Support ECDSA signatures

2021-07-18 21:12:22 +02:00 · 2021-07-18 21:12:22 +02:00 · c85d006887
commit c85d006887
parent 97d4880118
3 changed files with 15 additions and 0 deletions
--- a/openpgp-card-sequoia/src/signer.rs
+++ b/openpgp-card-sequoia/src/signer.rs
@ -138,6 +138,17 @@ impl<'a> crypto::Signer for CardSigner<'a> {

                Ok(mpi::Signature::EdDSA { r, s })
            }
+            (PublicKeyAlgorithm::ECDSA, mpi::PublicKey::ECDSA { .. }) => {
+                let hash = Hash::ECDSA(digest);
+
+                let sig = self.ca.signature_for_hash(hash)?;
+
+                let len_2 = sig.len() / 2;
+                let r = mpi::MPI::new(&sig[..len_2]);
+                let s = mpi::MPI::new(&sig[len_2..]);
+
+                Ok(mpi::Signature::ECDSA { r, s })
+            }

            // FIXME: implement NIST etc
            (pk_algo, _) => Err(anyhow!(
--- a/openpgp-card/src/card_app.rs
+++ b/openpgp-card/src/card_app.rs
@ -543,6 +543,7 @@ impl CardApp {
                tlv.serialize()
            }
            Hash::EdDSA(d) => d.to_vec(),
+            Hash::ECDSA(d) => d.to_vec(),
        };

        self.compute_digital_signature(data)
--- a/openpgp-card/src/lib.rs
+++ b/openpgp-card/src/lib.rs
@ -61,6 +61,7 @@ pub enum Hash<'a> {
    SHA384([u8; 0x30]),
    SHA512([u8; 0x40]),
    EdDSA(&'a [u8]), // FIXME?
+    ECDSA(&'a [u8]), // FIXME?
 }

 impl Hash<'_> {
@ -76,6 +77,7 @@ impl Hash<'_> {
                Some(&[0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03])
            }
            Self::EdDSA(_) => None,
+            Self::ECDSA(_) => None,
        }
    }

@ -85,6 +87,7 @@ impl Hash<'_> {
            Self::SHA384(d) => &d[..],
            Self::SHA512(d) => &d[..],
            Self::EdDSA(d) => d,
+            Self::ECDSA(d) => d,
        }
    }
 }