RE: [Muscle] Some Questions about Musclecard

[Peter Williams]

In my interpretation of the design intent behind the open source code , the 
muscle key policy intent was to act as a policy "control" - not as an 
communication signal for invoking mechanism through the API.

We know that the API enables a client to have the card use a given key in 
any of the mathematically possible uses that the core's ciphers support.  
The optional policy control on any given entry point may not allow this 
usage, however, enforcing such rules as:  an RSA signing key may not be used 
for RSA block encryption - a feature that the math supports, but goverments 
often counsel Internet users against (evidently with little success, note). 
Alternatively, it might codify the rule that a symmetric key designated as a 
transport encryption key (TEK) for other message encryption keys (MEKs) may 
not be used otherwise - ie.. the TEK may not encrypt message data, to 
strictly control the amount of ciphertext ever created under that key, and 
to use particular key streams for TEKs.

The X.509 certificate's key usage controls were an attempt to move such 
cipher/key usage control policies out of the trusted hardware device into 
the "per-user" controls expressed in their personal certificate. This trend 
may have explained why cipher/key policy/usage control work was not pursued 
within the  muscle trusted crypto module, as in 20 generations of earlier 
hardware crypto module designs.

The tide and trend has turned back - placing policy control back in the TPM 
chip in the cryptomodule/motherboard. This is becuase the generalized X.509 
usage controls failed to garner any adoption in Internet applications, where 
some authorities want them most deployed. I can discuss several hypotheses 
explaining the latter fact, in the bar. I can also make some predictions re 
adoption of TPM-enforced key usage controls, given Internet end-users are 
much better educated about the social motivations for crypto-level controls, 
these days.

From: "Matteo Ferrara" <[EMAIL PROTECTED]>
Reply-To: MUSCLE  <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Subject: [Muscle] Some Questions about Musclecard
Date: Thu, 21 Oct 2004 15:08:32 +0200
Good Morning,
I'm Matteo Ferrara and I work at the University of Computer Science in 
Cesena Italy.

I'm planning a simulator of a musclecard.
I have some questions:
1) In "MSCComputeCrypt" function there is a cryptInit parameter that it's a 
"MSCLPCryptInit" structure. It contain cipherMode and cipherDirection that 
they are "MSCUChar8" type. How do I make the
comparison between these and KeyPolicy of the key used in 
"MSCComputeCrypt"? (cipherMode and cipherDirection are "MSCUShort16" type)

2) In "musclecard.h" are defined:
#define MSC_MODE_RSA_NOPAD 0x00
#define MSC_MODE_RSA_PAD_PKCS1 0x01
#define MSC_MODE_RSA_PAD_OAEP 0x02
#define MSC_MODE_DSA_SHA 0x10
#define MSC_MODE_DES_CBC_NOPAD 0x20
#define MSC_MODE_DES_ECB_NOPAD 0x21
#define MSC_MODE_3DES_CBC_NOPAD 0x30
#define MSC_MODE_3DES_ECB_NOPAD 0x31
#define MSC_MODE_AES_CBC_NOPAD 0x40
#define MSC_MODE_AES_ECB_NOPAD 0x41
#define MSC_DIR_SIGN 0x01
#define MSC_DIR_VERIFY 0x02
#define MSC_DIR_ENCRYPT 0x03
#define MSC_DIR_DECRYPT 0x04
and
#define MSC_KEYPOLICY_MODE_RSA_NOPAD 0x0001
#define MSC_KEYPOLICY_MODE_RSA_PAD_PKCS1 0x0002
#define MSC_KEYPOLICY_MODE_DSA_SHA 0x0004
#define MSC_KEYPOLICY_MODE_DES_CBC_NOPAD 0x0008
#define MSC_KEYPOLICY_MODE_DES_ECB_NOPAD 0x0010
#define MSC_KEYPOLICY_MODE_RSA_PAD_OAEP 0x0020
#define MSC_KEYPOLICY_MODE_3DES_CBC_NOPAD 0x0040
#define MSC_KEYPOLICY_MODE_3DES_ECB_NOPAD 0x0080
#define MSC_KEYPOLICY_MODE_AES_CBC_NOPAD 0x0100
#define MSC_KEYPOLICY_MODE_AES_ECB_NOPAD 0x0200
#define MSC_KEYPOLICY_DIR_SIGN 0x0100
#define MSC_KEYPOLICY_DIR_VERIFY 0x0200
#define MSC_KEYPOLICY_DIR_ENCRYPT 0x0400
#define MSC_KEYPOLICY_DIR_DECRYPT 0x0800
Why these definitions are different??
3) In the "MSCTokenConnection" loggedIDs is a "MSCUChar8" (8 bit unsigned).
In "musclecard.h" are defined:
#define MSC_AUT_ALL 0x0000
#define MSC_AUT_NONE 0xFFFF
#define MSC_AUT_PIN_0 0x0001
#define MSC_AUT_PIN_1 0x0002
#define MSC_AUT_PIN_2 0x0004
#define MSC_AUT_PIN_3 0x0008
#define MSC_AUT_PIN_4 0x0010
#define MSC_AUT_KEY_0 0x0100
#define MSC_AUT_KEY_1 0x0200
#define MSC_AUT_KEY_2 0x0400
#define MSC_AUT_KEY_3 0x0800
#define MSC_AUT_KEY_4 0x1000
#define MSC_AUT_KEY_5 0x2000
#define MSC_AUT_USR_0 0x4000
#define MSC_AUT_USR_1 0x8000
How do I do to create a bitmask using these definitions in only 8 bit??

4) Where is the mistake in my reasoning?

Thank you very much for your helpful

Excuse me for my bad english
Matteo Ferrara
_______________________________________________
Muscle mailing list
[EMAIL PROTECTED]
http://lists.drizzle.com/mailman/listinfo/muscle

_______________________________________________
Muscle mailing list
[EMAIL PROTECTED]
http://lists.drizzle.com/mailman/listinfo/muscle