OpenSC smartcard access should use raw public keys, not X.509 certificates
Peter Stuge
stuge-openssh-unix-dev at cdy.org
Sat Aug 2 11:04:35 EST 2008
On Fri, Aug 01, 2008 at 08:39:01PM -0400, Daniel Kahn Gillmor wrote:
> I understand why the code accessing the card itself shouldn't be
> allowed to read the private components of the secret key. But
> surely storing the parameters separately and providing access to
> the public ones would be reasonable?
It's an idea, but no cards I've seen work like that.
> I'm aware that i don't know much about the on-card formats for
> these devices, though, so i'm probably wishing for things that seem
> reasonable from a higher level but might run up against
> implementation limitations. I appreciate your pointing out some of
> the more nuanced concerns.
Sorry - I thought you were more familiar with on-card storage.
ISO 7816-4 card OSes implement a quite simple file system with
directories (DF) and files (EF), which can be navigated and accessed
depending on the various security features implemented by the card
OS. (every card does this differently)
> At any rate, i think my point still stands for any stored
> certificates: Is there any reason that the card itself (or the
> drivers accessing the card) couldn't extract the public key
> information from a stored certificate?
No reason in theory, but in practice cards can't parse certificates.
As for drivers - yes, if the public key components are actually
available in the certificate then of course they could be extracted.
//Peter
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20080802/e42ee69f/attachment-0001.bin
More information about the openssh-unix-dev
mailing list