[Pcsclite-muscle] Directly using RSA key of a smartcard
Ludovic Rousseau
ludovic.rousseau at gmail.com
Wed Jun 21 14:37:02 PDT 2023
Hello,
Le mer. 21 juin 2023 à 19:09, Michael Conrad <mike at nrdvana.net> a écrit :
>
> Hello, I'm new to smartcards and curious if it is possible to ask the
> card "what is your public RSA key", encrypt something with that public
> key, and then ask the card to decrypt it back to the original value. In
> other words, I want to get at the raw encryption API without the hassle
> of the gpg infrastructure that is normally used for this. (and yes I
> understand that the things directly encrypted with RSA need to be small
> values like raw AES keys, used for further encryption and decryption
> using CBC or similar)
>
> If so, could you provide some pointers on convenient ways I might access
> this API from a script? (but I can write C if I need to)
I would suggest to use the PKCS#11 API for that.
One easy way it to use the Python wrapper PyKCS11 but you can do the
same using the C API.
https://pypi.org/project/PyKCS11/
One example of encrypting with the public key and decrypt using the
private key is available in the sample code directory; rsa_encrypt.py
https://github.com/LudovicRousseau/PyKCS11/blob/master/samples/rsa_encrypt.py#L57-L61
This sample code first generates an RSA key pair but you can remove
this part of the code and use an existing key pair on your yubikey.
Bye
--
Dr. Ludovic Rousseau
More information about the pcsclite-muscle
mailing list