Menu
▾
▴
Re: [Globalplatform-developers] GP Data encryption
|
From: Karsten O. <wid...@t-...> - 2016-09-13 22:18:07
|
Hi, yes, I'm reading this list. Thanks for the patch. I will submit it the the master. Thanks, Karsten Am 13.09.2016 um 09:28 schrieb Sebastien Lorquet: > Hello again, > > Looks like that I need is: > > OPGP_ERROR_STATUS calculate_enc_ecb_two_key_triple_des(BYTE key[16], BYTE > *message, int messageLength, BYTE *encryption, int *encryptionLength) > > I have found the svn repo, will send a patch. > > Sébastien Lorquet > > Le 12/09/2016 à 16:23, Sebastien Lorquet a écrit : >> Hello, >> >> Is there someone still reading this list? >> >> I would like to follow up on this >> >> https://sourceforge.net/p/globalplatform/mailman/message/31626315/ >> >> I have to use this and would like to say a word about this encryption. >> >> It would not be wise to encrypt the full data field, because it is not always >> the real requirement: >> >> - GP Data encryption does not define padding so encrypted data length always has >> to be a multiple of 8 bytes. >> >> - Sometimes data is sent via DGIs (kind of TLV tags) and ONLY the DGI CONTENTS >> has to be enecrypted. And more than one DGI can be sent in the same STORE DATA APDU. >> >> So the real need is not an extension of sendApdu but a new API in globalPlatform.h: >> >> >> OPGP_API OPGP_ERROR_STATUS GP211_encrypt_data(GP211_SECURITY_INFO *secInfo, >> PBYTE *buffer, DWORD bufferLength); >> >> OPGP_API OPGP_ERROR_STATUS GP211_decrypt_data(GP211_SECURITY_INFO *secInfo, >> PBYTE *buffer, DWORD bufferLength); >> >> Since there is no padding, the input and output buffers always have the same >> length (multiple of 8 bytes) the data can be processed in place. >> >> Only thing these functions have to do is encrypt/decrypt using triple-DES ECB >> with 2 keys. >> >> What is the proper development process to get this implemented and included in >> the next releases ? It is a valuable addition to GlobalPlatform library. >> >> Thanks for reading, >> > ------------------------------------------------------------------------------ > _______________________________________________ > Globalplatform-developers mailing list > Glo...@li... > https://lists.sourceforge.net/lists/listinfo/globalplatform-developers |
