-
Notifications
You must be signed in to change notification settings - Fork 709
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OpenSC 0.25.1 + SmartCard-HSM 3.6 + brainpoolP256t1 = point is not on curve
#3164
Comments
I think this is a problem of OpenSSH. There is no support for brainpool curves in SSH specification so it should just ignore the brainpool keys. I would open an issue for OpenSSH for that in https://bugzilla.mindrot.org/ |
Interestingly, this error is only thrown against the twisted-curve I should have shown you more of the output; my apologies. Here we go:
To me, the fact that every line beginning with List of relevant software installed:
I really don't think the problem is in OpenSSH because the errors in question start with |
The error message in question comes from this line: Even though it might be that either OpenSSL or OpenSC presented the OpenSSH the key that is not valid for some reason, but unfortunately, this is where my experience with BP curves ends. |
Problem Description
Having a
brainpoolP256t1
key on a SmartCard-HSM (firmware 3.6, key created on-card using Smart Card Shell) results in the following errors being thrown when attempting to SSH into a machine and the keys on the card are retrieved, as well as whenssh-keygen -D /usr/lib/opensc-pkcs11.so -e
is invoked:Is this actually a problem with OpenSSL or OpenSSH?
The text was updated successfully, but these errors were encountered: