[Pcsclite-muscle] Directly using RSA key of a smartcard
David Woodhouse
dwmw2 at infradead.org
Fri Jun 23 01:47:56 PDT 2023
On Thu, 2023-06-22 at 11:10 +0100, David Woodhouse wrote:
>
> $ echo Test | openssl dgst -sha256 -sign 'pkcs11:manufacturer=piv_II;id=%04' -engine pkcs11 -keyform engine > signature.bin
> $ echo Test openssl dgst -sha256 -verify pubkey.pem -signature signature.bin
> Verified OK
Someone on StackExchange pointed out that this is *signature* not
encryption, and isn't quite what you asked for.
He's correct; I was being a bit lazy because those command lines
happened to be in my bash history anyway from what I was playing with
this week. And encryption *ought* to be similar.... except...
Some keys+tokens won't do the raw "decrypt" RSA operation for you,
because it exposes them to oracle attacks and leaking the key.
Even though mathematically, the low-level RSA signature *is* a
decryption operation, some keys will only do that decryption if they
*also* do the "padding" operation for themselves. And that might be the
case for *all* of the key slots in the Yubikey PIV; I don't see that
*any* of them have the CKA_DECRYPT flag which indicates that they'll do
a raw decrypt for you?
Most of my point about "this stuff should just work through PKCs#11"
remains true, but you *might* need something other than a Yubikey?
Folks on this list might know better about what the PIV will do with
its different key slots? And I'm using OpenSC not the Yubico ykcs11
module; maybe that behaves differently?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5965 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/pcsclite-muscle/attachments/20230623/2f526979/attachment.p7s>
More information about the pcsclite-muscle
mailing list