Menu
▾
▴
Re: [Opensc-devel] 5 new PRs and more to come?
|
From: Jakub J. <jj...@re...> - 2024-06-12 09:17:51
|
Hello, thank you for your contributions so far! I looked through the current PR and they look good. I will keep them around for some days if others will have some other comments. On Tue, Jun 11, 2024 at 3:54 PM Alexandre Gonzalo via Opensc-devel <ope...@li...> wrote: > [...] > Ed25519, x25519, ed448 and x448 There is a large PR reworking the edwards and montgomery curves here: https://github.com/OpenSC/OpenSC/pull/3090 It touches the pkcs11-tool too, but is not yet in the state to get merged so if you will have some small self-contained changes, they would be welcomed. > CKM_AES_CMAC & CKM_AES_CMAC_GENERAL I think CKM_AES_CMAC should already work in pkcs11-tool, but double-checking or fixing would be welcomed. > CKM_AES_GCM > CKM_AES_KEY_WRAP_PAD >From my side, I do not have any specific use for these, but there is some basic support for wrapping and symmetric encryption. We had previous attempts to contribute the GCM support, but the reporter never came back (but some comments or code might be useful): https://github.com/OpenSC/OpenSC/pull/2927 In any case, it would be good to have some test coverage for the new options and use cases to make sure they keep working. We are running some tests against few HW tokens we have in https://gitlab.com/redhat-crypto/OpenSC from the gitlab mirror. If there would be a way to run some tests against your HSM directly in CI, that would be awesome (feel free to contact me privately for details). If not, in tests/ we have couple of scripts running against softhms that could be extended. If something is not supported by SoftHSM, it might make sense to have a look into NSS softoken (I can probably help there). Jakub |
