Slovak eID Decryption tool is util for encryption certificate extraction, from Slovak eID card, encrypt any file using encryption certificate and decrpt encrypted file using Slovak eID card.
This program use AES-256 CBC for file encryption and RSA 3072 with RSA PKCS1 padding for wrapping AES key (Slovak eID support RSA 3072 and PKCS1 padding).
This project aim to education PKCS#11 standard and using using Slovak eID.
Used:
- .Net Core 2.1 - multi-platform,
- PKCS#11 Interop for communication with eID "driver" (or other hardware token),
- commandline for parsing command line arguments.
- .Net Core SDK 2.1 for build,
- Slovak eID card,
- Driver for smart card reader (from Slovensko.sk),
- Application eID klient (from Slovensko.sk).
Bob has Slovak eID card, Alice wants to send SeecritFile.zip to Bob.
Offset (bytes) | Size (bytes) | Description |
---|---|---|
0 | 8 | ASCII string "SkEidDT_" |
8 | 2 | Container version (1) |
10 | 4 | Reserved (must contain zeroes) |
14 | 4 | Key type (RSA2048, RSA3072, RSA4096) |
20 | 8 | Size of encrypted data |
28 | 40 | Encrypted certificate thumbprint as ASCII string |
68 | [by Key type] | Encrypted AES-256 key. |
? | 16 | IV for AES-256 |
? | ? | Encrypted section data |
Offset (bytes) | Size (bytes) | Description |
---|---|---|
0 | 16 | Random seed |
16 | 4 | Size of additional padding size |
20 | 4 | Size of file name |
24 | ? | Random data section |
? | ? | Name of file as UTF-8 string |
? | ? | Data |
This project is technology demo. For real secrets use trusted programs e.g. VeraCrypt.