Activated ECDSA for SmartCard-HSM

Fixed issues in pkcs11-tool/test_signature is card has RSA and ECDSA keys
Fixed bug in sc_pkcs11_signature_size that returns the wrong ECDSA signature size

src/libopensc/card-sc-hsm.c

@@ -164,17 +164,17 @@ static int sc_hsm_set_security_env(sc_card_t *card,
 
 	switch(env->algorithm) {
 	case SC_ALGORITHM_RSA:
-//		if (env->algorithm_flags & SC_ALGORITHM_RSA_PAD_PKCS1) {
-//			if (env->algorithm_flags & SC_ALGORITHM_RSA_HASH_SHA1) {
-//				priv->algorithm = ALGO_RSA_PKCS1_SHA1;
-//			} else if (env->algorithm_flags & SC_ALGORITHM_RSA_HASH_SHA256) {
-//				priv->algorithm = ALGO_RSA_PKCS1_SHA256;
-//			} else {
-//				LOG_FUNC_RETURN(card->ctx, SC_ERROR_INVALID_ARGUMENTS);
-//			}
-//		} else {
+		if (env->algorithm_flags & SC_ALGORITHM_RSA_PAD_PKCS1) {
+			if (env->algorithm_flags & SC_ALGORITHM_RSA_HASH_SHA1) {
+				priv->algorithm = ALGO_RSA_PKCS1_SHA1;
+			} else if (env->algorithm_flags & SC_ALGORITHM_RSA_HASH_SHA256) {
+				priv->algorithm = ALGO_RSA_PKCS1_SHA256;
+			} else {
+				priv->algorithm = ALGO_RSA_PKCS1;
+			}
+		} else {
 			priv->algorithm = ALGO_RSA_RAW;
-//		}
+		}
 		break;
 	case SC_ALGORITHM_EC:
 		if (env->algorithm_flags & SC_ALGORITHM_ECDSA_HASH_NONE) {
@@ -193,6 +193,7 @@ static int sc_hsm_set_security_env(sc_card_t *card,
 		break;
 	default:
 		LOG_FUNC_RETURN(card->ctx, SC_ERROR_INVALID_ARGUMENTS);
+		break;
 	}
 	LOG_FUNC_RETURN(card->ctx, SC_SUCCESS);
 }
@@ -285,6 +286,7 @@ static int sc_hsm_init(struct sc_card *card)
 	card->drv_data = priv;
 
 	flags = SC_ALGORITHM_RSA_RAW;
+//	flags = SC_ALGORITHM_RSA_RAW|
 //			SC_ALGORITHM_RSA_PAD_PKCS1|
 //			SC_ALGORITHM_RSA_HASH_SHA1|
 //			SC_ALGORITHM_RSA_HASH_SHA256;
@@ -293,18 +295,11 @@ static int sc_hsm_init(struct sc_card *card)
 	_sc_card_add_rsa_alg(card, 1536, flags, 0);
 	_sc_card_add_rsa_alg(card, 2048, flags, 0);
 
-#if 0
 	flags = SC_ALGORITHM_ECDSA_RAW|
 		SC_ALGORITHM_ECDSA_HASH_NONE|
 		SC_ALGORITHM_ECDSA_HASH_SHA1|
 		SC_ALGORITHM_ECDSA_HASH_SHA224|
 		SC_ALGORITHM_ECDSA_HASH_SHA256;
-#endif
-
-	flags = SC_ALGORITHM_ECDSA_HASH_NONE|
-		SC_ALGORITHM_ECDSA_HASH_SHA1|
-		SC_ALGORITHM_ECDSA_HASH_SHA224|
-		SC_ALGORITHM_ECDSA_HASH_SHA256;
 
 	ext_flags = SC_ALGORITHM_EXT_EC_F_P|
 		    SC_ALGORITHM_EXT_EC_ECPARAMETERS|

src/libopensc/card-sc-hsm.h

@@ -28,6 +28,7 @@
 #define EE_CERTIFICATE_PREFIX	0xCE		/* Hi byte in file identifier for EE certificates */
 
 #define ALGO_RSA_RAW			0x20		/* RSA signature with external padding */
+#define ALGO_RSA_PKCS1			0x30		/* RSA signature with DigestInfo input and PKCS#1 V1.5 padding */
 #define ALGO_RSA_PKCS1_SHA1		0x31		/* RSA signature with SHA-1 hash and PKCS#1 V1.5 padding */
 #define ALGO_RSA_PKCS1_SHA256	0x33		/* RSA signature with SHA-256 hash and PKCS#1 V1.5 padding */
 

src/pkcs11/mechanism.c

@@ -472,7 +472,7 @@ sc_pkcs11_signature_size(sc_pkcs11_operation_t *operation, CK_ULONG_PTR pLength)
 			case CKK_EC:
 				/* TODO: -DEE we should use something other then CKA_MODULUS_BITS... */
 				rv = key->ops->get_attribute(operation->session, key, &attr);
-				*pLength = ((*pLength + 7)/8) * 2 ; /* 2*nLen in bytes */
+				*pLength = ((*pLength + 7)/8) * 2 + 8; /* 2*nLen in bytes plus SEQUENCE and 2 INTEGER tags plus leading '00' for signed integer */
 				break;
 			case CKK_GOSTR3410:
 				rv = key->ops->get_attribute(operation->session, key, &attr);

src/tools/pkcs11-tool.c

@@ -3341,6 +3341,14 @@ static int test_signature(CK_SESSION_HANDLE sess)
 		return errors;
 	}
 
+	// ASC: The firstMechType mechanism is broken for cards that support multiple
+	// key types. find_mechanism always selects ECDSA, leading to a failure later.
+	// This hack ensures that ECDSA is never selected as firstMechType
+
+	if (firstMechType == CKM_ECDSA) {
+		firstMechType = CKM_RSA_X_509;
+	}
+
 	printf("Signatures (currently only RSA signatures)\n");
 	for (j = 0; find_object(sess, CKO_PRIVATE_KEY, &privKeyObject, NULL, 0, j); j++) {
 		printf("  testing key %ld ", j);