X25519 improvements 2 in PKCS11-tool, PKCS15 routines and tools and openpgp #3090

On branch X25519-improvements-2 Changes to be committed: modified: tools/pkcs11-tool.c

1.3.6.1.4.1159.15.1 should be 1.3.6.1.4.11591.15.1 openpgp writes 2B 06 01 04 01 DA 47 0F 01 to card which comes from OID 06 09 2B 06 01 04 01 DA 47 0F 01 https://lapo.it/asn1js/ (asn.1 parser) reports this as: OBJECT IDENTIFIER 1.3.6.1.4.1.11591.15.1 curve25519 (GNU encryption algorithm) https://www.gnupg.org/oids.html lists this as Ed25519 On branch X25519-improvements-2 Changes to be committed: modified: tools/pkcs11-tool.c

…RYPT On branch X25519-improvements-2 Changes to be committed: modified: tools/pkcs11-tool.c

OpenSSL treats EVP_PKEY_EC, EVP_PKEY_X25519 and EVP_PKEY_X448 as different key types. Refer to the other key as a peer key. Use mech_mech as it is passed into derive_ec_key. On branch X25519-improvements-2 Changes to be committed: modified: src/tools/pkcs11-tool.c

On branch X25519-improvements-2 Changes to be committed: modified: tools/pkcs11-tool.c

EVP_KEY_X25519 is defined but not EVP_KEY_X448. Test if defined. Changes to be committed: modified: src/tools/pkcs11-tool.c

CKA_EC_POINT for eddsa and xeddsa are bit strings. Changes to be committed: modified: src/tools/pkcs11-tool.c

Accept either encoding. On branch X25519-improvements-2 Changes to be committed: modified: src/tools/pkcs11-tool.c

On branch X25519-improvements-2 Changes to be committed: modified: pkcs11-tool.c

…NTGOMERY Remove redundent code for struct sc_pkcs15_prkey_eddsa eddsa. Please enter the commit message for your changes. Lines starting

On branch X25519-improvements-2 Changes to be committed: modified: libopensc/pkcs15-prkey.c modified: libopensc/pkcs15-pubkey.c

In previous OpenSC code EC public key is called a ec_pointQ. EDDSA and XEDDSA called it public. Both are stored asvalue and len. So to simplify the code, we use the same structures. The difference comes when they are returned in pkcs11. EC is encoded in an OCTET STRING, The others are iencoded in a BIT STRING. Changes to be committed: modified: src/libopensc/card-openpgp.c

Improvments to allow for key generation via pkcs11 or pkcs15 Date: Sat Dec 9 18:57:26 2023 -0600 On branch X25519-improvements-2 Changes to be committed: modified: pkcs15init/pkcs15-lib.c modified: pkcs15init/pkcs15-openpgp.c

This will add PKCS11 key gen mechanisms. On branch X25519-improvements-2 Changes to be committed: modified: src/libopensc/card-openpgp.c

GnuPG says with version 5 cards, the RFC8410 OIDs can be written to the card so we will accept these and if needed use the older OpenPGP curves on older cards within the card-openpgp.c ec_params using the printablestring will be mapped to ones with OIDs if possible/ Date: Sun Dec 10 17:08:05 2023 -0600 On branch X25519-improvements-2 Changes to be committed: modified: libopensc/pkcs15-pubkey.c

Changes to be committed: modified: src/tools/pkcs15-init.c

Changes to be committed: modified: libopensc/pkcs15-algo.c

The mapping of curve OIDs to be written to a card is moved from pkcs15init/pkcs15-openpgp.c to card-openpgp.c pkcs15init/pkcs15-openpgp and pkcs11 can then provide old or new OIDSs. The card driver will remap if needed. Date: Mon Jan 15 13:00:51 2024 -0600 Changes to be committed: modified: src/libopensc/card-openpgp.c modified: src/libopensc/card-openpgp.h modified: src/pkcs15init/pkcs15-openpgp.c

On branch X25519-improvements-2 Changes to be committed: modified: pkcs15init/pkcs15-openpgp.c

Accept any case of curve names but pass corrected case to lower level routines. On branch X25519-improvements-2 Changes to be committed: modified: tools/pkcs15-init.c

fix so will compile on mingw Date: Sat Jan 20 12:43:26 2024 -0600 Changes to be committed: modified: src/libopensc/card-openpgp.c modified: src/libopensc/card-openpgp.h

Changes to be committed: modified: doc/tools/pkcs15-init.1.xml

PKCS11 V2.4 and V3.0 added CKA_PUBKEY_KEY_INFO as SPKI from pubkey On branch X25519-improvements-2 Changes to be committed: modified: framework-pkcs15.c

See opensc issue OpenSC#3000 On branch X25519-improvements-2 Changes to be committed: modified: libopensc/card-openpgp.c modified: libopensc/pkcs15-pubkey.c modified: tools/pkcs11-tool.c modified: tools/pkcs15-init.c

p11test is still using old way. On branch X25519-improvements-2 Changes to be committed: modified: pkcs15-pubkey.c

Added github/restart-pcscd.sh On branch X25519-improvements-2 Changes to be committed: modified: test-oseid.sh

This is unrelated to to the PR so if needed submit as seperate PR This reverts commit 00c4a73. On branch X25519-improvements-2 Changes to be committed: modified: .github/test-oseid.sh

On branch X25519-improvements-2 Changes to be committed: modified: pkcs15-pubkey.c

As suggested in comments in OpenSC#3090 simplify code when clearing a pubkey. Not shown in diff next line is: sc_mem_clear(key, sizeof(*key)); Date: Thu Mar 28 15:37:32 2024 -0500 On branch X25519-improvements-2 Changes to be committed: modified: pkcs15-pubkey.c

Code style from yshui/git-clang-format-lint On branch X25519-improvements-2 Changes to be committed: modified: pkcs15-pubkey.c

Code style from yshui/git-clang-format-lint On branch X25519-improvements-2 Changes to be committed: modified: src/libopensc/card-openpgp.c

Code style from yshui/git-clang-format-lint On branch X25519-improvements-2 Changes to be committed: modified: src/pkcs11/framework-pkcs15.c

Code style from yshui/git-clang-format-lint On branch X25519-improvements-2 Changes to be committed: modified: src/libopensc/pkcs15-algo.c

Code style from yshui/git-clang-format-lint On branch X25519-improvements-2 Changes to be committed: modified: src/tools/pkcs15-init.c

As suggeseted by .github/workflows/doc.yml On branch X25519-improvements-2 Changes to be committed: modified: files/files.html modified: tools/tools.html

On branch X25519-improvements-2 Changes to be committed: modified: pkcs15-pubkey.c

On branch X25519-improvements-2 Changes to be committed: modified: libopensc/card-openpgp.c

On branch X25519-improvements-2 Changes to be committed: modified: libopensc/pkcs15-algo.c

On branch X25519-improvements-2 Changes to be committed: modified: libopensc/pkcs15-prkey.c

On branch X25519-improvements-2 Changes to be committed: modified: tools/pkcs11-tool.c

On branch X25519-improvements-2 Changes to be committed: modified: libopensc/pkcs15-pubkey.c

Make it easier to tell difference between EC, EDDSA and XEDDSA On branch X25519-improvements-2 Changes to be committed: modified: src/libopensc/opensc.h modified: src/libopensc/pkcs15-pubkey.c

On branch X25519-improvements-2 Changes to be committed: modified: src/libopensc/card-openpgp.c modified: src/libopensc/card-openpgp.h

Changes to be committed: modified: libopensc/card.c

On branch X25519-improvements-2 Changes to be committed: modified: libopensc/pkcs15-pubkey.c

Two fields were being copied from the dst the src sc_copy_ec_params is only used in pkcs15init/pkcs15-lib.c On branch X25519-improvements-2 Changes to be committed: modified: libopensc/card.c

On branch X25519-improvements-2 Changes to be committed: modified: ../pkcs15init/pkcs15-lib.c

On branch X25519-improvements-2 Changes to be committed: modified: card.c

…DSA work On branch X25519-improvements-2 Changes to be committed: modified: src/pkcs15init/pkcs15-openpgp.c

On branch X25519-improvements-2 Changes to be committed: modified: libopensc/card-openpgp.c

Changes to be committed: modified: pkcs15init/pkcs15-lib.c

…en_info keytype is used to map SC_ALGORITHM_* to/from SC_OPENPGP_KEYALGO_* On branch X25519-improvements-2 Changes to be committed: modified: libopensc/cardctl.h modified: libopensc/pkcs15-prkey.c modified: pkcs15init/pkcs15-lib.c modified: pkcs15init/pkcs15-openpgp.c

sc_clear_ec_params used free allocated menory and clear other data in struct sc_ec_parameters On branch X25519-improvements-2 Changes to be committed: modified: libopensc/opensc.h

Add support write_object support for ED448 and X448 objects, but no cards current suported by OpenSC implement these. Fix bug with n_attrs in derive-ec-key. Allow read_object of an EC_POINT to be in either OCTET_STRING or BIT_STRING On branch X25519-improvements-2 Changes to be committed: modified: tools/pkcs11-tool.c

sc_clear_ec_params clears an struct sc_ec_parameters by freeing allocated memory. card_find_alg will first check if info->algroithm is one that uses sc_ec_parameters and then checks that the OIDs match. then check if keylength match. On branch X25519-improvements-2 Changes to be committed: modified: libopensc/card.c

Fix several problems with use of sc_ec_parameters On branch X25519-improvements-2 Changes to be committed: modified: pkcs15init/pkcs15-lib.c

Improvments and fixes for mem leaks and GUNK and mapping RFC8410 OIDs. When writing or generating a key add all known algs to card->algrorithms. Fix some BYTES4BITS bugs and formating. Add note about borblems trying to store RFC8410 type key. On branch X25519-improvements-2 Changes to be committed: modified: libopensc/card-openpgp.c modified: pkcs15init/pkcs15-openpgp.c

On branch X25519-improvements-2 Changes to be committed: modified: libopensc/libopensc.exports

Base OIDs for EDWARDS and MONTGOMERY keys on the size of ecpointQ bewween 32 for 25519 and 56 for 448 keys. On branch X25519-improvements-2 Changes to be committed: modified: pkcs11/framework-pkcs15.c

On branch X25519-improvements-2 Changes to be committed: modified: pkcs15init/pkcs15-isoApplet.c

Various changes for RFC8410 curves On branch X25519-improvements-2 Changes to be committed: modified: libopensc/pkcs15-algo.c modified: libopensc/pkcs15-prkey.c modified: libopensc/pkcs15-pubkey.c

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

X25519 improvements 2 in PKCS11-tool, PKCS15 routines and tools and openpgp #3090

X25519 improvements 2 in PKCS11-tool, PKCS15 routines and tools and openpgp #3090

Commits on May 17, 2024

X25519 improvements 2 in PKCS11-tool, PKCS15 routines and tools and openpgp #3090

Are you sure you want to change the base?

X25519 improvements 2 in PKCS11-tool, PKCS15 routines and tools and openpgp #3090

Commits on May 17, 2024