Signature format and smart cards

[Tero Kivinen <kivinen@ssh.fi>]

Brian Swander writes:
> The IKE signature format demands that the algo OID not be present in the
> signature.  Smart card vendors are not supporting this format, but instead
> doing the standard pkcs1 with the OID.

At least Bull's TB98S family supports raw RSA encryption and
decryption with just raw data given to card. The another card we have
here (from another vendor) does the rsa encryption / decryption
similarly.

Neither one of those doesn't allow doing the hashing or padding in the
smart card. They must be done before the block is given to smart card.
Those operations might be done in the pc/sc driver library. 

> It is unlikely that all the vendors will ship using our format, and at the
> same time, IKE needs to be able to use certs from smart cards.

The current IKE protocol can be used with smart cards. If the smart
card you are using doesn't support raw rsa encryption / decryption, it
might be better to change using some card that supports them.

> I propose:
> Set the reserved field of the sig_payload header to 1 to signal standard
> pkcs1 with the OID, 0 otherwise.

I see no need for that. 
-- 
kivinen@iki.fi                               Work : +358-9-4354 3218
SSH Communications Security                  http://www.ssh.fi/
SSH IPSEC Toolkit                            http://www.ssh.fi/ipsec/

---

References:

• Signature format and smart cards
• From: Brian Swander <briansw@microsoft.com>

---

• Prev by Date: Re: simultaneous lifetime type support required?
• Next by Date: RE: Signature format and smart cards
• Prev by thread: Re: Signature format and smart cards
• Next by thread: RE: Signature format and smart cards
• Index(es):
  • Main
  • Thread