Peter Williams wrote:
Can anyone explain the muscle applet external authentication code's
design, to me?
Hi,
the intended usage of the protocol command is straightforward: allow the
other end communicating with the card to prove possession of a
cryptographic key, either providing an encryption of the card-generated
challenge, or providing a signature on the card-generated challenge.
In the first case, the ExtAuth command is invoked with parameters
analogous to an MSCComputeCrypt invokation for decrypting a
cryptogram (by using an on-card symmetric key or asymmetric public key).
In the latter one, it is invoked with parameters
analogous to an MSCComputeCrypt invokation for verifying a signature
(by using an on-card asymmetric public key).
In either cases, no data is returned to the application, but only the
result of the test: SUCCESS if it succeeded and the corresponding
identity was logged in, AUTH_FAILED if cryptogram verification failed,
or one of the other possible errors.
Are you claiming the Applet code has a bug/misbehaviour in case (b) ?
Please, send me the version you're referring to in your message, as it's
a while I just use to play with an internal version at our lab for
biometrics related stuff.
((maybe a key should be provided with a restriction on the allowed
ExtAuth modes of operation when it is created/injected for increasing
security .... anyway, in the first protocol formulation there were not
so many choices :-) ))
(a) when cipher-dir == CD_VERIFY, the applet will verify an MD5RSA
signature (over the Value of challenge object), and perform strongLogon,
if the verification suceeds.
(b) when cipher-dir == CD_DECRYPT, the applet will decrypt the incoming
ciphertext using TDES_CBC_NOPAD, compare the plaintext for equality with
the stored challenge value V, and reflect the plaintext value back to
the consumer (over an insecure channel), if there is a match, without
performing strongLogon.
What is the context for (b)? How is it to be used? Is there any host
sample code? Are (a) and (b) supposed to be used in conjunction, perhaps?
Once upon a time, all of this was tested. If I manage to find the old
test programs, I'll be more than happy to send them to you. As an
alternative, maybe I have at reach some test code for the JNI bridge of
MuscleCard API -- have to check --... it might also be the case that
just writing a short program is actually faster than searching this old
stuff :-)
Bye,
Tommaso.
--
,----------------------------------------------------.
| Tommaso Cucinotta PhD <t.cucinotta *at* sssup.it> |
>----------------------------------------------------<
! Scuola Superiore di Studi Universitari !
! e Perfezionamento S.Anna !
! Pisa Italy !
`----------------------------------------------------'
_______________________________________________
Muscle mailing list
[email protected]
http://lists.drizzle.com/mailman/listinfo/muscle
