Skip to content
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.

Commit d831a10

Browse files
authoredJun 10, 2025
Merge pull request #239 from YourMJK/docs-piv-signing-der-encoding
docs: Fix docs about encodings for PIV signing command
2 parents 94f7903 + c14c479 commit d831a10

File tree

2 files changed

+7
-6
lines changed

2 files changed

+7
-6
lines changed
 

‎docs/users-manual/application-piv/apdu/auth-sign.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -97,7 +97,7 @@ The signature is returned encoded as follows,
9797

9898
For example, with RSA-2048, the signature will be
9999

100-
7C 82 01 04 82 828 01 00 <256-byte signature>
100+
7C 82 01 04 82 82 01 00 <256-byte signature>
101101

102102
With ECC-P256, the signature will be
103103

‎docs/users-manual/application-piv/commands.md

Lines changed: 6 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -883,21 +883,22 @@ For example, if using PKCS 1 v 1.5, before calling, build the following block.
883883
884884
For a 2048-bit key, the block is 256 bytes long (the leading 00 byte is one of the 256).
885885
886-
If the digest algorithm is SHA-256, the DER of the DigestInfo will be 49 bytes long:
886+
If the digest algorithm is SHA-256, the DER of the DigestInfo will be 51 bytes long:
887887
888-
30 2f
889-
30 0b
888+
30 31
889+
30 0d
890890
06 09
891891
60 86 48 01 65 03 04 02 01
892+
05 00
892893
04 20
893894
<32-byte digest>
894895
895896
The block to pass to the YubiKey will be
896897
897-
00 01 FF FF ... FF 00 \<49-byte DER of DigestInfo\>
898+
00 01 FF FF ... FF 00 \<51-byte DER of DigestInfo\>
898899
^ ^
899900
| |
900-
-------------- 204 bytes of 0xFF
901+
-------------- 202 bytes of 0xFF
901902
```
902903

903904
PSS (Probabilistic Signature Scheme) is much more complicated. If you want to learn how to

0 commit comments

Comments
 (0)
Please sign in to comment.