Skip to content

ePass2003: Allow software implementation with more SHA2 hashes and ECDSA #3012

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
frankmorgner merged 1 commit into from
Feb 10, 2024
Merged

ePass2003: Allow software implementation with more SHA2 hashes and ECDSA #3012

frankmorgner merged 1 commit into from
Feb 10, 2024

Conversation

@Jakuje
Copy link
Member

@Jakuje Jakuje commented Feb 1, 2024

This removes bogus check to allow ePass token working with the SHA2 hashes (in software) and ECDSA signatures (RAW).

This is likely the last thing before the ci for the ePass will be green.

@FeitianSmartcardReader any comments?

Checklist
  • PKCS#11 module is tested
  • Windows minidriver is tested
  • macOS tokend is tested

@Jakuje
Copy link
Member Author

Jakuje commented Feb 1, 2024

Just for the record, tested the signatures work and make sense with p11test:

 [ KEY 03 ] Signing message of length 30 using CKM_ECDSA_SHA384
 [ KEY 03 ] Verify message signature
 [ KEY 03 ] Falling back to openssl verification
 [  OK 03 ] EC Signature of length 30 is valid.
 [ KEY 03 ] Signing message of length 31 using CKM_ECDSA_SHA384
 [ KEY 03 ] Verify message signature
 [ KEY 03 ] Falling back to openssl verification
 [  OK 03 ] EC Signature of length 31 is valid.
 [ KEY 03 ] Signing message of length 32 using CKM_ECDSA_SHA384
 [ KEY 03 ] Verify message signature
 [ KEY 03 ] Falling back to openssl verification
 [  OK 03 ] EC Signature of length 32 is valid.
 [ KEY 03 ] Signing message of length 33 using CKM_ECDSA_SHA384
 [ KEY 03 ] Verify message signature
 [ KEY 03 ] Falling back to openssl verification
 [  OK 03 ] EC Signature of length 33 is valid.
 [ KEY 03 ] Signing message of length 30 using CKM_ECDSA_SHA512
 [ KEY 03 ] Verify message signature
 [ KEY 03 ] Falling back to openssl verification
 [  OK 03 ] EC Signature of length 30 is valid.
 [ KEY 03 ] Signing message of length 31 using CKM_ECDSA_SHA512
 [ KEY 03 ] Verify message signature
 [ KEY 03 ] Falling back to openssl verification
 [  OK 03 ] EC Signature of length 31 is valid.
 [ KEY 03 ] Signing message of length 32 using CKM_ECDSA_SHA512
 [ KEY 03 ] Verify message signature
 [ KEY 03 ] Falling back to openssl verification
 [  OK 03 ] EC Signature of length 32 is valid.
 [ KEY 03 ] Signing message of length 33 using CKM_ECDSA_SHA512
 [ KEY 03 ] Verify message signature
 [ KEY 03 ] Falling back to openssl verification
 [  OK 03 ] EC Signature of length 33 is valid.

all of these are failing in the latest runs in gitlab, for example https://gitlab.com/redhat-crypto/OpenSC/-/jobs/6071497715:

 [ KEY 03 ] Signing message of length 30 using CKM_ECDSA_SHA384
  C_Sign: rv = 0x00000054
 [ KEY 03 ] Signing message of length 31 using CKM_ECDSA_SHA384
  C_Sign: rv = 0x00000054
 [ KEY 03 ] Signing message of length 32 using CKM_ECDSA_SHA384
  C_Sign: rv = 0x00000054
 [ KEY 03 ] Signing message of length 33 using CKM_ECDSA_SHA384
  C_Sign: rv = 0x00000054
 [ KEY 03 ] Signing message of length 30 using CKM_ECDSA_SHA512
  C_Sign: rv = 0x00000054
 [ KEY 03 ] Signing message of length 31 using CKM_ECDSA_SHA512
  C_Sign: rv = 0x00000054
 [ KEY 03 ] Signing message of length 32 using CKM_ECDSA_SHA512
  C_Sign: rv = 0x00000054
 [ KEY 03 ] Signing message of length 33 using CKM_ECDSA_SHA512
  C_Sign: rv = 0x00000054

@xhanulik xhanulik mentioned this pull request Feb 6, 2024
Closed
@frankmorgner frankmorgner merged commit 8fa3e9f into OpenSC:master Feb 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@frankmorgner frankmorgner frankmorgner approved these changes

@xhanulik xhanulik xhanulik approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@Jakuje @frankmorgner @xhanulik