PIV, sc-hsm, myeid: register ECDH card capabilites
Prior to 066132327c71300188aa66180fde2fb3d90c5140, CKM_ECDH1_DERIVE and CKM_ECDH1_COFACTOR_DERIVE were always registered for cards that support SC_ALGORITHM_ECDSA_RAW. The mentioned commit changed this behavior, so that the ECDH mechanisms are only registered for cards that set the SC_ALGORITHM_ECDH_CDH_RAW capability flag. To keep the existing behavior for the cards, they need to set this flag in the card driver.
This commit is contained in:
parent
78e434da93
commit
4142456c74
|
@ -160,7 +160,7 @@ static int myeid_init(struct sc_card *card)
|
|||
card->version.fw_major >= 4) {
|
||||
int i;
|
||||
|
||||
flags |= SC_ALGORITHM_ECDSA_RAW;
|
||||
flags |= SC_ALGORITHM_ECDSA_RAW | SC_ALGORITHM_ECDH_CDH_RAW;
|
||||
ext_flags = SC_ALGORITHM_EXT_EC_NAMEDCURVE | SC_ALGORITHM_EXT_EC_UNCOMPRESES;
|
||||
|
||||
for (i=0; ec_curves[i].curve_name != NULL; i++)
|
||||
|
|
|
@ -2881,7 +2881,7 @@ static int piv_init(sc_card_t *card)
|
|||
_sc_card_add_rsa_alg(card, 2048, flags, 0); /* optional */
|
||||
_sc_card_add_rsa_alg(card, 3072, flags, 0); /* optional */
|
||||
|
||||
flags = SC_ALGORITHM_ECDSA_RAW;
|
||||
flags = SC_ALGORITHM_ECDSA_RAW | SC_ALGORITHM_ECDH_CDH_RAW;
|
||||
ext_flags = SC_ALGORITHM_EXT_EC_NAMEDCURVE | SC_ALGORITHM_EXT_EC_UNCOMPRESES;
|
||||
|
||||
_sc_card_add_ec_alg(card, 256, flags, ext_flags, NULL);
|
||||
|
|
|
@ -1044,6 +1044,7 @@ static int sc_hsm_init(struct sc_card *card)
|
|||
_sc_card_add_rsa_alg(card, 2048, flags, 0);
|
||||
|
||||
flags = SC_ALGORITHM_ECDSA_RAW|
|
||||
SC_ALGORITHM_ECDH_CDH_RAW|
|
||||
SC_ALGORITHM_ECDSA_HASH_NONE|
|
||||
SC_ALGORITHM_ECDSA_HASH_SHA1|
|
||||
SC_ALGORITHM_ECDSA_HASH_SHA224|
|
||||
|
|
Loading…
Reference in New Issue