RE: [OCF] code protection of rsa keys

Mohammed SADIQ Fri, 25 May 2001 03:26:10 -0700
>I finally succeeded in granting ACs 80 00 / 80 00 / C0 80 to a RSA Keyfile
> never write, never update, external authentication for reading ). They are
>the same ACs like a transparent file on my GPK8000 card. When I want to
>access the transparent file, external authentification will be made.

Correction!
C0 xx => Never. 80 00 => File protected by 2 secret codes. Moreover the 2 secret codes 
are one and the same, which doesn't make much sense.

>The problem is, that I can still use the keys for signing a hash, without any 
>protection.

For to protect crypto operations, you need to fondle with the system record of the RSA 
file. Access Conditions only protect the Update/Write/Read operations.

>Is it possible to grant external-authentification access to a RSA key?

What do you mean by this? Could you please elaborate?

----------
Diplomat: 
A person who tells you to go to hell in such a way, 
that you actually look forward to the trip.

>-----Original Message-----
>From: Thimo von Rauchhaupt [mailto:[EMAIL PROTECTED]]
>Sent: Wednesday, May 23, 2001 5:41 PM
>To: [EMAIL PROTECTED]
>Subject: [OCF] code protection of rsa keys
>
>
>Hi there.
>
>I finally succeeded in granting ACs 80 00 / 80 00 / C0 80 to a RSA Keyfile
> never write, never update, external authentication for reading ). They are
>the same ACs like a transparent file on my GPK8000 card. When I want to
>access the transparent file, external authentification will be made. The
>problem is, that I can still use the keys for signing a hash, without any
>protection.
>
>I read a thread, that dealt with the same problem, but this 
>was one year
>ago. Does anyone know more?
>
>Is it possible to grant external-authentification access to a RSA key?
>
>Thanks in advance,
>Thimo
>
>
>
>
>---
>> Visit the OpenCard web site at http://www.opencard.org/ for more
>> information on OpenCard---binaries, source code, documents.
>> This list is being archived at 
http://www.opencard.org/archive/opencard/

! To unsubscribe from the [EMAIL PROTECTED] mailing list send an email
! to
!                           [EMAIL PROTECTED]
! containing the word
!                           unsubscribe 
! in the body.




---
> Visit the OpenCard web site at http://www.opencard.org/ for more
> information on OpenCard---binaries, source code, documents.
> This list is being archived at http://www.opencard.org/archive/opencard/

! To unsubscribe from the [EMAIL PROTECTED] mailing list send an email
! to
!                           [EMAIL PROTECTED]
! containing the word
!                           unsubscribe 
! in the body.
RE: [OCF] code protection of rsa keys

Reply via email to
