[Opensc-commits] [OpenSC/OpenSC] 348551: Add EC parameters to PKCS15 public key in OpenPGP ...

[Doug E. <no...@gi...>]

  Branch: refs/heads/master
  Home:   https://github.com/OpenSC/OpenSC
  Commit: 348551c920a94b103e0440877b71759ca3dff001
      https://github.com/OpenSC/OpenSC/commit/348551c920a94b103e0440877b71759ca3dff001
  Author: Doug Engert <dee...@gm...>
  Date:   2020-02-01 (Sat, 01 Feb 2020)

  Changed paths:
    M src/libopensc/card-openpgp.c

  Log Message:
  -----------
  Add EC parameters to PKCS15 public key in OpenPGP driver - Fixes #1906

The EC Parameters are the way the EC curve is presented to the outside world,
and in most cases is present in a matching certificate in the SPKI.

card-openpgp.c is modified to add the EC named_curve to the PKCS15 public key.
OpenPGP specs only provide this via the "Algorithm Attributes" for the 3 keys
via tags C1, C2 and C3 These contain the OID (not DER encoded) for the EC curve.

PKCS15 has two ways to encode a "pubkey" as it was originally written for RSA.
But other algorithms have parameters. X509 certificates encode the public key
in the SPKI and PKIX requires the parameters to be in the SPKI. PKCS15
allows for using a SPKI as source for a public key.

pgp_get_pubkey_pem will return the DER encoded RSA pubkey as before by
calling sc_pkcs15_encode_pubkey
pgp_get_pubkey_pem will return the DER encoded EC pubkey with parameters by
calling sc_pkcs15_encode_pubkey_as_spki which calls sc_pkcs15_fix_ec_parameters
internally to map DER encoded OID to named_curve.

For readability, "sc_pkcs15_pubkey_t pubkey;" definitions are changed to
"sc_pkcs15_pubkey_t p15pubkey;"

sc_pkcs15_erase_pubkey is used to avoid memory leaks.

 On branch openpgp-ec-pub-curve

 Date:      Tue Jan 21 09:43:56 2020 -0600
 Changes to be committed:
	modified:   src/libopensc/card-openpgp.c