On 6/2/2012 12:50 PM, Viktor Tarasov wrote:
> Hi Douglas,
>
> ECDH support, that you have tested in SM branch,
> has been committed into the 'staging' branch of github OpenSC/OpenSC.
> https://github.com/OpenSC/OpenSC/tree/staging
I have tested today the staging build, with the changes,
and the Derivation functions are working as expected.
Thanks.
The staging branch was built on Solaris, and using two smart cards,
with ECC Key Management Keys one from NIST and one where I generated
a key.
The certs from the two cards were previously read and called
cardA.cert.03.pem and cardB.cert.03.pem
openssl x509 -noout -in cardA.cert.03.pem -pubkey |
openssl ec -pubin -outform DER > cardA.pubkey.pem
openssl x509 -noout -in cardB.cert.03.pem -pubkey |
openssl ec -pubin -outform DER > cardB.pubkey.pem
Inserting cardA:
pkcs11-tool -l --derive -m ECDH1-COFACTOR-DERIVE -O -d 03 -i cardB.pubkey.pem
Inserting CardB:
pkcs11-tool -l --derive -m ECDH1-COFACTOR-DERIVE -O -d 03 -i cardA.pubkey.pem
Will produce the same secret key output string.
>
> I've made only basic (list on-card objects) tests with PIV card.
> More substantial tests will be performed later,
> when the rest of pending proposals will find their place in 'staging'.
>
> If you are using Windows environment you can try one of MSIs from
> https://opensc.fr/jenkins/view/OpenSC-staging/
I will try and do that next week.
>
> Kind regards,
> Viktor.
>
>
--
Douglas E. Engert <[email protected]>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
_______________________________________________
opensc-devel mailing list
[email protected]
http://www.opensc-project.org/mailman/listinfo/opensc-devel
