Re: [Muscle] pkcs11 and MuscleCard

Sat, 15 Mar 2014 07:23:22 -0700

Remark: when directely using MSC-Functions, the RSA-public-key-blob returned, is correctely including 
the modulus and the public exponent, (which is 2^16+1).
wully

On 15.03.2014 15:07, wully wrote:

Hi
I have further investigated the musclecard. Now, I can use pkcs11 for creating objects, loading RSA-keys, encrypting and decrypting (with RSA_NO_PAD). I am very pleased, that this is starting to work... 

But I have noticed something strange:
when loading an RSA-keypair from the host to the empty musclecard, there are created THREE 
key-objects. I would expect TWO.

----------- snippet from the modified muscletest output ----
Verify default PIN          : Successful
Currently logged identities : 0002
CreateObject returns        : Successful
WriteObject returns         : Successful
ReadObject returns          : Successful
Object data                 : MUSCLE VIRTUAL CARD.
Data comparison             : Successful

Listing objects             : Successful
------------------------------------------------------
           Object ID  Object Size   READ  WRITE  DELETE
   -----------------  -----------   ----  -----  ------
                  c1           50   0000   0000    0000
                  k2          512   0000   0002    0002
                  k1          912   0002   0002    0002
                  k0          512   0000   0002    0002
------------------------------------------------------

Free object memory          : 00003948
DeleteObject returns        : Successful
Free object memory          : 00004014
GetChallenge returns        : Successful
Random data                 : 21 EE 14 0B D4 7A 21 19
----------- end snippet ----------


Object c1 is created (and afterwards deleted) by muscletest. That is ok.
as one can see, the object with ID k2 is created in addition to the two k0(public) and k1(private). 
From the pkcs11-trace, I see, that k2 contains the same public key as k0.
But when asking the CKA_PUBLIC_EXPONENT from k0, I get CKR_ATTRIBUTE_TYPE_INVALID. 
The CKA_MODULUS is ok.
In the pkcs11-trace, the key k2 contains such an attribute, but in k0, the attribute is removed. 
Why? No idea.
I will try, to access k2 (which I did not create) and see, wether the CKA_PUBLIC_EXPONENT will be given. 

wully







_______________________________________________
Muscle mailing list
Muscle@lists.musclecard.com
http://lists.musclecard.com/mailman/listinfo/muscle_lists.musclecard.com

Reply via email to