Skip to content
This repository was archived by the owner on May 16, 2024. It is now read-only.

Commit f3ccf45

Browse files
metsmaTelgat
metsma
authored and
Telgat
committed
ECDH Key Derive support (#30)
* ECDH Key Derive support Implement HASH, HMAC and SP80056A_CONCAT KDF IB-4944 * EstEID card only supports P384 * Verify structure version * Dont link witn Ws2_32.dll * Use BCrypt API for MD5 sum Signed-off-by: Raul Metsma <[email protected]>
1 parent 6f0a5e4 commit f3ccf45

File tree

6 files changed

+269
-96
lines changed

6 files changed

+269
-96
lines changed

RELEASE-NOTES.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,7 @@
11
Minidriver version [3.12.1](https://github.com/open-eid/minidriver/releases/tag/v3.12.1) release notes
22
-----------------------------------
33
- Fix ECDSA CMCK tests
4+
- Add ECDH support
45
- minor build and code fixes
56

67
[Full Changelog](https://github.com/open-eid/minidriver/compare/v3.12.0...v3.12.1)

cmck_config.xml

Lines changed: 12 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -31,23 +31,21 @@
3131
<LoadingUnderCAPI>True</LoadingUnderCAPI>
3232
<LoadingUnderCNG>True</LoadingUnderCNG>
3333
<KeyImport>False</KeyImport>
34-
<KeyTypes>AT_SIGNATURE AT_KEYEXCHANGE AT_ECDSA_P256 AT_ECDSA_P384 AT_ECDSA_P521</KeyTypes>
34+
<KeyTypes>AT_SIGNATURE AT_KEYEXCHANGE AT_ECDSA_P384 AT_ECDHE_P384</KeyTypes>
3535
<OnCardPadding>False</OnCardPadding>
3636
<PaddingAlgorithms>CARD_PADDING_PKCS1</PaddingAlgorithms>
3737
<SignHashAlgorithms>CALG_SHA1 CALG_SHA_256 CALG_SHA_384 CALG_SHA_512</SignHashAlgorithms>
3838
<SignHashFlags></SignHashFlags>
3939
<SignReturnBufferSize>True</SignReturnBufferSize>
40-
<KDFTypes>HASH</KDFTypes>
41-
<KDFHashAlgorithms>SHA1</KDFHashAlgorithms>
42-
<KDFHMACflag>False</KDFHMACflag>
40+
<KDFTypes>HASH HMAC SP800_56A_CONCAT</KDFTypes>
41+
<KDFHashAlgorithms>SHA1 SHA256 SHA384 SHA512</KDFHashAlgorithms>
42+
<KDFHMACflag>True</KDFHMACflag>
4343
<SupportsCardGetChallenge>False</SupportsCardGetChallenge>
4444
<SupportsCardAuthenticateChallenge>False</SupportsCardAuthenticateChallenge>
4545
<SupportsCardGetChallengeEx>False</SupportsCardGetChallengeEx>
4646
<SupportsCardUnblockPin>False</SupportsCardUnblockPin>
4747
<SupportsCardChangeAuthenticator>False</SupportsCardChangeAuthenticator>
4848
<SupportsCardChangeAuthenticatorEx>False</SupportsCardChangeAuthenticatorEx>
49-
<SupportsCardConstructDHAgreement>False</SupportsCardConstructDHAgreement>
50-
<SupportsCardDestroyDHAgreement>False</SupportsCardDestroyDHAgreement>
5149
</CardSupports>
5250
</CardDefaults>
5351
<TestSuiteDefaults>
@@ -109,23 +107,21 @@
109107
<LoadingUnderCAPI>True</LoadingUnderCAPI>
110108
<LoadingUnderCNG>True</LoadingUnderCNG>
111109
<KeyImport>False</KeyImport>
112-
<KeyTypes>AT_SIGNATURE AT_KEYEXCHANGE AT_ECDSA_P256 AT_ECDSA_P384 AT_ECDSA_P521</KeyTypes>
110+
<KeyTypes>AT_SIGNATURE AT_KEYEXCHANGE AT_ECDSA_P384 AT_ECDHE_P384</KeyTypes>
113111
<OnCardPadding>False</OnCardPadding>
114112
<PaddingAlgorithms>CARD_PADDING_PKCS1</PaddingAlgorithms>
115113
<SignHashAlgorithms>CALG_SHA1 CALG_SHA_256 CALG_SHA_384 CALG_SHA_512</SignHashAlgorithms>
116114
<SignHashFlags></SignHashFlags>
117115
<SignReturnBufferSize>True</SignReturnBufferSize>
118-
<KDFTypes>HASH</KDFTypes>
119-
<KDFHashAlgorithms>SHA1</KDFHashAlgorithms>
120-
<KDFHMACflag>False</KDFHMACflag>
116+
<KDFTypes>HASH HMAC SP800_56A_CONCAT</KDFTypes>
117+
<KDFHashAlgorithms>SHA1 SHA256 SHA384 SHA512</KDFHashAlgorithms>
118+
<KDFHMACflag>True</KDFHMACflag>
121119
<SupportsCardGetChallenge>False</SupportsCardGetChallenge>
122120
<SupportsCardAuthenticateChallenge>False</SupportsCardAuthenticateChallenge>
123121
<SupportsCardGetChallengeEx>False</SupportsCardGetChallengeEx>
124122
<SupportsCardUnblockPin>False</SupportsCardUnblockPin>
125123
<SupportsCardChangeAuthenticator>False</SupportsCardChangeAuthenticator>
126124
<SupportsCardChangeAuthenticatorEx>False</SupportsCardChangeAuthenticatorEx>
127-
<SupportsCardConstructDHAgreement>False</SupportsCardConstructDHAgreement>
128-
<SupportsCardDestroyDHAgreement>False</SupportsCardDestroyDHAgreement>
129125
</CardSupports>
130126
</CardDefaults>
131127
<TestSuiteDefaults>
@@ -187,23 +183,21 @@
187183
<LoadingUnderCAPI>True</LoadingUnderCAPI>
188184
<LoadingUnderCNG>True</LoadingUnderCNG>
189185
<KeyImport>False</KeyImport>
190-
<KeyTypes>AT_SIGNATURE AT_KEYEXCHANGE AT_ECDSA_P256 AT_ECDSA_P384 AT_ECDSA_P521</KeyTypes>
186+
<KeyTypes>AT_SIGNATURE AT_KEYEXCHANGE AT_ECDSA_P384 AT_ECDHE_P384</KeyTypes>
191187
<OnCardPadding>False</OnCardPadding>
192188
<PaddingAlgorithms>CARD_PADDING_PKCS1</PaddingAlgorithms>
193189
<SignHashAlgorithms>CALG_SHA1 CALG_SHA_256 CALG_SHA_384 CALG_SHA_512</SignHashAlgorithms>
194190
<SignHashFlags></SignHashFlags>
195191
<SignReturnBufferSize>True</SignReturnBufferSize>
196-
<KDFTypes>HASH</KDFTypes>
197-
<KDFHashAlgorithms>SHA1</KDFHashAlgorithms>
198-
<KDFHMACflag>False</KDFHMACflag>
192+
<KDFTypes>HASH HMAC SP800_56A_CONCAT</KDFTypes>
193+
<KDFHashAlgorithms>SHA1 SHA256 SHA384 SHA512</KDFHashAlgorithms>
194+
<KDFHMACflag>True</KDFHMACflag>
199195
<SupportsCardGetChallenge>False</SupportsCardGetChallenge>
200196
<SupportsCardAuthenticateChallenge>False</SupportsCardAuthenticateChallenge>
201197
<SupportsCardGetChallengeEx>False</SupportsCardGetChallengeEx>
202198
<SupportsCardUnblockPin>False</SupportsCardUnblockPin>
203199
<SupportsCardChangeAuthenticator>False</SupportsCardChangeAuthenticator>
204200
<SupportsCardChangeAuthenticatorEx>False</SupportsCardChangeAuthenticatorEx>
205-
<SupportsCardConstructDHAgreement>False</SupportsCardConstructDHAgreement>
206-
<SupportsCardDestroyDHAgreement>False</SupportsCardDestroyDHAgreement>
207201
</CardSupports>
208202
</CardDefaults>
209203
<TestSuiteDefaults>

0 commit comments

Comments
 (0)