Add support for nist P384 and P521 curves, as well as the brainpool 256, 384 and 512 bit curves #207
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
sosthene-nitrokey
force-pushed
the
more-curves
branch
2 times, most recently
from
56d562b
to
8d6f25d
Compare
sosthene-nitrokey
force-pushed
the
more-curves
branch
from
8d6f25d
to
9d16b5e
Compare
|
Does this support SE050? |
|
Yes. It fully works with the software implementation, but it also contains a workaround for an issue that comes with the SE050 implementation and private key import. The other relevant PRs are:
Due to binary size constraints, we are going to only support these curves when the SE050 anyways on the NK3 firmware (at least until we make significant progress on that front). |
sosthene-nitrokey
force-pushed
the
more-curves
branch
from
fd3d364
to
35815b7
Compare
sosthene-nitrokey
changed the title
6 tasks
There is no software implementation of these curves, so it is only tested with hardware tests.
This uses an arch linux docker image because: Debian 12 does not have gnupg 2.4 Ubuntu 24.04 has it and vsmartcard but not cargo-tarpaulin. And building cargo-tarpaulin seems to always lead to a dynamic dependency on `libssl1.1.so` which is not available in the repos. This is still not perfect. Building vsmartcard fails, so I'm just bundling a binary package...
sosthene-nitrokey
force-pushed
the
more-curves
branch
from
ddd97d2
to
374f40c
Compare
sosthene-nitrokey
force-pushed
the
more-curves
branch
from
223b0c5
to
7c37784
Compare
sosthene-nitrokey
force-pushed
the
more-curves
branch
from
7c37784
to
cf62f7e
Compare
daringer
reviewed
Jul 30, 2024
src/card.rs
Outdated
| /// EdDsa25519 | ||
| const ED_25519 = 1 << 7; | ||
| /// BRAINPOOL_P256R1 Brainpool curve | ||
| const BRAINPOOL_P256R1 = 1<<8; |
There was a problem hiding this comment.
tiny nit - cargo fmt doesn't catch this ?
Suggested change
| const BRAINPOOL_P256R1 = 1<<8; | |
| const BRAINPOOL_P256R1 = 1 << 8; |
There was a problem hiding this comment.
I suppose no because of the bitflags macro.
daringer
approved these changes
Jul 30, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Pending: trussed-dev/trussed#163