[Opensc-commits] [OpenSC/OpenSC] bec6d1: ECC ecpointQ Fixes

[GitHub <no...@gi...>]

  Branch: refs/heads/master
  Home:   https://github.com/OpenSC/OpenSC
  Commit: bec6d143f3765b309c0f948580dc2b7b185cdddb
      https://github.com/OpenSC/OpenSC/commit/bec6d143f3765b309c0f948580dc2b7b185cdddb
  Author: Doug Engert <dee...@an...>
  Date:   2013-11-06 (Wed, 06 Nov 2013)

  Changed paths:
    M src/libopensc/pkcs15-piv.c
    M src/libopensc/pkcs15-pubkey.c
    M src/libopensc/pkcs15.h
    M src/pkcs11/framework-pkcs15.c
    M src/pkcs15init/pkcs15-myeid.c

  Log Message:
  -----------
  ECC ecpointQ Fixes

The original ECC code in OpenSC stored the ecpointQ as a DER encoded OCTET STRING.
Shortly before 0.13.0, code changes where made to store the ecpointQ as raw data
without the DER encoding.

Only some of the code was changed to support this but not all, and the comments
that said the ecpointQ was in DER where not changed either.

Some card drivers continued to work, using the original code in all place,
while some cards failed, as they where using a mixture of original code and
0.13.0 code.

This commit fixes these problems.

The ecpointQ is stored in raw format

A new structure type sc_pkcs15_u8 is defined.

The ecpointQ are changed to use the struct sc_pkcs15_u8. This was done to avoid
 the confusion of using struct sc_pkcs15_der to hold non-DER encoded data.
(There may be other uses for this too...)

Comments are change is many places.

sc_pkcs15_decode_pubkey_ec was fixed to store the raw ecpointQ correctly.

sc_pkcs15_pubkey_from_spki was change to get the sc_ec_params from the alg_id
and fix up u.ec.params. Unfortunately the OpenSC code has two places EC parameters
are stored. They can get out of sync, or there may still be code
that looks in the wrng oplace. o(TODO get it to only only place.)

The u.ec.params.field_length is now set in a number of places, as this is need
in many of the PKCS#11 routines.

framework-pkcs15.c will now correctly return the DER encode ecpointQ,
for the CKA_EC_POINT attribute using pubkey->data which has the DER encoding
for the ecpointQ.

framework-pkcs15.c will look for the EC parameters in either the u.ec.params.der,
or in the alg_id->params. (TODO get it to only only place.)

pkcs15-myeid.c has some comments, as it looks like the code is storing a TLV
rather then a DER encoding of the ecpointQ. With the wrong encoding PKCS#11 will
return the wrong attribute for CKA_ECDSA_PARAMS.

pkcs15-piv.c is changed so emulation of a pubkey taken from a certificate will
work correctly.


  Commit: 03c196eeaf07ec646f593004e09c2363e0fd51fb
      https://github.com/OpenSC/OpenSC/commit/03c196eeaf07ec646f593004e09c2363e0fd51fb
  Author: Doug Engert <dee...@an...>
  Date:   2013-11-06 (Wed, 06 Nov 2013)

  Changed paths:
    M src/libopensc/pkcs15-piv.c
    M src/libopensc/pkcs15-pubkey.c
    M src/libopensc/pkcs15.h
    M src/pkcs11/framework-pkcs15.c
    M src/pkcs15init/pkcs15-myeid.c

  Log Message:
  -----------
  ECC ecpointQ Fixes

The original ECC code in OpenSC stored the ecpointQ as a DER encoded OCTET STRING.
Shortly before 0.13.0, code changes where made to store the ecpointQ as raw data
without the DER encoding.

Only some of the code was changed to support this but not all, and the comments
that said the ecpointQ was in DER where not changed either.

Some card drivers continued to work, using the original code in all place,
while some cards failed, as they where using a mixture of original code and
0.13.0 code.

This commit fixes these problems.

The ecpointQ is stored in raw format

A new structure type sc_pkcs15_u8 is defined.

The ecpointQ are changed to use the struct sc_pkcs15_u8. This was done to avoid
 the confusion of using struct sc_pkcs15_der to hold non-DER encoded data.
(There may be other uses for this too...)

Comments are change is many places.

sc_pkcs15_decode_pubkey_ec was fixed to store the raw ecpointQ correctly.

sc_pkcs15_pubkey_from_spki was change to get the sc_ec_params from the alg_id
and fix up u.ec.params. Unfortunately the OpenSC code has two places EC parameters
are stored. They can get out of sync, or there may still be code
that looks in the wrng oplace. o(TODO get it to only only place.)

The u.ec.params.field_length is now set in a number of places, as this is need
in many of the PKCS#11 routines.

framework-pkcs15.c will now correctly return the DER encode ecpointQ,
for the CKA_EC_POINT attribute using pubkey->data which has the DER encoding
for the ecpointQ.

framework-pkcs15.c will look for the EC parameters in either the u.ec.params.der,
or in the alg_id->params. (TODO get it to only only place.)

pkcs15-myeid.c has some comments, as it looks like the code is storing a TLV
rather then a DER encoding of the ecpointQ. With the wrong encoding PKCS#11 will
return the wrong attribute for CKA_ECDSA_PARAMS.

pkcs15-piv.c is changed so emulation of a pubkey taken from a certificate will
work correctly.


  Commit: 86d5941e4c7d341e130cf437cdf3c234f05df82e
      https://github.com/OpenSC/OpenSC/commit/86d5941e4c7d341e130cf437cdf3c234f05df82e
  Author: Doug Engert <dee...@an...>
  Date:   2013-11-06 (Wed, 06 Nov 2013)

  Log Message:
  -----------
  Merge branch 'ecpointQ' of https://github.com/dengert/OpenSC into ecpointQ


  Commit: 5dd599449219600717946f3823ef50d2af5df48c
      https://github.com/OpenSC/OpenSC/commit/5dd599449219600717946f3823ef50d2af5df48c
  Author: Doug Engert <dee...@an...>
  Date:   2013-11-12 (Tue, 12 Nov 2013)

  Changed paths:
    M src/libopensc/pkcs15-piv.c
    M src/libopensc/pkcs15-pubkey.c
    M src/libopensc/pkcs15.h
    M src/pkcs11/framework-pkcs15.c
    M src/pkcs15init/pkcs15-myeid.c

  Log Message:
  -----------
  Merge pull request #194 from dengert/ecpointQ

EcpointQ


Compare: https://github.com/OpenSC/OpenSC/compare/a18a7d8ecf1d...5dd599449219