I am ready to commit changes to OpenSC to allow use of EC keys.
So far only ECDSA is supported using named curves. I have been testing
using NSS-3.12.7 with Thunderbird to sign e-mail, as well as pkcs11-tool -s
to sign hashes. The signatures can be verified via OpenSSL, as well as
Entrust.
The "limited" support is based on:
I only have PIV cards that can do EC, and the card is emulating PKCS#15
Thus I don't have any true PKCS#15 cards to test.
I have not added support for ECDH yet.
libp11 and opensc-engine need additional changes.
The NSS-3.12.7 testing required code changed to NSS to get ECDSA working.
These have been turned in as Mozilla bugs 357025, 613496 and 613507.
Since the patch file is too large for the mailing list, I have submitted
the initial changes as bug #295 and can be viewd at:
https://www.opensc-project.org/opensc/attachment/ticket/295/ec.diff.20101122.txt
21 files are modified, with 1355 lines added, and 447 deleted/modified.
I would especially like the GOSTR maintainers to look at this closely, as many
of the flag tests and if statements where modified to support EC and hopefully
make it easier to add algorithms in the future.
Many of the changes below convert if statements to switch(key or algorithm)
to handle RSA, EC and GOSTR. The highlights of the changes are:
src/libopensc/internal.h
add definition of _sc_card_add_ec_alg to add EC algorithms.
src/libopensc/opensc.h
#define SC_ALGORITHM_ECDSA_RAW 0x00010000
Overload the SC_ALGORITHM_RSA_HASH_* flags, as the hash
is independent of RSA. Without this there are not enough
bits in the flags.
define the SC_ALGORITHM_EXT_EC_* flags, see PKCS#11 2.20
table 22.
add definition of sc_card_find_ec_alg
src/libopensc/pkcs15.h
add definitions of sc_pkcs15_pubkey_ec and sc_pkcs15_prkey_ec
add these to the sc_pkcs15_pubkey and sc_pkcs15_prkey
along with a field_length used much like the RSA modulus_length.
define SC_PKCS15_TYPE_PRKEY_EC and SC_PKCS15_TYPE_PUBKEY_EC
add definitions of sc_pkcs15_decode_pubkey_ec, sc_pkcs15_encode_pubkey_ec,
sc_pkcs15emu_add_ec_prkey and sc_pkcs15emu_add_ec_pubkey
src/pkcs11/pkcs11.h
define the CKF_EC_* flags used in PKCS#!! 2.20 table 22.
src/libopensc/cardctl.h
Modify a PIV-card structure.
src/libopensc/libopensc.exports
Add sc_pkcs15_decode_pubkey_ec and sc_pkcs15_encode_pubkey_ec
src/libopensc/pkcs15-algo.c
Add asn1_entry processing code for the EC_PARAM. FOr now
since only named cureves are supported, the parameters are not
decoded, but stored in DER which can be passed to PKCS#11.
src/libopensc/pkcs15-prkey.c
Only comments as no private key processing is done in software.
src/libopensc/pkcs15-pubkey.c
Some code placement comments to be filled in when someone has
has PKCS#15 card that can do EC.
routines sc_pkcs15_decode_pubkey_ec and sc_pkcs15_encode_pubkey_ec
to process the EC_POINTQ which is stored as a DER OCTET STRING,
when used by PKCS#11. X509 Certificates store the point as a
BIT STRING in place of an RSA public key. This then requires
some encoding of the point, when it is obtained form a certificate.
src/libopensc/pkcs15-sec.c
Many changes where needed to this routine because it was so RSA
specific. The initialization of the secv security environment
was cleaned up, so the senv.algorithm has the key type,
and other EC specific values and sets the senv.flags correctly.
For example ECDSA can not decrypt and does not use the PKCS padding.
src/libopensc/pkcs15-syn.c
Adds sc_pkcs15emu_add_ec_prkey and sc_pkcs15emu_add_ec_pubkey
src/libopensc/card.c
Adds _sc_card_add_ec_alg and sc_card_find_ec_alg
src/libopensc/padding.c
Also for the use of the padding routine by more then RSA.
SC_ALGORITHM_RAW_MASK is used to check for RSA, EC and GOSTR
that can all do RAW mode.
src/pkcs11/debug.c
print out CKA_ALWAYS_AUTHENTICATE if used.
src/pkcs11/mechanism.c
For signature switch on the key type, and pass in the EC_POINTQ
and parameters.
src/pkcs11/pkcs11-object.c
Comments that ECDH is needed.
src/pkcs11/framework-pkcs15.c
Redefine is_privkey, and is_pubkey to use a mask of key type
rather then if RSA or GOSTR.
routines for get_ec_pubkey_point and get_ec_pubkey_params
If uses PKCS15 emulation, use the emulated pubkey object,
rather then just reading the file. With EC there are parameters
that may have been setup.
Create the EC public and private key objects.
EC keys have different attributes then RSA, so all those to be
processed.
Register EC mechanisms, which also includes the PKCS#11 2.20 table 22
flags.
Comments that ECDH is still needed.
Each key mechanism may have its own ulMinKeySize and ulMaxKeySize.
This routine really needs to be rewritten, as the GOSTR and now the
EC keys are forced in to this RSA specific routine.
src/tools/pkcs11-tool.c
Allow -s to work with ECDSA.
Allow -O to print EC_PARAM and EC_POINTQ
src/libopensc/card-piv.c
Allow the use of EC as well as RSA keys.
The code to read in a RSA public key created by the piv-tool
has been move to pkcs15-piv.c, and can now read in an EC key.
src/libopensc/pkcs15-piv.c
Key usage bits are different for RSA and EC, so set the correct
flags when creating emulated objects. The user_consent is not
set so CKA_ALWAYS_AUTHENTICATE can be returned. Different keys
and objects require this.
src/tools/piv-tool.c
generated Public keys are now written by OpenSSL as DER EVP_PKEY
So both RSA and EC can be processed.
--
Douglas E. Engert <deeng...@anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
_______________________________________________
opensc-devel mailing list
opensc-devel@lists.opensc-project.org
http://www.opensc-project.org/mailman/listinfo/opensc-devel
