Skip to content

/ OpenSC

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

EstEID ECDSA token support #1158

Merged
merged 3 commits into from Oct 27, 2017
Merged

EstEID ECDSA token support #1158

merged 3 commits into from Oct 27, 2017

Conversation

@metsma
Copy link
Contributor

@metsma metsma commented Sep 27, 2017

Signed-off-by: Raul Metsma raul@metsma.ee

Checklist
  • Tested with the following card: EstEID 3.5 cold
    • tested PKCS#11
    • tested Windows Minidriver
    • tested macOS Tokend: Seems ECDSA is not supported OSX
@metsma
EstEID ECDSA token support
Loading status checks…
5be0497 
Signed-off-by: Raul Metsma <raul@metsma.ee>
@martinpaljak
martinpaljak reviewed Sep 27, 2017
View changes
src/libopensc/card-mcrd.c Outdated
flags = SC_ALGORITHM_ECDSA_RAW | SC_ALGORITHM_ECDH_CDH_RAW | SC_ALGORITHM_ECDSA_HASH_NONE;
ext_flags = SC_ALGORITHM_EXT_EC_NAMEDCURVE | SC_ALGORITHM_EXT_EC_UNCOMPRESES;
_sc_card_add_ec_alg(card, 256, flags, ext_flags, NULL);
_sc_card_add_ec_alg(card, 384, flags, ext_flags, NULL);

This comment has been minimized.

Sign in to view
@martinpaljak

martinpaljak Sep 27, 2017
Member

Just a single algorithm is supported.
@martinpaljak
martinpaljak reviewed Sep 27, 2017
View changes
src/libopensc/pkcs15-esteid.c Outdated
static const char *prkey_name[2] = {
"Isikutuvastus",
"Allkirjastamine"};

struct sc_pkcs15_prkey_info prkey_info;
struct sc_pkcs15_object prkey_obj;

if (field_length == 0)

This comment has been minimized.

Sign in to view
@martinpaljak

martinpaljak Sep 27, 2017
Member

Maybe move the usages above to a single if-then-else statement, to keep them all together.
@martinpaljak
martinpaljak reviewed Sep 27, 2017
View changes
src/libopensc/pkcs15-esteid.c Outdated
prkey_info.modulus_length = 2048;
else
prkey_info.modulus_length = 1024;
prkey_info.modulus_length = 1024;

This comment has been minimized.

Sign in to view
@martinpaljak

martinpaljak Sep 27, 2017
Member

1024b key cards are all gone now, support for older cards can be removed.

This comment has been minimized.

Sign in to view
@metsma

metsma Sep 27, 2017
Author Contributor

This is only ECDSA supprt, cleanup can be done separate PR
metsma added 2 commits Sep 27, 2017
@metsma
Only one curve is supported
Loading status checks…
96958aa 
Signed-off-by: Raul Metsma <raul@metsma.ee>
@metsma
Simplify if blocks
Loading status checks…
ae8055f 
Signed-off-by: Raul Metsma <raul@metsma.ee>
@frankmorgner
Copy link
Member

@frankmorgner frankmorgner commented Oct 17, 2017

@martinpaljak, I think all your comments have been considered and the code has been fixed. I think this can be merged, right?
@frankmorgner frankmorgner merged commit be35d3d into OpenSC:master Oct 27, 2017
2 checks passed
2 checks passed
continuous-integration/appveyor/pr AppVeyor build succeeded
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details
@metsma metsma deleted the metsma:ecdsa branch Oct 28, 2017
@metsma metsma mentioned this pull request Nov 6, 2017
Closed
metsma added a commit to metsma/OpenSC that referenced this pull request Nov 23, 2017
@metsma
EstEID ECDSA token support (OpenSC#1158)
cb73a14
@leio leio mentioned this pull request Nov 29, 2017
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@martinpaljak martinpaljak

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Linked issues

Successfully merging this pull request may close these issues.

None yet

3 participants
@metsma @frankmorgner @martinpaljak