I was hoping someone could help me with the PIV smart card standard.
I would like to authenticate the smart card by making it sign a PKCS#1 padded nonce with the previously generated RSA 1024-bit modulus Digital Signature Key 0x9C. Here is what the output of my test application looks like:
Requesting Signature
Sending: 0087069C867C84820081800001FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00CB441C4A656E071F1FB9F31BC6AB1824324FB42780
Error: (6A80) Incorrect parameters in command data
And here is the breakdown:
00 - Not chained (chaining not required because message does not exceed max length)
87 - GENERAL AUTHENTICATE
06 - RSA 1024 Algorithm
9C - Digital Signature Key
86 - Length of data field
7C - Dynamic Authentication template identifier
84 - Length of dynamic authentication template
82 - Response
00 - Response length 0 (Response requested)
81 - Challenge
80 - Challenge length 128
0001FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00CB441C4A656E071F1FB9F31BC6AB1824324FB427 - PKCS #1 padded 20-byte Nonce (Padded with OpenSSL RSA_padding_add_PKCS1_type_1)
80 - Expected response length (128 bytes)
I have also run tests using all of the different keys (having generated all of them successfully already) and using chained messages vs single part messages. See further test data.
There was a bug with the PIV card applet loaded on my smart card. It will not sign any data that starts with 0x00. If you change the 0x00 to anything else (as long as the data as an integer is less than the modulus as an integer per requirement of the RSA algorithm) it will sign successfully. So of course this means these cards cannot sign any standard PKCS1 padded data :(
Thanks for the help