|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
RE: [Muscle] X509Certificate
From: Peter Williams (home_pw
msn.com)
Date: Sun May 16 2004 - 12:43:07 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I think you may be missing the point of the architecture - which I assume is
a PKCS#11 implementation mechanism from the mozilla world. I could be wrong
on this: I have not actually read the code that creates the msucle
access-controlled objects.
But architecturally:
(a) Its quite appropriate for a crypto interface to decode the cert, verify
its signature and chain of control, and then store components on the
javacard for use within the card's crypto boundary. Verify cert control data
once, trust the card n times during protocol runs to perform signature
verifications based on trusted parameters in the objects. Its like the
theory of airports: once you are in the controlled boundary, you can enter
any other airport without a further check by using the transit system. This
policy is ok, for certain static threat classes.
(b) If you want the card alternatively to merely act as a filestore for the
DER-encoded cert, and a cert chain, then you really want the alternative
architecture: the microsoft-style world of letting the card be a
"certificate store", that other security devices use as a cache of (assumed
unverified) certs. In this world, the pulling device must re-verify the
control channel data in the cert chain, and it must conformantly process the
control data. This architecture addresses a minimal sets of threats:
availability of necessary parameters. It offers a mobility benefit, and not
much else.
(a) and (b) are very different in the assumptions about conformance
obligations and trusted component status. And they are not the only models,
either.
In my design, I chose to store certs in a bucket of muscle objects, do a
simple graph search to locate the desired chain, and then decode each cert
veryfing signatures along the line. This eases the burden on the
provisioning system AND the control enforcement system, and helps justy a
32-bit ARM national id card processor. While the card is not doing finger
print matching, it can surely do something much less complex and resouce
intensive - like a bit of cert chain handling.
>From: vladimir lenin <chip_daleusyahoo.com>
>Reply-To: MUSCLE <musclelists.musclecard.com>
>To: musclelists.musclecard.com
>Subject: [Muscle] X509Certificate
>Date: Sun, 16 May 2004 09:57:46 -0700 (PDT)
>
>Hello
>I downloaded a class 1 digital certificate onto the
>musclecard. so four objects are created with id's
>"c0", "C0", "k0", "k1". some hold the certificate data
>and the others hold public and private keys. How can I
>create an X.509 certificate from these so that it
>contains the public key so I can use it for signature
>verification purposes
>thank you
>
>
>
>
>
>
>__________________________________
>Do you Yahoo!?
>SBC Yahoo! - Internet access at a great low price.
>http://promo.yahoo.com/sbc/
>_______________________________________________
>Muscle mailing list
>Musclelists.musclecard.com
>http://lists.drizzle.com/mailman/listinfo/muscle
_______________________________________________
Muscle mailing list
Musclelists.musclecard.com
http://lists.drizzle.com/mailman/listinfo/muscle
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]