a patch that implements what is needed. This file is
> attached.
>
> The patch make it possible to sign with keys on CardOS cards that was
> generated to use only the dec
Hi list,
This is an attempt to persuade you to add functionality to opensc.
I have already made a patch that implements what is needed. This file is
attached.
The patch make it possible to sign with keys on CardOS cards that was generated
to use only the decryption card command.
This is because
14 matches
Mail list logo
