OpenSC smartcard access should use raw public keys, not X.509 certificates

Daniel Kahn Gillmor dkg-openssh.com at fifthhorseman.net
Sat Aug 2 10:39:01 EST 2008


On Fri 2008-08-01 20:09:07 -0400, Peter Stuge wrote:

> On Fri, Aug 01, 2008 at 07:04:45PM -0400, Daniel Kahn Gillmor wrote:
> 
>> Since the private key is a superset of the public key, the public
>> key itself would be already present.
>
> Of course, but I don't think (m)any card OS will create a virtual
> file EF for the public key that actually fetches from the private
> key.  That would have to be done in higher level software, but that
> code is not allowed to read the private key. (For good reason.)

I understand why the code accessing the card itself shouldn't be
allowed to read the private components of the secret key.  But surely
storing the parameters separately and providing access to the public
ones would be reasonable?

I'm aware that i don't know much about the on-card formats for these
devices, though, so i'm probably wishing for things that seem
reasonable from a higher level but might run up against implementation
limitations.  I appreciate your pointing out some of the more nuanced
concerns.

At any rate, i think my point still stands for any stored
certificates: Is there any reason that the card itself (or the drivers
accessing the card) couldn't extract the public key information from a
stored certificate?

       --dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 826 bytes
Desc: not available
Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20080801/9ad4f6e1/attachment.bin 


More information about the openssh-unix-dev mailing list