From e1c8361ff355b560aa98adffb988a68fb6ec4c31 Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Mon, 18 Jan 2021 11:37:59 +0100
Subject: [PATCH] idprime: Create algorithme reference based on the MGF1 flags
 as the HASH flags are no longer present for RSA-PSS mechanism

---
 src/libopensc/card-idprime.c | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/src/libopensc/card-idprime.c b/src/libopensc/card-idprime.c
index 31e5d3e3..ba9bb8bc 100644
--- a/src/libopensc/card-idprime.c
+++ b/src/libopensc/card-idprime.c
@@ -627,13 +627,13 @@ idprime_set_security_env(struct sc_card *card,
 	switch (env->operation) {
 	case SC_SEC_OPERATION_DECIPHER:
 		if (env->algorithm_flags & SC_ALGORITHM_RSA_PAD_OAEP) {
-			if (env->algorithm_flags & SC_ALGORITHM_RSA_HASH_SHA1) {
+			if (env->algorithm_flags & SC_ALGORITHM_MGF1_SHA1) {
 				new_env.algorithm_ref = 0x1D;
-			} else if (env->algorithm_flags & SC_ALGORITHM_RSA_HASH_SHA256) {
+			} else if (env->algorithm_flags & SC_ALGORITHM_MGF1_SHA256) {
 				new_env.algorithm_ref = 0x4D;
-			} else if (env->algorithm_flags & SC_ALGORITHM_RSA_HASH_SHA384) {
+			} else if (env->algorithm_flags & SC_ALGORITHM_MGF1_SHA384) {
 				new_env.algorithm_ref = 0x5D;
-			} else if (env->algorithm_flags & SC_ALGORITHM_RSA_HASH_SHA512) {
+			} else if (env->algorithm_flags & SC_ALGORITHM_MGF1_SHA512) {
 				new_env.algorithm_ref = 0x6D;
 			}
 		} else { /* RSA-PKCS without hashing */
@@ -642,19 +642,19 @@ idprime_set_security_env(struct sc_card *card,
 		break;
 	case SC_SEC_OPERATION_SIGN:
 		if (env->algorithm_flags & SC_ALGORITHM_RSA_PAD_PSS) {
-			if (env->algorithm_flags & SC_ALGORITHM_RSA_HASH_SHA256) {
+			if (env->algorithm_flags & SC_ALGORITHM_MGF1_SHA256) {
 				new_env.algorithm_ref = 0x45;
-			} else if (env->algorithm_flags & SC_ALGORITHM_RSA_HASH_SHA384) {
+			} else if (env->algorithm_flags & SC_ALGORITHM_MGF1_SHA384) {
 				new_env.algorithm_ref = 0x55;
-			} else if (env->algorithm_flags & SC_ALGORITHM_RSA_HASH_SHA512) {
+			} else if (env->algorithm_flags & SC_ALGORITHM_MGF1_SHA512) {
 				new_env.algorithm_ref = 0x65;
 			}
 		} else { /* RSA-PKCS */
-			if (env->algorithm_flags & SC_ALGORITHM_RSA_HASH_SHA256) {
+			if (env->algorithm_flags & SC_ALGORITHM_MGF1_SHA256) {
 				new_env.algorithm_ref = 0x42;
-			} else if (env->algorithm_flags & SC_ALGORITHM_RSA_HASH_SHA384) {
+			} else if (env->algorithm_flags & SC_ALGORITHM_MGF1_SHA384) {
 				new_env.algorithm_ref = 0x52;
-			} else if (env->algorithm_flags & SC_ALGORITHM_RSA_HASH_SHA512) {
+			} else if (env->algorithm_flags & SC_ALGORITHM_MGF1_SHA512) {
 				new_env.algorithm_ref = 0x62;
 			} else { /* RSA-PKCS without hashing */
 				new_env.algorithm_ref = 0x02;