IASECC/CPX: proper set of RSA support

The previous commit was over simplified. According to the known mechanism, we should have the following scope: ./pkcs11-tool --module ../lib/onepin-opensc-pkcs11.so -M Using slot 0 with a present token (0x0) Supported mechanisms: SHA-1, digest SHA224, digest SHA256, digest SHA384, digest SHA512, digest MD5, digest RIPEMD160, digest GOSTR3411, digest RSA-X-509, keySize={512,2048}, hw, decrypt, sign, verify RSA-PKCS, keySize={512,2048}, hw, decrypt, sign, verify SHA1-RSA-PKCS, keySize={512,2048}, sign, verify SHA256-RSA-PKCS, keySize={512,2048}, sign, verify RSA-PKCS-PSS, keySize={512,2048}, hw, sign, verify SHA1-RSA-PKCS-PSS, keySize={512,2048}, sign, verify SHA256-RSA-PKCS-PSS, keySize={512,2048}, sign, verify
OpenSC · Feb 3, 2021 · 52148f8 · 52148f8
1 parent f8ce28b
commit 52148f8
Showing 1 changed file with 21 additions and 1 deletion.
diff --git a/src/libopensc/card-iasecc.c b/src/libopensc/card-iasecc.c
@@ -610,13 +610,33 @@ static int
 iasecc_init_cpx(struct sc_card *card)
 {
 	struct sc_context *ctx = card->ctx;
+	unsigned int flags; /* TBC it is not IASECC_CARD_DEFAULT_FLAGS */
 
 	LOG_FUNC_CALLED(ctx);
 
-	LOG_TEST_RET(ctx, sc_enum_apps(card), "Enumerate apps failed");
+	card->caps = SC_CARD_CAP_RNG; /* TBC it is not IASECC_CARD_DEFAULT_CAPS */
+
+#if 1
+	flags = SC_ALGORITHM_RSA_PAD_PKCS1;
+	flags |= SC_ALGORITHM_RSA_RAW;
+
+	/* No signature with contactless mode */
+	if (card->type == SC_CARD_TYPE_IASECC_CPXCL)
+		flags |= SC_ALGORITHM_RSA_HASH_NONE;
+	else
+		flags |= SC_ALGORITHM_RSA_HASH_SHA1    |
+		         SC_ALGORITHM_RSA_HASH_SHA256;
 
+	_sc_card_add_rsa_alg(card, 1024, flags, 0);
+	_sc_card_add_rsa_alg(card, 2048, flags, 0);
+	_sc_card_add_rsa_alg(card, 512, flags, 0);
+#else
 	_sc_card_add_rsa_alg(card, 1024, IASECC_CARD_DEFAULT_FLAGS, 0x10001);
 	_sc_card_add_rsa_alg(card, 2048, IASECC_CARD_DEFAULT_FLAGS, 0x10001);
+	_sc_card_add_rsa_alg(card, 512, IASECC_CARD_DEFAULT_FLAGS, 0x10001);
+#endif
+
+	LOG_TEST_RET(ctx, sc_enum_apps(card), "Enumerate apps failed");
 
 	LOG_FUNC_RETURN(ctx, SC_SUCCESS);
 }