Doug Engert
Doug Engert
And where are sm-iso.c and CAv2 and EAC? Note: NIST 800-73-4 4.1 The Key Establishment Protocol says: "The key establishment protocol for the PIV Card Application uses the One-Pass Diffie-Hellman,...
Note that NIST sp800-73-4 defines a version of SM, VCI and Pairing for use by the end user over contactless(NFC), but can be used over the contact interface. Part 2...
https://versasec.zendesk.com/hc/en-us/articles/360017812800-PIV-Settings also says: "For the management of **Oberthur tokens** and tokens that use **OpenPIV applet** it will be necessary to have knowledge of the card manager key for those tokens....
More on this subject after playing golf today.
If "Hash on card" is expecting software to do all but last round of hash, there is a problem. Also see https://github.com/OpenSC/OpenSC/pull/2506#discussion_r810282268 and htttps://github.com/openssl/openssl/issues/17688 OpenSC had one card that would...
Yes remove it On Tue, Mar 1, 2022, 5:21 PM Alex Wilson ***@***.***> wrote: > @dengert That doesn't sound like a problem > so much as a vote in favour...
OK, thanks for catching https://github.com/OpenSC/OpenSC/issues/2242 which only shows up if the asn1 tag length is not correct. If the PivApplet sends valid length, things will work. There is still a...
PivApplet does not appear to follow NIST or ISO standards in the following lines: https://github.com/arekinath/PivApplet/blob/806a035d39199c4d666b733e74194c35f0ff8063/src/net/cooperi/pivapplet/PivApplet.java#L871-L929 1. NIST sp800-73-3 list the required and optional tags it supports and does not list...
This is a chicken and egg problem... A driver would test for the 'AC' tag only if the driver supported the optional Secure Messaging defined in 800-73-4. because this it...
In SP-800-73-4 part 1, C.3 "PIV Algorithm Identifier Discovery for Secure Messaging" Has the above and it says "algorithms" So there can be more then one. Then it says: "The...