Good ole Microshaft. They've long had a history of writing non-standard crypto to try use their dominant position in the desktop market to force their shoddy half baked ideas on the industry. <Replied from my mobile so please excuse the fat fingering & lack of PGP. I advise that any technical info in this email be subject to external scrutiny> -- At the time of writing, no warrants have been served to me, nor am I under any legal compulsion concerning the CipherShed project. I do not know of any searches of seizures of my assets. On Tuesday, June 24, 2014, Jason Pyeron <jpyeron@xxxxxxxx> wrote: > I have spent the last 2 weeks trying to sign my blody git commit with my > smart > card. > > I have a gemalto card, there are docs for the ADPU comamnds and it does not > follow the ISO or NIST standards correctly. > > Microsoft in their infinite wisdom decided that if you are doing an RSA > operation, that you must let them do the padding for you, and their > padding does > not jive with PGP's desired padding. > > So now I am trying to write an man in the middle logging framework for the > winscard.dll to log the ADPU commands that are being send by the "middle > ware" I > mean crapware from ActivIdentity, who will not release their PKCS11 API > docs > either. > > So I am left with the following choices: > > 1. Update GIT to support S/MIME signatures > 2. successfully reverse engineer the APDU comamnds by making a man in the > middle > winscard.dll > 3. hacking the microsoft windows crypt API to add in a 2048 bit non-hash > hash > function to create a valid HCRYPTHASH reference > 4. hacking the HCRYPTHASH references to convience CryptSignHashW to allow > arbitrary data of arbitrary length to be signed. > 5. hope that PGP never creates a hash larger than 288 bits (number bigger > than > 256**36) to be signed > > I hate supid crypto. Why do people mess it up so much?!?!?! > > -- > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > - - > - Jason Pyeron PD Inc. http://www.pdinc.us - > - Principal Consultant 10 West 24th Street #100 - > - +1 (443) 269-1555 x333 Baltimore, Maryland 21218 - > - - > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > This message is copyright PD Inc, subject to license 20080407P00. > > -- -- At the time of writing, no warrants have ever been served to me, nor am I under any personal legal compulsion concerning the CipherShed project. I do not know of any searches or seizures of my assets.