Override smart card RSA secret key?
I am using smart card middleware and I need to add RSA-PSS signature scheme. I would like to redefine the code in Crypto ++ that is responsible for working with the secret key and gets everything else for free (PSS and PKCS padding). I figured out that this code in rsa.cpp
is what I want to rewrite differently for smart cards:
Integer InvertibleRSAFunction::CalculateInverse(RandomNumberGenerator &rng, const Integer &x) const
{
DoQuickSanityCheck();
ModularArithmetic modn(m_n);
Integer r, rInv;
do { // do this in a loop for people using small numbers for testing
r.Randomize(rng, Integer::One(), m_n - Integer::One());
rInv = modn.MultiplicativeInverse(r);
} while (rInv.IsZero());
...
At first I thought it could be done by subclassing RSA::PrivateKey
class MyPrivKey : public RSA::PrivateKey {
public:
template<typename... Args>
MyPrivKey(Args&&... args) : RSA::PrivateKey(std::forward<Args>(args)...) {}
Integer CalculateInverse(RandomNumberGenerator &rng, const Integer &x) const override {
return ... // do some smart card magic
}
};
And then passing this key to the object signer
MyPrivateKey privateKey(params);
// Signer object
RSASS<PSS, SHA1>::Signer signer(privateKey);
But I soon found out that all the components privateKey
(module, private and public exhibits, etc.) are just copied into the signer
internals. So overriding RSA::PrivateKey::CalculateInverse
doesn't really help.
Then I got lost in the templates and cried. I think there is a 0.0001% chance that someone can help me. I'll try my luck.
Full code of my example https://pastebin.com/Nwk4jX0j
source to share
Well I realized that I need to subclass more things
class SmartCardPrivateKey : public InvertibleRSAFunction {
public:
Integer CalculateInverse(RandomNumberGenerator &rng, const Integer &x) const override {
return ... // do smart card magic here
}
};
struct SmartCardRSA : public RSA {
typedef SmartCardPrivateKey PrivateKey;
};
template <class STANDARD, class H>
struct SmartCardRSASS : public TF_SS<SmartCardRSA, STANDARD, H> {
};
Then a custom subscriber object can be created
SmartCardRSASS<PSS, SHA1>::Signer signer
source to share