RE: [Muscle] Question

Fri, 22 Oct 2004 06:50:11 -0700

To use the ComputeCrypt function as intended, one needs to understand its nature.

The ComputeCrypt function assumes streaming: i.e. you loop through the function n+1 times for n fragments of plaintext to be signed/verified, and once more to then collect the results of the RSA operation upon the hash value retained as an internal variable within the state machine.

This type of API is common practice in hardware crypto device design, as the lifecycle of the crypto module session requires different levels and types of access depending on the session phase. At initialization, one needs to have authorization to invoke the algorithm (e.g. the core can access the bus to the crypto co-processor) and configure probably sensitive IVs or public key community parameters such as e, or gpq from secure storage on secure eeproms within the chip package. During the processing phase, one needs authorization to access the internal variable retaining the current hash/compression result, for that data handling session - during which your handle to the session must remain provably valid - remembering that a multiple session device design must assume the application data stream has multiple parallel crypto streams within. In the final phase, obviously one needs access to signing/verification public key(s) to perform the relevant public key transform(s).

From: "Matteo Ferrara" <[EMAIL PROTECTED]>
Reply-To: MUSCLE  <[EMAIL PROTECTED]>
To: "MuscleCard Mailing List" <[EMAIL PROTECTED]>
Subject: [Muscle] Question
Date: Fri, 22 Oct 2004 09:43:55 +0200

Good Morning,


in MSCComputeCrypt function in MSC_DIR_VERIFY mode, the return values are MSC_SUCCESS if the signature is valid otherwise MSC_SIGNATURE_INVALID if the signature is invalid.

For the verification of a signature I need to have the signature data and the plaintext but in the function I have only a input parameter pInputData.

Moreover, in MSC_DIR_SIGN do I have to digest the pInputData before the signing? I think that the digest's operations are used before to call the MSCComputeCrypt function.


Excuse me for my bad english.

Thank you very much.

Matteo Ferrara

_______________________________________________
Muscle mailing list
[EMAIL PROTECTED]
http://lists.drizzle.com/mailman/listinfo/muscle



_______________________________________________
Muscle mailing list
[EMAIL PROTECTED]
http://lists.drizzle.com/mailman/listinfo/muscle

Reply via email to