Skip to content

v0.5 RSA 2048 Resident Keys Support

Pre-release
Pre-release

Choose a tag to compare

View all tags
@szszszsz szszszsz released this 01 Oct 16:58
· 115 commits to main since this release
v0.5
This tag was signed with the committer’s verified signature. The key has expired.
szszszsz Szczepan Zalega
GPG key ID: D9BAE35991DE5B22
Expired
Verified
Learn about vigilant mode.
22d7a96
This commit was signed with the committer’s verified signature. The key has expired.
szszszsz Szczepan Zalega
GPG key ID: D9BAE35991DE5B22
Expired
Verified
Learn about vigilant mode.

Support RSA 2048 Resident Keys:

  • import
  • sign
  • decrypt
  • read public key

Documentation is updated with the new details regarding RSA keys:

No new commands, but instead a new parameter for the Resident Key import. The keyhandle received can be then used as with any other key.
Signing operation for RSA keys uses PKCSv15 padding and SHA256 as the hash. The only supported size for the RSA keys is RSA 2048.
RSA raw keys have to be encoded in PKCS#8 DER.

Due to the technical difficulties this release is available only as a simulation binary, signed with a GPG key [email protected]:

sz@stumpy ~/w/w/nitrokey-webcrypt-rust (rsa) [SIGINT]> gpg2 --verify *sig
gpg: assuming signed data in 'nitrokey-webcrypt-udp-simulation-v0.5'
gpg:                using RSA key 868184069239FF65DE0BCD7DD9BAE35991DE5B22
gpg: Good signature from "Szczepan Zalega <[email protected]>" [ultimate]
gpg:                 aka "Szczepan Zalega (Nitrokey) <[email protected]>" [ultimate]
Assets 5
Loading