Merge pull request #319 from CardContact/add-sec-k-curves

sc-hsm: Add support for Koblitz curves secp192k1 and secp256k1 (Bitcoin)
2014-12-06 23:22:43 +01:00 · 2014-12-06 23:22:43 +01:00 · a2ba4d3bae
parent b18c86e646 d014056f1d
commit a2ba4d3bae
5 changed files with 30 additions and 5 deletions
--- a/src/libopensc/card-sc-hsm.c
+++ b/src/libopensc/card-sc-hsm.c
@ -1049,9 +1049,10 @@ static int sc_hsm_init(struct sc_card *card)
 		SC_ALGORITHM_ONBOARD_KEY_GEN;

 	ext_flags = SC_ALGORITHM_EXT_EC_F_P|
-		    SC_ALGORITHM_EXT_EC_ECPARAMETERS|
-		    SC_ALGORITHM_EXT_EC_UNCOMPRESES|
-		    SC_ALGORITHM_ONBOARD_KEY_GEN;
+			SC_ALGORITHM_EXT_EC_ECPARAMETERS|
+			SC_ALGORITHM_EXT_EC_NAMEDCURVE|
+			SC_ALGORITHM_EXT_EC_UNCOMPRESES|
+			SC_ALGORITHM_ONBOARD_KEY_GEN;
 	_sc_card_add_ec_alg(card, 192, flags, ext_flags);
 	_sc_card_add_ec_alg(card, 224, flags, ext_flags);
 	_sc_card_add_ec_alg(card, 256, flags, ext_flags);
--- a/src/libopensc/pkcs15-pubkey.c
+++ b/src/libopensc/pkcs15-pubkey.c
@ -1381,6 +1381,8 @@ static struct ec_curve_info {
 		{"brainpoolP224r1",	"1.3.36.3.3.2.8.1.1.5", "06092B2403030208010105", 224},
 		{"brainpoolP256r1",	"1.3.36.3.3.2.8.1.1.7", "06092B2403030208010107", 256},
 		{"brainpoolP320r1",	"1.3.36.3.3.2.8.1.1.9", "06092B2403030208010109", 320},
+		{"secp192k1",		"1.3.132.0.31", "06052B8104001F", 192},
+		{"secp256k1",		"1.3.132.0.10", "06052B8104000A", 256},
 		{NULL, NULL, NULL, 0},
 };

--- a/src/libopensc/pkcs15-sc-hsm.c
+++ b/src/libopensc/pkcs15-sc-hsm.c
@ -94,6 +94,24 @@ static struct ec_curve curves[] = {
 				{ (unsigned char *) "\xD3\x5E\x47\x20\x36\xBC\x4F\xB7\xE1\x3C\x78\x5E\xD2\x01\xE0\x65\xF9\x8F\xCF\xA5\xB6\x8F\x12\xA3\x2D\x48\x2E\xC7\xEE\x86\x58\xE9\x86\x91\x55\x5B\x44\xC5\x93\x11", 40},
 				{ (unsigned char *) "\x01", 1}
 		},
+		{
+				{ (unsigned char *) "\x2B\x81\x04\x00\x1F", 5},	// secp192k1
+				{ (unsigned char *) "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFE\xFF\xFF\xEE\x37", 24},
+				{ (unsigned char *) "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 24},
+				{ (unsigned char *) "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03", 24},
+				{ (unsigned char *) "\x04\xDB\x4F\xF1\x0E\xC0\x57\xE9\xAE\x26\xB0\x7D\x02\x80\xB7\xF4\x34\x1D\xA5\xD1\xB1\xEA\xE0\x6C\x7D\x9B\x2F\x2F\x6D\x9C\x56\x28\xA7\x84\x41\x63\xD0\x15\xBE\x86\x34\x40\x82\xAA\x88\xD9\x5E\x2F\x9D", 49},
+				{ (unsigned char *) "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFE\x26\xF2\xFC\x17\x0F\x69\x46\x6A\x74\xDE\xFD\x8D", 24},
+				{ (unsigned char *) "\x01", 1}
+		},
+		{
+				{ (unsigned char *) "\x2B\x81\x04\x00\x0A", 5},	// secp256k1
+				{ (unsigned char *) "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFE\xFF\xFF\xFC\x2F", 32},
+				{ (unsigned char *) "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", 32},
+				{ (unsigned char *) "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x07", 32},
+				{ (unsigned char *) "\x04\x79\xBE\x66\x7E\xF9\xDC\xBB\xAC\x55\xA0\x62\x95\xCE\x87\x0B\x07\x02\x9B\xFC\xDB\x2D\xCE\x28\xD9\x59\xF2\x81\x5B\x16\xF8\x17\x98\x48\x3A\xDA\x77\x26\xA3\xC4\x65\x5D\xA4\xFB\xFC\x0E\x11\x08\xA8\xFD\x17\xB4\x48\xA6\x85\x54\x19\x9C\x47\xD0\x8F\xFB\x10\xD4\xB8", 65},
+				{ (unsigned char *) "\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFE\xBA\xAE\xDC\xE6\xAF\x48\xA0\x3B\xBF\xD2\x5E\x8C\xD0\x36\x41\x41", 32},
+				{ (unsigned char *) "\x01", 1}
+		},
 		{
 				{ NULL, 0},
 				{ NULL, 0},
--- a/src/pkcs15init/pkcs15-sc-hsm.c
+++ b/src/pkcs15init/pkcs15-sc-hsm.c
@ -176,7 +176,7 @@ static int sc_hsm_encode_gakp_ec(struct sc_pkcs15_card *p15card, sc_cvc_t *cvc,
 	struct sc_pkcs15_ec_parameters *ecparams = (struct sc_pkcs15_ec_parameters *)key_info->params.data;
 	struct ec_curve *curve = NULL;
 	u8 *curveoid;
-	int curveoidlen;
+	int curveoidlen,r;

 	LOG_FUNC_CALLED(p15card->card->ctx);

@ -188,7 +188,8 @@ static int sc_hsm_encode_gakp_ec(struct sc_pkcs15_card *p15card, sc_cvc_t *cvc,

 	curveoidlen = *curveoid++;

-	sc_pkcs15emu_sc_hsm_get_curve(&curve, curveoid, curveoidlen);
+	r = sc_pkcs15emu_sc_hsm_get_curve(&curve, curveoid, curveoidlen);
+	LOG_TEST_RET(p15card->card->ctx, r, "Unsupported named curve");

 	cvc->primeOrModuluslen = curve->prime.len;
 	cvc->primeOrModulus = malloc(cvc->primeOrModuluslen);
--- a/src/tools/pkcs11-tool.c
+++ b/src/tools/pkcs11-tool.c
@ -63,6 +63,7 @@ static struct ec_curve_info {
 } ec_curve_infos[] = {
 	{"secp192r1",    "1.2.840.10045.3.1.1", "06082A8648CE3D030101", 192},
 	{"prime192r1",   "1.2.840.10045.3.1.1", "06082A8648CE3D030101", 192},
+	{"prime192v1",   "1.2.840.10045.3.1.1", "06082A8648CE3D030101", 192},
 	{"ansiX9p192r1", "1.2.840.10045.3.1.1", "06082A8648CE3D030101", 192},
 	{"prime256v1",   "1.2.840.10045.3.1.7", "06082A8648CE3D030107", 256},
 	{"secp256r1",    "1.2.840.10045.3.1.7", "06082A8648CE3D030107", 256},
@ -74,6 +75,8 @@ static struct ec_curve_info {
 	{"brainpoolP224r1", "1.3.36.3.3.2.8.1.1.5", "06092B2403030208010105", 224},
 	{"brainpoolP256r1", "1.3.36.3.3.2.8.1.1.7", "06092B2403030208010107", 256},
 	{"brainpoolP320r1", "1.3.36.3.3.2.8.1.1.9", "06092B2403030208010109", 320},
+	{"secp192k1",		"1.3.132.0.31", "06052B8104001F", 192},
+	{"secp256k1",		"1.3.132.0.10", "06052B8104000A", 256},
 	{NULL, NULL, NULL, 0},
 };