Mailing List Archive: GnuPG: devel

SHA2 in OpenPGP cards?

Index | Next | Previous | View Threaded

simon at josefsson

Sep 29, 2009, 12:46 AM

Post #1 of 4 (194 views)
Permalink

SHA2 in OpenPGP cards?

Hi! Before I spend time testing it, can the OpenPGP card support
RSA-SHA2 signatures?

/Simon

_______________________________________________
Gnupg-devel mailing list
Gnupg-devel[at]gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-devel

wk at gnupg

Sep 29, 2009, 4:38 AM

Post #2 of 4 (185 views)
Permalink

Re: SHA2 in OpenPGP cards? [In reply to]

On Tue, 29 Sep 2009 09:46, simon[at]josefsson.org said:
> Hi! Before I spend time testing it, can the OpenPGP card support
> RSA-SHA2 signatures?

The v2 cards support any hash agorithm as long as they fit into pkcs#1.

Salam-Shalom,

Werner

--
Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz.

_______________________________________________
Gnupg-devel mailing list
Gnupg-devel[at]gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-devel

simon at josefsson

Sep 30, 2009, 5:19 AM

Post #3 of 4 (179 views)
Permalink

Re: SHA2 in OpenPGP cards? [In reply to]

Werner Koch <wk[at]gnupg.org> writes:

> On Tue, 29 Sep 2009 09:46, simon[at]josefsson.org said:
>> Hi! Before I spend time testing it, can the OpenPGP card support
>> RSA-SHA2 signatures?
>
> The v2 cards support any hash agorithm as long as they fit into pkcs#1.

Ok thanks. Is there any problem sending the future SHA-3 hashes in the
PKCS#1 struct too? Does the smartcard validate the PKCS#1 data in any
way before signing it? I'm thinking also of the ad-hoc MD5/SHA1 data
used by TLS, it doesn't follow PKCS#1 format.

/Simon

_______________________________________________
Gnupg-devel mailing list
Gnupg-devel[at]gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-devel

wk at gnupg

Sep 30, 2009, 7:00 AM

Post #4 of 4 (178 views)
Permalink

Re: SHA2 in OpenPGP cards? [In reply to]

On Wed, 30 Sep 2009 14:19, simon[at]josefsson.org said:

> PKCS#1 struct too? Does the smartcard validate the PKCS#1 data in any
> way before signing it? I'm thinking also of the ad-hoc MD5/SHA1 data
> used by TLS, it doesn't follow PKCS#1 format.

With the old cards the use of MD5/SHA1 was only possible with the
authentication key but not with the signature key. The v2 new cards
uses the relaxed check also for the signature key:

In compliance with PKSC #1, the card checks that the DigestInfo in
the command data field is not longer than 40% of the length of the
modulus of the signature key, otherwise the command is rejected.

Shalom-Salam,

Werner

--
Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz.

_______________________________________________
Gnupg-devel mailing list
Gnupg-devel[at]gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-devel

Index | Next | Previous | View Threaded

Interested in having your list archived? Contact lists@gossamer-threads.com