Hello, 2015-09-25 14:45 GMT+02:00 helpcrypto helpcrypto <helpcry...@gmail.com>: > But we still have the issue with the data sent from server. eg: server sent > "sign these 10 documents" to our opensource Java local application which > asks PKCS#11 to do it. > Anyone could decompile, and inject an 11th doc on the request.
Some cards can be configured so that the PIN have to be presented before _each_ signature. If the user knows he has 10 documents to sign and he is asked to enter his PIN 11 times then he should detect a problem. The user should verify after each signature that the document he wanted to sign is correctly signed. If not then he should suspect a problem. Maybe another document has been signed instead, or something went wrong. If you do not use a pinpad the PIN is available somewhere in RAM and a rogue software could use it. > That's what we are trying to avoid and our opinion is actually: if the > computer is compromised, you can't do anything. Exact. If the computer is compromised you have NO idea of what it is doing. Bye -- Dr. Ludovic Rousseau -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
