* pgp: initialize ecc keys for OPC3
* Add supported ECC algorithms by card version
* Add tasks identified so far
* pgp: Recognize ECC set on card
* pgp: get_pubkey_pem read ECC pubkey from card
* pgp: minor code changes for ECC compatibility
* pgp: expand sc_cardctl_openpgp_keygen_info to hold ec info
* Fix segfault problem in pkcs15-pubkey.c
* pgp: enable key generation with pkcs15-init and ECC
* pgp: adapt calculate_and_store_fingerprint to accept ECC
* pgp: adapt rest of pgp_gen_key and subfunctions to accept ECC
* pgp: add kdf parameters for ECDH fingerprint calculation
* pgp: enable key import with pkcs15-init and ECC
* pkcs15-pubkey: fix_ec_parameters onlz accpets explicit data or named_curve
* Fix some mistakes during merge
* More clean up for PR
* Fix some ugly alignments
* Improve code readability
* Prevent unitialized variable by using FUNC_RETURN
* OpenPGP: add length check
* pgp: save exponent length in bits for sc_cardctl_openpgp_keystore_info_t
* pgp: length checks and reallocations
* pgp: oid init added
* OpenPGP: slightly re-factor pgp_update_new_algo_attr()
* replace loop copy with memcpy()
* use ushort2bebytes() to set RSA modulus & exponent
* use symbolic name SC_OPENPGP_KEYFORMAT_RSA_STD for the key import format
* OpenPGP: slighly re-factor pgp_parse_and_set_pubkey_output()
* check for RSA modulus & exponent lengths not being a multiple of 8
* make sure RSA modulus & exponent lengths are always set
* remove a left-over RSA setting from the EC code
* pgp: adding BYTES4BITS
* pgp: initialization of values in pgp_build_extended_header_list based on key type
* pgp: add BYTES4BITS and remove unnecessary tests
* Fix broken pgp_update_new_algo_attr
* pgp: fix the ecpoint_len variable
* consistently use term "Invalid key ID; must be 1, 2, or 3" in error messages
about invalid key IDs instead of various alternatives.
* use error type SC_ERROR_INVALID_ARGUMENTS instead of SC_ERROR_INVALID_DATA
when the key_id was passed to the respective function
* harmonize the checks to consistently use 'key_id < ... || key_id > ...'
In addition, initialize a variable to keep clang & compilers on OSX happy.
Combine sequences
sc_log(..., "...");
LOG_FUNC_RETURN(...);
where c_log() prints a constant string
by
LOG_TEST_RET(..., "...");
This change results in shorter, more concise code as well as
better harmonized error messages.
Don't terminate the messages with a period, because they are going to end up
as the first argument to a format string of the form "%s: ...".
I.e. they will be part of a longer string and terminated by a colon anyway.
Use defined symbolic names for well-known DOs to copy data to a correctly
defined buffer 'apdu_data' using ulong2bebytes() instead of relying on
"magic" constants and C's string semantic.
Also use 'sizeof(apdu_data)' instead of additional magic constants.
Use defined symbolic names for well-known DOs to copy data to a correctly
defined buffer 'data' using ulong2bebytes() instead of relying on
"magic" constants and C's string semantic.
Also use 'sizeof(data)' instead of strange strlen() calculations.
Use defined symbolic names for well-known DOs to copy data to a correctly
defined buffer 'data' using ulong2bebytes() instead of relying on
"magic" constants.
- rename 'keytype' in some OpenPGP-specific types to 'key_id'
because they key ID was what the field was used for
- introduce field 'algorithm' in the structures above
to indicate the key's algorithm: RSA, ...
- define constant SC_OPENPGP_KEYALGO_RSA and use it
- rename constants SC_OPENPGP_KEYFORMAT_* to SC_OPENPGP_KEYFORMAT_RSA_*
because they are RSA specific
List additional algorithms & attributes as supported only when the card
supports changing the algorithms attributes DOs and exposes this by having
the EXT_CAP_ALG_ATTR_CHANGEABLE capability set.
Using different algorithms and attributes requires changing the algorithm
attributes DOs. If that is not supported - as indicated by a missing
EXT_CAP_ALG_ATTR_CHANGEABLE capability - then only those algorithms
described by the current algorithms attributes DOs' contents can be used.
In addition simplify setting the flags.
* use variables if they are already there
* be a bit more explicit in logging
* more consistent tag format: %04X
* cleanup flag setting for _sc_card_add_rsa_alg()
As most of the drivers do not modify these, we can mark them as const.
Two drivers that we cannot convert are dnie and masktech.
section size
.data 35232 -> 25472
.data.rel.ro 36928 -> 46688
alex-nitrokey
Jakub Jelen
Frank Morgner
Peter Marschall
Alex Karabanov
Alexander Paetzelt
Priit Laes