This PR is based on discussion with @popovec in
https://github.com/OpenSC/OpenSC/issues/2181
and https://github.com/OpenSC/OpenSC/pull/2187
which was cherry-picked as 5e5300816c8
This has been tested with PIV, MyEID and Smartcard-HSM.
with ECDSA keys.
The main fixes include :
- Setting "flags" in card drivers
- added code to sc_pkcs15-compute-signature for handle ECDSA with hashes
- code in framework-pkcs15.c
Signatures made by pkcs11-tool -sigm verify with openssl
but pkcs11-tool --verify does not work with ECDSA but does with RSA
I suspect it has to do with:
and some then creating the wrong PKCS11 mechanisms
It should work with the epass2003 which does hashes in the driver.