Displaying 3 results from an estimated 3 matches for "pkcs11_key".
2015 Mar 31
7
Wanted: smartcard with ECDSA support
Hi list,
I have no idea if Damien Miller had the time to work on that.
I have an initial patch to authenticate using PKCS#11 and ECDSA keys.
This requires OpenSSL 1.0.2, prior OpenSSL versions do not expose the
required interfaces to override the signature function pointer for ECDSA.
The only limitation is that the OpenSSL API misses some cleanup function
(finish, for instance), hence I have yet
2015 Sep 28
4
[PATCH] Enabling ECDSA in PKCS#11 support for ssh-agent
...s, I added a key type field and use it
to handle the differences. I also renamed some function to reflect
their link to RSA.
- I moved some code out of pkcs11_rsa_private_encrypt into a separate
function pkcs11_login to share it with pkcs11_ecdsa_sign
- For EC_KEY, the pointer to the struct pkcs11_key object is not in
the method but in the EC_KEY itself using ECDSA_set_ex_data and
ECDSA_set_ex_data. This allows having a single ECDSA_METHOD for
all keys.
- Unlike the RSA_METHOD, ECDSA_METHOD does not include a "finish"
method to clean up the associated data. This was only a pro...
2015 Sep 28
33
[Bug 2474] New: Enabling ECDSA in PKCS#11 support for ssh-agent
...s, I added a key type field and use it
to handle the differences. I also renamed some function to reflect
their link to RSA.
- I moved some code out of pkcs11_rsa_private_encrypt into a separate
function pkcs11_login to share it with pkcs11_ecdsa_sign
- For EC_KEY, the pointer to the struct pkcs11_key object is not in
the method but in the EC_KEY itself using ECDSA_set_ex_data and
ECDSA_set_ex_data. This allows having a single ECDSA_METHOD for
all keys.
- Unlike the RSA_METHOD, ECDSA_METHOD does not include a "finish"
method to clean up the associated data. This was only a pro...